From 493bed55f071d7c37e8ef642e0f0b49a026c5192 Mon Sep 17 00:00:00 2001
From: Stefan Kalscheuer <stefan@stklcode.de>
Date: Tue, 20 Nov 2018 12:07:41 +0100
Subject: [PATCH] Add method to read specific secret version

---
 .../jvault/connector/HTTPVaultConnector.java  |  8 ++++++--
 .../jvault/connector/VaultConnector.java      | 20 ++++++++++++++++---
 2 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java b/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
index c3e77e3..722647f 100644
--- a/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
+++ b/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
@@ -604,13 +604,17 @@ public class HTTPVaultConnector implements VaultConnector {
     }
 
     @Override
-    public final SecretResponse readSecretData(final String key) throws VaultConnectorException {
+    public final SecretResponse readSecretVersion(final String key, final Integer version) throws VaultConnectorException {
         if (!isAuthorized()) {
             throw new AuthorizationRequiredException();
         }
         /* Request HTTP response and parse secret metadata */
         try {
-            String response = requestGet(PATH_SECRET + PATH_DATA + key, new HashMap<>());
+            Map<String, String> args = new HashMap<>();
+            if (version != null) {
+                args.put("version", version.toString());
+            }
+            String response = requestGet(PATH_SECRET + PATH_DATA + key, args);
             return jsonMapper.readValue(response, SecretResponse.class);
         } catch (IOException e) {
             throw new InvalidResponseException(Error.PARSE_RESPONSE, e);
diff --git a/src/main/java/de/stklcode/jvault/connector/VaultConnector.java b/src/main/java/de/stklcode/jvault/connector/VaultConnector.java
index 50a23bf..5fac27a 100644
--- a/src/main/java/de/stklcode/jvault/connector/VaultConnector.java
+++ b/src/main/java/de/stklcode/jvault/connector/VaultConnector.java
@@ -409,15 +409,29 @@ public interface VaultConnector extends AutoCloseable, Serializable {
     }
 
     /**
-     * Retrieve secret data Vault.
+     * Retrieve the latest secret data for specific version from Vault.
      * Prefix "secret/data" is automatically added to key. Only available for KV v2 secrets.
      *
      * @param key Secret identifier
-     * @return Metadata response
+     * @return Secret response
      * @throws VaultConnectorException on error
      * @since 0.8
      */
-    SecretResponse readSecretData(final String key) throws VaultConnectorException;
+    default SecretResponse readSecretData(final String key) throws VaultConnectorException {
+        return readSecretVersion(key, null);
+    }
+
+    /**
+     * Retrieve secret data from Vault.
+     * Prefix "secret/data" is automatically added to key. Only available for KV v2 secrets.
+     *
+     * @param key     Secret identifier
+     * @param version Version to read. If {@code null} or zero, the latest version will be returned.
+     * @return Secret response
+     * @throws VaultConnectorException on error
+     * @since 0.8
+     */
+    SecretResponse readSecretVersion(final String key, final Integer version) throws VaultConnectorException;
 
     /**
      * Retrieve secret metadata from Vault.