Package de.stklcode.jvault.connector
Class HTTPVaultConnector
- java.lang.Object
-
- de.stklcode.jvault.connector.HTTPVaultConnector
-
- All Implemented Interfaces:
VaultConnector
,Serializable
,AutoCloseable
public class HTTPVaultConnector extends Object implements VaultConnector
Vault Connector implementation using Vault's HTTP API.- Since:
- 0.1
- Author:
- Stefan Kalscheuer
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description static String
DEFAULT_TLS_VERSION
-
Fields inherited from interface de.stklcode.jvault.connector.VaultConnector
PATH_SECRET
-
-
Constructor Summary
Constructors Constructor Description HTTPVaultConnector(String baseURL)
Create connector using full URL.HTTPVaultConnector(String hostname, boolean useTLS)
Create connector using hostname and schema.HTTPVaultConnector(String hostname, boolean useTLS, Integer port)
Create connector using hostname, schema and port.HTTPVaultConnector(String hostname, boolean useTLS, Integer port, String prefix)
Create connector using hostname, schema, port and path.HTTPVaultConnector(String hostname, boolean useTLS, Integer port, String prefix, X509Certificate trustedCaCert)
Create connector using hostname, schema, port, path and trusted certificate.HTTPVaultConnector(String hostname, boolean useTLS, String tlsVersion, Integer port, String prefix, X509Certificate trustedCaCert, int numberOfRetries, Integer timeout)
Create connector using hostname, schema, port, path and trusted certificate.HTTPVaultConnector(String baseURL, X509Certificate trustedCaCert)
Create connector using full URL and trusted certificate.HTTPVaultConnector(String baseURL, X509Certificate trustedCaCert, int numberOfRetries)
Create connector using full URL and trusted certificate.HTTPVaultConnector(String baseURL, X509Certificate trustedCaCert, int numberOfRetries, Integer timeout)
Create connector using full URL and trusted certificate.HTTPVaultConnector(String baseURL, X509Certificate trustedCaCert, int numberOfRetries, Integer timeout, String tlsVersion)
Create connector using full URL and trusted certificate.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description AuthResponse
authAppId(String appID, String userID)
Deprecated.AuthResponse
authAppRole(String roleID, String secretID)
Authorize to Vault using AppRole method.TokenResponse
authToken(String token)
Authorize to Vault using token.AuthResponse
authUserPass(String username, String password)
Authorize to Vault using username and password.void
close()
boolean
createAppRole(AppRole role)
Register a new AppRole role from given metamodel.AppRoleSecretResponse
createAppRoleSecret(String roleName, AppRoleSecret secret)
Register new AppRole secret with custom ID.boolean
createOrUpdateTokenRole(String name, TokenRole role)
Create a new or update an existing token role.AuthResponse
createToken(Token token)
Create a new token.AuthResponse
createToken(Token token, boolean orphan)
Create a new token.AuthResponse
createToken(Token token, String role)
Create a new token for specific role.void
delete(String key)
Delete key from Vault.void
deleteAllSecretVersions(String mount, String key)
Delete latest version of a secret from Vault.boolean
deleteAppRole(String roleName)
Delete AppRole role from Vault.void
deleteLatestSecretVersion(String mount, String key)
Delete latest version of a secret from Vault.void
deleteSecretVersions(String mount, String key, int... versions)
Delete secret versions from Vault.boolean
deleteTokenRole(String name)
Delete a token role.boolean
destroyAppRoleSecret(String roleName, String secretID)
Destroy an AppRole secret.void
destroySecretVersions(String mount, String key, int... versions)
Destroy secret versions from Vault.String
getAppRoleID(String roleName)
Retrieve ID for an AppRole role.List<AuthBackend>
getAuthBackends()
Get all available authentication backends.HealthResponse
getHealth()
Query server health information.boolean
isAuthorized()
Get authorization status.List<String>
list(String path)
List available nodes from Vault.List<String>
listAppRoles()
List existing (accessible) AppRole roles.List<String>
listAppRoleSecrets(String roleName)
List existing (accessible) secret IDs for AppRole role.List<String>
listTokenRoles()
List available token roles from Vault.AppRoleResponse
lookupAppRole(String roleName)
Lookup an AppRole role.AppRoleSecretResponse
lookupAppRoleSecret(String roleName, String secretID)
Lookup an AppRole secret.TokenResponse
lookupToken(String token)
Lookup token information.SecretResponse
read(String key)
Retrieve any nodes content from Vault.MetadataResponse
readSecretMetadata(String mount, String key)
Retrieve secret metadata from Vault.SecretResponse
readSecretVersion(String mount, String key, Integer version)
Retrieve secret data from Vault.TokenRoleResponse
readTokenRole(String name)
Lookup token information.boolean
registerAppId(String appID, String policy, String displayName)
Deprecated.boolean
registerUserId(String appID, String userID)
Deprecated.SecretResponse
renew(String leaseID, Integer increment)
Renew lease with given ID.void
resetAuth()
Reset authorization information.void
revoke(String leaseID)
Revoke given lease immediately.void
seal()
Seal vault.SealResponse
sealStatus()
Retrieve status of vault seal.boolean
setAppRoleID(String roleName, String roleID)
Set custom ID for an AppRole role.void
undeleteSecretVersions(String mount, String key, int... versions)
Undelete (restore) secret versions from Vault.SealResponse
unseal(String key, Boolean reset)
Unseal vault.void
updateSecretMetadata(String mount, String key, Integer maxVersions, boolean casRequired)
Update secret metadata.void
write(String key, Map<String,Object> data, Map<String,Object> options)
Write value to Vault.SecretVersionResponse
writeSecretData(String mount, String key, Map<String,Object> data, Integer cas)
Write secret to Vault.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface de.stklcode.jvault.connector.VaultConnector
authAppRole, createAppRole, createAppRole, createAppRole, createAppRole, createAppRoleSecret, createAppRoleSecret, createOrUpdateTokenRole, deleteAllSecretVersions, deleteLatestSecretVersion, deleteSecret, deleteSecretVersions, destroySecretVersions, listSecrets, readDbCredentials, readMongoDbCredentials, readMsSqlCredentials, readMySqlCredentials, readPostgreSqlCredentials, readSecret, readSecretData, readSecretData, readSecretMetadata, readSecretVersion, registerAppUserId, renew, undeleteSecretVersions, unseal, updateSecretMetadata, write, write, writeSecret, writeSecret, writeSecretData, writeSecretData
-
-
-
-
Field Detail
-
DEFAULT_TLS_VERSION
public static final String DEFAULT_TLS_VERSION
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
HTTPVaultConnector
public HTTPVaultConnector(String hostname, boolean useTLS)
Create connector using hostname and schema.- Parameters:
hostname
- The hostnameuseTLS
- If TRUE, use HTTPS, otherwise HTTP
-
HTTPVaultConnector
public HTTPVaultConnector(String hostname, boolean useTLS, Integer port)
Create connector using hostname, schema and port.- Parameters:
hostname
- The hostnameuseTLS
- If TRUE, use HTTPS, otherwise HTTPport
- The port
-
HTTPVaultConnector
public HTTPVaultConnector(String hostname, boolean useTLS, Integer port, String prefix)
Create connector using hostname, schema, port and path.- Parameters:
hostname
- The hostnameuseTLS
- If TRUE, use HTTPS, otherwise HTTPport
- The portprefix
- HTTP API prefix (default: /v1/)
-
HTTPVaultConnector
public HTTPVaultConnector(String hostname, boolean useTLS, Integer port, String prefix, X509Certificate trustedCaCert)
Create connector using hostname, schema, port, path and trusted certificate.- Parameters:
hostname
- The hostnameuseTLS
- If TRUE, use HTTPS, otherwise HTTPport
- The portprefix
- HTTP API prefix (default: /v1/)trustedCaCert
- Trusted CA certificate
-
HTTPVaultConnector
public HTTPVaultConnector(String hostname, boolean useTLS, String tlsVersion, Integer port, String prefix, X509Certificate trustedCaCert, int numberOfRetries, Integer timeout)
Create connector using hostname, schema, port, path and trusted certificate.- Parameters:
hostname
- The hostnameuseTLS
- If TRUE, use HTTPS, otherwise HTTPtlsVersion
- TLS versionport
- The portprefix
- HTTP API prefix (default: /v1/)trustedCaCert
- Trusted CA certificatenumberOfRetries
- Number of retries on 5xx errorstimeout
- Timeout for HTTP requests (milliseconds)
-
HTTPVaultConnector
public HTTPVaultConnector(String baseURL)
Create connector using full URL.- Parameters:
baseURL
- The URL
-
HTTPVaultConnector
public HTTPVaultConnector(String baseURL, X509Certificate trustedCaCert)
Create connector using full URL and trusted certificate.- Parameters:
baseURL
- The URLtrustedCaCert
- Trusted CA certificate
-
HTTPVaultConnector
public HTTPVaultConnector(String baseURL, X509Certificate trustedCaCert, int numberOfRetries)
Create connector using full URL and trusted certificate.- Parameters:
baseURL
- The URLtrustedCaCert
- Trusted CA certificatenumberOfRetries
- Number of retries on 5xx errors
-
HTTPVaultConnector
public HTTPVaultConnector(String baseURL, X509Certificate trustedCaCert, int numberOfRetries, Integer timeout)
Create connector using full URL and trusted certificate.- Parameters:
baseURL
- The URLtrustedCaCert
- Trusted CA certificatenumberOfRetries
- Number of retries on 5xx errorstimeout
- Timeout for HTTP requests (milliseconds)
-
HTTPVaultConnector
public HTTPVaultConnector(String baseURL, X509Certificate trustedCaCert, int numberOfRetries, Integer timeout, String tlsVersion)
Create connector using full URL and trusted certificate.- Parameters:
baseURL
- The URLtrustedCaCert
- Trusted CA certificatenumberOfRetries
- Number of retries on 5xx errorstimeout
- Timeout for HTTP requests (milliseconds)tlsVersion
- TLS Version.
-
-
Method Detail
-
resetAuth
public final void resetAuth()
Description copied from interface:VaultConnector
Reset authorization information.- Specified by:
resetAuth
in interfaceVaultConnector
-
sealStatus
public final SealResponse sealStatus() throws VaultConnectorException
Description copied from interface:VaultConnector
Retrieve status of vault seal.- Specified by:
sealStatus
in interfaceVaultConnector
- Returns:
- Seal status
- Throws:
VaultConnectorException
- on error
-
seal
public final void seal() throws VaultConnectorException
Description copied from interface:VaultConnector
Seal vault.- Specified by:
seal
in interfaceVaultConnector
- Throws:
VaultConnectorException
- on error
-
unseal
public final SealResponse unseal(String key, Boolean reset) throws VaultConnectorException
Description copied from interface:VaultConnector
Unseal vault.- Specified by:
unseal
in interfaceVaultConnector
- Parameters:
key
- A single master share keyreset
- Discard previously provided keys (optional)- Returns:
- Response with seal status
- Throws:
VaultConnectorException
- on error
-
getHealth
public HealthResponse getHealth() throws VaultConnectorException
Description copied from interface:VaultConnector
Query server health information.- Specified by:
getHealth
in interfaceVaultConnector
- Returns:
- Health information.
- Throws:
VaultConnectorException
- on error
-
isAuthorized
public final boolean isAuthorized()
Description copied from interface:VaultConnector
Get authorization status.- Specified by:
isAuthorized
in interfaceVaultConnector
- Returns:
- TRUE, if successfully authorized
-
getAuthBackends
public final List<AuthBackend> getAuthBackends() throws VaultConnectorException
Description copied from interface:VaultConnector
Get all available authentication backends.- Specified by:
getAuthBackends
in interfaceVaultConnector
- Returns:
- List of backends
- Throws:
VaultConnectorException
- on error
-
authToken
public final TokenResponse authToken(String token) throws VaultConnectorException
Description copied from interface:VaultConnector
Authorize to Vault using token.- Specified by:
authToken
in interfaceVaultConnector
- Parameters:
token
- The token- Returns:
- Token response
- Throws:
VaultConnectorException
- on error
-
authUserPass
public final AuthResponse authUserPass(String username, String password) throws VaultConnectorException
Description copied from interface:VaultConnector
Authorize to Vault using username and password.- Specified by:
authUserPass
in interfaceVaultConnector
- Parameters:
username
- The usernamepassword
- The password- Returns:
- Authorization result
- Throws:
VaultConnectorException
- on error
-
authAppId
@Deprecated public final AuthResponse authAppId(String appID, String userID) throws VaultConnectorException
Deprecated.Description copied from interface:VaultConnector
Authorize to Vault using AppID method.- Specified by:
authAppId
in interfaceVaultConnector
- Parameters:
appID
- The App IDuserID
- The User ID- Returns:
- The
AuthResponse
- Throws:
VaultConnectorException
- on error
-
authAppRole
public final AuthResponse authAppRole(String roleID, String secretID) throws VaultConnectorException
Description copied from interface:VaultConnector
Authorize to Vault using AppRole method.- Specified by:
authAppRole
in interfaceVaultConnector
- Parameters:
roleID
- The role IDsecretID
- The secret ID- Returns:
- The
AuthResponse
- Throws:
VaultConnectorException
- on error
-
registerAppId
@Deprecated public final boolean registerAppId(String appID, String policy, String displayName) throws VaultConnectorException
Deprecated.Description copied from interface:VaultConnector
Register new App-ID with policy.- Specified by:
registerAppId
in interfaceVaultConnector
- Parameters:
appID
- The unique App-IDpolicy
- The policy to associate withdisplayName
- Arbitrary name to display- Returns:
true
on success- Throws:
VaultConnectorException
- on error
-
registerUserId
@Deprecated public final boolean registerUserId(String appID, String userID) throws VaultConnectorException
Deprecated.Description copied from interface:VaultConnector
Register User-ID with App-ID.- Specified by:
registerUserId
in interfaceVaultConnector
- Parameters:
appID
- The App-IDuserID
- The User-ID- Returns:
true
on success- Throws:
VaultConnectorException
- on error
-
createAppRole
public final boolean createAppRole(AppRole role) throws VaultConnectorException
Description copied from interface:VaultConnector
Register a new AppRole role from given metamodel.- Specified by:
createAppRole
in interfaceVaultConnector
- Parameters:
role
- The role- Returns:
true
on success- Throws:
VaultConnectorException
- on error
-
lookupAppRole
public final AppRoleResponse lookupAppRole(String roleName) throws VaultConnectorException
Description copied from interface:VaultConnector
Lookup an AppRole role.- Specified by:
lookupAppRole
in interfaceVaultConnector
- Parameters:
roleName
- The role name- Returns:
- Result of the lookup
- Throws:
VaultConnectorException
- on error
-
deleteAppRole
public final boolean deleteAppRole(String roleName) throws VaultConnectorException
Description copied from interface:VaultConnector
Delete AppRole role from Vault.- Specified by:
deleteAppRole
in interfaceVaultConnector
- Parameters:
roleName
- The role name- Returns:
true
on success- Throws:
VaultConnectorException
- on error
-
getAppRoleID
public final String getAppRoleID(String roleName) throws VaultConnectorException
Description copied from interface:VaultConnector
Retrieve ID for an AppRole role.- Specified by:
getAppRoleID
in interfaceVaultConnector
- Parameters:
roleName
- The role name- Returns:
- The role ID
- Throws:
VaultConnectorException
- on error
-
setAppRoleID
public final boolean setAppRoleID(String roleName, String roleID) throws VaultConnectorException
Description copied from interface:VaultConnector
Set custom ID for an AppRole role.- Specified by:
setAppRoleID
in interfaceVaultConnector
- Parameters:
roleName
- The role nameroleID
- The role ID- Returns:
true
on success- Throws:
VaultConnectorException
- on error
-
createAppRoleSecret
public final AppRoleSecretResponse createAppRoleSecret(String roleName, AppRoleSecret secret) throws VaultConnectorException
Description copied from interface:VaultConnector
Register new AppRole secret with custom ID.- Specified by:
createAppRoleSecret
in interfaceVaultConnector
- Parameters:
roleName
- The role namesecret
- The secret meta object- Returns:
- The secret ID
- Throws:
VaultConnectorException
- on error
-
lookupAppRoleSecret
public final AppRoleSecretResponse lookupAppRoleSecret(String roleName, String secretID) throws VaultConnectorException
Description copied from interface:VaultConnector
Lookup an AppRole secret.- Specified by:
lookupAppRoleSecret
in interfaceVaultConnector
- Parameters:
roleName
- The role namesecretID
- The secret ID- Returns:
- Result of the lookup
- Throws:
VaultConnectorException
- on error
-
destroyAppRoleSecret
public final boolean destroyAppRoleSecret(String roleName, String secretID) throws VaultConnectorException
Description copied from interface:VaultConnector
Destroy an AppRole secret.- Specified by:
destroyAppRoleSecret
in interfaceVaultConnector
- Parameters:
roleName
- The role namesecretID
- The secret meta object- Returns:
- The secret ID
- Throws:
VaultConnectorException
- on error
-
listAppRoles
public final List<String> listAppRoles() throws VaultConnectorException
Description copied from interface:VaultConnector
List existing (accessible) AppRole roles.- Specified by:
listAppRoles
in interfaceVaultConnector
- Returns:
- List of roles
- Throws:
VaultConnectorException
- on error
-
listAppRoleSecrets
public final List<String> listAppRoleSecrets(String roleName) throws VaultConnectorException
Description copied from interface:VaultConnector
List existing (accessible) secret IDs for AppRole role.- Specified by:
listAppRoleSecrets
in interfaceVaultConnector
- Parameters:
roleName
- The role name- Returns:
- List of roles
- Throws:
VaultConnectorException
- on error
-
read
public final SecretResponse read(String key) throws VaultConnectorException
Description copied from interface:VaultConnector
Retrieve any nodes content from Vault.- Specified by:
read
in interfaceVaultConnector
- Parameters:
key
- Secret identifier- Returns:
- Secret response
- Throws:
VaultConnectorException
- on error
-
readSecretVersion
public final SecretResponse readSecretVersion(String mount, String key, Integer version) throws VaultConnectorException
Description copied from interface:VaultConnector
Retrieve secret data from Vault.
Path<mount>/data/<key>
is read here. Only available for KV v2 secrets.- Specified by:
readSecretVersion
in interfaceVaultConnector
- Parameters:
mount
- Secret store mount point (without leading or trailing slash).key
- Secret identifierversion
- Version to read. Ifnull
or zero, the latest version will be returned.- Returns:
- Secret response.
- Throws:
VaultConnectorException
- on error
-
readSecretMetadata
public final MetadataResponse readSecretMetadata(String mount, String key) throws VaultConnectorException
Description copied from interface:VaultConnector
Retrieve secret metadata from Vault.
Path<mount>/metadata/<key>
is read here. Only available for KV v2 secrets.- Specified by:
readSecretMetadata
in interfaceVaultConnector
- Parameters:
mount
- Secret store mount point (without leading or trailing slash).key
- Secret identifier- Returns:
- Metadata response
- Throws:
VaultConnectorException
- on error
-
updateSecretMetadata
public void updateSecretMetadata(String mount, String key, Integer maxVersions, boolean casRequired) throws VaultConnectorException
Description copied from interface:VaultConnector
Update secret metadata.
Path<mount>/metadata/<key>
is written here. Only available for KV v2 secrets.- Specified by:
updateSecretMetadata
in interfaceVaultConnector
- Parameters:
mount
- Secret store mount point (without leading or trailing slash).key
- Secret identifiermaxVersions
- Maximum number of versions (fallback to backend default ifnull
)casRequired
- Specify if Check-And-Set is required for this secret.- Throws:
VaultConnectorException
- on error
-
writeSecretData
public final SecretVersionResponse writeSecretData(String mount, String key, Map<String,Object> data, Integer cas) throws VaultConnectorException
Description copied from interface:VaultConnector
Write secret to Vault.
Path<mount>/data/<key>
is written here. Only available for KV v2 secrets.- Specified by:
writeSecretData
in interfaceVaultConnector
- Parameters:
mount
- Secret store mount point (without leading or trailing slash).key
- Secret identifierdata
- Secret content. Value must be be JSON serializable.cas
- Use Check-And-Set operation, i.e. only allow writing if current version matches this value.- Returns:
- Metadata for the created/updated secret.
- Throws:
VaultConnectorException
- on error
-
list
public final List<String> list(String path) throws VaultConnectorException
Description copied from interface:VaultConnector
List available nodes from Vault.- Specified by:
list
in interfaceVaultConnector
- Parameters:
path
- Root path to search- Returns:
- List of secret keys
- Throws:
VaultConnectorException
- on error
-
write
public final void write(String key, Map<String,Object> data, Map<String,Object> options) throws VaultConnectorException
Description copied from interface:VaultConnector
Write value to Vault.- Specified by:
write
in interfaceVaultConnector
- Parameters:
key
- Secret pathdata
- Secret content. Value must be be JSON serializable.options
- Secret options (optional).- Throws:
VaultConnectorException
- on error
-
delete
public final void delete(String key) throws VaultConnectorException
Description copied from interface:VaultConnector
Delete key from Vault.- Specified by:
delete
in interfaceVaultConnector
- Parameters:
key
- Secret path- Throws:
VaultConnectorException
- on error
-
deleteLatestSecretVersion
public final void deleteLatestSecretVersion(String mount, String key) throws VaultConnectorException
Description copied from interface:VaultConnector
Delete latest version of a secret from Vault.
Only available for KV v2 stores.- Specified by:
deleteLatestSecretVersion
in interfaceVaultConnector
- Parameters:
mount
- Secret store mount point (without leading or trailing slash).key
- Secret path.- Throws:
VaultConnectorException
- on error
-
deleteAllSecretVersions
public final void deleteAllSecretVersions(String mount, String key) throws VaultConnectorException
Description copied from interface:VaultConnector
Delete latest version of a secret from Vault.
Prefixsecret/
is automatically added to path. Only available for KV v2 stores.- Specified by:
deleteAllSecretVersions
in interfaceVaultConnector
- Parameters:
mount
- Secret store mount point (without leading or trailing slash).key
- Secret path.- Throws:
VaultConnectorException
- on error
-
deleteSecretVersions
public final void deleteSecretVersions(String mount, String key, int... versions) throws VaultConnectorException
Description copied from interface:VaultConnector
Delete secret versions from Vault.
Only available for KV v2 stores.- Specified by:
deleteSecretVersions
in interfaceVaultConnector
- Parameters:
mount
- Secret store mount point (without leading or trailing slash).key
- Secret path.versions
- Versions of the secret to delete.- Throws:
VaultConnectorException
- on error
-
undeleteSecretVersions
public final void undeleteSecretVersions(String mount, String key, int... versions) throws VaultConnectorException
Description copied from interface:VaultConnector
Undelete (restore) secret versions from Vault. Only available for KV v2 stores.- Specified by:
undeleteSecretVersions
in interfaceVaultConnector
- Parameters:
mount
- Secret store mount point (without leading or trailing slash).key
- Secret path.versions
- Versions of the secret to undelete.- Throws:
VaultConnectorException
- on error
-
destroySecretVersions
public final void destroySecretVersions(String mount, String key, int... versions) throws VaultConnectorException
Description copied from interface:VaultConnector
Destroy secret versions from Vault. Only available for KV v2 stores.- Specified by:
destroySecretVersions
in interfaceVaultConnector
- Parameters:
mount
- Secret store mount point (without leading or trailing slash).key
- Secret path.versions
- Versions of the secret to destroy.- Throws:
VaultConnectorException
- on error
-
revoke
public final void revoke(String leaseID) throws VaultConnectorException
Description copied from interface:VaultConnector
Revoke given lease immediately.- Specified by:
revoke
in interfaceVaultConnector
- Parameters:
leaseID
- the lease ID- Throws:
VaultConnectorException
- on error
-
renew
public final SecretResponse renew(String leaseID, Integer increment) throws VaultConnectorException
Description copied from interface:VaultConnector
Renew lease with given ID.- Specified by:
renew
in interfaceVaultConnector
- Parameters:
leaseID
- the lase IDincrement
- number of seconds to extend lease time- Returns:
- Renewed lease
- Throws:
VaultConnectorException
- on error
-
createToken
public final AuthResponse createToken(Token token) throws VaultConnectorException
Description copied from interface:VaultConnector
Create a new token.- Specified by:
createToken
in interfaceVaultConnector
- Parameters:
token
- the token- Returns:
- the result response
- Throws:
VaultConnectorException
- on error
-
createToken
public final AuthResponse createToken(Token token, boolean orphan) throws VaultConnectorException
Description copied from interface:VaultConnector
Create a new token.- Specified by:
createToken
in interfaceVaultConnector
- Parameters:
token
- the tokenorphan
- create orphan token- Returns:
- the result response
- Throws:
VaultConnectorException
- on error
-
createToken
public final AuthResponse createToken(Token token, String role) throws VaultConnectorException
Description copied from interface:VaultConnector
Create a new token for specific role.- Specified by:
createToken
in interfaceVaultConnector
- Parameters:
token
- the tokenrole
- the role name- Returns:
- the result response
- Throws:
VaultConnectorException
- on error
-
close
public final void close()
- Specified by:
close
in interfaceAutoCloseable
-
lookupToken
public final TokenResponse lookupToken(String token) throws VaultConnectorException
Description copied from interface:VaultConnector
Lookup token information.- Specified by:
lookupToken
in interfaceVaultConnector
- Parameters:
token
- the token- Returns:
- the result response
- Throws:
VaultConnectorException
- on error
-
createOrUpdateTokenRole
public boolean createOrUpdateTokenRole(String name, TokenRole role) throws VaultConnectorException
Description copied from interface:VaultConnector
Create a new or update an existing token role.- Specified by:
createOrUpdateTokenRole
in interfaceVaultConnector
- Parameters:
name
- the role name (overrides name possibly set in role entity)role
- the role entity- Returns:
true
on success- Throws:
VaultConnectorException
- on error
-
readTokenRole
public TokenRoleResponse readTokenRole(String name) throws VaultConnectorException
Description copied from interface:VaultConnector
Lookup token information.- Specified by:
readTokenRole
in interfaceVaultConnector
- Parameters:
name
- the role name- Returns:
- the result response
- Throws:
VaultConnectorException
- on error
-
listTokenRoles
public List<String> listTokenRoles() throws VaultConnectorException
Description copied from interface:VaultConnector
List available token roles from Vault.- Specified by:
listTokenRoles
in interfaceVaultConnector
- Returns:
- List of token roles
- Throws:
VaultConnectorException
- on error
-
deleteTokenRole
public boolean deleteTokenRole(String name) throws VaultConnectorException
Description copied from interface:VaultConnector
Delete a token role.- Specified by:
deleteTokenRole
in interfaceVaultConnector
- Parameters:
name
- the role name to delete- Returns:
true
on success- Throws:
VaultConnectorException
- on error
-
-