feat: introduce methods for transit API interaction

pom.xml

@@ -4,7 +4,7 @@
 
     <groupId>de.stklcode.jvault</groupId>
     <artifactId>jvault-connector</artifactId>
-    <version>1.4.1-SNAPSHOT</version>
+    <version>1.5.0-SNAPSHOT</version>
 
     <packaging>jar</packaging>
 

src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java

@@ -68,6 +68,11 @@ public class HTTPVaultConnector implements VaultConnector {
     private static final String PATH_UNDELETE = "/undelete/";
     private static final String PATH_DESTROY = "/destroy/";
 
+    private static final String PATH_TRANSIT = "transit";
+    private static final String PATH_TRANSIT_ENCRYPT = PATH_TRANSIT + "/encrypt/";
+    private static final String PATH_TRANSIT_DECRYPT = PATH_TRANSIT + "/decrypt/";
+    private static final String PATH_TRANSIT_HASH = PATH_TRANSIT + "/hash/";
+
     private final RequestHelper request;
 
     private boolean authorized = false;     // Authorization status.
@@ -646,6 +651,45 @@ public class HTTPVaultConnector implements VaultConnector {
         return true;
     }
 
+    @Override
+    public final TransitResponse transitEncrypt(final String keyName, final String plaintext) throws VaultConnectorException {
+        requireAuth();
+
+        Map<String, Object> payload = mapOf(
+            "plaintext", plaintext
+        );
+
+        return request.post(PATH_TRANSIT_ENCRYPT + keyName, payload, token, TransitResponse.class);
+    }
+
+    @Override
+    public final TransitResponse transitDecrypt(final String keyName, final String ciphertext) throws VaultConnectorException {
+        requireAuth();
+
+        Map<String, Object> payload = mapOf(
+            "ciphertext", ciphertext
+        );
+
+        return request.post(PATH_TRANSIT_DECRYPT + keyName, payload, token, TransitResponse.class);
+    }
+
+    @Override
+    public final TransitResponse transitHash(final String algorithm, final String input) throws VaultConnectorException {
+        return transitHash(algorithm, input, "hex");
+    }
+
+    @Override
+    public final TransitResponse transitHash(final String algorithm, final String input, final String format) throws VaultConnectorException {
+        requireAuth();
+
+        Map<String, Object> payload = mapOf(
+            "input", input,
+            "format", format
+        );
+
+        return request.post(PATH_TRANSIT_HASH + algorithm, payload, token, TransitResponse.class);
+    }
+
     /**
      * Check for required authorization.
      *

src/main/java/de/stklcode/jvault/connector/VaultConnector.java

@@ -674,6 +674,51 @@ public interface VaultConnector extends AutoCloseable, Serializable {
      */
     boolean deleteTokenRole(final String name) throws VaultConnectorException;
 
+    /**
+     * encrypt plaintext via transit engine from Vault.
+     *
+     * @param name Transit key name
+     * @param plaintext Text to encrypt
+     * @return Transit response
+     * @throws VaultConnectorException on error
+     * @since 1.4.1
+     */
+    TransitResponse transitEncrypt(final String name, final String plaintext) throws VaultConnectorException;
+
+    /**
+     * decrypt ciphertext via transit engine from Vault.
+     *
+     * @param name Transit key name
+     * @param ciphertext Text to decrypt
+     * @return Transit response
+     * @throws VaultConnectorException on error
+     * @since 1.4.1
+     */
+    TransitResponse transitDecrypt(final String name, final String ciphertext) throws VaultConnectorException;
+
+    /**
+     * hash data in hex format via transit engine from Vault.
+     *
+     * @param algorithm Specifies the hash algorithm to use
+     * @param input Data to hash
+     * @return Transit response
+     * @throws VaultConnectorException on error
+     * @since 1.4.1
+     */
+    TransitResponse transitHash(final String algorithm, final String input) throws VaultConnectorException;
+
+    /**
+     * hash data via transit engine from Vault.
+     *
+     * @param algorithm Specifies the hash algorithm to use
+     * @param input Data to hash
+     * @param format Specifies the output encoding (hex/base64)
+     * @return Transit response
+     * @throws VaultConnectorException on error
+     * @since 1.4.1
+     */
+    TransitResponse transitHash(final String algorithm, final String input, final String format) throws VaultConnectorException;
+
     /**
      * Read credentials for MySQL backend at default mount point.
      *

src/main/java/de/stklcode/jvault/connector/model/response/TransitResponse.java

@@ -0,0 +1,36 @@
+package de.stklcode.jvault.connector.model.response;
+
+import java.io.Serializable;
+import java.util.Collections;
+import java.util.Map;
+import java.util.Objects;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public class TransitResponse extends VaultDataResponse {
+        private static final long serialVersionUID = -4823865538268326557L;
+
+    @JsonProperty("data")
+    private Map<String, Serializable> data;
+
+    //@Override
+    public final Map<String, Serializable> getData() {
+        return Objects.requireNonNullElseGet(data, Collections::emptyMap);
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        } else if (o == null || getClass() != o.getClass() || !super.equals(o)) {
+            return false;
+        }
+        TransitResponse that = (TransitResponse) o;
+        return Objects.equals(data, that.data);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(super.hashCode(), data);
+    }
+}