org.springframework.vault.client.VaultClients Java Examples
The following examples show how to use
org.springframework.vault.client.VaultClients.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: PcfAuthenticationUnitTests.java From spring-vault with Apache License 2.0 | 6 votes |
|
@BeforeEach
void before() {
RestTemplate restTemplate = VaultClients.createRestTemplate();
restTemplate.setUriTemplateHandler(new PrefixAwareUriTemplateHandler());
this.mockRest = MockRestServiceServer.createServer(restTemplate);
this.restTemplate = restTemplate;
}
Example #2
| Source File: AppRoleAuthenticationUnitTests.java From spring-vault with Apache License 2.0 | 6 votes |
|
@BeforeEach
void before() {
RestTemplate restTemplate = VaultClients.createRestTemplate();
restTemplate.setUriTemplateHandler(new PrefixAwareUriTemplateHandler());
this.mockRest = MockRestServiceServer.createServer(restTemplate);
this.restTemplate = restTemplate;
}
Example #3
| Source File: AwsIamAuthenticationUnitTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@BeforeEach
void before() {
RestTemplate restTemplate = VaultClients.createRestTemplate();
restTemplate.setUriTemplateHandler(new PrefixAwareUriTemplateHandler());
this.mockRest = MockRestServiceServer.createServer(restTemplate);
this.restTemplate = restTemplate;
}
Example #4
| Source File: SpringVaultClientConfiguration.java From spring-cloud-config with Apache License 2.0 | 5 votes |
|
private RestOperations applyNamespaceInterceptor(RestTemplate restTemplate) {
if (vaultProperties.getNamespace() != null) {
restTemplate.getInterceptors().add(VaultClients
.createNamespaceInterceptor(vaultProperties.getNamespace()));
}
return restTemplate;
}
Example #5
| Source File: KubernetesHashicorpVaultClientAuthenticationProvider.java From knox with Apache License 2.0 | 5 votes |
|
private RestOperations getRestOperations(Map<String, String> properties) throws Exception {
String vaultAddress = properties.get(HashicorpVaultAliasService.VAULT_ADDRESS_KEY);
VaultEndpoint vaultEndpoint = VaultEndpoint.from(new URI(vaultAddress));
VaultEndpointProvider vaultEndpointProvider = SimpleVaultEndpointProvider.of(vaultEndpoint);
ClientOptions clientOptions = new ClientOptions();
SslConfiguration sslConfiguration = SslConfiguration.unconfigured();
ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory.create(
clientOptions, sslConfiguration);
return VaultClients.createRestTemplate(vaultEndpointProvider, clientHttpRequestFactory);
}
Example #6
| Source File: KubernetesAuthenticationUnitTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@BeforeEach
void before() {
RestTemplate restTemplate = VaultClients.createRestTemplate();
restTemplate.setUriTemplateHandler(new PrefixAwareUriTemplateHandler());
this.mockRest = MockRestServiceServer.createServer(restTemplate);
this.restTemplate = restTemplate;
}
Example #7
| Source File: AppIdAuthenticationUnitTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@BeforeEach
void before() {
RestTemplate restTemplate = VaultClients.createRestTemplate();
restTemplate.setUriTemplateHandler(new PrefixAwareUriTemplateHandler());
this.mockRest = MockRestServiceServer.createServer(restTemplate);
this.restTemplate = restTemplate;
}
Example #8
| Source File: AwsEc2AuthenticationUnitTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@BeforeEach
void before() {
RestTemplate restTemplate = VaultClients.createRestTemplate();
restTemplate.setUriTemplateHandler(new PrefixAwareUriTemplateHandler());
this.mockRest = MockRestServiceServer.createServer(restTemplate);
this.restTemplate = restTemplate;
}
Example #9
| Source File: ClientCertificateAuthenticationUnitTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@BeforeEach
void before() {
RestTemplate restTemplate = VaultClients.createRestTemplate();
restTemplate.setUriTemplateHandler(new PrefixAwareUriTemplateHandler());
this.mockRest = MockRestServiceServer.createServer(restTemplate);
this.restTemplate = restTemplate;
}
Example #10
| Source File: AzureMsiAuthenticationUnitTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@BeforeEach
void before() {
RestTemplate restTemplate = VaultClients.createRestTemplate();
restTemplate.setUriTemplateHandler(new PrefixAwareUriTemplateHandler());
this.mockRest = MockRestServiceServer.createServer(restTemplate);
this.restTemplate = restTemplate;
}
Example #11
| Source File: ClientCertificateAuthenticationStepsIntegrationTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void authenticationStepsLoginShouldFail() {
ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory.create(new ClientOptions(),
Settings.createSslConfiguration());
RestTemplate restTemplate = VaultClients.createRestTemplate(TestRestTemplateFactory.TEST_VAULT_ENDPOINT,
clientHttpRequestFactory);
assertThatExceptionOfType(NestedRuntimeException.class).isThrownBy(
() -> new AuthenticationStepsExecutor(ClientCertificateAuthentication.createAuthenticationSteps(),
restTemplate).login());
}
Example #12
| Source File: AuthenticationStepsExecutorUnitTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@BeforeEach
void before() {
RestTemplate restTemplate = VaultClients.createRestTemplate();
restTemplate.setUriTemplateHandler(new PrefixAwareUriTemplateHandler());
this.mockRest = MockRestServiceServer.createServer(restTemplate);
this.restTemplate = restTemplate;
}
Example #13
| Source File: ClientCertificateAuthenticationIntegrationTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void loginShouldFail() {
ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory.create(new ClientOptions(),
Settings.createSslConfiguration());
RestTemplate restTemplate = VaultClients.createRestTemplate(TestRestTemplateFactory.TEST_VAULT_ENDPOINT,
clientHttpRequestFactory);
assertThatExceptionOfType(NestedRuntimeException.class)
.isThrownBy(() -> new ClientCertificateAuthentication(restTemplate).login());
}
Example #14
| Source File: ClientCertificateAuthenticationIntegrationTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void shouldSelectInvalidKey() {
ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory.create(new ClientOptions(),
prepareCertAuthenticationMethod(SslConfiguration.KeyConfiguration.of("changeit".toCharArray(), "2")));
RestTemplate restTemplate = VaultClients.createRestTemplate(TestRestTemplateFactory.TEST_VAULT_ENDPOINT,
clientHttpRequestFactory);
ClientCertificateAuthentication authentication = new ClientCertificateAuthentication(restTemplate);
assertThatExceptionOfType(NestedRuntimeException.class).isThrownBy(authentication::login);
}
Example #15
| Source File: ClientCertificateAuthenticationIntegrationTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void shouldSelectKey() {
ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory.create(new ClientOptions(),
prepareCertAuthenticationMethod(SslConfiguration.KeyConfiguration.of("changeit".toCharArray(), "1")));
RestTemplate restTemplate = VaultClients.createRestTemplate(TestRestTemplateFactory.TEST_VAULT_ENDPOINT,
clientHttpRequestFactory);
ClientCertificateAuthentication authentication = new ClientCertificateAuthentication(restTemplate);
VaultToken login = authentication.login();
assertThat(login.getToken()).isNotEmpty();
}
Example #16
| Source File: ClientCertificateAuthenticationIntegrationTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void shouldLoginSuccessfully() {
ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory.create(new ClientOptions(),
prepareCertAuthenticationMethod());
RestTemplate restTemplate = VaultClients.createRestTemplate(TestRestTemplateFactory.TEST_VAULT_ENDPOINT,
clientHttpRequestFactory);
ClientCertificateAuthentication authentication = new ClientCertificateAuthentication(restTemplate);
VaultToken login = authentication.login();
assertThat(login.getToken()).isNotEmpty();
}
Example #17
| Source File: ClientCertificateAuthenticationStepsIntegrationTests.java From spring-vault with Apache License 2.0 | 4 votes |
|
@Test
void authenticationStepsShouldLoginSuccessfully() {
ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory.create(new ClientOptions(),
prepareCertAuthenticationMethod());
RestTemplate restTemplate = VaultClients.createRestTemplate(TestRestTemplateFactory.TEST_VAULT_ENDPOINT,
clientHttpRequestFactory);
AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
ClientCertificateAuthentication.createAuthenticationSteps(), restTemplate);
VaultToken login = executor.login();
assertThat(login.getToken()).isNotEmpty();
}
Example #18
| Source File: ClientCertificateNamespaceIntegrationTests.java From spring-vault with Apache License 2.0 | 4 votes |
|
@BeforeEach
void before() {
Assumptions.assumeTrue(prepare().getVersion().isEnterprise(), "Namespaces require enterprise version");
List<String> namespaces = new ArrayList<>(Arrays.asList("dev/", "marketing/"));
List<String> list = prepare().getVaultOperations().list("sys/namespaces");
namespaces.removeAll(list);
for (String namespace : namespaces) {
prepare().getVaultOperations().write("sys/namespaces/" + namespace.replaceAll("/", ""));
}
RestTemplateBuilder devRestTemplate = RestTemplateBuilder.builder()
.requestFactory(
ClientHttpRequestFactoryFactory.create(new ClientOptions(), Settings.createSslConfiguration()))
.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT).customizers(restTemplate -> restTemplate
.getInterceptors().add(VaultClients.createNamespaceInterceptor("dev")));
VaultTemplate dev = new VaultTemplate(devRestTemplate,
new SimpleSessionManager(new TokenAuthentication(Settings.token())));
mountKv(dev, "dev-secrets");
dev.opsForSys().createOrUpdatePolicy("relaxed", POLICY);
if (!dev.opsForSys().getAuthMounts().containsKey("cert/")) {
dev.opsForSys().authMount("cert", VaultMount.create("cert"));
}
dev.doWithSession((RestOperationsCallback<Object>) restOperations -> {
File workDir = findWorkDir();
String certificate = Files.contentOf(new File(workDir, "ca/certs/client.cert.pem"),
StandardCharsets.US_ASCII);
Map<String, String> role = new LinkedHashMap<>();
role.put("token_policies", "relaxed");
role.put("policies", "relaxed");
role.put("certificate", certificate);
return restOperations.postForEntity("auth/cert/certs/relaxed", role, Map.class);
});
}
Example #19
| Source File: VaultNamespaceSecretIntegrationTests.java From spring-vault with Apache License 2.0 | 4 votes |
|
@BeforeEach
void before() {
Assumptions.assumeTrue(prepare().getVersion().isEnterprise(), "Namespaces require enterprise version");
List<String> namespaces = new ArrayList<>(Arrays.asList("dev/", "marketing/"));
List<String> list = prepare().getVaultOperations().list("sys/namespaces");
namespaces.removeAll(list);
for (String namespace : namespaces) {
prepare().getVaultOperations().write("sys/namespaces/" + namespace.replaceAll("/", ""));
}
this.devRestTemplate = RestTemplateBuilder.builder()
.requestFactory(
ClientHttpRequestFactoryFactory.create(new ClientOptions(), Settings.createSslConfiguration()))
.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT).customizers(restTemplate -> restTemplate
.getInterceptors().add(VaultClients.createNamespaceInterceptor("dev")));
this.maketingRestTemplate = RestTemplateBuilder.builder()
.requestFactory(
ClientHttpRequestFactoryFactory.create(new ClientOptions(), Settings.createSslConfiguration()))
.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT)
.defaultHeader(VaultHttpHeaders.VAULT_NAMESPACE, "marketing");
VaultTemplate dev = new VaultTemplate(this.devRestTemplate,
new SimpleSessionManager(new TokenAuthentication(Settings.token())));
mountKv(dev, "dev-secrets");
dev.opsForSys().createOrUpdatePolicy("relaxed", POLICY);
this.devToken = dev.opsForToken().create(VaultTokenRequest.builder().withPolicy("relaxed").build()).getToken()
.getToken();
VaultTemplate marketing = new VaultTemplate(this.maketingRestTemplate,
new SimpleSessionManager(new TokenAuthentication(Settings.token())));
mountKv(marketing, "marketing-secrets");
marketing.opsForSys().createOrUpdatePolicy("relaxed", POLICY);
this.marketingToken = marketing.opsForToken().create(VaultTokenRequest.builder().withPolicy("relaxed").build())
.getToken().getToken();
}
Example #20
| Source File: HashicorpKeyVaultServiceFactoryUtil.java From tessera with Apache License 2.0 | 3 votes |
|
ClientAuthentication configureClientAuthentication(KeyVaultConfig keyVaultConfig, EnvironmentVariableProvider envProvider, ClientHttpRequestFactory clientHttpRequestFactory, VaultEndpoint vaultEndpoint) {
final String roleId = envProvider.getEnv(HASHICORP_ROLE_ID);
final String secretId = envProvider.getEnv(HASHICORP_SECRET_ID);
final String authToken = envProvider.getEnv(HASHICORP_TOKEN);
if(roleId != null && secretId != null) {
AppRoleAuthenticationOptions appRoleAuthenticationOptions = AppRoleAuthenticationOptions.builder()
.path(keyVaultConfig.getProperty("approlePath").get())
.roleId(AppRoleAuthenticationOptions.RoleId.provided(roleId))
.secretId(AppRoleAuthenticationOptions.SecretId.provided(secretId))
.build();
RestOperations restOperations = VaultClients.createRestTemplate(vaultEndpoint, clientHttpRequestFactory);
return new AppRoleAuthentication(appRoleAuthenticationOptions, restOperations);
} else if (Objects.isNull(roleId) != Objects.isNull(secretId)) {
throw new HashicorpCredentialNotSetException("Both " + HASHICORP_ROLE_ID + " and " + HASHICORP_SECRET_ID + " environment variables must be set to use the AppRole authentication method");
} else if (authToken == null){
throw new HashicorpCredentialNotSetException("Both " + HASHICORP_ROLE_ID + " and " + HASHICORP_SECRET_ID + " environment variables must be set to use the AppRole authentication method. Alternatively set " + HASHICORP_TOKEN + " to authenticate using the Token method");
}
return new TokenAuthentication(authToken);
}
Example #21
| Source File: TestRestTemplateFactory.java From spring-vault with Apache License 2.0 | 1 votes |
|
/**
* Create a new {@link RestTemplate} using the {@link ClientHttpRequestFactory}. The
* {@link RestTemplate} will throw
* {@link org.springframework.web.client.HttpStatusCodeException exceptions} in error
* cases and behave in that aspect like the regular
* {@link org.springframework.web.client.RestTemplate}.
* @param requestFactory must not be {@literal null}.
* @return
*/
private static RestTemplate create(ClientHttpRequestFactory requestFactory) {
Assert.notNull(requestFactory, "ClientHttpRequestFactory must not be null!");
return VaultClients.createRestTemplate(TEST_VAULT_ENDPOINT, requestFactory);
}
Example #22
| Source File: TestRestTemplateFactory.java From spring-cloud-vault with Apache License 2.0 | 1 votes |
|
/**
* Create a new {@link RestTemplate} using the {@link ClientHttpRequestFactory}. The
* {@link RestTemplate} will throw
* {@link org.springframework.web.client.HttpStatusCodeException exceptions} in error
* cases and behave in that aspect like the regular {@link RestTemplate}.
* @param requestFactory must not be {@literal null}.
* @return
*/
public static RestTemplate create(ClientHttpRequestFactory requestFactory) {
Assert.notNull(requestFactory, "ClientHttpRequestFactory must not be null!");
return VaultClients.createRestTemplate(TEST_VAULT_ENDPOINT, requestFactory);
}
