stklcode/jvaultconnector
stklcode/jvaultconnector
1
0
Fork 0
Code Issues Actions Releases 33 Wiki Activity

Lease renewal implemented

Browse Source
This commit is contained in:
Stefan Kalscheuer 2016-11-06 15:22:50 +01:00
parent d2b31122b6
commit c1a964b0d1
3 changed files with 58 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
View File

@ -50,6 +50,7 @@ public class HTTPVaultConnector implements VaultConnector {
private static final String PATH_SEAL = "sys/seal"; private static final String PATH_SEAL = "sys/seal";
private static final String PATH_UNSEAL = "sys/unseal"; private static final String PATH_UNSEAL = "sys/unseal";
private static final String PATH_INIT = "sys/init"; private static final String PATH_INIT = "sys/init";
private static final String PATH_RENEW = "sys/renew";
private static final String PATH_AUTH = "sys/auth"; private static final String PATH_AUTH = "sys/auth";
private static final String PATH_TOKEN = "auth/token"; private static final String PATH_TOKEN = "auth/token";
private static final String PATH_LOOKUP = "/lookup"; private static final String PATH_LOOKUP = "/lookup";
@ -541,9 +542,22 @@ public class HTTPVaultConnector implements VaultConnector {
} }
@Override @Override
public VaultResponse renew(String leaseID, Integer seconds) { public SecretResponse renew(String leaseID, Integer increment) throws VaultConnectorException {
/* TODO */ if (!isAuthorized())
return null; throw new AuthorizationRequiredException();
Map<String, String> payload = new HashMap<>();
payload.put("lease_id", leaseID);
if (increment != null)
payload.put("increment", increment.toString());
/* Request HTTP response and parse Secret */
try {
String response = requestPut(PATH_RENEW, payload);
return jsonMapper.readValue(response, SecretResponse.class);
} catch (IOException e) {
throw new InvalidResponseException("Unable to parse response", e);
}
} }
@Override @Override
@ -587,6 +601,23 @@ public class HTTPVaultConnector implements VaultConnector {
} }
} }
@Override
public TokenResponse lookupToken(final String token) throws VaultConnectorException {
if (!isAuthorized())
throw new AuthorizationRequiredException();
/* Request HTTP response and parse Secret */
try {
String response = requestGet(PATH_TOKEN + "/lookup/" + token, new HashMap<>());
return jsonMapper.readValue(response, TokenResponse.class);
} catch (IOException e) {
throw new InvalidResponseException("Unable to parse response", e);
} catch (URISyntaxException ignored) {
/* this should never occur and may leak sensible information */
throw new InvalidRequestException("Invalid URI format.");
}
}
/** /**
* Execute HTTP request using POST method. * Execute HTTP request using POST method.

26
src/main/java/de/stklcode/jvault/connector/VaultConnector.java
View File

@ -16,6 +16,7 @@
package de.stklcode.jvault.connector; package de.stklcode.jvault.connector;
import de.stklcode.jvault.connector.exception.AuthorizationRequiredException;
import de.stklcode.jvault.connector.exception.VaultConnectorException; import de.stklcode.jvault.connector.exception.VaultConnectorException;
import de.stklcode.jvault.connector.model.*; import de.stklcode.jvault.connector.model.*;
import de.stklcode.jvault.connector.model.response.*; import de.stklcode.jvault.connector.model.response.*;
@ -412,11 +413,21 @@ public interface VaultConnector {
/** /**
* Renew lease with given ID. * Renew lease with given ID.
* *
* @param leaseID the lase ID * @param leaseID the lase ID
* @param seconds number of seconds to extend lease time
* @return Renewed lease * @return Renewed lease
*/ */
VaultResponse renew(final String leaseID, final Integer seconds); default SecretResponse renew(final String leaseID) throws VaultConnectorException {
return renew(leaseID, null);
}
/**
* Renew lease with given ID.
*
* @param leaseID the lase ID
* @param increment number of seconds to extend lease time
* @return Renewed lease
*/
SecretResponse renew(final String leaseID, final Integer increment) throws VaultConnectorException;
/** /**
* Create a new token. * Create a new token.
@ -446,4 +457,13 @@ public interface VaultConnector {
* @throws VaultConnectorException on error * @throws VaultConnectorException on error
*/ */
AuthResponse createToken(final Token token, final String role) throws VaultConnectorException; AuthResponse createToken(final Token token, final String role) throws VaultConnectorException;
/**
* Lookup token information.
*
* @param token the token
* @return the result response
* @throws VaultConnectorException on error
*/
TokenResponse lookupToken(final String token) throws VaultConnectorException;
} }

2
src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorTest.java
View File

@ -531,7 +531,7 @@ public class HTTPVaultConnectorTest {
* Test deletion of secrets. * Test deletion of secrets.
*/ */
@Test @Test
public void deleteTest() { public void deleteSecretTest() {
authUser(); authUser();
assumeTrue(connector.isAuthorized()); assumeTrue(connector.isAuthorized());