From de384467b6609f08105a072c691cce6f4ba4bad1 Mon Sep 17 00:00:00 2001
From: Shreyas Bhat <sbhat@fnal.gov>
Date: Thu, 17 Jul 2025 10:06:16 -0500
Subject: [PATCH] Fixed new capability set workflow to use key "tokensubject",
 not "token_subject" in FERRY call

---
 .../helpers/supported_workflows/NewCapabilitySet.py  | 12 +++++++++++-
 tests/test_NewCapabilitySet.py                       |  2 +-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/ferry_cli/helpers/supported_workflows/NewCapabilitySet.py b/ferry_cli/helpers/supported_workflows/NewCapabilitySet.py
index c3d9916..0289f6a 100755
--- a/ferry_cli/helpers/supported_workflows/NewCapabilitySet.py
+++ b/ferry_cli/helpers/supported_workflows/NewCapabilitySet.py
@@ -71,6 +71,14 @@ def __init__(self: "NewCapabilitySet") -> None:
                 "type": "string",
                 "required": False,
             },
+            {
+                "name": "vault_storage_key",
+                "description": (
+                    'The default will just be setname, but if the intent is to not store this vault storage key in LDAP, set this to the string "none"'
+                ),
+                "type": "string",
+                "required": False,
+            },
         ]
         super().__init__()
 
@@ -244,7 +252,9 @@ def run(self: "NewCapabilitySet", api: "FerryAPI", args: Any) -> Any:  # type: i
                 "pattern": args["scopes_pattern"],
             }
             if args.get("token_subject", None) is not None:
-                new_cap_set_params["token_subject"] = args["token_subject"]
+                new_cap_set_params["tokensubject"] = args["token_subject"]
+            if args.get("vault_storage_key", None) is not None:
+                new_cap_set_params["vaultstoragekey"] = args["vault_storage_key"]
 
             self.verify_output(
                 api,
diff --git a/tests/test_NewCapabilitySet.py b/tests/test_NewCapabilitySet.py
index 9b60210..b6b8cda 100644
--- a/tests/test_NewCapabilitySet.py
+++ b/tests/test_NewCapabilitySet.py
@@ -65,7 +65,7 @@
                 ),
                 (
                     "Would call endpoint: https://example.com/createCapabilitySet with params\n"
-                    + "{'setname': 'testcapabilityset', 'pattern': 'scope1,scope2', 'token_subject': 'none'}"
+                    + "{'setname': 'testcapabilityset', 'pattern': 'scope1,scope2', 'tokensubject': 'none'}"
                 ),
                 (
                     "Would call endpoint: https://example.com/addCapabilitySetToFQAN with params\n"