|
1 |
| -import { z } from 'zod'; |
2 |
| -import { CommandInit, generateCommand } from './utils/generate-command'; |
3 |
| -import { RequestInit, RequestSchema } from './typings'; |
4 |
| -import { PartialDeep } from 'type-fest'; |
5 |
| -import { kv2 } from './engine/kv2'; |
| 1 | +import { setGlobalFetch } from 'zod-request'; |
| 2 | +import { fetch } from 'undici'; |
6 | 3 |
|
7 |
| -const ClientOptionsSchema = z.object({ |
8 |
| - endpoint: z.string().optional(), |
9 |
| - apiVersion: z.string().optional(), |
10 |
| - pathPrefix: z.string().optional(), |
11 |
| - token: z.string().optional(), |
12 |
| - namespace: z.string().optional() |
13 |
| -}); |
| 4 | +setGlobalFetch(fetch); |
14 | 5 |
|
15 |
| -export type ClientOptions = z.infer<typeof ClientOptionsSchema> & { |
16 |
| - request?: PartialDeep<RequestInit>; |
17 |
| -}; |
| 6 | +// ------------------------------- |
18 | 7 |
|
19 |
| -export class Client { |
20 |
| - endpoint: string; |
21 |
| - apiVersion: string; |
22 |
| - pathPrefix: string; |
23 |
| - namespace: string | undefined; |
24 |
| - token: string | undefined; |
25 |
| - request: PartialDeep<Omit<RequestInit, 'url'>> | undefined; |
| 8 | +export { Client } from '@/lib/client'; |
| 9 | +export { generateCommand } from '@/utils/generate-command'; |
26 | 10 |
|
27 |
| - constructor({ request, ...restOpts }: ClientOptions = {}) { |
28 |
| - const options = ClientOptionsSchema.parse(restOpts); |
29 |
| - |
30 |
| - this.endpoint = options.endpoint || process.env.VAULT_ADDR || 'http://127.0.0.1:8200'; |
31 |
| - this.apiVersion = options.apiVersion || 'v1'; |
32 |
| - this.pathPrefix = options.pathPrefix || ''; |
33 |
| - this.namespace = options.namespace || process.env.VAULT_NAMESPACE; |
34 |
| - this.token = options.token || process.env.VAULT_TOKEN; |
35 |
| - |
36 |
| - this.request = request; |
37 |
| - } |
38 |
| - |
39 |
| - kv2() { |
40 |
| - return kv2(this); |
41 |
| - } |
42 |
| - |
43 |
| - read = generateCommand({ |
44 |
| - method: 'GET', |
45 |
| - path: '/{{path}}', |
46 |
| - client: this, |
47 |
| - schema: { |
48 |
| - path: z.object({ |
49 |
| - path: z.string() |
50 |
| - }), |
51 |
| - body: z.any(), |
52 |
| - response: z.any() |
53 |
| - } |
54 |
| - }); |
55 |
| - |
56 |
| - write = generateCommand({ |
57 |
| - method: 'POST', |
58 |
| - path: '/{{path}}', |
59 |
| - client: this, |
60 |
| - schema: { |
61 |
| - path: z.object({ |
62 |
| - path: z.string() |
63 |
| - }), |
64 |
| - body: z.any(), |
65 |
| - response: z.any() |
66 |
| - } |
67 |
| - }); |
68 |
| - |
69 |
| - delete = generateCommand({ |
70 |
| - method: 'DELETE', |
71 |
| - path: '/{{path}}', |
72 |
| - client: this, |
73 |
| - schema: { |
74 |
| - path: z.object({ |
75 |
| - path: z.string() |
76 |
| - }), |
77 |
| - response: z.record(z.any()) |
78 |
| - } |
79 |
| - }); |
80 |
| - |
81 |
| - /** |
82 |
| - * @link https://developer.hashicorp.com/vault/api-docs/system/seal-status#seal-status |
83 |
| - */ |
84 |
| - status = generateCommand({ |
85 |
| - method: 'GET', |
86 |
| - path: '/sys/seal-status', |
87 |
| - client: this, |
88 |
| - schema: { |
89 |
| - response: z.object({ |
90 |
| - type: z.string(), |
91 |
| - initialized: z.boolean(), |
92 |
| - sealed: z.boolean(), |
93 |
| - t: z.number(), |
94 |
| - n: z.number(), |
95 |
| - progress: z.number(), |
96 |
| - nonce: z.string(), |
97 |
| - version: z.string(), |
98 |
| - build_date: z.string(), |
99 |
| - migration: z.boolean(), |
100 |
| - recovery_seal: z.boolean(), |
101 |
| - storage_type: z.string() |
102 |
| - }) |
103 |
| - } |
104 |
| - }); |
105 |
| - |
106 |
| - /** |
107 |
| - * @link https://developer.hashicorp.com/vault/api-docs/system/init#read-initialization-status |
108 |
| - */ |
109 |
| - initialized = generateCommand({ |
110 |
| - method: 'GET', |
111 |
| - path: '/sys/init', |
112 |
| - client: this, |
113 |
| - schema: { |
114 |
| - response: z.object({ |
115 |
| - initialized: z.boolean() |
116 |
| - }) |
117 |
| - } |
118 |
| - }); |
119 |
| - |
120 |
| - /** |
121 |
| - * @link https://developer.hashicorp.com/vault/api-docs/system/init#start-initialization |
122 |
| - */ |
123 |
| - init = generateCommand({ |
124 |
| - method: 'POST', |
125 |
| - path: '/sys/init', |
126 |
| - client: this, |
127 |
| - schema: { |
128 |
| - body: z.object({ |
129 |
| - pgp_keys: z.array(z.string()).optional(), |
130 |
| - root_token_pgp_key: z.string().default('').optional(), |
131 |
| - secret_shares: z.number(), |
132 |
| - secret_threshold: z.number(), |
133 |
| - stored_shares: z.number().optional(), |
134 |
| - recovery_shares: z.number().default(0).optional(), |
135 |
| - recovery_threshold: z.number().default(0).optional(), |
136 |
| - recovery_pgp_keys: z.array(z.string()).optional() |
137 |
| - }), |
138 |
| - response: z.object({ |
139 |
| - keys: z.array(z.string()), |
140 |
| - keys_base64: z.array(z.string()), |
141 |
| - root_token: z.string() |
142 |
| - }) |
143 |
| - } |
144 |
| - }); |
145 |
| - |
146 |
| - /** |
147 |
| - * @link https://developer.hashicorp.com/vault/api-docs/system/unseal#submit-unseal-key |
148 |
| - */ |
149 |
| - unseal = generateCommand({ |
150 |
| - method: 'POST', |
151 |
| - path: '/sys/unseal', |
152 |
| - client: this, |
153 |
| - schema: { |
154 |
| - body: z.object({ |
155 |
| - key: z.string(), |
156 |
| - reset: z.boolean().default(false).optional(), |
157 |
| - migrate: z.boolean().default(false).optional() |
158 |
| - }), |
159 |
| - response: z.discriminatedUnion('sealed', [ |
160 |
| - z.object({ |
161 |
| - sealed: z.literal(true), |
162 |
| - t: z.number(), |
163 |
| - n: z.number(), |
164 |
| - progress: z.number(), |
165 |
| - version: z.string() |
166 |
| - }), |
167 |
| - z.object({ |
168 |
| - sealed: z.literal(false), |
169 |
| - t: z.number(), |
170 |
| - n: z.number(), |
171 |
| - progress: z.number(), |
172 |
| - version: z.string(), |
173 |
| - cluster_name: z.string(), |
174 |
| - cluster_id: z.string() |
175 |
| - }) |
176 |
| - ]) |
177 |
| - } |
178 |
| - }); |
179 |
| - |
180 |
| - /** |
181 |
| - * @link https://developer.hashicorp.com/vault/api-docs/system/seal#seal |
182 |
| - */ |
183 |
| - seal = generateCommand({ |
184 |
| - method: 'POST', |
185 |
| - path: '/sys/seal', |
186 |
| - client: this, |
187 |
| - schema: { |
188 |
| - response: z.record(z.any()) |
189 |
| - } |
190 |
| - }); |
191 |
| - |
192 |
| - /** |
193 |
| - * @link https://developer.hashicorp.com/vault/api-docs/system/generate-root#read-root-generation-progress |
194 |
| - */ |
195 |
| - getRootGenerationProgress = generateCommand({ |
196 |
| - method: 'GET', |
197 |
| - path: '/sys/generate-root/attempt', |
198 |
| - client: this, |
199 |
| - schema: { |
200 |
| - response: z.object({ |
201 |
| - started: z.boolean(), |
202 |
| - nonce: z.string(), |
203 |
| - progress: z.number(), |
204 |
| - required: z.number(), |
205 |
| - encoded_token: z.string(), |
206 |
| - pgp_fingerprint: z.string(), |
207 |
| - otp_length: z.number(), |
208 |
| - complete: z.boolean() |
209 |
| - }) |
210 |
| - } |
211 |
| - }); |
212 |
| - |
213 |
| - /** |
214 |
| - * @link https://developer.hashicorp.com/vault/api-docs/system/generate-root#start-root-token-generation |
215 |
| - */ |
216 |
| - startRootGeneration = generateCommand({ |
217 |
| - method: 'POST', |
218 |
| - path: '/sys/generate-root/attempt', |
219 |
| - client: this, |
220 |
| - schema: { |
221 |
| - body: z.object({ |
222 |
| - otp: z.string() |
223 |
| - }), |
224 |
| - response: z.object({ |
225 |
| - started: z.boolean(), |
226 |
| - nonce: z.string(), |
227 |
| - progress: z.number(), |
228 |
| - required: z.number(), |
229 |
| - encoded_token: z.string(), |
230 |
| - otp: z.string(), |
231 |
| - otp_length: z.number(), |
232 |
| - complete: z.boolean() |
233 |
| - }) |
234 |
| - } |
235 |
| - }); |
236 |
| - |
237 |
| - /** |
238 |
| - * @link https://developer.hashicorp.com/vault/api-docs/system/generate-root#cancel-root-generation |
239 |
| - */ |
240 |
| - cancelRootGeneration = generateCommand({ |
241 |
| - method: 'DELETE', |
242 |
| - path: '/sys/generate-root/attempt', |
243 |
| - client: this, |
244 |
| - schema: { |
245 |
| - response: z.record(z.any()) |
246 |
| - } |
247 |
| - }); |
248 |
| - |
249 |
| - /** |
250 |
| - * @link https://developer.hashicorp.com/vault/api-docs/system/generate-root#provide-key-share-to-generate-root |
251 |
| - */ |
252 |
| - provideKeyShare = generateCommand({ |
253 |
| - method: 'POST', |
254 |
| - path: '/sys/generate-root/update', |
255 |
| - client: this, |
256 |
| - schema: { |
257 |
| - body: z.object({ |
258 |
| - key: z.string(), |
259 |
| - nonce: z.string() |
260 |
| - }), |
261 |
| - response: z.object({ |
262 |
| - started: z.boolean(), |
263 |
| - nonce: z.string(), |
264 |
| - progress: z.number(), |
265 |
| - required: z.number(), |
266 |
| - pgp_fingerprint: z.string(), |
267 |
| - complete: z.boolean(), |
268 |
| - encoded_token: z.string() |
269 |
| - }) |
270 |
| - } |
271 |
| - }); |
272 |
| -} |
| 11 | +// ------------------------------- |
273 | 12 |
|
274 | 13 | export type * from './typings';
|
275 |
| - |
276 |
| -export { generateCommand }; |
0 commit comments