From c8f396a5dff2c054d540f784d98de7fa7fb17aae Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lehel=20Bal=C3=A1zs?= <lbalazs@opentext.com>
Date: Wed, 28 May 2025 18:09:08 +0300
Subject: [PATCH] use lookup-self for token check instead of lookup (#98) (#99)

Using the /lookup-self to retrieve information about the current token
requires less permissions than the general /lookup API and yields the
same results, if accessible.
---
 .../java/de/stklcode/jvault/connector/HTTPVaultConnector.java  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java b/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
index 84c0c2f..c550273 100644
--- a/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
+++ b/src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
@@ -54,6 +54,7 @@ public class HTTPVaultConnector implements VaultConnector {
     private static final String PATH_AUTH = "auth";
     private static final String PATH_AUTH_TOKEN = PATH_AUTH + "/token";
     private static final String PATH_LOOKUP = "/lookup";
+    private static final String PATH_LOOKUP_SELF = "/lookup-self";
     private static final String PATH_CREATE = "/create";
     private static final String PATH_ROLES = "/roles";
     private static final String PATH_CREATE_ORPHAN = "/create-orphan";
@@ -191,7 +192,7 @@ public class HTTPVaultConnector implements VaultConnector {
         /* set token */
         this.token = token;
         this.tokenTTL = 0;
-        TokenResponse res = request.post(PATH_AUTH_TOKEN + PATH_LOOKUP, emptyMap(), token, TokenResponse.class);
+        TokenResponse res = request.get(PATH_AUTH_TOKEN + PATH_LOOKUP_SELF, emptyMap(), token, TokenResponse.class);
         authorized = true;
 
         return res;