Add structured encrypt example (GEA-11385) (#158)

Author: kenany

examples/README.md

@@ -1,21 +1,22 @@
 # Pangea Go SDK examples
 
-This is a quick example about how you use Pangea Go SDK, set up and run it.
+This directory contains full examples on how to use the Pangea Go SDK.
 
 ## Setup
 
-Set up environment variables ([Instructions](https://pangea.cloud/docs/getting-started/integrate/#set-environment-variables)) `PANGEA_AUDIT_TOKEN` and `PANGEA_DOMAIN` with your project token configured on Pangea User Console (token should have access to Audit service [Instructions](https://pangea.cloud/docs/getting-started/configure-services/#configure-a-pangea-service)) and with your pangea domain.
+Each example requires certain environment variables to be set. `PANGEA_DOMAIN`
+must be set to a Pangea domain (e.g. `aws.us.pangea.cloud`). Then, a token
+variable must be set as well. This is typically in the format of
+`PANGEA_{SERVICE_NAME}_TOKEN` (so: `PANGEA_REDACT_TOKEN` for the Redact service,
+`PANGEA_VAULT_TOKEN` for the Vault service, etc.). Finally, note that some
+examples require additional variables, so check out the example's source code
+and look out for what environment variables it loads at the beginning.
 
 ## Run
 
-To run examples, move to service folder:
-```
-cd examples/intel
-go mod tidy
-```
+To run an example, navigate to its directory and use `go run`:
 
-and from service folder run:
-
-```
-go run url/reputation.go
+```bash
+$ cd examples/intel
+$ go run url/reputation.go
 ```

examples/vault/go.mod

@@ -6,9 +6,10 @@ require github.com/pangeacyber/pangea-go/pangea-sdk/v3 v3.5.0
 
 require (
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
-	github.com/hashicorp/go-retryablehttp v0.7.2 // indirect
-	github.com/mattn/go-colorable v0.1.12 // indirect
-	github.com/mattn/go-isatty v0.0.14 // indirect
-	github.com/rs/zerolog v1.29.1 // indirect
-	golang.org/x/sys v0.11.0 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.5 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/rs/zerolog v1.31.0 // indirect
+	github.com/stretchr/testify v1.8.4 // indirect
+	golang.org/x/sys v0.15.0 // indirect
 )

examples/vault/go.sum

@@ -6,24 +6,28 @@ github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9n
 github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
 github.com/hashicorp/go-hclog v0.9.2 h1:CG6TE5H9/JXsFWJCfoIVpKFIkFe6ysEuHirp4DxCsHI=
 github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
-github.com/hashicorp/go-retryablehttp v0.7.2 h1:AcYqCvkpalPnPF2pn0KamgwamS42TqUDDYFRKq/RAd0=
-github.com/hashicorp/go-retryablehttp v0.7.2/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
-github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40=
-github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4=
-github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y=
-github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
+github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M=
+github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
+github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
+github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
+github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
+github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
+github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/pangeacyber/pangea-go/pangea-sdk/v3 v3.5.0 h1:RSDC/t1klmMXp9C6QZwDXqlGOVf9L/V5/gNfKXZ+PPo=
 github.com/pangeacyber/pangea-go/pangea-sdk/v3 v3.5.0/go.mod h1:Mza25gc1H5EwnRN3Qg3G8b192nOMQ8c+UOl0zhD+dGE=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/rs/xid v1.4.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
-github.com/rs/zerolog v1.29.1 h1:cO+d60CHkknCbvzEWxP0S9K6KqyTjrCNUy1LdQLCGPc=
-github.com/rs/zerolog v1.29.1/go.mod h1:Le6ESbR7hc+DP6Lt1THiV8CQSdkkNrd3R0XbEgp3ZBU=
+github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
+github.com/rs/zerolog v1.31.0 h1:FcTR3NnLWW+NnTwwhFWiJSZr4ECLpqCm6QsEnyvbV4A=
+github.com/rs/zerolog v1.31.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
-github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
-golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM=
-golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=

examples/vault/structured_encrypt.go

@@ -0,0 +1,63 @@
+package main
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"os"
+	"time"
+
+	"github.com/pangeacyber/pangea-go/pangea-sdk/v3/pangea"
+	"github.com/pangeacyber/pangea-go/pangea-sdk/v3/service/vault"
+)
+
+func main() {
+	token := os.Getenv("PANGEA_VAULT_TOKEN")
+	if token == "" {
+		log.Fatal("missing PANGEA_VAULT_TOKEN environment variable")
+	}
+
+	domain := os.Getenv("PANGEA_DOMAIN")
+	if domain == "" {
+		log.Fatal("missing PANGEA_DOMAIN environment variable")
+	}
+
+	vaultClient := vault.New(&pangea.Config{
+		Token:  token,
+		Domain: domain,
+	})
+
+	ctx := context.Background()
+
+	// First create an encryption key, either from the Pangea Console or
+	// programmatically as below.
+	generateInput := &vault.SymmetricGenerateRequest{
+		Algorithm: vault.SYAaes256_cfb,
+		Purpose:   vault.KPencryption,
+		CommonGenerateRequest: vault.CommonGenerateRequest{
+			Name: "Go encrypt example " + time.Now().Format(time.RFC3339),
+		},
+	}
+	generateResponse, err := vaultClient.SymmetricGenerate(ctx, generateInput)
+	if err != nil {
+		log.Fatal(err)
+	}
+	encryptionKeyId := generateResponse.Result.ID
+
+	// Structured data that we'll encrypt.
+	data := map[string]interface{}{
+		"foo":  [4]interface{}{1, 2, "true", "false"},
+		"some": "thing",
+	}
+
+	encryptInput := &vault.EncryptStructuredRequest{
+		ID:             encryptionKeyId,
+		StructuredData: data,
+		Filter:         "$.foo[2:4]",
+	}
+	encryptResponse, err := vaultClient.EncryptStructured(ctx, encryptInput)
+	if err != nil {
+		log.Fatal(err)
+	}
+	fmt.Println("Encrypted result:", pangea.Stringify(encryptResponse.Result.StructuredData))
+}

go.work

@@ -0,0 +1,7 @@
+go 1.18
+
+use (
+	./examples/vault
+	./pangea-sdk/v2
+	./pangea-sdk/v3
+)

go.work.sum

@@ -0,0 +1,3 @@
+golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
+golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=