public class HTTPVaultConnector extends Object implements VaultConnector
PATH_SECRET
Constructor and Description |
---|
HTTPVaultConnector(String baseURL)
Create connector using full URL.
|
HTTPVaultConnector(String hostname,
boolean useTLS)
Create connector using hostname and schema.
|
HTTPVaultConnector(String hostname,
boolean useTLS,
Integer port)
Create connector using hostname, schema and port.
|
HTTPVaultConnector(String hostname,
boolean useTLS,
Integer port,
String prefix)
Create connector using hostname, schema, port and path.
|
HTTPVaultConnector(String hostname,
boolean useTLS,
Integer port,
String prefix,
SSLContext sslContext)
Create connector using hostname, schema, port, path and trusted certificate.
|
HTTPVaultConnector(String hostname,
boolean useTLS,
Integer port,
String prefix,
SSLContext sslContext,
int numberOfRetries,
Integer timeout)
Create connector using hostname, schema, port, path and trusted certificate.
|
HTTPVaultConnector(String baseURL,
SSLContext sslContext)
Create connector using full URL and trusted certificate.
|
HTTPVaultConnector(String baseURL,
SSLContext sslContext,
int numberOfRetries)
Create connector using full URL and trusted certificate.
|
HTTPVaultConnector(String baseURL,
SSLContext sslContext,
int numberOfRetries,
Integer timeout)
Create connector using full URL and trusted certificate.
|
Modifier and Type | Method and Description |
---|---|
AuthResponse |
authAppId(String appID,
String userID)
Deprecated.
|
AuthResponse |
authAppRole(String roleID,
String secretID)
Authorize to Vault using AppRole method.
|
TokenResponse |
authToken(String token)
Authorize to Vault using token.
|
AuthResponse |
authUserPass(String username,
String password)
Authorize to Vault using username and password.
|
void |
close() |
boolean |
createAppRole(AppRole role)
Register a new AppRole role from given metamodel.
|
AppRoleSecretResponse |
createAppRoleSecret(String roleName,
AppRoleSecret secret)
Register new AppRole secret with custom ID.
|
AuthResponse |
createToken(Token token)
Create a new token.
|
AuthResponse |
createToken(Token token,
boolean orphan)
Create a new token.
|
AuthResponse |
createToken(Token token,
String role)
Create a new token for specific role.
|
void |
delete(String key)
Delete key from Vault.
|
boolean |
deleteAppRole(String roleName)
Delete AppRole role from Vault.
|
boolean |
destroyAppRoleSecret(String roleName,
String secretID)
Destroy an AppRole secret.
|
String |
getAppRoleID(String roleName)
Retrieve ID for an AppRole role.
|
List<AuthBackend> |
getAuthBackends()
Get all availale authentication backends.
|
HealthResponse |
getHealth()
Query server health information.
|
boolean |
isAuthorized()
Get authorization status.
|
List<String> |
list(String path)
List available nodes from Vault.
|
List<String> |
listAppRoles()
List existing (accessible) AppRole roles.
|
List<String> |
listAppRoleSecrets(String roleName)
List existing (accessible) secret IDs for AppRole role.
|
AppRoleResponse |
lookupAppRole(String roleName)
Lookup an AppRole role.
|
AppRoleSecretResponse |
lookupAppRoleSecret(String roleName,
String secretID)
Lookup an AppRole secret.
|
TokenResponse |
lookupToken(String token)
Lookup token information.
|
SecretResponse |
read(String key)
Retrieve any nodes content from Vault.
|
boolean |
registerAppId(String appID,
String policy,
String displayName)
Deprecated.
|
boolean |
registerUserId(String appID,
String userID)
Deprecated.
|
SecretResponse |
renew(String leaseID,
Integer increment)
Renew lease with given ID.
|
void |
resetAuth()
Reset authorization information.
|
void |
revoke(String leaseID)
Revoke given lease immediately.
|
void |
seal()
Seal vault.
|
SealResponse |
sealStatus()
Retrieve status of vault seal.
|
boolean |
setAppRoleID(String roleName,
String roleID)
Set custom ID for an AppRole role.
|
SealResponse |
unseal(String key,
Boolean reset)
Unseal vault.
|
void |
write(String key,
Map<String,Object> data)
Write value to Vault.
|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
authAppRole, createAppRole, createAppRole, createAppRole, createAppRole, createAppRoleSecret, createAppRoleSecret, deleteSecret, listSecrets, readDbCredentials, readMongoDbCredentials, readMsSqlCredentials, readMySqlCredentials, readPostgreSqlCredentials, readSecret, registerAppUserId, renew, unseal, write, writeSecret, writeSecret
public HTTPVaultConnector(String hostname, boolean useTLS)
hostname
- The hostnameuseTLS
- If TRUE, use HTTPS, otherwise HTTPpublic HTTPVaultConnector(String hostname, boolean useTLS, Integer port)
hostname
- The hostnameuseTLS
- If TRUE, use HTTPS, otherwise HTTPport
- The portpublic HTTPVaultConnector(String hostname, boolean useTLS, Integer port, String prefix)
hostname
- The hostnameuseTLS
- If TRUE, use HTTPS, otherwise HTTPport
- The portprefix
- HTTP API prefix (default: /v1/)public HTTPVaultConnector(String hostname, boolean useTLS, Integer port, String prefix, SSLContext sslContext)
hostname
- The hostnameuseTLS
- If TRUE, use HTTPS, otherwise HTTPport
- The portprefix
- HTTP API prefix (default: /v1/)sslContext
- Custom SSL Contextpublic HTTPVaultConnector(String hostname, boolean useTLS, Integer port, String prefix, SSLContext sslContext, int numberOfRetries, Integer timeout)
hostname
- The hostnameuseTLS
- If TRUE, use HTTPS, otherwise HTTPport
- The portprefix
- HTTP API prefix (default: /v1/)sslContext
- Custom SSL ContextnumberOfRetries
- Number of retries on 5xx errorstimeout
- Timeout for HTTP requests (milliseconds)public HTTPVaultConnector(String baseURL)
baseURL
- The URLpublic HTTPVaultConnector(String baseURL, SSLContext sslContext)
baseURL
- The URLsslContext
- Custom SSL Contextpublic HTTPVaultConnector(String baseURL, SSLContext sslContext, int numberOfRetries)
baseURL
- The URLsslContext
- Custom SSL ContextnumberOfRetries
- Number of retries on 5xx errorspublic HTTPVaultConnector(String baseURL, SSLContext sslContext, int numberOfRetries, Integer timeout)
baseURL
- The URLsslContext
- Custom SSL ContextnumberOfRetries
- Number of retries on 5xx errorstimeout
- Timeout for HTTP requests (milliseconds)public final void resetAuth()
VaultConnector
resetAuth
in interface VaultConnector
public final SealResponse sealStatus() throws VaultConnectorException
VaultConnector
sealStatus
in interface VaultConnector
VaultConnectorException
- on errorpublic final void seal() throws VaultConnectorException
VaultConnector
seal
in interface VaultConnector
VaultConnectorException
- on errorpublic final SealResponse unseal(String key, Boolean reset) throws VaultConnectorException
VaultConnector
unseal
in interface VaultConnector
key
- A single master share keyreset
- Discard previously provided keys (optional)VaultConnectorException
- on errorpublic HealthResponse getHealth() throws VaultConnectorException
VaultConnector
getHealth
in interface VaultConnector
VaultConnectorException
- on errorpublic final boolean isAuthorized()
VaultConnector
isAuthorized
in interface VaultConnector
public final List<AuthBackend> getAuthBackends() throws VaultConnectorException
VaultConnector
getAuthBackends
in interface VaultConnector
VaultConnectorException
- on errorpublic final TokenResponse authToken(String token) throws VaultConnectorException
VaultConnector
authToken
in interface VaultConnector
token
- The tokenVaultConnectorException
- on errorpublic final AuthResponse authUserPass(String username, String password) throws VaultConnectorException
VaultConnector
authUserPass
in interface VaultConnector
username
- The usernamepassword
- The passwordVaultConnectorException
- on error@Deprecated public final AuthResponse authAppId(String appID, String userID) throws VaultConnectorException
VaultConnector
authAppId
in interface VaultConnector
appID
- The App IDuserID
- The User IDAuthResponse
VaultConnectorException
- on errorpublic final AuthResponse authAppRole(String roleID, String secretID) throws VaultConnectorException
VaultConnector
authAppRole
in interface VaultConnector
roleID
- The role IDsecretID
- The secret IDAuthResponse
VaultConnectorException
- on error@Deprecated public final boolean registerAppId(String appID, String policy, String displayName) throws VaultConnectorException
VaultConnector
registerAppId
in interface VaultConnector
appID
- The unique App-IDpolicy
- The policy to associate withdisplayName
- Arbitrary name to displaytrue
on successVaultConnectorException
- on error@Deprecated public final boolean registerUserId(String appID, String userID) throws VaultConnectorException
VaultConnector
registerUserId
in interface VaultConnector
appID
- The App-IDuserID
- The User-IDtrue
on successVaultConnectorException
- on errorpublic final boolean createAppRole(AppRole role) throws VaultConnectorException
VaultConnector
createAppRole
in interface VaultConnector
role
- The roletrue
on successVaultConnectorException
- on errorpublic final AppRoleResponse lookupAppRole(String roleName) throws VaultConnectorException
VaultConnector
lookupAppRole
in interface VaultConnector
roleName
- The role nameVaultConnectorException
- on errorpublic final boolean deleteAppRole(String roleName) throws VaultConnectorException
VaultConnector
deleteAppRole
in interface VaultConnector
roleName
- The role anmetrue
on succevssVaultConnectorException
- on errorpublic final String getAppRoleID(String roleName) throws VaultConnectorException
VaultConnector
getAppRoleID
in interface VaultConnector
roleName
- The role nameVaultConnectorException
- on errorpublic final boolean setAppRoleID(String roleName, String roleID) throws VaultConnectorException
VaultConnector
setAppRoleID
in interface VaultConnector
roleName
- The role nameroleID
- The role IDtrue
on successVaultConnectorException
- on errorpublic final AppRoleSecretResponse createAppRoleSecret(String roleName, AppRoleSecret secret) throws VaultConnectorException
VaultConnector
createAppRoleSecret
in interface VaultConnector
roleName
- The role namesecret
- The secret meta objectVaultConnectorException
- on errorpublic final AppRoleSecretResponse lookupAppRoleSecret(String roleName, String secretID) throws VaultConnectorException
VaultConnector
lookupAppRoleSecret
in interface VaultConnector
roleName
- The role namesecretID
- The secret IDVaultConnectorException
- on errorpublic final boolean destroyAppRoleSecret(String roleName, String secretID) throws VaultConnectorException
VaultConnector
destroyAppRoleSecret
in interface VaultConnector
roleName
- The role namesecretID
- The secret meta objectVaultConnectorException
- on errorpublic final List<String> listAppRoles() throws VaultConnectorException
VaultConnector
listAppRoles
in interface VaultConnector
VaultConnectorException
- on errorpublic final List<String> listAppRoleSecrets(String roleName) throws VaultConnectorException
VaultConnector
listAppRoleSecrets
in interface VaultConnector
roleName
- The role nameVaultConnectorException
- on errorpublic final SecretResponse read(String key) throws VaultConnectorException
VaultConnector
read
in interface VaultConnector
key
- Secret identifierVaultConnectorException
- on errorpublic final List<String> list(String path) throws VaultConnectorException
VaultConnector
list
in interface VaultConnector
path
- Root path to searchVaultConnectorException
- on errorpublic final void write(String key, Map<String,Object> data) throws VaultConnectorException
VaultConnector
write
in interface VaultConnector
key
- Secret pathdata
- Secret content. Value must be be JSON serializable.VaultConnectorException
- on errorpublic final void delete(String key) throws VaultConnectorException
VaultConnector
delete
in interface VaultConnector
key
- Secret pathVaultConnectorException
- on errorpublic final void revoke(String leaseID) throws VaultConnectorException
VaultConnector
revoke
in interface VaultConnector
leaseID
- the lease IDVaultConnectorException
- on errorpublic final SecretResponse renew(String leaseID, Integer increment) throws VaultConnectorException
VaultConnector
renew
in interface VaultConnector
leaseID
- the lase IDincrement
- number of seconds to extend lease timeVaultConnectorException
- on errorpublic final AuthResponse createToken(Token token) throws VaultConnectorException
VaultConnector
createToken
in interface VaultConnector
token
- the tokenVaultConnectorException
- on errorpublic final AuthResponse createToken(Token token, boolean orphan) throws VaultConnectorException
VaultConnector
createToken
in interface VaultConnector
token
- the tokenorphan
- create orphan tokenVaultConnectorException
- on errorpublic final AuthResponse createToken(Token token, String role) throws VaultConnectorException
VaultConnector
createToken
in interface VaultConnector
token
- the tokenrole
- the role nameVaultConnectorException
- on errorpublic final void close()
close
in interface AutoCloseable
public final TokenResponse lookupToken(String token) throws VaultConnectorException
VaultConnector
lookupToken
in interface VaultConnector
token
- the tokenVaultConnectorException
- on errorCopyright © 2016–2018. All rights reserved.