def raise_for_error(status_code, message=None, errors=None): """Helper method to raise exceptions based on the status code of a response received back from Vault. :param status_code: Status code received in a response from Vault. :type status_code: int :param message: Optional message to include in a resulting exception. :type message: str :param errors: Optional errors to include in a resulting exception. :type errors: list | str :raises: hvac.exceptions.InvalidRequest | hvac.exceptions.Unauthorized | hvac.exceptions.Forbidden | hvac.exceptions.InvalidPath | hvac.exceptions.RateLimitExceeded | hvac.exceptions.InternalServerError | hvac.exceptions.VaultNotInitialized | hvac.exceptions.VaultDown | hvac.exceptions.UnexpectedError """ if status_code == 400: raise exceptions.InvalidRequest(message, errors=errors) elif status_code == 401: raise exceptions.Unauthorized(message, errors=errors) elif status_code == 403: raise exceptions.Forbidden(message, errors=errors) elif status_code == 404: raise exceptions.InvalidPath(message, errors=errors) elif status_code == 429: raise exceptions.RateLimitExceeded(message, errors=errors) elif status_code == 500: raise exceptions.InternalServerError(message, errors=errors) elif status_code == 501: raise exceptions.VaultNotInitialized(message, errors=errors) elif status_code == 503: raise exceptions.VaultDown(message, errors=errors) else: raise exceptions.UnexpectedError(message)
def revoke_token(self, token, orphan=False, accessor=False): """ POST /auth/token/revoke/<token> POST /auth/token/revoke-orphan/<token> POST /auth/token/revoke-accessor/<token-accessor> """ if accessor and orphan: msg = "revoke_token does not support 'orphan' and 'accessor' flags together" raise exceptions.InvalidRequest(msg) elif accessor: self._post('/v1/auth/token/revoke-accessor/{0}'.format(token)) elif orphan: self._post('/v1/auth/token/revoke-orphan/{0}'.format(token)) else: self._post('/v1/auth/token/revoke/{0}'.format(token))
def __raise_error(self, status_code, message=None, errors=None): if status_code == 400: raise exceptions.InvalidRequest(message, errors=errors) elif status_code == 401: raise exceptions.Unauthorized(message, errors=errors) elif status_code == 403: raise exceptions.Forbidden(message, errors=errors) elif status_code == 404: raise exceptions.InvalidPath(message, errors=errors) elif status_code == 429: raise exceptions.RateLimitExceeded(message, errors=errors) elif status_code == 500: raise exceptions.InternalServerError(message, errors=errors) elif status_code == 503: raise exceptions.VaultDown(message, errors=errors) else: raise exceptions.UnexpectedError(message)
def revoke_token(self, token, orphan=False, accessor=False): """ POST /auth/token/revoke POST /auth/token/revoke-orphan POST /auth/token/revoke-accessor """ if accessor and orphan: msg = "revoke_token does not support 'orphan' and 'accessor' flags together" raise exceptions.InvalidRequest(msg) elif accessor: params = { 'accessor': token } self._post('/v1/auth/token/revoke-accessor', json=params) elif orphan: params = { 'token': token } self._post('/v1/auth/token/revoke-orphan', json=params) else: params = { 'token': token } self._post('/v1/auth/token/revoke', json=params)
def __request(self, method, url, headers=None, **kwargs): url = self._url + url if not headers: headers = {} if self.token: headers['X-Vault-Token'] = self.token _kwargs = self._kwargs.copy() _kwargs.update(kwargs) response = requests.request(method, url, headers=headers, **_kwargs) if response.status_code >= 400 and response.status_code < 600: errors = response.json().get('errors') if response.status_code == 400: raise exceptions.InvalidRequest(errors=errors) elif response.status_code == 401: raise exceptions.Unauthorized(errors=errors) elif response.status_code == 403: raise exceptions.Forbidden(errors=errors) elif response.status_code == 404: raise exceptions.InvalidPath(errors=errors) elif response.status_code == 429: raise exceptions.RateLimitExceeded(errors=errors) elif response.status_code == 500: raise exceptions.InternalServerError(errors=errors) elif response.status_code == 503: raise exceptions.VaultDown(errors=errors) else: raise exceptions.UnexpectedError() return response