Code style
A number of style corrections in main source files. Trimmed lines to 120 characters, added some spaces and line breaks. Removed unused imports
This commit is contained in:
parent
259747afae
commit
42094101a3
@ -29,7 +29,6 @@ import org.apache.http.client.utils.URIBuilder;
|
||||
import org.apache.http.entity.StringEntity;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClientBuilder;
|
||||
import org.apache.http.params.HttpConnectionParams;
|
||||
import org.apache.http.util.EntityUtils;
|
||||
|
||||
import javax.net.ssl.*;
|
||||
@ -39,7 +38,6 @@ import java.nio.charset.StandardCharsets;
|
||||
import java.util.*;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
|
||||
/**
|
||||
* Vault Connector implementatin using Vault's HTTP API.
|
||||
*
|
||||
@ -103,10 +101,10 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
* @param prefix HTTP API prefix (default: /v1/)
|
||||
*/
|
||||
public HTTPVaultConnector(final String hostname, final boolean useTLS, final Integer port, final String prefix) {
|
||||
this(((useTLS) ? "https" : "http") +
|
||||
"://" + hostname +
|
||||
((port != null) ? ":" + port : "") +
|
||||
prefix);
|
||||
this(((useTLS) ? "https" : "http")
|
||||
+ "://" + hostname
|
||||
+ ((port != null) ? ":" + port : "")
|
||||
+ prefix);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -118,7 +116,11 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
* @param prefix HTTP API prefix (default: /v1/)
|
||||
* @param sslContext Custom SSL Context
|
||||
*/
|
||||
public HTTPVaultConnector(final String hostname, final boolean useTLS, final Integer port, final String prefix, final SSLContext sslContext) {
|
||||
public HTTPVaultConnector(final String hostname,
|
||||
final boolean useTLS,
|
||||
final Integer port,
|
||||
final String prefix,
|
||||
final SSLContext sslContext) {
|
||||
this(hostname, useTLS, port, prefix, sslContext, 0, null);
|
||||
}
|
||||
|
||||
@ -133,11 +135,17 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
* @param numberOfRetries Number of retries on 5xx errors
|
||||
* @param timeout Timeout for HTTP requests (milliseconds)
|
||||
*/
|
||||
public HTTPVaultConnector(final String hostname, final boolean useTLS, final Integer port, final String prefix, final SSLContext sslContext, final int numberOfRetries, final Integer timeout) {
|
||||
this(((useTLS) ? "https" : "http") +
|
||||
"://" + hostname +
|
||||
((port != null) ? ":" + port : "") +
|
||||
prefix,
|
||||
public HTTPVaultConnector(final String hostname,
|
||||
final boolean useTLS,
|
||||
final Integer port,
|
||||
final String prefix,
|
||||
final SSLContext sslContext,
|
||||
final int numberOfRetries,
|
||||
final Integer timeout) {
|
||||
this(((useTLS) ? "https" : "http")
|
||||
+ "://" + hostname
|
||||
+ ((port != null) ? ":" + port : "")
|
||||
+ prefix,
|
||||
sslContext,
|
||||
numberOfRetries,
|
||||
timeout);
|
||||
@ -181,7 +189,10 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
* @param numberOfRetries Number of retries on 5xx errors
|
||||
* @param timeout Timeout for HTTP requests (milliseconds)
|
||||
*/
|
||||
public HTTPVaultConnector(final String baseURL, final SSLContext sslContext, final int numberOfRetries, final Integer timeout) {
|
||||
public HTTPVaultConnector(final String baseURL,
|
||||
final SSLContext sslContext,
|
||||
final int numberOfRetries,
|
||||
final Integer timeout) {
|
||||
this.baseURL = baseURL;
|
||||
this.sslContext = sslContext;
|
||||
this.retries = numberOfRetries;
|
||||
@ -272,7 +283,8 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
}
|
||||
|
||||
@Override
|
||||
public final AuthResponse authUserPass(final String username, final String password) throws VaultConnectorException {
|
||||
public final AuthResponse authUserPass(final String username, final String password)
|
||||
throws VaultConnectorException {
|
||||
final Map<String, String> payload = new HashMap<>();
|
||||
payload.put("password", password);
|
||||
return queryAuth(PATH_AUTH_USERPASS + username, payload);
|
||||
@ -304,7 +316,8 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
* @return The AuthResponse
|
||||
* @throws VaultConnectorException on errors
|
||||
*/
|
||||
private AuthResponse queryAuth(final String path, final Map<String, String> payload) throws VaultConnectorException {
|
||||
private AuthResponse queryAuth(final String path, final Map<String, String> payload)
|
||||
throws VaultConnectorException {
|
||||
try {
|
||||
/* Get response */
|
||||
String response = requestPost(path, payload);
|
||||
@ -322,7 +335,8 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
|
||||
@Override
|
||||
@Deprecated
|
||||
public final boolean registerAppId(final String appID, final String policy, final String displayName) throws VaultConnectorException {
|
||||
public final boolean registerAppId(final String appID, final String policy, final String displayName)
|
||||
throws VaultConnectorException {
|
||||
if (!isAuthorized())
|
||||
throw new AuthorizationRequiredException();
|
||||
Map<String, String> payload = new HashMap<>();
|
||||
@ -427,7 +441,8 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
}
|
||||
|
||||
@Override
|
||||
public final AppRoleSecretResponse createAppRoleSecret(final String roleName, final AppRoleSecret secret) throws VaultConnectorException {
|
||||
public final AppRoleSecretResponse createAppRoleSecret(final String roleName, final AppRoleSecret secret)
|
||||
throws VaultConnectorException {
|
||||
if (!isAuthorized())
|
||||
throw new AuthorizationRequiredException();
|
||||
/* Get response */
|
||||
@ -446,12 +461,15 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
}
|
||||
|
||||
@Override
|
||||
public final AppRoleSecretResponse lookupAppRoleSecret(final String roleName, final String secretID) throws VaultConnectorException {
|
||||
public final AppRoleSecretResponse lookupAppRoleSecret(final String roleName, final String secretID)
|
||||
throws VaultConnectorException {
|
||||
if (!isAuthorized())
|
||||
throw new AuthorizationRequiredException();
|
||||
/* Request HTTP response and parse Secret */
|
||||
try {
|
||||
String response = requestPost(PATH_AUTH_APPROLE + "role/" + roleName + "/secret-id/lookup", new AppRoleSecret(secretID));
|
||||
String response = requestPost(
|
||||
PATH_AUTH_APPROLE + "role/" + roleName + "/secret-id/lookup",
|
||||
new AppRoleSecret(secretID));
|
||||
return jsonMapper.readValue(response, AppRoleSecretResponse.class);
|
||||
} catch (IOException e) {
|
||||
throw new InvalidResponseException("Unable to parse response", e);
|
||||
@ -459,12 +477,15 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
}
|
||||
|
||||
@Override
|
||||
public final boolean destroyAppRoleSecret(final String roleName, final String secretID) throws VaultConnectorException {
|
||||
public final boolean destroyAppRoleSecret(final String roleName, final String secretID)
|
||||
throws VaultConnectorException {
|
||||
if (!isAuthorized())
|
||||
throw new AuthorizationRequiredException();
|
||||
|
||||
/* Request HTTP response and expect empty result */
|
||||
String response = requestPost(PATH_AUTH_APPROLE + "role/" + roleName + "/secret-id/destroy", new AppRoleSecret(secretID));
|
||||
String response = requestPost(
|
||||
PATH_AUTH_APPROLE + "role/" + roleName + "/secret-id/destroy",
|
||||
new AppRoleSecret(secretID));
|
||||
|
||||
/* Response should be code 204 without content */
|
||||
if (!response.equals(""))
|
||||
@ -496,7 +517,9 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
throw new AuthorizationRequiredException();
|
||||
|
||||
try {
|
||||
String response = requestGet(PATH_AUTH_APPROLE + "role/" + roleName + "/secret-id?list=true", new HashMap<>());
|
||||
String response = requestGet(
|
||||
PATH_AUTH_APPROLE + "role/" + roleName + "/secret-id?list=true",
|
||||
new HashMap<>());
|
||||
SecretListResponse secrets = jsonMapper.readValue(response, SecretListResponse.class);
|
||||
return secrets.getKeys();
|
||||
} catch (IOException e) {
|
||||
@ -744,7 +767,8 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
* @throws VaultConnectorException on connection error
|
||||
* @throws URISyntaxException on invalid URI syntax
|
||||
*/
|
||||
private String requestGet(final String path, final Map<String, String> payload) throws VaultConnectorException, URISyntaxException {
|
||||
private String requestGet(final String path, final Map<String, String> payload)
|
||||
throws VaultConnectorException, URISyntaxException {
|
||||
/* Add parameters to URI */
|
||||
URIBuilder uriBuilder = new URIBuilder(baseURL + path);
|
||||
payload.forEach(uriBuilder::addParameter);
|
||||
@ -784,7 +808,8 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
|
||||
switch (response.getStatusLine().getStatusCode()) {
|
||||
case 200:
|
||||
try (BufferedReader br = new BufferedReader(new InputStreamReader(response.getEntity().getContent()))) {
|
||||
try (BufferedReader br = new BufferedReader(
|
||||
new InputStreamReader(response.getEntity().getContent()))) {
|
||||
return br.lines().collect(Collectors.joining("\n"));
|
||||
} catch (IOException ignored) {
|
||||
}
|
||||
@ -793,7 +818,8 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
case 403:
|
||||
throw new PermissionDeniedException();
|
||||
default:
|
||||
if (response.getStatusLine().getStatusCode() >= 500 && response.getStatusLine().getStatusCode() < 600 && retries > 0) {
|
||||
if (response.getStatusLine().getStatusCode() >= 500
|
||||
&& response.getStatusLine().getStatusCode() < 600 && retries > 0) {
|
||||
/* Retry on 5xx errors */
|
||||
return request(base, retries - 1);
|
||||
} else {
|
||||
@ -801,7 +827,8 @@ public class HTTPVaultConnector implements VaultConnector {
|
||||
InvalidResponseException ex = new InvalidResponseException("Invalid response code")
|
||||
.withStatusCode(response.getStatusLine().getStatusCode());
|
||||
if (response.getEntity() != null) {
|
||||
try (BufferedReader br = new BufferedReader(new InputStreamReader(response.getEntity().getContent()))) {
|
||||
try (BufferedReader br = new BufferedReader(
|
||||
new InputStreamReader(response.getEntity().getContent()))) {
|
||||
String responseString = br.lines().collect(Collectors.joining("\n"));
|
||||
ErrorResponse er = jsonMapper.readValue(responseString, ErrorResponse.class);
|
||||
/* Check for "permission denied" response */
|
||||
|
||||
@ -144,7 +144,8 @@ public interface VaultConnector extends AutoCloseable {
|
||||
* @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole. Consider using {@link #createAppRole} instead.
|
||||
*/
|
||||
@Deprecated
|
||||
boolean registerAppId(final String appID, final String policy, final String displayName) throws VaultConnectorException;
|
||||
boolean registerAppId(final String appID, final String policy, final String displayName)
|
||||
throws VaultConnectorException;
|
||||
|
||||
/**
|
||||
* Register a new AppRole role from given metamodel.
|
||||
@ -204,7 +205,8 @@ public interface VaultConnector extends AutoCloseable {
|
||||
* @throws VaultConnectorException on error
|
||||
* @since 0.4.0
|
||||
*/
|
||||
default boolean createAppRole(final String roleName, final List<String> policies, final String roleID) throws VaultConnectorException {
|
||||
default boolean createAppRole(final String roleName, final List<String> policies, final String roleID)
|
||||
throws VaultConnectorException {
|
||||
return createAppRole(new AppRoleBuilder(roleName).withPolicies(policies).withId(roleID).build());
|
||||
}
|
||||
|
||||
@ -269,7 +271,8 @@ public interface VaultConnector extends AutoCloseable {
|
||||
* @throws VaultConnectorException on error
|
||||
* @since 0.4.0
|
||||
*/
|
||||
default AppRoleSecretResponse createAppRoleSecret(final String roleName, final String secretID) throws VaultConnectorException {
|
||||
default AppRoleSecretResponse createAppRoleSecret(final String roleName, final String secretID)
|
||||
throws VaultConnectorException {
|
||||
return createAppRoleSecret(roleName, new AppRoleSecret(secretID));
|
||||
}
|
||||
|
||||
@ -282,7 +285,8 @@ public interface VaultConnector extends AutoCloseable {
|
||||
* @throws VaultConnectorException on error
|
||||
* @since 0.4.0
|
||||
*/
|
||||
AppRoleSecretResponse createAppRoleSecret(final String roleName, final AppRoleSecret secret) throws VaultConnectorException;
|
||||
AppRoleSecretResponse createAppRoleSecret(final String roleName, final AppRoleSecret secret)
|
||||
throws VaultConnectorException;
|
||||
|
||||
/**
|
||||
* Lookup an AppRole secret.
|
||||
@ -293,7 +297,8 @@ public interface VaultConnector extends AutoCloseable {
|
||||
* @throws VaultConnectorException on error
|
||||
* @since 0.4.0
|
||||
*/
|
||||
AppRoleSecretResponse lookupAppRoleSecret(final String roleName, final String secretID) throws VaultConnectorException;
|
||||
AppRoleSecretResponse lookupAppRoleSecret(final String roleName, final String secretID)
|
||||
throws VaultConnectorException;
|
||||
|
||||
/**
|
||||
* Destroy an AppRole secret.
|
||||
@ -330,7 +335,8 @@ public interface VaultConnector extends AutoCloseable {
|
||||
* @param userID The User-ID
|
||||
* @return TRUE on success
|
||||
* @throws VaultConnectorException on error
|
||||
* @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole. Consider using {@link #createAppRoleSecret} instead.
|
||||
* @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole.
|
||||
* Consider using {@link #createAppRoleSecret} instead.
|
||||
*/
|
||||
@Deprecated
|
||||
boolean registerUserId(final String appID, final String userID) throws VaultConnectorException;
|
||||
@ -347,7 +353,10 @@ public interface VaultConnector extends AutoCloseable {
|
||||
* @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole.
|
||||
*/
|
||||
@Deprecated
|
||||
default boolean registerAppUserId(final String appID, final String policy, final String displayName, final String userID) throws VaultConnectorException {
|
||||
default boolean registerAppUserId(final String appID,
|
||||
final String policy,
|
||||
final String displayName,
|
||||
final String userID) throws VaultConnectorException {
|
||||
return registerAppId(appID, policy, userID) && registerUserId(appID, userID);
|
||||
}
|
||||
|
||||
@ -599,7 +608,8 @@ public interface VaultConnector extends AutoCloseable {
|
||||
* @throws VaultConnectorException on error
|
||||
* @since 0.5.0
|
||||
*/
|
||||
default CredentialsResponse readDbCredentials(final String role, final String mount) throws VaultConnectorException {
|
||||
default CredentialsResponse readDbCredentials(final String role, final String mount)
|
||||
throws VaultConnectorException {
|
||||
return (CredentialsResponse) read(mount + "/creds/" + role);
|
||||
}
|
||||
}
|
||||
|
||||
@ -17,7 +17,6 @@
|
||||
package de.stklcode.jvault.connector.factory;
|
||||
|
||||
import de.stklcode.jvault.connector.HTTPVaultConnector;
|
||||
import de.stklcode.jvault.connector.VaultConnector;
|
||||
import de.stklcode.jvault.connector.exception.ConnectionException;
|
||||
import de.stklcode.jvault.connector.exception.TlsException;
|
||||
import de.stklcode.jvault.connector.exception.VaultConnectorException;
|
||||
|
||||
@ -17,7 +17,6 @@
|
||||
package de.stklcode.jvault.connector.model;
|
||||
|
||||
import com.fasterxml.jackson.annotation.*;
|
||||
import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
|
||||
@ -18,7 +18,6 @@ package de.stklcode.jvault.connector.model;
|
||||
|
||||
import com.fasterxml.jackson.annotation.*;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
|
||||
@ -80,8 +80,14 @@ public final class Token {
|
||||
* @param meta Metadata (optional)
|
||||
* @param renewable Is the token renewable (optional)
|
||||
*/
|
||||
public Token(final String id, final String displayName, final Boolean noParent, final Boolean noDefaultPolicy,
|
||||
final Integer ttl, final Integer numUses, final List<String> policies, final Map<String, String> meta,
|
||||
public Token(final String id,
|
||||
final String displayName,
|
||||
final Boolean noParent,
|
||||
final Boolean noDefaultPolicy,
|
||||
final Integer ttl,
|
||||
final Integer numUses,
|
||||
final List<String> policies,
|
||||
final Map<String, String> meta,
|
||||
final Boolean renewable) {
|
||||
this.id = id;
|
||||
this.displayName = displayName;
|
||||
|
||||
@ -16,8 +16,6 @@
|
||||
|
||||
package de.stklcode.jvault.connector.model;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonProperty;
|
||||
|
||||
import java.util.*;
|
||||
|
||||
/**
|
||||
|
||||
@ -24,13 +24,12 @@ import de.stklcode.jvault.connector.model.AppRole;
|
||||
import java.io.IOException;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* Vault response for AppRole lookup.
|
||||
*
|
||||
* @author Stefan Kalscheuer
|
||||
* @since 0.4.0
|
||||
* @author Stefan Kalscheuer
|
||||
* @since 0.4.0
|
||||
*/
|
||||
@JsonIgnoreProperties(ignoreUnknown = true)
|
||||
public final class AppRoleResponse extends VaultDataResponse {
|
||||
@ -42,7 +41,9 @@ public final class AppRoleResponse extends VaultDataResponse {
|
||||
try {
|
||||
/* null empty strings on list objects */
|
||||
Map<String, Object> filteredData = new HashMap<>();
|
||||
data.forEach((k,v) -> { if (!(v instanceof String && ((String) v).isEmpty())) filteredData.put(k,v); });
|
||||
data.forEach((k, v) -> {
|
||||
if (!(v instanceof String && ((String) v).isEmpty())) filteredData.put(k, v);
|
||||
});
|
||||
this.role = mapper.readValue(mapper.writeValueAsString(filteredData), AppRole.class);
|
||||
} catch (IOException e) {
|
||||
e.printStackTrace();
|
||||
|
||||
@ -19,7 +19,6 @@ package de.stklcode.jvault.connector.model.response;
|
||||
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import de.stklcode.jvault.connector.exception.InvalidResponseException;
|
||||
import de.stklcode.jvault.connector.model.AppRole;
|
||||
import de.stklcode.jvault.connector.model.AppRoleSecret;
|
||||
|
||||
import java.io.IOException;
|
||||
@ -29,8 +28,8 @@ import java.util.Map;
|
||||
/**
|
||||
* Vault response for AppRole lookup.
|
||||
*
|
||||
* @author Stefan Kalscheuer
|
||||
* @since 0.4.0
|
||||
* @author Stefan Kalscheuer
|
||||
* @since 0.4.0
|
||||
*/
|
||||
@JsonIgnoreProperties(ignoreUnknown = true)
|
||||
public final class AppRoleSecretResponse extends VaultDataResponse {
|
||||
@ -42,7 +41,9 @@ public final class AppRoleSecretResponse extends VaultDataResponse {
|
||||
try {
|
||||
/* null empty strings on list objects */
|
||||
Map<String, Object> filteredData = new HashMap<>();
|
||||
data.forEach((k,v) -> { if (!(v instanceof String && ((String) v).isEmpty())) filteredData.put(k,v); });
|
||||
data.forEach((k, v) -> {
|
||||
if (!(v instanceof String && ((String) v).isEmpty())) filteredData.put(k, v);
|
||||
});
|
||||
this.secret = mapper.readValue(mapper.writeValueAsString(filteredData), AppRoleSecret.class);
|
||||
} catch (IOException e) {
|
||||
e.printStackTrace();
|
||||
|
||||
@ -47,7 +47,9 @@ public final class AuthMethodsResponse extends VaultDataResponse {
|
||||
ObjectMapper mapper = new ObjectMapper();
|
||||
for (String path : data.keySet()) {
|
||||
try {
|
||||
this.supportedMethods.put(path, mapper.readValue(mapper.writeValueAsString(data.get(path)), AuthMethod.class));
|
||||
this.supportedMethods.put(
|
||||
path, mapper.readValue(mapper.writeValueAsString(data.get(path)),
|
||||
AuthMethod.class));
|
||||
} catch (IOException e) {
|
||||
throw new InvalidResponseException();
|
||||
}
|
||||
|
||||
@ -17,13 +17,6 @@
|
||||
package de.stklcode.jvault.connector.model.response;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
|
||||
import com.fasterxml.jackson.annotation.JsonProperty;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import de.stklcode.jvault.connector.exception.InvalidResponseException;
|
||||
import de.stklcode.jvault.connector.model.response.embedded.TokenData;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* Vault response from credentials lookup. Simple wrapper for data objects containing username and password fields.
|
||||
|
||||
@ -35,7 +35,7 @@ public final class ErrorResponse implements VaultResponse {
|
||||
/**
|
||||
* @return List of errors
|
||||
*/
|
||||
public List<String > getErrors() {
|
||||
public List<String> getErrors() {
|
||||
return errors;
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user