stklcode/jvaultconnector
stklcode/jvaultconnector
1
0
Fork 0
Code Issues Actions Releases 33 Wiki Activity

Removed Commons IO dependency

Browse Source 
Replaced deprecated HttpClient methods
This commit is contained in:
Stefan Kalscheuer 2016-08-13 18:43:41 +02:00
parent ee5b112704
commit a8afae70cc
2 changed files with 49 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pom.xml
View File

@ -24,11 +24,6 @@
<packaging>jar</packaging> <packaging>jar</packaging>
<dependencies> <dependencies>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.5</version>
</dependency>
<dependency> <dependency>
<groupId>org.apache.httpcomponents</groupId> <groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId> <artifactId>httpcore</artifactId>

84
src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
View File

@ -6,21 +6,23 @@ import de.stklcode.jvault.connector.exception.*;
import de.stklcode.jvault.connector.model.AuthBackend; import de.stklcode.jvault.connector.model.AuthBackend;
import de.stklcode.jvault.connector.model.response.*; import de.stklcode.jvault.connector.model.response.*;
import de.stklcode.jvault.connector.model.response.embedded.AuthMethod; import de.stklcode.jvault.connector.model.response.embedded.AuthMethod;
import org.apache.commons.io.IOUtils;
import org.apache.http.HttpResponse; import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost; import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut; import org.apache.http.client.methods.HttpPut;
import org.apache.http.client.methods.HttpRequestBase; import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.entity.StringEntity; import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.DefaultHttpClient; import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.params.BasicHttpParams; import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.params.HttpParams; import org.apache.http.util.EntityUtils;
import org.apache.http.protocol.HTTP;
import java.io.BufferedReader;
import java.io.IOException; import java.io.IOException;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.util.*; import java.util.*;
import java.util.stream.Collectors; import java.util.stream.Collectors;
@ -45,7 +47,6 @@ public class HTTPVaultConnector implements VaultConnector {
private final ObjectMapper jsonMapper; private final ObjectMapper jsonMapper;
private final HttpClient httpClient; /* HTTP client for connection */
private final String baseURL; /* Base URL of Vault */ private final String baseURL; /* Base URL of Vault */
private boolean authorized = false; /* authorization status */ private boolean authorized = false; /* authorization status */
@ -91,7 +92,6 @@ public class HTTPVaultConnector implements VaultConnector {
*/ */
public HTTPVaultConnector(String baseURL) { public HTTPVaultConnector(String baseURL) {
this.baseURL = baseURL; this.baseURL = baseURL;
this.httpClient = new DefaultHttpClient();
this.jsonMapper = new ObjectMapper(); this.jsonMapper = new ObjectMapper();
} }
@ -110,6 +110,9 @@ public class HTTPVaultConnector implements VaultConnector {
} catch (VaultConnectorException | IOException e) { } catch (VaultConnectorException | IOException e) {
e.printStackTrace(); e.printStackTrace();
return null; return null;
} catch (URISyntaxException ignored) {
/* this should never occur and may leak sensible information */
return null;
} }
} }
@ -126,10 +129,10 @@ public class HTTPVaultConnector implements VaultConnector {
@Override @Override
public SealResponse unseal(final String key, final Boolean reset) { public SealResponse unseal(final String key, final Boolean reset) {
Map<String, Object> param = new HashMap<>(); Map<String, String> param = new HashMap<>();
param.put("key", key); param.put("key", key);
if (reset != null) if (reset != null)
param.put("reset", reset); param.put("reset", reset.toString());
try { try {
String response = requestPut(PATH_UNSEAL, param); String response = requestPut(PATH_UNSEAL, param);
return jsonMapper.readValue(response, SealResponse.class); return jsonMapper.readValue(response, SealResponse.class);
@ -159,6 +162,9 @@ public class HTTPVaultConnector implements VaultConnector {
return amr.getSupportedMethods().stream().map(AuthMethod::getType).collect(Collectors.toList()); return amr.getSupportedMethods().stream().map(AuthMethod::getType).collect(Collectors.toList());
} catch (IOException e) { } catch (IOException e) {
throw new InvalidResponseException("Unable to parse response", e); throw new InvalidResponseException("Unable to parse response", e);
} catch (URISyntaxException ignored) {
/* this should never occur and may leak sensible information */
throw new InvalidRequestException("Invalid URI format.");
} }
} }
@ -255,6 +261,9 @@ public class HTTPVaultConnector implements VaultConnector {
return jsonMapper.readValue(response, SecretResponse.class); return jsonMapper.readValue(response, SecretResponse.class);
} catch (IOException e) { } catch (IOException e) {
throw new InvalidResponseException("Unable to parse response", e); throw new InvalidResponseException("Unable to parse response", e);
} catch (URISyntaxException ignored) {
/* this should never occur and may leak sensible information */
throw new InvalidRequestException("Invalid URI format.");
} }
} }
@ -263,12 +272,15 @@ public class HTTPVaultConnector implements VaultConnector {
if (!isAuthorized()) if (!isAuthorized())
throw new AuthorizationRequiredException(); throw new AuthorizationRequiredException();
String response = requestGet(PATH_SECRET + "/" + path + "/?list=true", new HashMap<>());
try { try {
String response = requestGet(PATH_SECRET + "/" + path + "/?list=true", new HashMap<>());
SecretListResponse secrets = jsonMapper.readValue(response, SecretListResponse.class); SecretListResponse secrets = jsonMapper.readValue(response, SecretListResponse.class);
return secrets.getKeys(); return secrets.getKeys();
} catch (IOException e) { } catch (IOException e) {
throw new InvalidResponseException("Unable to parse response", e); throw new InvalidResponseException("Unable to parse response", e);
} catch (URISyntaxException ignored) {
/* this should never occur and may leak sensible information */
throw new InvalidRequestException("Invalid URI format.");
} }
} }
@ -297,7 +309,7 @@ public class HTTPVaultConnector implements VaultConnector {
/* generate JSON from payload */ /* generate JSON from payload */
StringEntity input; StringEntity input;
try { try {
input = new StringEntity(jsonMapper.writeValueAsString(payload), HTTP.UTF_8); input = new StringEntity(jsonMapper.writeValueAsString(payload), StandardCharsets.UTF_8);
} catch (JsonProcessingException e) { } catch (JsonProcessingException e) {
throw new InvalidRequestException("Unable to parse response", e); throw new InvalidRequestException("Unable to parse response", e);
} }
@ -318,7 +330,7 @@ public class HTTPVaultConnector implements VaultConnector {
* @return HTTP response * @return HTTP response
* @throws VaultConnectorException on connection error * @throws VaultConnectorException on connection error
*/ */
private String requestPut(final String path, final Map<String, Object> payload) throws VaultConnectorException { private String requestPut(final String path, final Map<String, String> payload) throws VaultConnectorException {
/* Initialize post */ /* Initialize post */
HttpPut put = new HttpPut(baseURL + path); HttpPut put = new HttpPut(baseURL + path);
/* generate JSON from payload */ /* generate JSON from payload */
@ -344,13 +356,13 @@ public class HTTPVaultConnector implements VaultConnector {
* @return HTTP response * @return HTTP response
* @throws VaultConnectorException on connection error * @throws VaultConnectorException on connection error
*/ */
private String requestGet(final String path, final Map<String, Object> payload) throws VaultConnectorException { private String requestGet(final String path, final Map<String, String> payload) throws VaultConnectorException, URISyntaxException {
/* Initialize post */ /* Add parameters to URI */
HttpGet get = new HttpGet(baseURL + path); URIBuilder uriBuilder = new URIBuilder(baseURL + path);
/* Parse parameters */ payload.forEach(uriBuilder::addParameter);
HttpParams params = new BasicHttpParams();
payload.forEach(params::setParameter); /* Initialize request */
get.setParams(params); HttpGet get = new HttpGet(uriBuilder.build());
/* Set X-Vault-Token header */ /* Set X-Vault-Token header */
if (token != null) if (token != null)
@ -370,14 +382,17 @@ public class HTTPVaultConnector implements VaultConnector {
base.addHeader("accept", "application/json"); base.addHeader("accept", "application/json");
HttpResponse response = null; HttpResponse response = null;
try { try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) {
response = httpClient.execute(base); response = httpClient.execute(base);
/* Check if response is valid */ /* Check if response is valid */
if (response == null) if (response == null)
throw new InvalidResponseException("Response unavailable"); throw new InvalidResponseException("Response unavailable");
switch (response.getStatusLine().getStatusCode()) { switch (response.getStatusLine().getStatusCode()) {
case 200: case 200:
return IOUtils.toString(response.getEntity().getContent()); try(BufferedReader br = new BufferedReader(new InputStreamReader(response.getEntity().getContent()))) {
return br.lines().collect(Collectors.joining("\n"));
} catch (IOException ignored) { }
case 204: case 204:
return ""; return "";
case 403: case 403:
@ -385,19 +400,18 @@ public class HTTPVaultConnector implements VaultConnector {
default: default:
InvalidResponseException ex = new InvalidResponseException("Invalid response code") InvalidResponseException ex = new InvalidResponseException("Invalid response code")
.withStatusCode(response.getStatusLine().getStatusCode()); .withStatusCode(response.getStatusLine().getStatusCode());
try { if (response.getEntity() != null) {
/* Try to parse error response */ try (BufferedReader br = new BufferedReader(new InputStreamReader(response.getEntity().getContent()))) {
ErrorResponse er = jsonMapper.readValue(IOUtils.toString(response.getEntity().getContent()), String responseString = br.lines().collect(Collectors.joining("\n"));
ErrorResponse.class); ErrorResponse er = jsonMapper.readValue(responseString, ErrorResponse.class);
/* Check for "permission denied" response */ /* Check for "permission denied" response */
if (er.getErrors().size() > 0 && er.getErrors().get(0).equals("permission denied")) if (er.getErrors().size() > 0 && er.getErrors().get(0).equals("permission denied"))
throw new PermissionDeniedException(); throw new PermissionDeniedException();
throw ex.withResponse(er.toString());
throw ex.withResponse(er.toString()); } catch (IOException ignored) {
} }
catch (IOException e) {
throw ex;
} }
throw ex;
} }
} catch (IOException e) { } catch (IOException e) {
throw new InvalidResponseException("Unable to read response", e); throw new InvalidResponseException("Unable to read response", e);
@ -405,7 +419,7 @@ public class HTTPVaultConnector implements VaultConnector {
finally { finally {
if (response != null && response.getEntity() != null) if (response != null && response.getEntity() != null)
try { try {
response.getEntity().consumeContent(); EntityUtils.consume(response.getEntity());
} catch (IOException ignored) { } catch (IOException ignored) {
} }
} }