diff --git a/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java b/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java index a0accbd..dcee2c9 100644 --- a/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java +++ b/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java @@ -29,7 +29,6 @@ import org.apache.http.client.utils.URIBuilder; import org.apache.http.entity.StringEntity; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClientBuilder; -import org.apache.http.params.HttpConnectionParams; import org.apache.http.util.EntityUtils; import javax.net.ssl.*; @@ -39,7 +38,6 @@ import java.nio.charset.StandardCharsets; import java.util.*; import java.util.stream.Collectors; - /** * Vault Connector implementatin using Vault's HTTP API. * @@ -103,10 +101,10 @@ public class HTTPVaultConnector implements VaultConnector { * @param prefix HTTP API prefix (default: /v1/) */ public HTTPVaultConnector(final String hostname, final boolean useTLS, final Integer port, final String prefix) { - this(((useTLS) ? "https" : "http") + - "://" + hostname + - ((port != null) ? ":" + port : "") + - prefix); + this(((useTLS) ? "https" : "http") + + "://" + hostname + + ((port != null) ? ":" + port : "") + + prefix); } /** @@ -118,7 +116,11 @@ public class HTTPVaultConnector implements VaultConnector { * @param prefix HTTP API prefix (default: /v1/) * @param sslContext Custom SSL Context */ - public HTTPVaultConnector(final String hostname, final boolean useTLS, final Integer port, final String prefix, final SSLContext sslContext) { + public HTTPVaultConnector(final String hostname, + final boolean useTLS, + final Integer port, + final String prefix, + final SSLContext sslContext) { this(hostname, useTLS, port, prefix, sslContext, 0, null); } @@ -133,11 +135,17 @@ public class HTTPVaultConnector implements VaultConnector { * @param numberOfRetries Number of retries on 5xx errors * @param timeout Timeout for HTTP requests (milliseconds) */ - public HTTPVaultConnector(final String hostname, final boolean useTLS, final Integer port, final String prefix, final SSLContext sslContext, final int numberOfRetries, final Integer timeout) { - this(((useTLS) ? "https" : "http") + - "://" + hostname + - ((port != null) ? ":" + port : "") + - prefix, + public HTTPVaultConnector(final String hostname, + final boolean useTLS, + final Integer port, + final String prefix, + final SSLContext sslContext, + final int numberOfRetries, + final Integer timeout) { + this(((useTLS) ? "https" : "http") + + "://" + hostname + + ((port != null) ? ":" + port : "") + + prefix, sslContext, numberOfRetries, timeout); @@ -181,7 +189,10 @@ public class HTTPVaultConnector implements VaultConnector { * @param numberOfRetries Number of retries on 5xx errors * @param timeout Timeout for HTTP requests (milliseconds) */ - public HTTPVaultConnector(final String baseURL, final SSLContext sslContext, final int numberOfRetries, final Integer timeout) { + public HTTPVaultConnector(final String baseURL, + final SSLContext sslContext, + final int numberOfRetries, + final Integer timeout) { this.baseURL = baseURL; this.sslContext = sslContext; this.retries = numberOfRetries; @@ -272,7 +283,8 @@ public class HTTPVaultConnector implements VaultConnector { } @Override - public final AuthResponse authUserPass(final String username, final String password) throws VaultConnectorException { + public final AuthResponse authUserPass(final String username, final String password) + throws VaultConnectorException { final Map payload = new HashMap<>(); payload.put("password", password); return queryAuth(PATH_AUTH_USERPASS + username, payload); @@ -304,7 +316,8 @@ public class HTTPVaultConnector implements VaultConnector { * @return The AuthResponse * @throws VaultConnectorException on errors */ - private AuthResponse queryAuth(final String path, final Map payload) throws VaultConnectorException { + private AuthResponse queryAuth(final String path, final Map payload) + throws VaultConnectorException { try { /* Get response */ String response = requestPost(path, payload); @@ -322,7 +335,8 @@ public class HTTPVaultConnector implements VaultConnector { @Override @Deprecated - public final boolean registerAppId(final String appID, final String policy, final String displayName) throws VaultConnectorException { + public final boolean registerAppId(final String appID, final String policy, final String displayName) + throws VaultConnectorException { if (!isAuthorized()) throw new AuthorizationRequiredException(); Map payload = new HashMap<>(); @@ -427,7 +441,8 @@ public class HTTPVaultConnector implements VaultConnector { } @Override - public final AppRoleSecretResponse createAppRoleSecret(final String roleName, final AppRoleSecret secret) throws VaultConnectorException { + public final AppRoleSecretResponse createAppRoleSecret(final String roleName, final AppRoleSecret secret) + throws VaultConnectorException { if (!isAuthorized()) throw new AuthorizationRequiredException(); /* Get response */ @@ -446,12 +461,15 @@ public class HTTPVaultConnector implements VaultConnector { } @Override - public final AppRoleSecretResponse lookupAppRoleSecret(final String roleName, final String secretID) throws VaultConnectorException { + public final AppRoleSecretResponse lookupAppRoleSecret(final String roleName, final String secretID) + throws VaultConnectorException { if (!isAuthorized()) throw new AuthorizationRequiredException(); /* Request HTTP response and parse Secret */ try { - String response = requestPost(PATH_AUTH_APPROLE + "role/" + roleName + "/secret-id/lookup", new AppRoleSecret(secretID)); + String response = requestPost( + PATH_AUTH_APPROLE + "role/" + roleName + "/secret-id/lookup", + new AppRoleSecret(secretID)); return jsonMapper.readValue(response, AppRoleSecretResponse.class); } catch (IOException e) { throw new InvalidResponseException("Unable to parse response", e); @@ -459,12 +477,15 @@ public class HTTPVaultConnector implements VaultConnector { } @Override - public final boolean destroyAppRoleSecret(final String roleName, final String secretID) throws VaultConnectorException { + public final boolean destroyAppRoleSecret(final String roleName, final String secretID) + throws VaultConnectorException { if (!isAuthorized()) throw new AuthorizationRequiredException(); /* Request HTTP response and expect empty result */ - String response = requestPost(PATH_AUTH_APPROLE + "role/" + roleName + "/secret-id/destroy", new AppRoleSecret(secretID)); + String response = requestPost( + PATH_AUTH_APPROLE + "role/" + roleName + "/secret-id/destroy", + new AppRoleSecret(secretID)); /* Response should be code 204 without content */ if (!response.equals("")) @@ -496,7 +517,9 @@ public class HTTPVaultConnector implements VaultConnector { throw new AuthorizationRequiredException(); try { - String response = requestGet(PATH_AUTH_APPROLE + "role/" + roleName + "/secret-id?list=true", new HashMap<>()); + String response = requestGet( + PATH_AUTH_APPROLE + "role/" + roleName + "/secret-id?list=true", + new HashMap<>()); SecretListResponse secrets = jsonMapper.readValue(response, SecretListResponse.class); return secrets.getKeys(); } catch (IOException e) { @@ -744,7 +767,8 @@ public class HTTPVaultConnector implements VaultConnector { * @throws VaultConnectorException on connection error * @throws URISyntaxException on invalid URI syntax */ - private String requestGet(final String path, final Map payload) throws VaultConnectorException, URISyntaxException { + private String requestGet(final String path, final Map payload) + throws VaultConnectorException, URISyntaxException { /* Add parameters to URI */ URIBuilder uriBuilder = new URIBuilder(baseURL + path); payload.forEach(uriBuilder::addParameter); @@ -784,7 +808,8 @@ public class HTTPVaultConnector implements VaultConnector { switch (response.getStatusLine().getStatusCode()) { case 200: - try (BufferedReader br = new BufferedReader(new InputStreamReader(response.getEntity().getContent()))) { + try (BufferedReader br = new BufferedReader( + new InputStreamReader(response.getEntity().getContent()))) { return br.lines().collect(Collectors.joining("\n")); } catch (IOException ignored) { } @@ -793,7 +818,8 @@ public class HTTPVaultConnector implements VaultConnector { case 403: throw new PermissionDeniedException(); default: - if (response.getStatusLine().getStatusCode() >= 500 && response.getStatusLine().getStatusCode() < 600 && retries > 0) { + if (response.getStatusLine().getStatusCode() >= 500 + && response.getStatusLine().getStatusCode() < 600 && retries > 0) { /* Retry on 5xx errors */ return request(base, retries - 1); } else { @@ -801,7 +827,8 @@ public class HTTPVaultConnector implements VaultConnector { InvalidResponseException ex = new InvalidResponseException("Invalid response code") .withStatusCode(response.getStatusLine().getStatusCode()); if (response.getEntity() != null) { - try (BufferedReader br = new BufferedReader(new InputStreamReader(response.getEntity().getContent()))) { + try (BufferedReader br = new BufferedReader( + new InputStreamReader(response.getEntity().getContent()))) { String responseString = br.lines().collect(Collectors.joining("\n")); ErrorResponse er = jsonMapper.readValue(responseString, ErrorResponse.class); /* Check for "permission denied" response */ diff --git a/src/main/java/de/stklcode/jvault/connector/VaultConnector.java b/src/main/java/de/stklcode/jvault/connector/VaultConnector.java index 1e5cf18..6579fba 100644 --- a/src/main/java/de/stklcode/jvault/connector/VaultConnector.java +++ b/src/main/java/de/stklcode/jvault/connector/VaultConnector.java @@ -144,7 +144,8 @@ public interface VaultConnector extends AutoCloseable { * @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole. Consider using {@link #createAppRole} instead. */ @Deprecated - boolean registerAppId(final String appID, final String policy, final String displayName) throws VaultConnectorException; + boolean registerAppId(final String appID, final String policy, final String displayName) + throws VaultConnectorException; /** * Register a new AppRole role from given metamodel. @@ -204,7 +205,8 @@ public interface VaultConnector extends AutoCloseable { * @throws VaultConnectorException on error * @since 0.4.0 */ - default boolean createAppRole(final String roleName, final List policies, final String roleID) throws VaultConnectorException { + default boolean createAppRole(final String roleName, final List policies, final String roleID) + throws VaultConnectorException { return createAppRole(new AppRoleBuilder(roleName).withPolicies(policies).withId(roleID).build()); } @@ -269,7 +271,8 @@ public interface VaultConnector extends AutoCloseable { * @throws VaultConnectorException on error * @since 0.4.0 */ - default AppRoleSecretResponse createAppRoleSecret(final String roleName, final String secretID) throws VaultConnectorException { + default AppRoleSecretResponse createAppRoleSecret(final String roleName, final String secretID) + throws VaultConnectorException { return createAppRoleSecret(roleName, new AppRoleSecret(secretID)); } @@ -282,7 +285,8 @@ public interface VaultConnector extends AutoCloseable { * @throws VaultConnectorException on error * @since 0.4.0 */ - AppRoleSecretResponse createAppRoleSecret(final String roleName, final AppRoleSecret secret) throws VaultConnectorException; + AppRoleSecretResponse createAppRoleSecret(final String roleName, final AppRoleSecret secret) + throws VaultConnectorException; /** * Lookup an AppRole secret. @@ -293,7 +297,8 @@ public interface VaultConnector extends AutoCloseable { * @throws VaultConnectorException on error * @since 0.4.0 */ - AppRoleSecretResponse lookupAppRoleSecret(final String roleName, final String secretID) throws VaultConnectorException; + AppRoleSecretResponse lookupAppRoleSecret(final String roleName, final String secretID) + throws VaultConnectorException; /** * Destroy an AppRole secret. @@ -330,7 +335,8 @@ public interface VaultConnector extends AutoCloseable { * @param userID The User-ID * @return TRUE on success * @throws VaultConnectorException on error - * @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole. Consider using {@link #createAppRoleSecret} instead. + * @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole. + * Consider using {@link #createAppRoleSecret} instead. */ @Deprecated boolean registerUserId(final String appID, final String userID) throws VaultConnectorException; @@ -347,7 +353,10 @@ public interface VaultConnector extends AutoCloseable { * @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole. */ @Deprecated - default boolean registerAppUserId(final String appID, final String policy, final String displayName, final String userID) throws VaultConnectorException { + default boolean registerAppUserId(final String appID, + final String policy, + final String displayName, + final String userID) throws VaultConnectorException { return registerAppId(appID, policy, userID) && registerUserId(appID, userID); } @@ -599,7 +608,8 @@ public interface VaultConnector extends AutoCloseable { * @throws VaultConnectorException on error * @since 0.5.0 */ - default CredentialsResponse readDbCredentials(final String role, final String mount) throws VaultConnectorException { + default CredentialsResponse readDbCredentials(final String role, final String mount) + throws VaultConnectorException { return (CredentialsResponse) read(mount + "/creds/" + role); } } diff --git a/src/main/java/de/stklcode/jvault/connector/factory/HTTPVaultConnectorFactory.java b/src/main/java/de/stklcode/jvault/connector/factory/HTTPVaultConnectorFactory.java index 46c43a7..3088d8d 100644 --- a/src/main/java/de/stklcode/jvault/connector/factory/HTTPVaultConnectorFactory.java +++ b/src/main/java/de/stklcode/jvault/connector/factory/HTTPVaultConnectorFactory.java @@ -17,7 +17,6 @@ package de.stklcode.jvault.connector.factory; import de.stklcode.jvault.connector.HTTPVaultConnector; -import de.stklcode.jvault.connector.VaultConnector; import de.stklcode.jvault.connector.exception.ConnectionException; import de.stklcode.jvault.connector.exception.TlsException; import de.stklcode.jvault.connector.exception.VaultConnectorException; diff --git a/src/main/java/de/stklcode/jvault/connector/model/AppRole.java b/src/main/java/de/stklcode/jvault/connector/model/AppRole.java index 70bbcca..318d8ad 100644 --- a/src/main/java/de/stklcode/jvault/connector/model/AppRole.java +++ b/src/main/java/de/stklcode/jvault/connector/model/AppRole.java @@ -17,7 +17,6 @@ package de.stklcode.jvault.connector.model; import com.fasterxml.jackson.annotation.*; -import com.fasterxml.jackson.databind.annotation.JsonDeserialize; import java.util.List; diff --git a/src/main/java/de/stklcode/jvault/connector/model/AppRoleSecret.java b/src/main/java/de/stklcode/jvault/connector/model/AppRoleSecret.java index 464833f..2194a40 100644 --- a/src/main/java/de/stklcode/jvault/connector/model/AppRoleSecret.java +++ b/src/main/java/de/stklcode/jvault/connector/model/AppRoleSecret.java @@ -18,7 +18,6 @@ package de.stklcode.jvault.connector.model; import com.fasterxml.jackson.annotation.*; -import java.util.Arrays; import java.util.List; import java.util.Map; diff --git a/src/main/java/de/stklcode/jvault/connector/model/Token.java b/src/main/java/de/stklcode/jvault/connector/model/Token.java index 075ed0e..da11ea3 100644 --- a/src/main/java/de/stklcode/jvault/connector/model/Token.java +++ b/src/main/java/de/stklcode/jvault/connector/model/Token.java @@ -80,8 +80,14 @@ public final class Token { * @param meta Metadata (optional) * @param renewable Is the token renewable (optional) */ - public Token(final String id, final String displayName, final Boolean noParent, final Boolean noDefaultPolicy, - final Integer ttl, final Integer numUses, final List policies, final Map meta, + public Token(final String id, + final String displayName, + final Boolean noParent, + final Boolean noDefaultPolicy, + final Integer ttl, + final Integer numUses, + final List policies, + final Map meta, final Boolean renewable) { this.id = id; this.displayName = displayName; diff --git a/src/main/java/de/stklcode/jvault/connector/model/TokenBuilder.java b/src/main/java/de/stklcode/jvault/connector/model/TokenBuilder.java index b7cfc56..ddca13c 100644 --- a/src/main/java/de/stklcode/jvault/connector/model/TokenBuilder.java +++ b/src/main/java/de/stklcode/jvault/connector/model/TokenBuilder.java @@ -16,8 +16,6 @@ package de.stklcode.jvault.connector.model; -import com.fasterxml.jackson.annotation.JsonProperty; - import java.util.*; /** diff --git a/src/main/java/de/stklcode/jvault/connector/model/response/AppRoleResponse.java b/src/main/java/de/stklcode/jvault/connector/model/response/AppRoleResponse.java index 6f869dc..3ba51cf 100644 --- a/src/main/java/de/stklcode/jvault/connector/model/response/AppRoleResponse.java +++ b/src/main/java/de/stklcode/jvault/connector/model/response/AppRoleResponse.java @@ -24,13 +24,12 @@ import de.stklcode.jvault.connector.model.AppRole; import java.io.IOException; import java.util.HashMap; import java.util.Map; -import java.util.stream.Collectors; /** * Vault response for AppRole lookup. * - * @author Stefan Kalscheuer - * @since 0.4.0 + * @author Stefan Kalscheuer + * @since 0.4.0 */ @JsonIgnoreProperties(ignoreUnknown = true) public final class AppRoleResponse extends VaultDataResponse { @@ -42,7 +41,9 @@ public final class AppRoleResponse extends VaultDataResponse { try { /* null empty strings on list objects */ Map filteredData = new HashMap<>(); - data.forEach((k,v) -> { if (!(v instanceof String && ((String) v).isEmpty())) filteredData.put(k,v); }); + data.forEach((k, v) -> { + if (!(v instanceof String && ((String) v).isEmpty())) filteredData.put(k, v); + }); this.role = mapper.readValue(mapper.writeValueAsString(filteredData), AppRole.class); } catch (IOException e) { e.printStackTrace(); @@ -56,4 +57,4 @@ public final class AppRoleResponse extends VaultDataResponse { public AppRole getRole() { return role; } -} \ No newline at end of file +} diff --git a/src/main/java/de/stklcode/jvault/connector/model/response/AppRoleSecretResponse.java b/src/main/java/de/stklcode/jvault/connector/model/response/AppRoleSecretResponse.java index e875a42..7448a1f 100644 --- a/src/main/java/de/stklcode/jvault/connector/model/response/AppRoleSecretResponse.java +++ b/src/main/java/de/stklcode/jvault/connector/model/response/AppRoleSecretResponse.java @@ -19,7 +19,6 @@ package de.stklcode.jvault.connector.model.response; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.databind.ObjectMapper; import de.stklcode.jvault.connector.exception.InvalidResponseException; -import de.stklcode.jvault.connector.model.AppRole; import de.stklcode.jvault.connector.model.AppRoleSecret; import java.io.IOException; @@ -29,8 +28,8 @@ import java.util.Map; /** * Vault response for AppRole lookup. * - * @author Stefan Kalscheuer - * @since 0.4.0 + * @author Stefan Kalscheuer + * @since 0.4.0 */ @JsonIgnoreProperties(ignoreUnknown = true) public final class AppRoleSecretResponse extends VaultDataResponse { @@ -42,7 +41,9 @@ public final class AppRoleSecretResponse extends VaultDataResponse { try { /* null empty strings on list objects */ Map filteredData = new HashMap<>(); - data.forEach((k,v) -> { if (!(v instanceof String && ((String) v).isEmpty())) filteredData.put(k,v); }); + data.forEach((k, v) -> { + if (!(v instanceof String && ((String) v).isEmpty())) filteredData.put(k, v); + }); this.secret = mapper.readValue(mapper.writeValueAsString(filteredData), AppRoleSecret.class); } catch (IOException e) { e.printStackTrace(); @@ -56,4 +57,4 @@ public final class AppRoleSecretResponse extends VaultDataResponse { public AppRoleSecret getSecret() { return secret; } -} \ No newline at end of file +} diff --git a/src/main/java/de/stklcode/jvault/connector/model/response/AuthMethodsResponse.java b/src/main/java/de/stklcode/jvault/connector/model/response/AuthMethodsResponse.java index 3d1fc5e..3c4684c 100644 --- a/src/main/java/de/stklcode/jvault/connector/model/response/AuthMethodsResponse.java +++ b/src/main/java/de/stklcode/jvault/connector/model/response/AuthMethodsResponse.java @@ -47,7 +47,9 @@ public final class AuthMethodsResponse extends VaultDataResponse { ObjectMapper mapper = new ObjectMapper(); for (String path : data.keySet()) { try { - this.supportedMethods.put(path, mapper.readValue(mapper.writeValueAsString(data.get(path)), AuthMethod.class)); + this.supportedMethods.put( + path, mapper.readValue(mapper.writeValueAsString(data.get(path)), + AuthMethod.class)); } catch (IOException e) { throw new InvalidResponseException(); } diff --git a/src/main/java/de/stklcode/jvault/connector/model/response/CredentialsResponse.java b/src/main/java/de/stklcode/jvault/connector/model/response/CredentialsResponse.java index 9e6516b..cf0f65a 100644 --- a/src/main/java/de/stklcode/jvault/connector/model/response/CredentialsResponse.java +++ b/src/main/java/de/stklcode/jvault/connector/model/response/CredentialsResponse.java @@ -17,13 +17,6 @@ package de.stklcode.jvault.connector.model.response; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.databind.ObjectMapper; -import de.stklcode.jvault.connector.exception.InvalidResponseException; -import de.stklcode.jvault.connector.model.response.embedded.TokenData; - -import java.io.IOException; -import java.util.Map; /** * Vault response from credentials lookup. Simple wrapper for data objects containing username and password fields. diff --git a/src/main/java/de/stklcode/jvault/connector/model/response/ErrorResponse.java b/src/main/java/de/stklcode/jvault/connector/model/response/ErrorResponse.java index 5cbdc2f..5612f9c 100644 --- a/src/main/java/de/stklcode/jvault/connector/model/response/ErrorResponse.java +++ b/src/main/java/de/stklcode/jvault/connector/model/response/ErrorResponse.java @@ -35,7 +35,7 @@ public final class ErrorResponse implements VaultResponse { /** * @return List of errors */ - public List getErrors() { + public List getErrors() { return errors; } -} \ No newline at end of file +} diff --git a/src/main/java/de/stklcode/jvault/connector/model/response/HelpResponse.java b/src/main/java/de/stklcode/jvault/connector/model/response/HelpResponse.java index 990a87f..e4517b2 100644 --- a/src/main/java/de/stklcode/jvault/connector/model/response/HelpResponse.java +++ b/src/main/java/de/stklcode/jvault/connector/model/response/HelpResponse.java @@ -36,4 +36,4 @@ public final class HelpResponse implements VaultResponse { public String getHelp() { return help; } -} \ No newline at end of file +} diff --git a/src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthData.java b/src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthData.java index 9a7bed2..b59475a 100644 --- a/src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthData.java +++ b/src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthData.java @@ -89,4 +89,4 @@ public final class AuthData { public boolean isRenewable() { return renewable; } -} \ No newline at end of file +}