in custos-services/custos-core-services/resource-secret-core-service/src/main/java/org/apache/custos/resource/secret/manager/adaptor/inbound/CredentialReader.java [65:119]
public Optional<SSHCredential> getSSHCredential(long tenantId, String token) {
Secret secret = null;
if (token != null && !token.trim().equals("")) {
Optional<Secret> exSecret = repository.findById(token);
if (exSecret.isPresent()) {
secret = exSecret.get();
}
}
if (secret == null) {
List<Secret> secrets = repository.findAllByExternalIdAndTenantId(token, tenantId);
if (secrets != null && !secrets.isEmpty()) {
secret = secrets.get(0);
}
}
if (secret == null) {
return Optional.empty();
}
String vaultPath = Constants.VAULT_RESOURCE_SECRETS_PATH + tenantId + "/" + secret.getOwnerId() +
"/" + Constants.SSH_CREDENTIALS + "/" + secret.getId();
VaultResponseSupport<SSHCredentialSecrets> response = vaultTemplate.read(vaultPath, SSHCredentialSecrets.class);
if (response == null || response.getData() == null && response.getData().getPrivateKey() == null) {
repository.delete(secret);
return Optional.empty();
}
SSHCredentialSecrets sshCredentialSecrets = response.getData();
SecretMetadata metadata = SecretMetadata.newBuilder()
.setOwnerId(secret.getOwnerId())
.setTenantId(tenantId)
.setPersistedTime(secret.getCreatedAt().getTime())
.setDescription(secret.getDiscription())
.setResourceType(ResourceType.VAULT_CREDENTIAL)
.setSource(ResourceSource.EXTERNAL)
.setToken(
(secret.getExternalId() != null &&
!secret.getExternalId().trim().equals("")) ? secret.getExternalId() : secret.getId())
.build();
SSHCredential credential = SSHCredential.newBuilder()
.setPassphrase(sshCredentialSecrets.getPassphrase())
.setPrivateKey(sshCredentialSecrets.getPrivateKey())
.setPublicKey(sshCredentialSecrets.getPublicKey())
.setMetadata(metadata)
.build();
return Optional.of(credential);
}