func()

in server/cmd/harp-server/internal/dispatchers/vault/routes/kv.go [77:120]

• 34 lines of code
• 5 McCabe index (conditional complexity)

func (h *vaultKVHandler) getSecret() http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		ctx := r.Context()

		// Get namespace from headers
		ns := slug.Make(r.Header.Get("X-Vault-Namespace"))
		if ns == "" {
			ns = "root"
		}

		// Extract path
		p := strings.TrimPrefix(r.URL.Path, "/v1/secret/data")

		// Retrieve secret from engine
		secret, err := h.bm.GetSecret(ctx, vpath.SanitizePath(ns), p)
		if errors.Is(err, storage.ErrSecretNotFound) {
			http.Error(w, "secret not found", http.StatusNotFound)
			return
		}
		if err != nil {
			log.For(ctx).Error("unable to retrieve secret from engine", zap.Error(err), zap.String("url", r.URL.String()))
			http.Error(w, "unable to retrieve secret", http.StatusBadRequest)
			return
		}

		// Decode secret as JSON
		var data interface{}
		if err := json.Unmarshal(secret, &data); err != nil {
			log.For(ctx).Error("unable to decode secret from engine", zap.Error(err), zap.String("url", r.URL.String()))
			http.Error(w, "unable to decode secret", http.StatusBadRequest)
			return
		}

		// Send response
		with(w, r, http.StatusOK, &KV{
			"data": &KV{
				"data": data,
			},
			"metadata": &KV{
				"version": "1",
			},
		})
	}
}