#7 Convenience methods for SQL credentials

2017-03-18 14:14:19 +01:00 · 2017-03-18 14:14:19 +01:00 · 8129017ad0
commit 8129017ad0
parent c0ad451134
3 changed files with 114 additions and 0 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,3 +1,8 @@
+## 0.5.0 [work in progress]
+* [feature] Convenience methods for DB credentials (#7)
+* [fix] Minor bugfix in TokenBuilder
+* [test] Tested against Vault 0.7.0
+
 ## 0.4.1 [2016-12-24]
 * [fix] Factory Null-tolerant for trusted certificate (#6)
 * [test] StackTraces tested for secret leaks
--- a/src/main/java/de/stklcode/jvault/connector/VaultConnector.java
+++ b/src/main/java/de/stklcode/jvault/connector/VaultConnector.java
@ -541,4 +541,65 @@ public interface VaultConnector {
     * @throws VaultConnectorException on error
     */
    TokenResponse lookupToken(final String token) throws VaultConnectorException;
+
+    /**
+     * Read credentials for MySQL backend at default mount point
+     *
+     * @param role  the role name
+     * @return the credentials response
+     * @throws VaultConnectorException on error
+     * @since 0.5.0
+     */
+    default CredentialsResponse readMySqlCredentials(final String role) throws VaultConnectorException {
+        return readDblCredentials(role, "mysql");
+    }
+
+    /**
+     * Read credentials for PostgreSQL backend at default mount point
+     *
+     * @param role  the role name
+     * @return the credentials response
+     * @throws VaultConnectorException on error
+     * @since 0.5.0
+     */
+    default CredentialsResponse readPostgreSqlCredentials(final String role) throws VaultConnectorException {
+        return readDblCredentials(role, "postgresql");
+    }
+
+    /**
+     * Read credentials for MSSQL backend at default mount point
+     *
+     * @param role  the role name
+     * @return the credentials response
+     * @throws VaultConnectorException on error
+     * @since 0.5.0
+     */
+    default CredentialsResponse readMsSqlCredentials(final String role) throws VaultConnectorException {
+        return readDblCredentials(role, "mssql");
+    }
+
+    /**
+     * Read credentials for MSSQL backend at default mount point
+     *
+     * @param role  the role name
+     * @return the credentials response
+     * @throws VaultConnectorException on error
+     * @since 0.5.0
+     */
+    default CredentialsResponse readMongoDbCredentials(final String role) throws VaultConnectorException {
+        return readDblCredentials(role, "mongodb");
+    }
+
+    /**
+     * Read credentials for SQL backends.
+     *
+     * @param role  the role name
+     * @param mount mount point of the SQL backend
+     * @return the credentials response
+     * @throws VaultConnectorException on error
+     * @since 0.5.0
+     */
+    default CredentialsResponse readDblCredentials(final String role, final String mount) throws VaultConnectorException {
+        return (CredentialsResponse) read(mount + "/creds/" + role);
+    }
 }
--- a/src/main/java/de/stklcode/jvault/connector/model/response/CredentialsResponse.java
+++ b/src/main/java/de/stklcode/jvault/connector/model/response/CredentialsResponse.java
@ -0,0 +1,48 @@
+/*
+ * Copyright 2016-2017 Stefan Kalscheuer
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package de.stklcode.jvault.connector.model.response;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import de.stklcode.jvault.connector.exception.InvalidResponseException;
+import de.stklcode.jvault.connector.model.response.embedded.TokenData;
+
+import java.io.IOException;
+import java.util.Map;
+
+/**
+ * Vault response from credentials lookup. Simple wrapper for data objects containing username and password fields.
+ *
+ * @author  Stefan Kalscheuer
+ * @since   0.5.0
+ */
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class CredentialsResponse extends SecretResponse {
+
+    public String getUsername() {
+        if (get("username") != null)
+            return get("username").toString();
+        return null;
+    }
+
+    public String getPassword() {
+        if (get("username") != null)
+            return get("username").toString();
+        return null;
+    }
+}