org.springframework.vault.authentication.AzureMsiAuthentication Java Examples

The following examples show how to use org.springframework.vault.authentication.AzureMsiAuthentication. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: EnvironmentVaultConfiguration.java    From spring-vault with Apache License 2.0 6 votes vote down vote up
protected ClientAuthentication azureMsiAuthentication() {

		String role = getProperty("vault.azure-msi.role");
		String path = getProperty("vault.azure-msi.azure-path",
				AzureMsiAuthenticationOptions.DEFAULT_AZURE_AUTHENTICATION_PATH);
		URI metadataServiceUri = getUri("vault.azure-msi.metadata-service",
				AzureMsiAuthenticationOptions.DEFAULT_INSTANCE_METADATA_SERVICE_URI);
		URI identityTokenServiceUri = getUri("vault.azure-msi.identity-token-service",
				AzureMsiAuthenticationOptions.DEFAULT_IDENTITY_TOKEN_SERVICE_URI);
		Assert.hasText(role, "Vault Azure MSI authentication: Role (vault.azure-msi.role) must not be empty");

		AzureMsiAuthenticationOptionsBuilder builder = AzureMsiAuthenticationOptions.builder().role(role).path(path)
				.instanceMetadataUri(metadataServiceUri).identityTokenServiceUri(identityTokenServiceUri);

		return new AzureMsiAuthentication(builder.build(), restOperations());
	}
 
Example #2
Source File: AzureMsiClientAuthenticationProvider.java    From spring-cloud-config with Apache License 2.0 6 votes vote down vote up
@Override
public ClientAuthentication getClientAuthentication(
		VaultEnvironmentProperties vaultProperties,
		RestOperations vaultRestOperations, RestOperations externalRestOperations) {

	VaultEnvironmentProperties.AzureMsiProperties azureMsi = vaultProperties
			.getAzureMsi();

	Assert.hasText(azureMsi.getRole(), missingPropertyForAuthMethod("azure-msi.role",
			AuthenticationMethod.AZURE_MSI));

	AzureMsiAuthenticationOptions options = AzureMsiAuthenticationOptions.builder()
			.role(azureMsi.getRole()).path(azureMsi.getAzurePath())
			.instanceMetadataUri(getUri(azureMsi.getMetadataService(),
					AzureMsiAuthenticationOptions.DEFAULT_INSTANCE_METADATA_SERVICE_URI))
			.identityTokenServiceUri(getUri(azureMsi.getIdentityTokenService(),
					AzureMsiAuthenticationOptions.DEFAULT_IDENTITY_TOKEN_SERVICE_URI))
			.build();

	return new AzureMsiAuthentication(options, vaultRestOperations,
			externalRestOperations);
}
 
Example #3
Source File: SpringVaultClientConfigurationTests.java    From spring-cloud-config with Apache License 2.0 6 votes vote down vote up
@Test
public void azureMsiAuthentication() {
	properties.setAuthentication(AZURE_MSI);
	properties.getAzureMsi().setRole("server");
	properties.getAzureMsi().setAzurePath("azure-msi");

	assertClientAuthenticationOfType(properties, AzureMsiAuthentication.class);

	AzureMsiAuthentication clientAuthentication = (AzureMsiAuthentication) getConfiguration(
			properties).clientAuthentication();
	AzureMsiAuthenticationOptions options = (AzureMsiAuthenticationOptions) ReflectionTestUtils
			.getField(clientAuthentication, "options");

	assertThat(options.getIdentityTokenServiceUri())
			.isEqualTo(DEFAULT_IDENTITY_TOKEN_SERVICE_URI);
	assertThat(options.getInstanceMetadataServiceUri())
			.isEqualTo(DEFAULT_INSTANCE_METADATA_SERVICE_URI);
}
 
Example #4
Source File: EnvironmentVaultConfigurationAzureMSIAuthenticationUnitTests.java    From spring-vault with Apache License 2.0 5 votes vote down vote up
@Test
void shouldConfigureAuthentication(@Autowired EnvironmentVaultConfiguration configuration) {

	ClientAuthentication clientAuthentication = configuration.clientAuthentication();

	assertThat(clientAuthentication).isInstanceOf(AzureMsiAuthentication.class);

	DirectFieldAccessor accessor = new DirectFieldAccessor(clientAuthentication);
	AzureMsiAuthenticationOptions options = (AzureMsiAuthenticationOptions) accessor.getPropertyValue("options");

	assertThat(options.getIdentityTokenServiceUri())
			.isEqualTo(AzureMsiAuthenticationOptions.DEFAULT_IDENTITY_TOKEN_SERVICE_URI);
	assertThat(options.getInstanceMetadataServiceUri()).isEqualTo(URI.create("http://foo"));
}
 
Example #5
Source File: ClientAuthenticationFactory.java    From spring-cloud-vault with Apache License 2.0 3 votes vote down vote up
private ClientAuthentication azureMsiAuthentication(VaultProperties vaultProperties) {

		AzureMsiProperties azureMsi = vaultProperties.getAzureMsi();

		Assert.hasText(azureMsi.getRole(),
				"Azure role (spring.cloud.vault.azure-msi.role) must not be empty");

		AzureMsiAuthenticationOptions options = AzureMsiAuthenticationOptions.builder()
				.role(azureMsi.getRole()).build();

		return new AzureMsiAuthentication(options, this.restOperations,
				this.externalRestOperations);
	}