Secrets: Add find endpoint

Requires the user to set allowKeysExposure to true before any calls can work. Signed-off-by: kingbri <bdashore3@proton.me>
2025-06-05 21:59:27 +02:00 · 2023-11-20 00:34:06 -05:00
parent e81c100e13
commit 6a511fdfcf
2 changed files with 41 additions and 0 deletions
--- a/src/secrets.js
+++ b/src/secrets.js
@@ -190,6 +190,30 @@ function registerEndpoints(app, jsonParser) {
            return response.sendStatus(500);
        }
    });
+
+    app.post('/api/secrets/find', jsonParser, (request, response) => {
+        const allowKeysExposure = getConfigValue('allowKeysExposure', false);
+
+        if (!allowKeysExposure) {
+            console.error('Cannot fetch secrets unless allowKeysExposure in config.conf is set to true');
+            return response.sendStatus(403);
+        }
+
+        const key = request.body.key
+
+        try {
+            const secret = readSecret(key)
+
+            if (!secret) {
+                response.sendStatus(404);
+            }
+
+            return response.send({ value: secret });
+        } catch (error) {
+            console.error(error);
+            return response.sendStatus(500);
+        }
+    });
 }

 module.exports = {