SimpleTutorialHosting/internal/secrets/secrets.go

54 lines
1.3 KiB
Go
Raw Permalink Normal View History

2024-10-27 11:12:56 +00:00
package secrets
import (
"context"
"encoding/json"
"fmt"
"github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/service/secretsmanager"
)
type SAMLSecrets struct {
Certificate string `json:"certificate"`
PrivateKey string `json:"privateKey"`
IDPMetadata string `json:"idpMetadata"`
RootURL string `json:"rootURL"`
AdminGroup string `json:"adminGroup"`
ViewerGroup string `json:"viewerGroup"`
}
type SecretManager struct {
client *secretsmanager.Client
}
func NewSecretManager(ctx context.Context) (*SecretManager, error) {
cfg, err := config.LoadDefaultConfig(ctx)
if err != nil {
return nil, fmt.Errorf("unable to load AWS config: %w", err)
}
client := secretsmanager.NewFromConfig(cfg)
return &SecretManager{
client: client,
}, nil
}
func (s *SecretManager) GetSAMLConfig(ctx context.Context, secretId string) (*SAMLSecrets, error) {
input := &secretsmanager.GetSecretValueInput{
SecretId: &secretId,
}
result, err := s.client.GetSecretValue(ctx, input)
if err != nil {
return nil, fmt.Errorf("unable to get secret: %w", err)
}
var secrets SAMLSecrets
if err := json.Unmarshal([]byte(*result.SecretString), &secrets); err != nil {
return nil, fmt.Errorf("unable to unmarshal secret: %w", err)
}
return &secrets, nil
}