Add method to read specific secret version

2018-11-20 12:07:41 +01:00 · 2018-11-20 12:07:41 +01:00 · 493bed55f0
commit 493bed55f0
parent e41a61f33b
2 changed files with 23 additions and 5 deletions
--- a/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
+++ b/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
@ -604,13 +604,17 @@ public class HTTPVaultConnector implements VaultConnector {
    }

    @Override
-    public final SecretResponse readSecretData(final String key) throws VaultConnectorException {
+    public final SecretResponse readSecretVersion(final String key, final Integer version) throws VaultConnectorException {
        if (!isAuthorized()) {
            throw new AuthorizationRequiredException();
        }
        /* Request HTTP response and parse secret metadata */
        try {
-            String response = requestGet(PATH_SECRET + PATH_DATA + key, new HashMap<>());
+            Map<String, String> args = new HashMap<>();
+            if (version != null) {
+                args.put("version", version.toString());
+            }
+            String response = requestGet(PATH_SECRET + PATH_DATA + key, args);
            return jsonMapper.readValue(response, SecretResponse.class);
        } catch (IOException e) {
            throw new InvalidResponseException(Error.PARSE_RESPONSE, e);
--- a/src/main/java/de/stklcode/jvault/connector/VaultConnector.java
+++ b/src/main/java/de/stklcode/jvault/connector/VaultConnector.java
@ -409,15 +409,29 @@ public interface VaultConnector extends AutoCloseable, Serializable {
    }

    /**
-     * Retrieve secret data Vault.
+     * Retrieve the latest secret data for specific version from Vault.
     * Prefix "secret/data" is automatically added to key. Only available for KV v2 secrets.
     *
     * @param key Secret identifier
-     * @return Metadata response
+     * @return Secret response
     * @throws VaultConnectorException on error
     * @since 0.8
     */
-    SecretResponse readSecretData(final String key) throws VaultConnectorException;
+    default SecretResponse readSecretData(final String key) throws VaultConnectorException {
+        return readSecretVersion(key, null);
+    }
+
+    /**
+     * Retrieve secret data from Vault.
+     * Prefix "secret/data" is automatically added to key. Only available for KV v2 secrets.
+     *
+     * @param key     Secret identifier
+     * @param version Version to read. If {@code null} or zero, the latest version will be returned.
+     * @return Secret response
+     * @throws VaultConnectorException on error
+     * @since 0.8
+     */
+    SecretResponse readSecretVersion(final String key, final Integer version) throws VaultConnectorException;

    /**
     * Retrieve secret metadata from Vault.