juspay
diff --git a/‎.env.example‎
Lines changed: 3 additions & 2 deletions b/‎.env.example‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎Cargo.lock‎
Lines changed: 115 additions & 1 deletion b/‎Cargo.lock‎
Lines changed: 115 additions & 1 deletion
diff --git a/‎Cargo.toml‎
Lines changed: 1 addition & 0 deletions b/‎Cargo.toml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎clients/haskell/sdk/Io/Superposition/Command/CreateSecret.hs‎
Lines changed: 40 additions & 0 deletions b/‎clients/haskell/sdk/Io/Superposition/Command/CreateSecret.hs‎
Lines changed: 40 additions & 0 deletions
diff --git a/‎clients/haskell/sdk/Io/Superposition/Command/DeleteSecret.hs‎
Lines changed: 43 additions & 0 deletions b/‎clients/haskell/sdk/Io/Superposition/Command/DeleteSecret.hs‎
Lines changed: 43 additions & 0 deletions
diff --git a/‎clients/haskell/sdk/Io/Superposition/Command/GetSecret.hs‎
Lines changed: 43 additions & 0 deletions b/‎clients/haskell/sdk/Io/Superposition/Command/GetSecret.hs‎
Lines changed: 43 additions & 0 deletions
@@ -37,15 +37,16 @@ AUTH_PROVIDER=DISABLED
 # OIDC_ORG_ISSUER_ENDPOINT_FORMAT="http://localhost:8081/realms/<organisation>"
 AUTH_Z_PROVIDER=DISABLED
 WORKER_ID=1
-ENCRYPTED_KEYS="" # Used for webhook secrets, API keys, etc.
-# ENCRYPTED_KEYS="SERVICE1_API_KEY,SERVICE2_API_KEY"
+# MASTER_ENCRYPTION_KEY - add this for enabling secrets in local
 
 ################################################
 ## Following values are to be set in KMS and not directly in ENV
 # 
 # DB_PASSWORD
 # SUPERPOSITION_TOKEN
 # OIDC_CLIENT_SECRET - if using OIDC as auth provider
+# MASTER_ENCRYPTION_KEY - for using secrets
+# PREVIOUS_MASTER_ENCRYPTION_KEY - needed for rotating secrets
 # 
 # also include the keys in KMS which have been mentioned in ENCRYPTED_KEYS
 #
 
@@ -70,6 +70,7 @@ reqwest = { version = "0.11.18", features = ["json"] }
 rs-snowflake = "0.6.0"
 serde = { version = "^1", features = ["derive"] }
 serde_json = { version = "1.0.140" }
+secrecy = "0.10"
 strum = "0.25"
 strum_macros = "0.25"
 toml = { version = "0.8.8", features = ["preserve_order"] }
 
@@ -0,0 +1,40 @@
+module Io.Superposition.Command.CreateSecret (
+    CreateSecretError (..),
+    createSecret
+) where
+import qualified Data.Aeson
+import qualified Data.Maybe
+import qualified Data.Text
+import qualified GHC.Generics
+import qualified GHC.Show
+import qualified Io.Superposition.Model.CreateSecretInput
+import qualified Io.Superposition.Model.CreateSecretOutput
+import qualified Io.Superposition.Model.InternalServerError
+import qualified Io.Superposition.SuperpositionClient
+import qualified Io.Superposition.Utility
+
+data CreateSecretError =
+    InternalServerError Io.Superposition.Model.InternalServerError.InternalServerError
+    | BuilderError Data.Text.Text
+    | DeSerializationError Io.Superposition.Utility.HttpMetadata Data.Text.Text
+    | UnexpectedError (Data.Maybe.Maybe Io.Superposition.Utility.HttpMetadata) Data.Text.Text
+       deriving (GHC.Generics.Generic, GHC.Show.Show)
+
+instance Data.Aeson.ToJSON CreateSecretError
+instance Io.Superposition.Utility.OperationError CreateSecretError where
+    mkBuilderError = BuilderError
+    mkDeSerializationError = DeSerializationError
+    mkUnexpectedError = UnexpectedError
+
+    getErrorParser status
+        | status == (Io.Superposition.Utility.expectedStatus @Io.Superposition.Model.InternalServerError.InternalServerError) = Just (fmap InternalServerError (Io.Superposition.Utility.responseParser @Io.Superposition.Model.InternalServerError.InternalServerError))
+        | otherwise = Nothing
+
+
+createSecret :: Io.Superposition.SuperpositionClient.SuperpositionClient -> Io.Superposition.Model.CreateSecretInput.CreateSecretInputBuilder () -> IO (Either CreateSecretError Io.Superposition.Model.CreateSecretOutput.CreateSecretOutput)
+createSecret client builder =
+    let endpoint = Io.Superposition.SuperpositionClient.endpointUri client
+        manager = Io.Superposition.SuperpositionClient.httpManager client
+        auth = Io.Superposition.SuperpositionClient.getAuth client
+    in Io.Superposition.Utility.runOperation endpoint manager auth (Io.Superposition.Model.CreateSecretInput.build builder)
+
@@ -0,0 +1,43 @@
+module Io.Superposition.Command.DeleteSecret (
+    DeleteSecretError (..),
+    deleteSecret
+) where
+import qualified Data.Aeson
+import qualified Data.Maybe
+import qualified Data.Text
+import qualified GHC.Generics
+import qualified GHC.Show
+import qualified Io.Superposition.Model.DeleteSecretInput
+import qualified Io.Superposition.Model.DeleteSecretOutput
+import qualified Io.Superposition.Model.InternalServerError
+import qualified Io.Superposition.Model.ResourceNotFound
+import qualified Io.Superposition.SuperpositionClient
+import qualified Io.Superposition.Utility
+
+data DeleteSecretError =
+    ResourceNotFound Io.Superposition.Model.ResourceNotFound.ResourceNotFound
+    | InternalServerError Io.Superposition.Model.InternalServerError.InternalServerError
+    | BuilderError Data.Text.Text
+    | DeSerializationError Io.Superposition.Utility.HttpMetadata Data.Text.Text
+    | UnexpectedError (Data.Maybe.Maybe Io.Superposition.Utility.HttpMetadata) Data.Text.Text
+       deriving (GHC.Generics.Generic, GHC.Show.Show)
+
+instance Data.Aeson.ToJSON DeleteSecretError
+instance Io.Superposition.Utility.OperationError DeleteSecretError where
+    mkBuilderError = BuilderError
+    mkDeSerializationError = DeSerializationError
+    mkUnexpectedError = UnexpectedError
+
+    getErrorParser status
+        | status == (Io.Superposition.Utility.expectedStatus @Io.Superposition.Model.ResourceNotFound.ResourceNotFound) = Just (fmap ResourceNotFound (Io.Superposition.Utility.responseParser @Io.Superposition.Model.ResourceNotFound.ResourceNotFound))
+        | status == (Io.Superposition.Utility.expectedStatus @Io.Superposition.Model.InternalServerError.InternalServerError) = Just (fmap InternalServerError (Io.Superposition.Utility.responseParser @Io.Superposition.Model.InternalServerError.InternalServerError))
+        | otherwise = Nothing
+
+
+deleteSecret :: Io.Superposition.SuperpositionClient.SuperpositionClient -> Io.Superposition.Model.DeleteSecretInput.DeleteSecretInputBuilder () -> IO (Either DeleteSecretError Io.Superposition.Model.DeleteSecretOutput.DeleteSecretOutput)
+deleteSecret client builder =
+    let endpoint = Io.Superposition.SuperpositionClient.endpointUri client
+        manager = Io.Superposition.SuperpositionClient.httpManager client
+        auth = Io.Superposition.SuperpositionClient.getAuth client
+    in Io.Superposition.Utility.runOperation endpoint manager auth (Io.Superposition.Model.DeleteSecretInput.build builder)
+
@@ -0,0 +1,43 @@
+module Io.Superposition.Command.GetSecret (
+    GetSecretError (..),
+    getSecret
+) where
+import qualified Data.Aeson
+import qualified Data.Maybe
+import qualified Data.Text
+import qualified GHC.Generics
+import qualified GHC.Show
+import qualified Io.Superposition.Model.GetSecretInput
+import qualified Io.Superposition.Model.GetSecretOutput
+import qualified Io.Superposition.Model.InternalServerError
+import qualified Io.Superposition.Model.ResourceNotFound
+import qualified Io.Superposition.SuperpositionClient
+import qualified Io.Superposition.Utility
+
+data GetSecretError =
+    ResourceNotFound Io.Superposition.Model.ResourceNotFound.ResourceNotFound
+    | InternalServerError Io.Superposition.Model.InternalServerError.InternalServerError
+    | BuilderError Data.Text.Text
+    | DeSerializationError Io.Superposition.Utility.HttpMetadata Data.Text.Text
+    | UnexpectedError (Data.Maybe.Maybe Io.Superposition.Utility.HttpMetadata) Data.Text.Text
+       deriving (GHC.Generics.Generic, GHC.Show.Show)
+
+instance Data.Aeson.ToJSON GetSecretError
+instance Io.Superposition.Utility.OperationError GetSecretError where
+    mkBuilderError = BuilderError
+    mkDeSerializationError = DeSerializationError
+    mkUnexpectedError = UnexpectedError
+
+    getErrorParser status
+        | status == (Io.Superposition.Utility.expectedStatus @Io.Superposition.Model.ResourceNotFound.ResourceNotFound) = Just (fmap ResourceNotFound (Io.Superposition.Utility.responseParser @Io.Superposition.Model.ResourceNotFound.ResourceNotFound))
+        | status == (Io.Superposition.Utility.expectedStatus @Io.Superposition.Model.InternalServerError.InternalServerError) = Just (fmap InternalServerError (Io.Superposition.Utility.responseParser @Io.Superposition.Model.InternalServerError.InternalServerError))
+        | otherwise = Nothing
+
+
+getSecret :: Io.Superposition.SuperpositionClient.SuperpositionClient -> Io.Superposition.Model.GetSecretInput.GetSecretInputBuilder () -> IO (Either GetSecretError Io.Superposition.Model.GetSecretOutput.GetSecretOutput)
+getSecret client builder =
+    let endpoint = Io.Superposition.SuperpositionClient.endpointUri client
+        manager = Io.Superposition.SuperpositionClient.httpManager client
+        auth = Io.Superposition.SuperpositionClient.getAuth client
+    in Io.Superposition.Utility.runOperation endpoint manager auth (Io.Superposition.Model.GetSecretInput.build builder)
+
Original file line number	Diff line number	Diff line change
`@@ -37,15 +37,16 @@ AUTH_PROVIDER=DISABLED`
`37`	`37`	`# OIDC_ORG_ISSUER_ENDPOINT_FORMAT="http://localhost:8081/realms/<organisation>"`
`38`	`38`	`AUTH_Z_PROVIDER=DISABLED`
`39`	`39`	`WORKER_ID=1`
`40`		`-ENCRYPTED_KEYS="" # Used for webhook secrets, API keys, etc.`
`41`		`-# ENCRYPTED_KEYS="SERVICE1_API_KEY,SERVICE2_API_KEY"`
	`40`	`+# MASTER_ENCRYPTION_KEY - add this for enabling secrets in local`
`42`	`41`
`43`	`42`	`################################################`
`44`	`43`	`## Following values are to be set in KMS and not directly in ENV`
`45`	`44`	`#`
`46`	`45`	`# DB_PASSWORD`
`47`	`46`	`# SUPERPOSITION_TOKEN`
`48`	`47`	`# OIDC_CLIENT_SECRET - if using OIDC as auth provider`
	`48`	`+# MASTER_ENCRYPTION_KEY - for using secrets`
	`49`	`+# PREVIOUS_MASTER_ENCRYPTION_KEY - needed for rotating secrets`
`49`	`50`	`#`
`50`	`51`	`# also include the keys in KMS which have been mentioned in ENCRYPTED_KEYS`
`51`	`52`	`#`