Documentation
¶
Overview ¶
Package http provides HTTP handlers for secret management operations. Secrets are encrypted at rest using envelope encryption and can be versioned.
Package http provides HTTP handlers for secret management operations.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type SecretHandler ¶
type SecretHandler struct {
// contains filtered or unexported fields
}
SecretHandler handles HTTP requests for secret management operations. It coordinates authentication, authorization, and audit logging with the SecretUseCase.
func NewSecretHandler ¶
func NewSecretHandler( secretUseCase secretsUseCase.SecretUseCase, auditLogUseCase authUseCase.AuditLogUseCase, logger *slog.Logger, ) *SecretHandler
NewSecretHandler creates a new secret handler with required dependencies.
func (*SecretHandler) CreateOrUpdateHandler ¶
func (h *SecretHandler) CreateOrUpdateHandler(c *gin.Context)
CreateOrUpdateHandler creates a new secret or updates an existing one. POST /v1/secrets/*path - Requires EncryptCapability. Returns 201 Created with secret metadata (excludes plaintext value for security).
func (*SecretHandler) DeleteHandler ¶
func (h *SecretHandler) DeleteHandler(c *gin.Context)
DeleteHandler soft deletes a secret by its path. DELETE /v1/secrets/*path - Requires DeleteCapability. Returns 204 No Content.
func (*SecretHandler) GetHandler ¶
func (h *SecretHandler) GetHandler(c *gin.Context)
GetHandler retrieves and decrypts a secret by path, optionally by version. GET /v1/secrets/*path?version=N - Requires DecryptCapability. Returns 200 OK with plaintext value. SECURITY: Plaintext is zeroed after response.
Source Files
Directories