fieldju · December 10, 2015 01:45
diff --git a/example.groovy b/example.groovy
 import com.amazonaws.auth.BasicAWSCredentials
 import com.amazonaws.internal.StaticCredentialsProvider
 import com.amazonaws.services.kms.AWSKMSClient
 import com.amazonaws.services.kms.model.EncryptRequest
 import groovy.json.JsonBuilder
 import groovy.transform.Field
 import groovyx.net.http.HTTPBuilder
 import org.joda.time.DateTime
 import org.joda.time.DateTimeZone
 import org.joda.time.format.DateTimeFormatter
 import org.joda.time.format.ISODateTimeFormat

 import java.nio.ByteBuffer

 import static groovyx.net.http.ContentType.JSON
 import static groovyx.net.http.Method.POST

 @GrabResolver(name="jcenter", root="http://jcenter.bintray.com/", m2Compatible=true)
 @GrabResolver(name="codehaus", root="http://repository.codehaus.org/", m2Compatible=true)

 /**
 * The dependencies
 */
 @Grapes([
        @Grab(group='org.codehaus.groovy.modules.http-builder', module='http-builder', version='0.7.1' ),
        @Grab(group='com.amazonaws', module='aws-java-sdk', version='1.10.38')
 ])

 @Field
 def accessKey = 'xxxxxxx'
 @Field
 def secretKey = 'yyyyyyyyyyyyy'
 @Field
 def credentials = new BasicAWSCredentials(accessKey, secretKey);
 @Field
 AWSKMSClient client = new AWSKMSClient(new StaticCredentialsProvider(credentials))
 @Field
 String keyId = 'vvvvvv-dddddd-ffffff-gggggg-wwwwwww'

 DateTime notBefore = DateTime.now().withZone(DateTimeZone.UTC).minusMinutes(5)
 DateTime notAfter = DateTime.now().withZone(DateTimeZone.UTC).plusMinutes(5)
 DateTimeFormatter formatter = ISODateTimeFormat.dateTime()

 JsonBuilder jsonBuilder = new JsonBuilder([
        notBefore: formatter.print(notBefore),
        notAfter: formatter.print(notAfter)
 ])

 String json = jsonBuilder.toString()

 println json

 public byte[] encrypt(String msg) {
    ByteBuffer plaintext = ByteBuffer.wrap(msg.getBytes());
    EncryptRequest req = new EncryptRequest().withKeyId(keyId).withPlaintext(plaintext);
    ByteBuffer ciphertext = client.encrypt(req).getCiphertextBlob();
    return ciphertext.array();
 }

 def payload = encrypt(json).encodeHex().toString();

 def vault = "http://127.0.0.1:8200"

 new HTTPBuilder(vault).request(POST, JSON) {
    uri.path = "/v1/auth/aws-kms/login"

    body = new JsonBuilder([
            ciphertext: payload
    ]).toString()

    response.success = { resp, reader ->
        println "[GET_TOKEN_FROM_KMS]  | Status: ${resp.status} | Resp: ${reader}"
    }

    response.failure = { resp, reader ->
        println "[GET_TOKEN_FROM_KMS]  | Status: ${resp.status} | Resp: ${reader}"
    }
 }
	import com.amazonaws.auth.BasicAWSCredentials
	import com.amazonaws.internal.StaticCredentialsProvider
	import com.amazonaws.services.kms.AWSKMSClient
	import com.amazonaws.services.kms.model.EncryptRequest
	import groovy.json.JsonBuilder
	import groovy.transform.Field
	import groovyx.net.http.HTTPBuilder
	import org.joda.time.DateTime
	import org.joda.time.DateTimeZone
	import org.joda.time.format.DateTimeFormatter
	import org.joda.time.format.ISODateTimeFormat

	import java.nio.ByteBuffer

	import static groovyx.net.http.ContentType.JSON
	import static groovyx.net.http.Method.POST

	@GrabResolver(name="jcenter", root="http://jcenter.bintray.com/", m2Compatible=true)
	@GrabResolver(name="codehaus", root="http://repository.codehaus.org/", m2Compatible=true)

	/**
	* The dependencies
	*/
	@Grapes([
	@Grab(group='org.codehaus.groovy.modules.http-builder', module='http-builder', version='0.7.1' ),
	@Grab(group='com.amazonaws', module='aws-java-sdk', version='1.10.38')
	])

	@Field
	def accessKey = 'xxxxxxx'
	@Field
	def secretKey = 'yyyyyyyyyyyyy'
	@Field
	def credentials = new BasicAWSCredentials(accessKey, secretKey);
	@Field
	AWSKMSClient client = new AWSKMSClient(new StaticCredentialsProvider(credentials))
	@Field
	String keyId = 'vvvvvv-dddddd-ffffff-gggggg-wwwwwww'

	DateTime notBefore = DateTime.now().withZone(DateTimeZone.UTC).minusMinutes(5)
	DateTime notAfter = DateTime.now().withZone(DateTimeZone.UTC).plusMinutes(5)
	DateTimeFormatter formatter = ISODateTimeFormat.dateTime()

	JsonBuilder jsonBuilder = new JsonBuilder([
	notBefore: formatter.print(notBefore),
	notAfter: formatter.print(notAfter)
	])

	String json = jsonBuilder.toString()

	println json

	public byte[] encrypt(String msg) {
	ByteBuffer plaintext = ByteBuffer.wrap(msg.getBytes());
	EncryptRequest req = new EncryptRequest().withKeyId(keyId).withPlaintext(plaintext);
	ByteBuffer ciphertext = client.encrypt(req).getCiphertextBlob();
	return ciphertext.array();
	}

	def payload = encrypt(json).encodeHex().toString();

	def vault = "http://127.0.0.1:8200"

	new HTTPBuilder(vault).request(POST, JSON) {
	uri.path = "/v1/auth/aws-kms/login"

	body = new JsonBuilder([
	ciphertext: payload
	]).toString()

	response.success = { resp, reader ->
	println "[GET_TOKEN_FROM_KMS] \| Status: ${resp.status} \| Resp: ${reader}"
	}

	response.failure = { resp, reader ->
	println "[GET_TOKEN_FROM_KMS] \| Status: ${resp.status} \| Resp: ${reader}"
	}
	}