package com.datapipe.jenkins.vault.credentials.common; import com.cloudbees.plugins.credentials.CredentialsScope; import com.cloudbees.plugins.credentials.impl.BaseStandardCredentials; import edu.umd.cs.findbugs.annotations.NonNull; import hudson.Extension; import hudson.model.Item; import hudson.util.FormValidation; import hudson.util.ListBoxModel; import hudson.util.Secret; import org.kohsuke.stapler.AncestorInPath; import org.kohsuke.stapler.DataBoundConstructor; import org.kohsuke.stapler.DataBoundSetter; import org.kohsuke.stapler.QueryParameter; import static com.datapipe.jenkins.vault.configuration.VaultConfiguration.engineVersions; import static com.datapipe.jenkins.vault.credentials.common.VaultHelper.getVaultSecret; import static org.apache.commons.lang.StringUtils.defaultIfBlank; @SuppressWarnings("ALL") public class VaultUsernamePasswordCredentialImpl extends BaseStandardCredentials implements VaultUsernamePasswordCredential { public static final String DEFAULT_USERNAME_KEY = "username"; public static final String DEFAULT_PASSWORD_KEY = "password"; private static final long serialVersionUID = 1L; private String path; private String usernameKey; private String passwordKey; private Integer engineVersion; @DataBoundConstructor public VaultUsernamePasswordCredentialImpl(CredentialsScope scope, String id, String description) { super(scope, id, description); } @NonNull public String getPath() { return path; } @DataBoundSetter public void setPath(String path) { this.path = path; } @NonNull public String getUsernameKey() { return usernameKey; } @DataBoundSetter public void setUsernameKey(String usernameKey) { this.usernameKey = defaultIfBlank(usernameKey, DEFAULT_USERNAME_KEY); } @NonNull public String getPasswordKey() { return passwordKey; } @DataBoundSetter public void setPasswordKey(String passwordKey) { this.passwordKey = defaultIfBlank(passwordKey, DEFAULT_PASSWORD_KEY); } public Integer getEngineVersion() { return engineVersion; } @DataBoundSetter public void setEngineVersion(Integer engineVersion) { this.engineVersion = engineVersion; } @Override public String getDisplayName() { return this.path; } @NonNull @Override public String getUsername() { String secretKey = defaultIfBlank(usernameKey, DEFAULT_USERNAME_KEY); return getVaultSecret(path, secretKey, engineVersion); } @NonNull @Override public Secret getPassword() { String secretKey = defaultIfBlank(passwordKey, DEFAULT_PASSWORD_KEY); String secret = getVaultSecret(path, secretKey, engineVersion); return Secret.fromString(secret); } @Extension(ordinal = 1) public static class DescriptorImpl extends BaseStandardCredentialsDescriptor { @Override public String getDisplayName() { return "Vault Username-Password Credential"; } public FormValidation doTestConnection( @QueryParameter("path") String path, @QueryParameter("usernameKey") String usernameKey, @QueryParameter("passwordKey") String passwordKey, @QueryParameter("engineVersion") Integer engineVersion) { String username = null; try { username = getVaultSecret(path, defaultIfBlank(usernameKey, DEFAULT_USERNAME_KEY), engineVersion); } catch (Exception e) { return FormValidation.error("FAILED to retrieve username key: \n" + e); } try { getVaultSecret(path, defaultIfBlank(passwordKey, DEFAULT_PASSWORD_KEY), engineVersion); } catch (Exception e) { return FormValidation.error("FAILED to retrieve password key: \n" + e); } return FormValidation .ok("Successfully retrieved username " + username + " and the password"); } @SuppressWarnings("unused") // used by stapler public ListBoxModel doFillEngineVersionItems(@AncestorInPath Item context) { return engineVersions(context); } } }