From b2c7e1f2d7bbb8e6f10bcf07b6cc4a34e758c2f6 Mon Sep 17 00:00:00 2001
From: Laurent Lafage <laurent.lafage@fr.clara.net>
Date: Tue, 6 Jun 2023 14:32:45 +0000
Subject: [PATCH] optional mount path for approle

---
 lib/vault/api/auth.rb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/vault/api/auth.rb b/lib/vault/api/auth.rb
index 472d1444..5e070aec 100644
--- a/lib/vault/api/auth.rb
+++ b/lib/vault/api/auth.rb
@@ -87,12 +87,14 @@ def app_id(app_id, user_id, options = {})
     # @param [String] role_id
     # @param [String] secret_id (default: nil)
     #   It is required when `bind_secret_id` is enabled for the specified role_id
+    # @param [String] path optional
+    #   the path were the approle auth backend is mounted
     #
     # @return [Secret]
-    def approle(role_id, secret_id=nil)
+    def approle(role_id, secret_id=nil, path = 'approle')
       payload = { role_id: role_id }
       payload[:secret_id] = secret_id if secret_id
-      json = client.post("/v1/auth/approle/login", JSON.fast_generate(payload))
+      json = client.post("/v1/auth/#{CGI.escape(path)}/login", JSON.fast_generate(payload))
       secret = Secret.decode(json)
       client.token = secret.auth.client_token
       return secret