1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
Wrapping
========
.. contents::
:local:
:depth: 1
Unwrap
------
.. automethod:: hvac.api.system_backend.Wrapping.unwrap
:noindex:
Examples
````````
.. testsetup:: sys_wrapping
client.sys.enable_auth_method(
method_type='approle',
path='approle-test',
)
.. testcode:: sys_wrapping
import hvac
client = hvac.Client(url='https://127.0.0.1:8200')
client.write(
path="auth/approle-test/role/testrole",
)
result = client.write(
path='auth/approle-test/role/testrole/secret-id',
wrap_ttl="10s",
)
unwrap_response = client.sys.unwrap(
token=result['wrap_info']['token'],
)
print('Unwrapped approle role token secret id accessor: "%s"' % unwrap_response['data']['secret_id_accessor'])
Example output:
.. testoutput:: sys_wrapping
Unwrapped approle role token secret id accessor: "..."
.. testcode:: sys_wrapping
import hvac
client = hvac.Client(url='https://127.0.0.1:8200')
client.write(
path="auth/approle-test/role/testrole",
)
result = client.write(
path='auth/approle-test/role/testrole/secret-id',
wrap_ttl="10s",
)
result_token = result['wrap_info']['token']
unwrapping_client = hvac.Client(url='https://127.0.0.1:8200', token=result_token)
# Do not pass the token to unwrap when authenticating with the wrapping token
unwrap_response = unwrapping_client.sys.unwrap()
print('Unwrapped approle role token secret id accessor: "%s"' % unwrap_response['data']['secret_id_accessor'])
Example output:
.. testoutput:: sys_wrapping
Unwrapped approle role token secret id accessor: "..."
.. testcleanup:: sys_wrapping
client.sys.disable_auth_method(
path='approle-test',
)
|
