added createTOTPKey, improved @types

Signed-off-by: Rod Anami <[email protected]>

Author: rod4n4m1

CHANGELOG.md

@@ -6,6 +6,8 @@
   * Upgraded development env to Vault server `1.16.3`
   * Improved AD secret management documentation
   * Upgraded all dependencies to the latest
+  * Added *TOTP secret engine* functions:
+    * 
 
 * `0.4.14`
   * Updated HashiCorp Vault license

Config.js

@@ -117,7 +117,14 @@ const config = {
   adCheckCredOut: ['library', 'check-out', 'post'],
   adCheckCredIn: ['library', 'check-in', 'post'],
   adGetCredStatus: ['library', 'status', 'get'],
-  adRotateCred: ['rotate-role', 'post']
+  adRotateCred: ['rotate-role', 'post'],
+  totpRootPath: 'totp',
+  totpCreateKey: ['keys', 'post'],
+  totpReadKey: ['keys', 'get'],
+  totpListKeys: ['keys', 'list'],
+  totpDeleteKey: ['keys', 'delete'],
+  totpGenerateCode: ['code', 'get'],
+  totpValidateCode: ['code', 'post']
 };
 
 module.exports = config;

Vault.js

@@ -100,24 +100,47 @@ const parseAxiosError = function(error){
 }
 
 // main class constructor
+/**
+* @constructor
+* @param {boolean} [params.https=false]
+* @param {string} [params.cert]
+* @param {string} [params.key]
+* @param {string} [params.cacert]
+* @param {string} [params.baseUrl]
+* @param {string} [params.rootPath]
+* @param {number} [params.timeout=1000]
+* @param {boolean} [params.proxy=false]
+* @param {string} [params.namespace]
+*/
 class Vault {
   constructor(params) {
+    /** @type {boolean} */
     this.https = params.https || false;
+    /** @type {string} */
     this.cert = params.cert;
+    /** @type {string} */
     this.key = params.key;
+    /** @type {string} */
     this.cacert = params.cacert;
+    /** @type {string} */
     this.baseUrl = params.baseUrl || config.baseUrl;
+    /** @type {string} */
     this.rootPath = params.rootPath;
+    /** @type {number} */
     this.timeout = params.timeout || config.timeout;
+    /** @type {Object} */
     this.proxy = params.proxy || config.proxy;
+    /** @type {string} */
     this.namespace = params.namespace || config.namespace;
     try {
       if (this.https) {
+        /** @type {Object | boolean} */
         this.agent = getHttpsAgent(this.cert, this.key, this.cacert);
       }
       else {
         this.agent = false;
       }
+      /** @type {Object} */
       this.instance = getAxiosInstance(this.baseUrl, this.timeout, this.agent, this.proxy, this.namespace);
     } catch (error) {
       console.error('Error initiating Vault class:\n', error);
@@ -126,6 +149,7 @@ class Vault {
 
   // /sys API endpoints
   /**
+  * @param {Object} [params] 
   * @returns {PromiseLike<Object>}
   */
   async healthCheck(params){
@@ -1123,7 +1147,7 @@ class Vault {
       url: `${rootPath}/${config.certLogin[0]}`,
       method: config.certLogin[1],
       data: {
-        "name": certName
+        name: certName
       }
     };
 
@@ -3942,6 +3966,80 @@ class Vault {
     return await this.createKVSecretMeta(token, path, metadata, mount);
   }
 
+  /**
+  * @param {string} token
+  * @param {string} name
+  * @param {Object} params
+  * @param {boolean} params.generate
+  * @param {boolean} [params.exported]
+  * @param {number} [params.key_size=20]
+  * @param {string} [params.key_url]
+  * @param {string} [params.key]
+  * @param {string} [params.issuer]
+  * @param {string} [params.account_name]
+  * @param {number} [params.period]
+  * @param {string} [params.algorithm]
+  * @param {number} [params.digits]
+  * @param {number} [params.skew]
+  * @param {number} [params.gr_size]
+  * @param {string} [mount]
+  * @returns {PromiseLike<Object>}
+  */
+ async createTOTPKey(token, name, params, mount) {
+  assert(token, 'createTOTPKey: required parameter missing - token');
+  assert(name, 'createTOTPKey: required parameter missing - name');
+  let url = "";
+  let rootPath = "";
+  if (mount) {
+    rootPath = mount;
+  } else if (this.rootPath) {
+    rootPath = this.rootPath;
+  } else {
+    rootPath = config.totpRootPath;
+  }
+
+  // Defaults - most are probably already defaults from Vault itself
+  params = {
+    generate: true,
+    account_name: "Vault",
+    issuer: "Vault",
+    ...params
+  };
+
+  const { generate, exported, key_size, key_url, key, issuer, account_name, 
+    period, algorithm, digits, skew, gr_size } = params;
+  
+  url = `${rootPath}/${config.totpCreateKey[0]}/${name}`;
+  const Options = {
+    url: url,
+    method: config.totpCreateKey[1],
+    headers: {
+      "X-Vault-Token": token
+    },
+    data: {
+      generate: params.generate,
+      exported: params.exported,
+      key_size: params.key_size,
+      url: params.key_url,
+      key: params.key,
+      issuer: params.issuer,
+      account_name: params.account_name,
+      period: params.period,
+      algorithm: params.algorithm,
+      digits: params.digits,
+      skew: params.skew,
+      gr_size: params.gr_size
+    }
+  };
+
+  try {
+    const response = await this.instance(Options);
+    return parseAxiosResponse(response);
+  } catch(err) {
+    throw parseAxiosError(err);
+  }
+ }
+
 }
 
 module.exports = Vault;

dist/Config.d.ts

@@ -117,4 +117,11 @@ export let adCheckCredOut: string[];
 export let adCheckCredIn: string[];
 export let adGetCredStatus: string[];
 export let adRotateCred: string[];
+export let totpRootPath: string;
+export let totpCreateKey: string[];
+export let totpReadKey: string[];
+export let totpListKeys: string[];
+export let totpDeleteKey: string[];
+export let totpGenerateCode: string[];
+export let totpValidateCode: string[];
 //# sourceMappingURL=Config.d.ts.map

dist/Vault.d.ts

@@ -1,22 +1,45 @@
-/// <reference types="node" />
 export = Vault;
+/**
+* @constructor
+* @param {boolean} [params.https=false]
+* @param {string} [params.cert]
+* @param {string} [params.key]
+* @param {string} [params.cacert]
+* @param {string} [params.baseUrl]
+* @param {string} [params.rootPath]
+* @param {number} [params.timeout=1000]
+* @param {boolean} [params.proxy=false]
+* @param {string} [params.namespace]
+*/
 declare class Vault {
     constructor(params: any);
-    https: any;
-    cert: any;
-    key: any;
-    cacert: any;
-    baseUrl: any;
-    rootPath: any;
-    timeout: any;
+    /** @type {boolean} */
+    https: boolean;
+    /** @type {string} */
+    cert: string;
+    /** @type {string} */
+    key: string;
+    /** @type {string} */
+    cacert: string;
+    /** @type {string} */
+    baseUrl: string;
+    /** @type {string} */
+    rootPath: string;
+    /** @type {number} */
+    timeout: number;
+    /** @type {Object} */
     proxy: any;
-    namespace: any;
-    agent: boolean | https.Agent;
+    /** @type {string} */
+    namespace: string;
+    /** @type {Object | boolean} */
+    agent: any | boolean;
+    /** @type {Object} */
     instance: any;
     /**
+    * @param {Object} [params]
     * @returns {PromiseLike<Object>}
     */
-    healthCheck(params: any): PromiseLike<any>;
+    healthCheck(params?: any): PromiseLike<any>;
     /**
     * @returns {PromiseLike<Object>}
     */
@@ -1295,6 +1318,38 @@ declare class Vault {
     * @returns {PromiseLike<Object>}
     */
     updateKVSecretMeta(token: string, path: string, metadata: string, mount?: string): PromiseLike<any>;
+    /**
+    * @param {string} token
+    * @param {string} name
+    * @param {Object} params
+    * @param {boolean} params.generate
+    * @param {boolean} [params.exported]
+    * @param {number} [params.key_size=20]
+    * @param {string} [params.key_url]
+    * @param {string} [params.key]
+    * @param {string} [params.issuer]
+    * @param {string} [params.account_name]
+    * @param {number} [params.period]
+    * @param {string} [params.algorithm]
+    * @param {number} [params.digits]
+    * @param {number} [params.skew]
+    * @param {number} [params.gr_size]
+    * @param {string} [mount]
+    * @returns {PromiseLike<Object>}
+    */
+    createTOTPKey(token: string, name: string, params: {
+        generate: boolean;
+        exported?: boolean;
+        key_size?: number;
+        key_url?: string;
+        key?: string;
+        issuer?: string;
+        account_name?: string;
+        period?: number;
+        algorithm?: string;
+        digits?: number;
+        skew?: number;
+        gr_size?: number;
+    }, mount?: string): PromiseLike<any>;
 }
-import https = require("https");
 //# sourceMappingURL=Vault.d.ts.map