bitwarden · Thomas-Avery · May 15, 2024 · Mar 21, 2024 · Mar 22, 2024 · Mar 25, 2024
diff --git a/crates/bitwarden/CHANGELOG.md b/crates/bitwarden/CHANGELOG.md
@@ -7,6 +7,10 @@ adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
 
+### Added
+
+- Support for secrets sync (#678)
+
 ## [0.5.0] - 2024-04-26
 
 ### Changed

diff --git a/crates/bitwarden/src/secrets_manager/client_secrets.rs b/crates/bitwarden/src/secrets_manager/client_secrets.rs
@@ -2,10 +2,11 @@
     error::Result,
     secrets_manager::secrets::{
         create_secret, delete_secrets, get_secret, get_secrets_by_ids, list_secrets,
-        list_secrets_by_project, update_secret, SecretCreateRequest, SecretGetRequest,
-        SecretIdentifiersByProjectRequest, SecretIdentifiersRequest, SecretIdentifiersResponse,
-        SecretPutRequest, SecretResponse, SecretsDeleteRequest, SecretsDeleteResponse,
-        SecretsGetRequest, SecretsResponse,
+        list_secrets_by_project, sync_secrets, update_secret, SecretCreateRequest,
+        SecretGetRequest, SecretIdentifiersByProjectRequest, SecretIdentifiersRequest,
+        SecretIdentifiersResponse, SecretPutRequest, SecretResponse, SecretsDeleteRequest,
+        SecretsDeleteResponse, SecretsGetRequest, SecretsResponse, SecretsSyncRequest,
+        SecretsSyncResponse,
     },
     Client,
 };
@@ -48,6 +49,10 @@
     pub async fn delete(&mut self, input: SecretsDeleteRequest) -> Result<SecretsDeleteResponse> {
         delete_secrets(self.client, input).await
     }
+
+    pub async fn sync(&mut self, input: &SecretsSyncRequest) -> Result<SecretsSyncResponse> {
+        sync_secrets(self.client, input).await
+    }
 }
 
 impl<'a> Client {

diff --git a/crates/bitwarden/src/secrets_manager/secrets/mod.rs b/crates/bitwarden/src/secrets_manager/secrets/mod.rs
@@ -4,6 +4,7 @@ mod get;
 mod get_by_ids;
 mod list;
 mod secret_response;
+mod sync;
 mod update;
 
 pub(crate) use create::create_secret;
@@ -19,5 +20,7 @@ pub use list::{
     SecretIdentifiersByProjectRequest, SecretIdentifiersRequest, SecretIdentifiersResponse,
 };
 pub use secret_response::{SecretResponse, SecretsResponse};
+pub(crate) use sync::sync_secrets;
+pub use sync::{SecretsSyncRequest, SecretsSyncResponse};
 pub(crate) use update::update_secret;
 pub use update::SecretPutRequest;
diff --git a/crates/bitwarden/src/secrets_manager/secrets/sync.rs b/crates/bitwarden/src/secrets_manager/secrets/sync.rs
@@ -0,0 +1,74 @@
+use bitwarden_api_api::models::SecretsSyncResponseModel;
+use chrono::{DateTime, Utc};
+use schemars::JsonSchema;
+use serde::{Deserialize, Serialize};
+use uuid::Uuid;
+
+use super::SecretResponse;
+use crate::{
+    client::encryption_settings::EncryptionSettings,
+    error::{require, Result},
+    Client,
+};
+
+#[derive(Serialize, Deserialize, Debug, JsonSchema)]
+#[serde(rename_all = "camelCase", deny_unknown_fields)]
+pub struct SecretsSyncRequest {
+    /// Organization to sync secrets from
+    pub organization_id: Uuid,
+    /// Optional date time a sync last occurred
+    pub last_synced_date: Option<DateTime<Utc>>,
+}
+
+pub(crate) async fn sync_secrets(
+    client: &mut Client,
+    input: &SecretsSyncRequest,
+) -> Result<SecretsSyncResponse> {
+    let config = client.get_api_configurations().await;
+    let last_synced_date = input.last_synced_date.map(|date| date.to_rfc3339());
+
+    let res = bitwarden_api_api::apis::secrets_api::organizations_organization_id_secrets_sync_get(
+        &config.api,
+        input.organization_id,
+        last_synced_date,
+    )
+    .await?;
+
+    let enc = client.get_encryption_settings()?;
+
+    SecretsSyncResponse::process_response(res, enc)
+}
+
+#[derive(Serialize, Deserialize, Debug, JsonSchema)]
+#[serde(rename_all = "camelCase", deny_unknown_fields)]
+pub struct SecretsSyncResponse {
+    pub has_changes: bool,
+    pub secrets: Option<Vec<SecretResponse>>,
+}
+
+impl SecretsSyncResponse {
+    pub(crate) fn process_response(
+        response: SecretsSyncResponseModel,
+        enc: &EncryptionSettings,
+    ) -> Result<SecretsSyncResponse> {
+        let has_changes = require!(response.has_changes);
+
+        if has_changes {
+            let secrets = require!(response.secrets)
+                .data
+                .unwrap_or_default()
+                .into_iter()
+                .map(|r| SecretResponse::process_base_response(r, enc))
+                .collect::<Result<_, _>>()?;
+            return Ok(SecretsSyncResponse {
+                has_changes,
+                secrets: Some(secrets),
+            });
+        }
+
+        Ok(SecretsSyncResponse {
+            has_changes: false,
+            secrets: None,
+        })
+    }
+}