From 77ab35e7a8b1d7507033e644f00186a107e85c98 Mon Sep 17 00:00:00 2001
From: Adam Migus <adam@migus.org>
Date: Wed, 14 Jul 2021 17:24:52 -0400
Subject: [PATCH] Extract the field from the secret.

---
 awx/main/credential_plugins/tss.py | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/awx/main/credential_plugins/tss.py b/awx/main/credential_plugins/tss.py
index f6b6a8a250..f3927f6658 100644
--- a/awx/main/credential_plugins/tss.py
+++ b/awx/main/credential_plugins/tss.py
@@ -1,7 +1,7 @@
 from .plugin import CredentialPlugin
 from django.utils.translation import ugettext_lazy as _
 
-from thycotic.secrets.server import SecretServer, PasswordGrantAuthorizer
+from thycotic.secrets.server import PasswordGrantAuthorizer, SecretServer, ServerSecret
 
 tss_inputs = {
     'fields': [
@@ -32,14 +32,22 @@ tss_inputs = {
             'help_text': _('The integer ID of the secret'),
             'type': 'string',
         },
+        {
+            'id': 'secret_field',
+            'label': _('Secret Field'),
+            'help_text': _('The field to extract from the secret'),
+            'type': 'string',
+        },
     ],
-    'required': ['server_url', 'username', 'password', 'secret_id'],
+    'required': ['server_url', 'username', 'password', 'secret_id', 'secret_field'],
 }
 
 tss_plugin = CredentialPlugin(
     'Thycotic Secret Server',
     tss_inputs,
-    lambda **kwargs: SecretServer(kwargs['server_url'], PasswordGrantAuthorizer(kwargs['server_url'], kwargs['username'], kwargs['password'])).get_secret(
-        kwargs['secret_id']
-    ),
+    lambda **kwargs: ServerSecret(
+        **SecretServer(kwargs['server_url'], PasswordGrantAuthorizer(kwargs['server_url'], kwargs['username'], kwargs['password'])).get_secret(
+            kwargs['secret_id']
+        )
+    ).fields[kwargs['secret_field']],
 )