in custos-services/custos-core-services/resource-secret-core-service/src/main/java/org/apache/custos/resource/secret/manager/adaptor/inbound/CredentialReader.java [129:186]
public Optional<org.apache.custos.resource.secret.service.PasswordCredential> getPasswordCredential(long tenantId,
String token) {
Secret secret = null;
if (token != null && !token.trim().equals("")) {
Optional<Secret> exSecret = repository.findById(token);
if (exSecret.isPresent()) {
secret = exSecret.get();
}
}
if (secret == null) {
List<Secret> secrets = repository.findAllByExternalIdAndTenantId(token, tenantId);
if (secrets != null && !secrets.isEmpty()) {
secret = secrets.get(0);
}
}
if (secret == null) {
return Optional.empty();
}
String vaultPath = Constants.VAULT_RESOURCE_SECRETS_PATH + tenantId + "/" + secret.getOwnerId() +
"/" + Constants.PASSWORD + "/" + secret.getId();
VaultResponseSupport<PasswordSecret> response = vaultTemplate.read(vaultPath, PasswordSecret.class);
if (response == null || response.getData() == null && response.getData().getPassword() == null) {
repository.delete(secret);
return Optional.empty();
}
PasswordSecret passwordSecret = response.getData();
SecretMetadata metadata = SecretMetadata.newBuilder()
.setOwnerId(secret.getOwnerId())
.setTenantId(tenantId)
.setPersistedTime(secret.getCreatedAt().getTime())
.setDescription(secret.getDiscription())
.setResourceType(ResourceType.VAULT_CREDENTIAL)
.setSource(ResourceSource.EXTERNAL)
.setType(ResourceSecretType.PASSWORD)
.setToken(
(secret.getExternalId() != null ||
!secret.getExternalId().trim().equals("")) ? secret.getExternalId() : secret.getId())
.build();
org.apache.custos.resource.secret.service.PasswordCredential credential =
org.apache.custos.resource.secret.service.PasswordCredential.newBuilder()
.setPassword(passwordSecret.getPassword())
.setUserId(passwordSecret.getUserId() != null? passwordSecret.getUserId() : "")
.setMetadata(metadata)
.build();
return Optional.of(credential);
}