stklcode/jvaultconnector
stklcode/jvaultconnector
1
0
Fork 0
Code Issues Actions Releases 33 Wiki Activity

Compare commits

base: stklcode:v1.2.0
Branches Tags
stklcode:main
stklcode:develop
stklcode:experimental/jackson3
stklcode:v1.5.0
stklcode:v1.4.0
stklcode:v1.3.1
stklcode:v1.3.0
stklcode:v1.2.0
stklcode:v1.1.5
stklcode:v1.1.4
stklcode:v1.1.3
stklcode:v1.1.2
stklcode:v1.1.1
stklcode:v1.1.0
stklcode:v1.0.1
stklcode:v1.0.0
stklcode:v0.9.5
stklcode:v0.9.4
stklcode:v0.9.3
stklcode:v0.9.2
stklcode:v0.9.1
stklcode:v0.9.0
stklcode:v0.8.2
stklcode:v0.8.1
stklcode:v0.8.0
stklcode:v0.7.1
stklcode:v0.7.0
stklcode:v0.6.2
stklcode:v0.6.1
stklcode:v0.6.0
stklcode:v0.5.0
stklcode:v0.4.1
stklcode:v0.4.0
stklcode:v0.3.0
stklcode:v0.2.0
stklcode:v0.1.1
stklcode:v0.1
...
compare: stklcode:main
Branches Tags
stklcode:develop
stklcode:main
stklcode:experimental/jackson3
stklcode:v1.5.0
stklcode:v1.4.0
stklcode:v1.3.1
stklcode:v1.3.0
stklcode:v1.2.0
stklcode:v1.1.5
stklcode:v1.1.4
stklcode:v1.1.3
stklcode:v1.1.2
stklcode:v1.1.1
stklcode:v1.1.0
stklcode:v1.0.1
stklcode:v1.0.0
stklcode:v0.9.5
stklcode:v0.9.4
stklcode:v0.9.3
stklcode:v0.9.2
stklcode:v0.9.1
stklcode:v0.9.0
stklcode:v0.8.2
stklcode:v0.8.1
stklcode:v0.8.0
stklcode:v0.7.1
stklcode:v0.7.0
stklcode:v0.6.2
stklcode:v0.6.1
stklcode:v0.6.0
stklcode:v0.5.0
stklcode:v0.4.1
stklcode:v0.4.0
stklcode:v0.3.0
stklcode:v0.2.0
stklcode:v0.1.1
stklcode:v0.1

93 Commits
v1.2.0 ... main

Author SHA1 Message Date
Stefan Kalscheuer
80abbda46f
docs: update version and features in README
All checks were successful
CI / build (11) (push) Successful in 39s
Details
CI / build (17) (push) Successful in 39s
Details
CI / build (true, 21) (push) Successful in 34s
Details
CI / build-with-it (11, 1.2.0) (push) Successful in 55s
Details
CI / build-with-it (11, 1.19.0) (push) Successful in 1m2s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 54s
Details
CI / build-with-it (17, 1.19.0) (push) Successful in 1m0s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 52s
Details
CI / build-with-it (true, 21, 1.19.0) (push) Successful in 59s
Details
2025-04-24 18:36:36 +02:00
Stefan Kalscheuer
a8e85b88d1
test: use WireMockTest annotation 2025-04-24 18:30:32 +02:00
Stefan Kalscheuer
91baed4fe5
test: update wiremock to 3.13.0 2025-04-24 18:30:04 +02:00
Stefan Kalscheuer
2ea261d36a
prepare for next development iteration
All checks were successful
CI / build (11) (push) Successful in 36s
Details
CI / build (17) (push) Successful in 36s
Details
CI / build (true, 21) (push) Successful in 28s
Details
2025-04-13 12:25:18 +02:00
Stefan Kalscheuer
43da0f5109
prepare release v1.5.0
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 52s
Details
CI / build-with-it (11, 1.19.0) (push) Successful in 59s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 49s
Details
CI / build-with-it (true, 21, 1.19.0) (push) Successful in 55s
Details
CI / build-with-it (17, 1.19.0) (push) Successful in 57s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 52s
Details
2025-04-13 11:25:49 +02:00
Stefan Kalscheuer
cc5ca13aeb
refactor: use builder to instantiate ObjectMapper (#95)
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 52s
Details
CI / build-with-it (11, 1.19.0) (push) Successful in 58s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 52s
Details
CI / build-with-it (17, 1.19.0) (push) Successful in 57s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 47s
Details
CI / build-with-it (true, 21, 1.19.0) (push) Successful in 54s
Details 
Instead of applying configuration to a new ObjectMapper instance we use
the JsonMapper builder pattern to create our mapper.

The resulting mappers are not yet fully immutable, but the old way will
be removed in Jackson 3.0.
 2025-04-13 10:49:42 +02:00
Stefan Kalscheuer
71842eb758
deps: update test dependencies
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 50s
Details
CI / build-with-it (11, 1.19.0) (push) Successful in 58s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 51s
Details
CI / build-with-it (17, 1.19.0) (push) Successful in 1m1s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 54s
Details
CI / build-with-it (true, 21, 1.19.0) (push) Successful in 58s
Details
2025-04-13 10:31:58 +02:00
Stefan Kalscheuer
e9aeda9a55
style: trim multiline indentation to 4 spaces
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 56s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 56s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 51s
Details
CI / build-with-it (17, 1.19.0) (push) Successful in 49s
Details
CI / build-with-it (11, 1.19.0) (push) Successful in 51s
Details
CI / build-with-it (true, 21, 1.19.0) (push) Successful in 57s
Details
2025-04-11 17:20:24 +02:00
Stefan Kalscheuer
d51af06e29
build: update jacoco-maven-plugin to 0.8.13
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 49s
Details
CI / build-with-it (11, 1.19.0) (push) Successful in 55s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 49s
Details
CI / build-with-it (17, 1.19.0) (push) Successful in 55s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 45s
Details
CI / build-with-it (true, 21, 1.19.0) (push) Successful in 51s
Details
2025-04-03 11:04:23 +02:00
Stefan Kalscheuer
7b2b137d53
build: update surefire and failsafe plugin to 3.5.3 2025-04-03 11:03:50 +02:00
Stefan Kalscheuer
ee2543e3ad
reuse builder methods when initializing from environment
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 51s
Details
CI / build-with-it (17, 1.19.0) (push) Successful in 54s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 51s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 46s
Details
CI / build-with-it (true, 21, 1.19.0) (push) Successful in 55s
Details
CI / build-with-it (11, 1.19.0) (push) Successful in 48s
Details 
We can just pass the environment variable to other pre-existing methods
instead of parsing the URL twice. This also fixes URLs without explicit
ports where we should not store "-1" in this case.
 2025-03-29 11:50:29 +01:00
Stefan Kalscheuer
dad35023eb
replace deprecated java.net.URL usage with java.net.URI (#94) 
Deprecated in Java 20. Migrate URL parsing to backward compatible URI.
 2025-03-28 18:30:37 +01:00
Stefan Kalscheuer
0127cf30be
feat: introduce methods for transit API interaction (#89)
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 50s
Details
CI / build-with-it (11, 1.19.0) (push) Successful in 55s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 50s
Details
CI / build-with-it (17, 1.19.0) (push) Successful in 56s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 47s
Details
CI / build-with-it (true, 21, 1.19.0) (push) Successful in 54s
Details 
Support hashing and de-/encryption using Vault's transit API.
 2025-03-02 18:24:16 +01:00
Stefan Kalscheuer
90f8bb7f20
build: update sonar-maven-plugin to 5.1.0.4751
All checks were successful
CI / build-with-it (17, 1.2.0) (push) Successful in 51s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 46s
Details
CI / build-with-it (true, 21, 1.19.0) (push) Successful in 55s
Details
CI / build-with-it (11, 1.2.0) (push) Successful in 52s
Details
CI / build-with-it (11, 1.19.0) (push) Successful in 58s
Details
CI / build-with-it (17, 1.19.0) (push) Successful in 46s
Details
2025-03-28 18:03:27 +01:00
Stefan Kalscheuer
ff6d2140cf
feat: support PEM certificate string from VAULT_CACERT env var (#93)
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 53s
Details
CI / build-with-it (11, 1.19.0) (push) Successful in 1m0s
Details
CI / build-with-it (17, 1.19.0) (push) Successful in 57s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 52s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 48s
Details
CI / build-with-it (true, 21, 1.19.0) (push) Successful in 54s
Details 
Vault CLI and the connector up to 1.4 support providing a path to a CA
certificate file. Introduce support for providing PEM encoded content
directly which might be convenient in container environments to provide
a certificate e.g. from secrets without mounting it to some path.
 2025-03-23 12:10:15 +01:00
Stefan Kalscheuer
076cd8b607
replace trim/isEmpty with isBlank
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 53s
Details
CI / build-with-it (11, 1.19.0) (push) Successful in 1m1s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 53s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 48s
Details
CI / build-with-it (true, 21, 1.19.0) (push) Successful in 55s
Details
CI / build-with-it (17, 1.19.0) (push) Successful in 49s
Details
2025-03-22 18:39:39 +01:00
Stefan Kalscheuer
2e0d092cae
deps: update test dependencies 2025-03-22 18:36:41 +01:00
Stefan Kalscheuer
d329af2c67
deprecate default methods to read specific database credentials (#92)
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 57s
Details
CI / build-with-it (11, 1.19.0) (push) Successful in 1m3s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 57s
Details
CI / build-with-it (17, 1.19.0) (push) Successful in 1m4s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 54s
Details
CI / build-with-it (true, 21, 1.19.0) (push) Successful in 1m2s
Details 
The interface has some methods to read database credentials from
specific mountpoints like "mysql". While ann database mounts share
the same credential endpoints, the mount point itself can have any
name. Let's clean up some methods of low benefit and deprecate the
convenience methods.

Trivial replacement is `getDbCredentials()` with explicit mount point,
if it's actually mounted on that path.
 2025-03-09 11:43:15 +01:00
Stefan Kalscheuer
f50f5c5de7
test: run IT against Vault 1.19.0 (#91)
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 59s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 56s
Details
CI / build-with-it (17, 1.19.0) (push) Successful in 1m2s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 50s
Details
CI / build-with-it (true, 21, 1.19.0) (push) Successful in 57s
Details
CI / build-with-it (11, 1.19.0) (push) Successful in 1m4s
Details
2025-03-07 20:30:48 +01:00
Stefan Kalscheuer
c8a6015f3f
deps: update jackson to 2.18.3 (#90)
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 55s
Details
CI / build-with-it (11, 1.18.2) (push) Successful in 1m0s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 54s
Details
CI / build-with-it (17, 1.18.2) (push) Successful in 1m0s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 42s
Details
CI / build-with-it (true, 21, 1.18.2) (push) Successful in 49s
Details
2025-03-02 18:40:01 +01:00
Stefan Kalscheuer
835372eb3b
test: swap expected and actual arguments in some assertions
All checks were successful
CI / build (11) (push) Successful in 38s
Details
CI / build (17) (push) Successful in 37s
Details
CI / build (true, 21) (push) Successful in 29s
Details
CI / build-with-it (11, 1.2.0) (push) Successful in 56s
Details
CI / build-with-it (11, 1.18.2) (push) Successful in 59s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 54s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 47s
Details
CI / build-with-it (true, 21, 1.18.2) (push) Successful in 54s
Details
CI / build-with-it (17, 1.18.2) (push) Successful in 51s
Details
2025-03-02 18:28:20 +01:00
Stefan Kalscheuer
11ece9974f
build: update Maven plugins
All checks were successful
CI / build-with-it (21, 1.2.0) (push) Successful in 52s
Details
CI / build-with-it (true, 21, 1.18.2) (push) Successful in 59s
Details
CI / build-with-it (11, 1.2.0) (push) Successful in 58s
Details
CI / build-with-it (11, 1.18.2) (push) Successful in 1m5s
Details
CI / build-with-it (17, 1.18.2) (push) Successful in 1m1s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 57s
Details
CI / build (11) (push) Successful in 40s
Details
CI / build (17) (push) Successful in 41s
Details
CI / build (true, 21) (push) Successful in 31s
Details
2025-02-23 14:00:08 +01:00
Stefan Kalscheuer
0d0fbb5461
deps: update test dependencies 2025-02-23 13:57:57 +01:00
Stefan Kalscheuer
6c9a1fc10e
build: update dependency-check-maven to v12.1.0
All checks were successful
CI / build-with-it (21, 1.2.0) (push) Successful in 52s
Details
CI / build-with-it (true, 21, 1.18.2) (push) Successful in 59s
Details
CI / build-with-it (11, 1.2.0) (push) Successful in 57s
Details
CI / build-with-it (11, 1.18.2) (push) Successful in 1m3s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 56s
Details
CI / build-with-it (17, 1.18.2) (push) Successful in 50s
Details
2025-02-23 13:56:01 +01:00
Stefan Kalscheuer
7e05f4937d
build: update dependency-check-maven to v12.0.2 2025-01-31 18:04:47 +01:00
Stefan Kalscheuer
fd9045d7cd
build: add maven-enforcer-plugin
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 1m5s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 1m1s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 59s
Details
CI / build-with-it (17, 1.18.2) (push) Successful in 57s
Details
CI / build-with-it (11, 1.18.2) (push) Successful in 56s
Details
CI / build-with-it (true, 21, 1.18.2) (push) Successful in 1m3s
Details
2025-01-07 17:44:39 +01:00
Stefan Kalscheuer
e938f81954
deps: update test dependencies and maven plugins 
* equalsverifier 3.18
* junit-jupiter 5.11.4
* mockito-core 5.15.2

* maven-javadoc-plugin 3.11.2
 2025-01-07 17:44:20 +01:00
Stefan Kalscheuer
e5dd207c8c
update license headers to 2025 2025-01-07 17:35:54 +01:00
Stefan Kalscheuer
92d5750c1d
prepare release of v1.4.0 (#88)
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 53s
Details
CI / build-with-it (11, 1.18.2) (push) Successful in 1m1s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 54s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 51s
Details
CI / build-with-it (true, 21, 1.18.2) (push) Successful in 59s
Details
CI / build-with-it (17, 1.18.2) (push) Successful in 49s
Details
CI / build (11) (push) Successful in 41s
Details
CI / build (17) (push) Successful in 41s
Details
CI / build (true, 21) (push) Successful in 32s
Details
2024-12-07 11:54:46 +01:00
Stefan Kalscheuer
2011a83fd9
deps: update test dependencies and maven plugins
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 55s
Details
CI / build-with-it (11, 1.18.2) (push) Successful in 1m3s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 57s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 52s
Details
CI / build-with-it (true, 21, 1.18.2) (push) Successful in 1m0s
Details
CI / build-with-it (17, 1.18.2) (push) Successful in 50s
Details 
* equalsverifier 3.17.5
* dependency-check-maven 1.11.1
 2024-12-07 11:47:45 +01:00
Stefan Kalscheuer
d3da00372c
test: run IT against Vault 1.18.2 and remove 1.11 job (#87)
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 59s
Details
CI / build-with-it (11, 1.18.2) (push) Successful in 1m5s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 56s
Details
CI / build-with-it (17, 1.18.2) (push) Successful in 1m3s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 52s
Details
CI / build-with-it (true, 21, 1.18.2) (push) Successful in 1m1s
Details
CI / build (11) (push) Successful in 38s
Details
CI / build (17) (push) Successful in 38s
Details
CI / build (true, 21) (push) Successful in 34s
Details
2024-12-07 11:26:54 +01:00
Stefan Kalscheuer
d90dfc8ba7
ci: remove Drone CI configuration
All checks were successful
CI / build-with-it (11, 1.18.0) (push) Successful in 1m0s
Details
CI / build-with-it (11, 1.11.12) (push) Successful in 1m4s
Details
CI / build-with-it (11, 1.2.0) (push) Successful in 54s
Details
CI / build-with-it (17, 1.11.12) (push) Successful in 1m5s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 54s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 53s
Details
CI / build-with-it (21, 1.11.12) (push) Successful in 1m3s
Details
CI / build (11) (push) Successful in 38s
Details
CI / build-with-it (true, 21, 1.18.0) (push) Successful in 1m3s
Details
CI / build (17) (push) Successful in 37s
Details
CI / build (true, 21) (push) Successful in 33s
Details
CI / build-with-it (17, 1.18.0) (push) Successful in 51s
Details 
All build systems now GitHub Actions workflows, so we can remove the
alternative configuration and only keep a single pipeline definition.
 2024-12-07 11:12:25 +01:00
Stefan Kalscheuer
8bf0f9c45f
ci: split jobs for unit and integration tests 2024-12-07 11:11:17 +01:00
Stefan Kalscheuer
4fcfa6938e
build: introduce maven wrapper
Some checks failed
continuous-integration/drone/push Build is passing
Details
CI / build (11, 1.11.12) (push) Successful in 41s
Details
CI / build (11, 1.18.0) (push) Successful in 39s
Details
CI / build (11, 1.2.0) (push) Successful in 38s
Details
CI / build (17, 1.11.12) (push) Successful in 39s
Details
CI / build (17, 1.18.0) (push) Successful in 39s
Details
CI / build (17, 1.2.0) (push) Successful in 38s
Details
CI / build (21, 1.11.12) (push) Successful in 38s
Details
CI / build (21, 1.2.0) (push) Successful in 38s
Details
CI / build (true, 21, 1.18.0) (push) Failing after 37s
Details
2024-12-07 10:54:24 +01:00
Stefan Kalscheuer
26cfceb581
deps: update test dependencies and maven plugins
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-11-29 20:25:20 +01:00
Stefan Kalscheuer
ccf820d524
deps: update jackson to 2.18.2 (#85) 2024-11-29 20:22:34 +01:00
Stefan Kalscheuer
5a9d6d9183
fix: add jackson annotation module dependency (#84)
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-11-23 12:42:50 +01:00
Stefan Kalscheuer
a1dd2b20fb
build: use release option instead of source and target for compiler
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-11-23 10:45:18 +01:00
Stefan Kalscheuer
b0c6ea2d19
deps: update jackson to 2.18.1 (#83)
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-10-31 12:14:56 +01:00
Stefan Kalscheuer
9b6aa91e52
deps: update test dependencies and maven plugins 2024-10-31 12:12:47 +01:00
Stefan Kalscheuer
01812bf492
ci: run integration tests on PR against main branch
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-10-09 18:23:45 +02:00
Stefan Kalscheuer
e6ef19f1a1
test: run IT against Vault 1.18.0 (#82) 2024-10-09 18:09:30 +02:00
Stefan Kalscheuer
d4066c1829
drop support for deprecated App-ID auth backend (#61) (#78)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
App-ID is deprecated since Vault 0.6 and was removed in 1.12.
Our compatibility methods are deprecated since Connector 0.4. It's time
to drop it for good.
 2024-06-29 15:09:38 +02:00
Stefan Kalscheuer
498e46d94d
remove deprecated get...TimeString() methods from model classes (#77)
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-29 15:07:47 +02:00
Stefan Kalscheuer
658f005433
build: migrate maven central deployment to publishing api
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-10-03 18:57:22 +02:00
Stefan Kalscheuer
c8a8f4cbbf
prepare release of v1.3.1
All checks were successful
continuous-integration/drone/tag Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2024-10-03 13:10:38 +02:00
Stefan Kalscheuer
0964c8c41a
docs: update badges in README.md 2024-10-03 13:09:30 +02:00
Stefan Kalscheuer
ae00b29b4d
test: run IT against Vault 1.17.6
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-10-03 12:58:52 +02:00
Stefan Kalscheuer
10395007bc
deps: update equalsverifier to 3.17.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-10-03 12:55:41 +02:00
Stefan Kalscheuer
91bd6cd572
build: update maven plugins
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-10-01 20:25:40 +02:00
Stefan Kalscheuer
8a7ef2d455
deps: update test dependencies 2024-10-01 20:23:31 +02:00
Stefan Kalscheuer
4588703f5c
deps: update jackson to 2.18.0 (#80)
Some checks failed
continuous-integration/drone/push Build is failing
Details
2024-10-01 20:16:46 +02:00
Stefan Kalscheuer
8a4ebeaad8
deps: update mockito to 5.13.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-09-07 13:03:02 +02:00
Stefan Kalscheuer
e2c3dd1c35
build: update maven plugins 2024-09-07 13:02:44 +02:00
Stefan Kalscheuer
b2f7c61654
build: remove Automatic-Module-Name from JAR manifest (#79) 
We do provide a module-info already, so we should remove ths artifact
from the Java 8 days.
 2024-08-30 20:12:50 +02:00
Stefan Kalscheuer
8ae024fc36
build: update maven plugins
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-08-24 09:48:17 +02:00
Stefan Kalscheuer
c6a9cc2b1a
deps: update test dependencies
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-08-24 09:45:52 +02:00
Stefan Kalscheuer
610464327d
build: update GitHub actions
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-08-03 17:03:39 +02:00
Stefan Kalscheuer
077d670609
deps: update wiremock to 3.9.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-08-03 16:59:29 +02:00
Stefan Kalscheuer
d099995409
build: update maven plugins 2024-08-03 16:58:24 +02:00
Stefan Kalscheuer
b751b58f11
deps: update jackson to 2.17.2
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-07-13 10:20:52 +02:00
Stefan Kalscheuer
59af162c7d
build: update dependency-check-maven to 10.0.2 2024-07-13 10:20:06 +02:00
Stefan Kalscheuer
d6b9a805b3
build: update dependency-check-maven to 10.0.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-07-02 18:04:37 +02:00
Stefan Kalscheuer
e585777340
prepare release of v1.3.0
All checks were successful
continuous-integration/drone/tag Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2024-06-29 14:47:26 +02:00
Stefan Kalscheuer
44f0953998
test: test against Vault 1.17.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-29 12:23:30 +02:00
Stefan Kalscheuer
318186d9e0
test: minor test code refactoring
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-29 12:21:58 +02:00
Stefan Kalscheuer
15ee202167
refactor: add serialVersionUID field to exception classes
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-29 10:51:39 +02:00
Stefan Kalscheuer
defbce0782
deps: update test dependencies 2024-06-29 10:32:55 +02:00
Stefan Kalscheuer
1a18e6b73b
build: generate and attach CycloneDX SBOM 2024-06-29 10:32:54 +02:00
Stefan Kalscheuer
5f1f94f59c
feat: add custom_metadata, cas_required and delete_version_after fields
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-22 14:46:06 +02:00
Stefan Kalscheuer
e0711e6108
fix: rename enable_local_secret_id to local_secret_ids in AppRole model 2024-06-22 14:46:05 +02:00
Stefan Kalscheuer
a3393ae0cb
feat: add auth attribute to common response model 2024-06-22 14:46:04 +02:00
Stefan Kalscheuer
8ec160a436
feat: add mount_type attribute to common response model 2024-06-22 14:46:02 +02:00
Stefan Kalscheuer
69da6b9f14
feat: add missing num_uses field to AuthData 2024-06-22 12:49:01 +02:00
Stefan Kalscheuer
936928a4fb
feat: add Vault 1.16 and 1.17 flags to HealthResponse 2024-06-22 12:48:00 +02:00
Stefan Kalscheuer
a75621d67e
deps: update maven plugins
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-22 12:13:07 +02:00
Stefan Kalscheuer
8cb27ed4d1
deps: update wiremock to 3.7.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-22 12:06:12 +02:00
Stefan Kalscheuer
7d5996244b
deps: update jackson to 2.17.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-14 17:06:33 +02:00
Stefan Kalscheuer
20983e5089
test: test against Vault 1.17.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-14 16:58:56 +02:00
Stefan Kalscheuer
56fb92178c
deps: update wiremock and maven plugins
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-04-27 17:20:24 +02:00
Stefan Kalscheuer
4258489dba
update copyright notice to 2024 2024-04-27 17:09:40 +02:00
Stefan Kalscheuer
e49216f611
docs: fix two typos in comments
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-04-27 12:06:55 +02:00
Stefan Kalscheuer
dd5adf897a
refactor: simplify JSON parsing in handleError() 
Omit reading lines to String first and pass the reader directly to the
JSON mapper.
 2024-04-27 12:04:44 +02:00
Stefan Kalscheuer
d04067db7e
deps: update build and test dependencies
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Test dependencies:
* commons-io:commons-io 2.16.1
* nl.jqno.equalsverifier:equalsverifier 3.16.1
* org.wiremock:wiremock 3.5.2

Maven plugins:
* dependency-check-maven 9.1.0
* jacoco-maven-plugin 0.8.12
* maven-compiler-plugin 3.13.0
* maven-gpg-plugin 3.2.3
* maven-source-plugin 3.3.1
 2024-04-13 14:05:41 +02:00
Stefan Kalscheuer
703cc0d87b
test: minor code clean-up
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-04-13 13:39:50 +02:00
Stefan Kalscheuer
c35760d0ab
test: use assertInstanceOf() where applicable 2024-04-13 13:39:40 +02:00
Stefan Kalscheuer
2f5b25d847
test: replace deprecated Field.isAccessible() calls 2024-04-13 13:38:56 +02:00
Stefan Kalscheuer
7681e9e2af
test: test against Vault 1.16.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-03-28 18:27:25 +01:00
Stefan Kalscheuer
4c4a38cb0b
deps: update build and test dependencies
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-03-23 17:51:58 +01:00
Stefan Kalscheuer
fe309746fe
deps: update jackson to 2.17.0 2024-03-23 17:49:06 +01:00
Stefan Kalscheuer
df251f1f2c
deps: update test dependencies
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-02-06 20:05:36 +01:00
Stefan Kalscheuer
a008fa2b69
deps: update maven plugins 2024-02-06 20:05:07 +01:00
Stefan Kalscheuer
156156cdef
deps: update jackson to 2.16.1
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Plus minor test and plugin updates.
 2024-01-02 17:07:29 +01:00
139 changed files with 1994 additions and 1047 deletions
Show Stats Expand all files Collapse all files

50
.drone.yml
View File

@ -1,50 +0,0 @@
kind: pipeline
name: default
steps:
- name: compile
image: maven:3-eclipse-temurin-21
commands:
- mvn -B clean compile
when:
branch:
- main
- develop
- feature/*
- fix/*
- release/*
- name: unit-tests
image: maven:3-eclipse-temurin-21
commands:
- mvn -B test
when:
branch:
- develop
- feature/*
- fix/*
- name: setup-vault
image: alpine:latest
environment:
VAULT_VERSION: 1.15.4
commands:
- wget -q -O vault_$${VAULT_VERSION}_linux_amd64.zip https://releases.hashicorp.com/vault/$${VAULT_VERSION}/vault_$${VAULT_VERSION}_linux_amd64.zip
- wget -q -O - https://releases.hashicorp.com/vault/$${VAULT_VERSION}/vault_$${VAULT_VERSION}_SHA256SUMS | grep linux_amd64 | sha256sum -c
- unzip vault_$${VAULT_VERSION}_linux_amd64.zip
- rm vault_$${VAULT_VERSION}_linux_amd64.zip
- mkdir -p .bin
- mv vault .bin/
when:
branch:
- main
- release/*
- name: unit-integration-tests
image: maven:3-eclipse-temurin-21
environment:
VAULT_VERSION: 1.15.4
commands:
- export PATH=.bin:$${PATH}
- mvn -B -P integration-test verify
when:
branch:
- main
- release/*

56
.github/workflows/ci-it.yml vendored Normal file
View File

@ -0,0 +1,56 @@
name: CI
on:
push:
branches:
- 'main'
pull_request:
branches:
- 'main'
jobs:
build-with-it:
if: github.ref_name == 'main' || github.base_ref == 'main' || startsWith(github.ref_name, 'release/')
runs-on: ubuntu-latest
strategy:
matrix:
jdk: [ 11, 17, 21 ]
vault: [ '1.2.0', '1.19.0' ]
include:
- jdk: 21
vault: '1.19.0'
analysis: true
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Java
uses: actions/setup-java@v4
with:
java-version: ${{ matrix.jdk }}
distribution: 'temurin'
- name: Compile
run: ./mvnw -B clean compile
- name: Set up Vault
run: |
wget -q "https://releases.hashicorp.com/vault/${{ matrix.vault }}/vault_${{ matrix.vault }}_linux_amd64.zip"
wget -q -O - "https://releases.hashicorp.com/vault/${{ matrix.vault }}/vault_${{ matrix.vault }}_SHA256SUMS" | grep linux_amd64 | sha256sum -c
tmp="$(mktemp -d)"
unzip "vault_${{ matrix.vault }}_linux_amd64.zip" -d "$tmp"
rm "vault_${{ matrix.vault }}_linux_amd64.zip"
sudo mv "$tmp/vault" /usr/bin/vault
rm -rf "$tmp"
- name: Test (Unit & Integration)
env:
VAULT_VERSION: ${{ matrix.vault }}
run: ./mvnw -B -P coverage -P integration-test verify
- name: Analysis
if: matrix.analysis && env.SONAR_TOKEN != ''
run: >
./mvnw -B sonar:sonar
-Dsonar.host.url=https://sonarcloud.io
-Dsonar.organization=stklcode-github
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

40
.github/workflows/ci.yml vendored
View File

@ -1,48 +1,42 @@
name: CI name: CI
on: [ push, pull_request ]
on:
push:
branches:
- '**'
- '!main'
pull_request:
branches:
- '**'
- '!main'
jobs: jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
matrix: matrix:
jdk: [ 11, 17, 21 ] jdk: [ 11, 17, 21 ]
vault: [ '1.2.0', '1.11.12', '1.15.4' ]
include: include:
- jdk: 21 - jdk: 21
vault: '1.11.12'
analysis: true analysis: true
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v4
with: with:
fetch-depth: 0 fetch-depth: 0
- name: Set up Java - name: Set up Java
uses: actions/setup-java@v3 uses: actions/setup-java@v4
with: with:
java-version: ${{ matrix.jdk }} java-version: ${{ matrix.jdk }}
distribution: 'temurin' distribution: 'temurin'
- name: Compile - name: Compile
run: mvn -B clean compile run: ./mvnw -B clean compile
- name: Set up Vault
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/release/')
run: |
wget -q "https://releases.hashicorp.com/vault/${{ matrix.vault }}/vault_${{ matrix.vault }}_linux_amd64.zip"
wget -q -O - "https://releases.hashicorp.com/vault/${{ matrix.vault }}/vault_${{ matrix.vault }}_SHA256SUMS" | grep linux_amd64 | sha256sum -c
unzip "vault_${{ matrix.vault }}_linux_amd64.zip"
rm "vault_${{ matrix.vault }}_linux_amd64.zip"
sudo mv vault /usr/bin/vault
- name: Test (Unit & Integration)
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/release/')
env:
VAULT_VERSION: ${{ matrix.vault }}
run: mvn -B -P coverage -P integration-test verify
- name: Test (Unit) - name: Test (Unit)
if: github.ref != 'refs/heads/main' && !startsWith(github.ref, 'refs/heads/release/') run: ./mvnw -B -P coverage verify
run: mvn -B -P coverage verify
- name: Analysis - name: Analysis
if: matrix.analysis if: matrix.analysis && env.SONAR_TOKEN != ''
run: > run: >
mvn -B sonar:sonar ./mvnw -B sonar:sonar
-Dsonar.host.url=https://sonarcloud.io -Dsonar.host.url=https://sonarcloud.io
-Dsonar.organization=stklcode-github -Dsonar.organization=stklcode-github
env: env:

1
.gitignore vendored
View File

@ -7,6 +7,7 @@ release.properties
dependency-reduced-pom.xml dependency-reduced-pom.xml
buildNumber.properties buildNumber.properties
.mvn/timing.properties .mvn/timing.properties
.mvn/wrapper/maven-wrapper.jar
.idea .idea
*.iml *.iml

2
.mvn/wrapper/maven-wrapper.properties vendored Normal file
View File

@ -0,0 +1,2 @@
distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.9/apache-maven-3.9.9-bin.zip
wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar

72
CHANGELOG.md
View File

@ -1,3 +1,75 @@
## 1.5.0 (2025-04-13)
### Deprecations
* `read...Credentials()` methods for specific database mounts (#92)
### Features
* Support Vault transit API (#89)
* Support PEM certificate string from `VAULT_CACERT` environment variable (#93)
### Improvements
* Replace deprecated `java.net.URL` usage with `java.net.URI` (#94)
### Fix
* Fix initialization from environment without explicit port
### Dependencies
* Updated Jackson to 2.18.3 (#90)
### Test
* Tested against Vault 1.2 to 1.19
## 1.4.0 (2024-12-07)
### Removal
* Remove deprecated `get...TimeString()` on model classes (#77)
* Drop support for deprecated `App-ID` auth backend (#61) (#78)
### Fix
* Add jackson-annotations requirement to module-info (#84)
### Dependencies
* Updated Jackson to 2.18.2 (#85)
### Test
* Tested against Vault 1.2 to 1.18
## 1.3.1 (2024-10-03)
### Dependencies
* Updated Jackson to 2.18.0 (#80)
### Fix
* Remove `Automatic-Module-Name` from JAR manifest (#79)
## 1.3.0 (2024-06-29)
### Improvements
* Simplify JSON parsing in error handler
* Add new fields from Vault 1.16 and 1.17 to `HealthResponse`
* `echo_duration_ms`
* `clock_skew_ms`
* `replication_primary_canary_age_ms`
* `enterprise`
* Add missing `num_uses` field to `AuthData`
* Add `mount_type` attribute to common response model
* Add `auth` attribute to common response model
* Add `custom_metadata`, `cas_required` and `delete_version_after` fields for KVv2 metadata
* Generate and attach CycloneDX SBOM
### Fix
* Rename `enable_local_secret_id` to `local_secret_ids` in `AppRole` model
### Dependencies
* Updated Jackson to 2.17.1
### Test
* Tested against Vault 1.2 to 1.17
## 1.2.0 (2023-12-11) ## 1.2.0 (2023-12-11)
### Deprecations ### Deprecations

16
README.md
View File

@ -1,11 +1,11 @@
# Java Vault Connector # Java Vault Connector
[![CI Status](https://github.com/stklcode/jvaultconnector/actions/workflows/ci.yml/badge.svg)](https://github.com/stklcode/jvaultconnector/actions/workflows/ci.yml) [![CI](https://github.com/stklcode/jvaultconnector/actions/workflows/ci.yml/badge.svg)](https://github.com/stklcode/jvaultconnector/actions/workflows/ci.yml)
[![Quality Gate](https://sonarcloud.io/api/project_badges/measure?project=de.stklcode.jvault%3Ajvault-connector&metric=alert_status)](https://sonarcloud.io/dashboard?id=de.stklcode.jvault%3Ajvault-connector) [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=de.stklcode.jvault%3Ajvault-connector&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=de.stklcode.jvault%3Ajvault-connector)
[![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](https://github.com/stklcode/jvaultconnector/blob/main/LICENSE.txt) [![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](https://github.com/stklcode/jvaultconnector/blob/main/LICENSE.txt)
[![Maven Central](https://img.shields.io/maven-central/v/de.stklcode.jvault/jvault-connector.svg)](https://search.maven.org/#search%7Cga%7C1%7Cg%3A%22de.stklcode.jvault%22%20AND%20a%3A%22jvault-connector%22) [![Maven Central Version](https://img.shields.io/maven-central/v/de.stklcode.jvault/jvault-connector)](https://central.sonatype.com/artifact/de.stklcode.jvault/jvault-connector)
![Logo](https://raw.githubusercontent.com/stklcode/jvaultconnector/main/assets/logo.png) ![Logo](assets/logo.png)
Java Vault Connector is a connector library for [Vault](https://www.vaultproject.io) by [Hashicorp](https://www.hashicorp.com) written in Java. The connector allows simple usage of Vault's secret store in own applications. Java Vault Connector is a connector library for [Vault](https://www.vaultproject.io) by [Hashicorp](https://www.hashicorp.com) written in Java. The connector allows simple usage of Vault's secret store in own applications.
@ -18,7 +18,6 @@ Java Vault Connector is a connector library for [Vault](https://www.vaultproject
* Token * Token
* Username/Password * Username/Password
* AppRole (register and authenticate) * AppRole (register and authenticate)
* AppID (register and authenticate) [_deprecated_]
* Tokens * Tokens
* Creation and lookup of tokens and token roles * Creation and lookup of tokens and token roles
* TokenBuilder for speaking creation of complex configurations * TokenBuilder for speaking creation of complex configurations
@ -29,10 +28,11 @@ Java Vault Connector is a connector library for [Vault](https://www.vaultproject
* Delete secrets * Delete secrets
* Renew/revoke leases * Renew/revoke leases
* Raw secret content or JSON decoding * Raw secret content or JSON decoding
* SQL secret handling
* KV v1 and v2 support * KV v1 and v2 support
* Database secret handling
* Transit API support
* Connector Factory with builder pattern * Connector Factory with builder pattern
* Tested against Vault 1.2 to 1.15 * Tested against Vault 1.2 to 1.19
## Maven Artifact ## Maven Artifact
@ -40,7 +40,7 @@ Java Vault Connector is a connector library for [Vault](https://www.vaultproject
<dependency> <dependency>
<groupId>de.stklcode.jvault</groupId> <groupId>de.stklcode.jvault</groupId>
<artifactId>jvault-connector</artifactId> <artifactId>jvault-connector</artifactId>
<version>1.2.0</version> <version>1.5.0</version>
</dependency> </dependency>
``` ```

332
mvnw vendored Executable file
View File

@ -0,0 +1,332 @@
#!/bin/sh
# ----------------------------------------------------------------------------
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
# ----------------------------------------------------------------------------
# ----------------------------------------------------------------------------
# Apache Maven Wrapper startup batch script, version 3.3.2
#
# Required ENV vars:
# ------------------
# JAVA_HOME - location of a JDK home dir
#
# Optional ENV vars
# -----------------
# MAVEN_OPTS - parameters passed to the Java VM when running Maven
# e.g. to debug Maven itself, use
# set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
# MAVEN_SKIP_RC - flag to disable loading of mavenrc files
# ----------------------------------------------------------------------------
if [ -z "$MAVEN_SKIP_RC" ]; then
if [ -f /usr/local/etc/mavenrc ]; then
. /usr/local/etc/mavenrc
fi
if [ -f /etc/mavenrc ]; then
. /etc/mavenrc
fi
if [ -f "$HOME/.mavenrc" ]; then
. "$HOME/.mavenrc"
fi
fi
# OS specific support. $var _must_ be set to either true or false.
cygwin=false
darwin=false
mingw=false
case "$(uname)" in
CYGWIN*) cygwin=true ;;
MINGW*) mingw=true ;;
Darwin*)
darwin=true
# Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home
# See https://developer.apple.com/library/mac/qa/qa1170/_index.html
if [ -z "$JAVA_HOME" ]; then
if [ -x "/usr/libexec/java_home" ]; then
JAVA_HOME="$(/usr/libexec/java_home)"
export JAVA_HOME
else
JAVA_HOME="/Library/Java/Home"
export JAVA_HOME
fi
fi
;;
esac
if [ -z "$JAVA_HOME" ]; then
if [ -r /etc/gentoo-release ]; then
JAVA_HOME=$(java-config --jre-home)
fi
fi
# For Cygwin, ensure paths are in UNIX format before anything is touched
if $cygwin; then
[ -n "$JAVA_HOME" ] \
&& JAVA_HOME=$(cygpath --unix "$JAVA_HOME")
[ -n "$CLASSPATH" ] \
&& CLASSPATH=$(cygpath --path --unix "$CLASSPATH")
fi
# For Mingw, ensure paths are in UNIX format before anything is touched
if $mingw; then
[ -n "$JAVA_HOME" ] && [ -d "$JAVA_HOME" ] \
&& JAVA_HOME="$(
cd "$JAVA_HOME" || (
echo "cannot cd into $JAVA_HOME." >&2
exit 1
)
pwd
)"
fi
if [ -z "$JAVA_HOME" ]; then
javaExecutable="$(which javac)"
if [ -n "$javaExecutable" ] && ! [ "$(expr "$javaExecutable" : '\([^ ]*\)')" = "no" ]; then
# readlink(1) is not available as standard on Solaris 10.
readLink=$(which readlink)
if [ ! "$(expr "$readLink" : '\([^ ]*\)')" = "no" ]; then
if $darwin; then
javaHome="$(dirname "$javaExecutable")"
javaExecutable="$(cd "$javaHome" && pwd -P)/javac"
else
javaExecutable="$(readlink -f "$javaExecutable")"
fi
javaHome="$(dirname "$javaExecutable")"
javaHome=$(expr "$javaHome" : '\(.*\)/bin')
JAVA_HOME="$javaHome"
export JAVA_HOME
fi
fi
fi
if [ -z "$JAVACMD" ]; then
if [ -n "$JAVA_HOME" ]; then
if [ -x "$JAVA_HOME/jre/sh/java" ]; then
# IBM's JDK on AIX uses strange locations for the executables
JAVACMD="$JAVA_HOME/jre/sh/java"
else
JAVACMD="$JAVA_HOME/bin/java"
fi
else
JAVACMD="$(
\unset -f command 2>/dev/null
\command -v java
)"
fi
fi
if [ ! -x "$JAVACMD" ]; then
echo "Error: JAVA_HOME is not defined correctly." >&2
echo " We cannot execute $JAVACMD" >&2
exit 1
fi
if [ -z "$JAVA_HOME" ]; then
echo "Warning: JAVA_HOME environment variable is not set." >&2
fi
# traverses directory structure from process work directory to filesystem root
# first directory with .mvn subdirectory is considered project base directory
find_maven_basedir() {
if [ -z "$1" ]; then
echo "Path not specified to find_maven_basedir" >&2
return 1
fi
basedir="$1"
wdir="$1"
while [ "$wdir" != '/' ]; do
if [ -d "$wdir"/.mvn ]; then
basedir=$wdir
break
fi
# workaround for JBEAP-8937 (on Solaris 10/Sparc)
if [ -d "${wdir}" ]; then
wdir=$(
cd "$wdir/.." || exit 1
pwd
)
fi
# end of workaround
done
printf '%s' "$(
cd "$basedir" || exit 1
pwd
)"
}
# concatenates all lines of a file
concat_lines() {
if [ -f "$1" ]; then
# Remove \r in case we run on Windows within Git Bash
# and check out the repository with auto CRLF management
# enabled. Otherwise, we may read lines that are delimited with
# \r\n and produce $'-Xarg\r' rather than -Xarg due to word
# splitting rules.
tr -s '\r\n' ' ' <"$1"
fi
}
log() {
if [ "$MVNW_VERBOSE" = true ]; then
printf '%s\n' "$1"
fi
}
BASE_DIR=$(find_maven_basedir "$(dirname "$0")")
if [ -z "$BASE_DIR" ]; then
exit 1
fi
MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"}
export MAVEN_PROJECTBASEDIR
log "$MAVEN_PROJECTBASEDIR"
##########################################################################################
# Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
# This allows using the maven wrapper in projects that prohibit checking in binary data.
##########################################################################################
wrapperJarPath="$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar"
if [ -r "$wrapperJarPath" ]; then
log "Found $wrapperJarPath"
else
log "Couldn't find $wrapperJarPath, downloading it ..."
if [ -n "$MVNW_REPOURL" ]; then
wrapperUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar"
else
wrapperUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar"
fi
while IFS="=" read -r key value; do
# Remove '\r' from value to allow usage on windows as IFS does not consider '\r' as a separator ( considers space, tab, new line ('\n'), and custom '=' )
safeValue=$(echo "$value" | tr -d '\r')
case "$key" in wrapperUrl)
wrapperUrl="$safeValue"
break
;;
esac
done <"$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.properties"
log "Downloading from: $wrapperUrl"
if $cygwin; then
wrapperJarPath=$(cygpath --path --windows "$wrapperJarPath")
fi
if command -v wget >/dev/null; then
log "Found wget ... using wget"
[ "$MVNW_VERBOSE" = true ] && QUIET="" || QUIET="--quiet"
if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
wget $QUIET "$wrapperUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
else
wget $QUIET --http-user="$MVNW_USERNAME" --http-password="$MVNW_PASSWORD" "$wrapperUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
fi
elif command -v curl >/dev/null; then
log "Found curl ... using curl"
[ "$MVNW_VERBOSE" = true ] && QUIET="" || QUIET="--silent"
if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
curl $QUIET -o "$wrapperJarPath" "$wrapperUrl" -f -L || rm -f "$wrapperJarPath"
else
curl $QUIET --user "$MVNW_USERNAME:$MVNW_PASSWORD" -o "$wrapperJarPath" "$wrapperUrl" -f -L || rm -f "$wrapperJarPath"
fi
else
log "Falling back to using Java to download"
javaSource="$MAVEN_PROJECTBASEDIR/.mvn/wrapper/MavenWrapperDownloader.java"
javaClass="$MAVEN_PROJECTBASEDIR/.mvn/wrapper/MavenWrapperDownloader.class"
# For Cygwin, switch paths to Windows format before running javac
if $cygwin; then
javaSource=$(cygpath --path --windows "$javaSource")
javaClass=$(cygpath --path --windows "$javaClass")
fi
if [ -e "$javaSource" ]; then
if [ ! -e "$javaClass" ]; then
log " - Compiling MavenWrapperDownloader.java ..."
("$JAVA_HOME/bin/javac" "$javaSource")
fi
if [ -e "$javaClass" ]; then
log " - Running MavenWrapperDownloader.java ..."
("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$wrapperUrl" "$wrapperJarPath") || rm -f "$wrapperJarPath"
fi
fi
fi
fi
##########################################################################################
# End of extension
##########################################################################################
# If specified, validate the SHA-256 sum of the Maven wrapper jar file
wrapperSha256Sum=""
while IFS="=" read -r key value; do
case "$key" in wrapperSha256Sum)
wrapperSha256Sum=$value
break
;;
esac
done <"$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.properties"
if [ -n "$wrapperSha256Sum" ]; then
wrapperSha256Result=false
if command -v sha256sum >/dev/null; then
if echo "$wrapperSha256Sum $wrapperJarPath" | sha256sum -c >/dev/null 2>&1; then
wrapperSha256Result=true
fi
elif command -v shasum >/dev/null; then
if echo "$wrapperSha256Sum $wrapperJarPath" | shasum -a 256 -c >/dev/null 2>&1; then
wrapperSha256Result=true
fi
else
echo "Checksum validation was requested but neither 'sha256sum' or 'shasum' are available." >&2
echo "Please install either command, or disable validation by removing 'wrapperSha256Sum' from your maven-wrapper.properties." >&2
exit 1
fi
if [ $wrapperSha256Result = false ]; then
echo "Error: Failed to validate Maven wrapper SHA-256, your Maven wrapper might be compromised." >&2
echo "Investigate or delete $wrapperJarPath to attempt a clean download." >&2
echo "If you updated your Maven version, you need to update the specified wrapperSha256Sum property." >&2
exit 1
fi
fi
MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS"
# For Cygwin, switch paths to Windows format before running java
if $cygwin; then
[ -n "$JAVA_HOME" ] \
&& JAVA_HOME=$(cygpath --path --windows "$JAVA_HOME")
[ -n "$CLASSPATH" ] \
&& CLASSPATH=$(cygpath --path --windows "$CLASSPATH")
[ -n "$MAVEN_PROJECTBASEDIR" ] \
&& MAVEN_PROJECTBASEDIR=$(cygpath --path --windows "$MAVEN_PROJECTBASEDIR")
fi
# Provide a "standardized" way to retrieve the CLI args that will
# work with both Windows and non-Windows executions.
MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $*"
export MAVEN_CMD_LINE_ARGS
WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
# shellcheck disable=SC2086 # safe args
exec "$JAVACMD" \
$MAVEN_OPTS \
$MAVEN_DEBUG_OPTS \
-classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \
"-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \
${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@"

206
mvnw.cmd vendored Normal file
View File

@ -0,0 +1,206 @@
@REM ----------------------------------------------------------------------------
@REM Licensed to the Apache Software Foundation (ASF) under one
@REM or more contributor license agreements. See the NOTICE file
@REM distributed with this work for additional information
@REM regarding copyright ownership. The ASF licenses this file
@REM to you under the Apache License, Version 2.0 (the
@REM "License"); you may not use this file except in compliance
@REM with the License. You may obtain a copy of the License at
@REM
@REM http://www.apache.org/licenses/LICENSE-2.0
@REM
@REM Unless required by applicable law or agreed to in writing,
@REM software distributed under the License is distributed on an
@REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@REM KIND, either express or implied. See the License for the
@REM specific language governing permissions and limitations
@REM under the License.
@REM ----------------------------------------------------------------------------
@REM ----------------------------------------------------------------------------
@REM Apache Maven Wrapper startup batch script, version 3.3.2
@REM
@REM Required ENV vars:
@REM JAVA_HOME - location of a JDK home dir
@REM
@REM Optional ENV vars
@REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands
@REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending
@REM MAVEN_OPTS - parameters passed to the Java VM when running Maven
@REM e.g. to debug Maven itself, use
@REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
@REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files
@REM ----------------------------------------------------------------------------
@REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on'
@echo off
@REM set title of command window
title %0
@REM enable echoing by setting MAVEN_BATCH_ECHO to 'on'
@if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO%
@REM set %HOME% to equivalent of $HOME
if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%")
@REM Execute a user defined script before this one
if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre
@REM check for pre script, once with legacy .bat ending and once with .cmd ending
if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %*
if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %*
:skipRcPre
@setlocal
set ERROR_CODE=0
@REM To isolate internal variables from possible post scripts, we use another setlocal
@setlocal
@REM ==== START VALIDATION ====
if not "%JAVA_HOME%" == "" goto OkJHome
echo. >&2
echo Error: JAVA_HOME not found in your environment. >&2
echo Please set the JAVA_HOME variable in your environment to match the >&2
echo location of your Java installation. >&2
echo. >&2
goto error
:OkJHome
if exist "%JAVA_HOME%\bin\java.exe" goto init
echo. >&2
echo Error: JAVA_HOME is set to an invalid directory. >&2
echo JAVA_HOME = "%JAVA_HOME%" >&2
echo Please set the JAVA_HOME variable in your environment to match the >&2
echo location of your Java installation. >&2
echo. >&2
goto error
@REM ==== END VALIDATION ====
:init
@REM Find the project base dir, i.e. the directory that contains the folder ".mvn".
@REM Fallback to current working directory if not found.
set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR%
IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir
set EXEC_DIR=%CD%
set WDIR=%EXEC_DIR%
:findBaseDir
IF EXIST "%WDIR%"\.mvn goto baseDirFound
cd ..
IF "%WDIR%"=="%CD%" goto baseDirNotFound
set WDIR=%CD%
goto findBaseDir
:baseDirFound
set MAVEN_PROJECTBASEDIR=%WDIR%
cd "%EXEC_DIR%"
goto endDetectBaseDir
:baseDirNotFound
set MAVEN_PROJECTBASEDIR=%EXEC_DIR%
cd "%EXEC_DIR%"
:endDetectBaseDir
IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig
@setlocal EnableExtensions EnableDelayedExpansion
for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a
@endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS%
:endReadAdditionalConfig
SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
set WRAPPER_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar"
FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
IF "%%A"=="wrapperUrl" SET WRAPPER_URL=%%B
)
@REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
@REM This allows using the maven wrapper in projects that prohibit checking in binary data.
if exist %WRAPPER_JAR% (
if "%MVNW_VERBOSE%" == "true" (
echo Found %WRAPPER_JAR%
)
) else (
if not "%MVNW_REPOURL%" == "" (
SET WRAPPER_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar"
)
if "%MVNW_VERBOSE%" == "true" (
echo Couldn't find %WRAPPER_JAR%, downloading it ...
echo Downloading from: %WRAPPER_URL%
)
powershell -Command "&{"^
"$webclient = new-object System.Net.WebClient;"^
"if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^
"$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^
"}"^
"[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%WRAPPER_URL%', '%WRAPPER_JAR%')"^
"}"
if "%MVNW_VERBOSE%" == "true" (
echo Finished downloading %WRAPPER_JAR%
)
)
@REM End of extension
@REM If specified, validate the SHA-256 sum of the Maven wrapper jar file
SET WRAPPER_SHA_256_SUM=""
FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
IF "%%A"=="wrapperSha256Sum" SET WRAPPER_SHA_256_SUM=%%B
)
IF NOT %WRAPPER_SHA_256_SUM%=="" (
powershell -Command "&{"^
"Import-Module $PSHOME\Modules\Microsoft.PowerShell.Utility -Function Get-FileHash;"^
"$hash = (Get-FileHash \"%WRAPPER_JAR%\" -Algorithm SHA256).Hash.ToLower();"^
"If('%WRAPPER_SHA_256_SUM%' -ne $hash){"^
" Write-Error 'Error: Failed to validate Maven wrapper SHA-256, your Maven wrapper might be compromised.';"^
" Write-Error 'Investigate or delete %WRAPPER_JAR% to attempt a clean download.';"^
" Write-Error 'If you updated your Maven version, you need to update the specified wrapperSha256Sum property.';"^
" exit 1;"^
"}"^
"}"
if ERRORLEVEL 1 goto error
)
@REM Provide a "standardized" way to retrieve the CLI args that will
@REM work with both Windows and non-Windows executions.
set MAVEN_CMD_LINE_ARGS=%*
%MAVEN_JAVA_EXE% ^
%JVM_CONFIG_MAVEN_PROPS% ^
%MAVEN_OPTS% ^
%MAVEN_DEBUG_OPTS% ^
-classpath %WRAPPER_JAR% ^
"-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^
%WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
if ERRORLEVEL 1 goto error
goto end
:error
set ERROR_CODE=1
:end
@endlocal & set ERROR_CODE=%ERROR_CODE%
if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost
@REM check for post script, once with legacy .bat ending and once with .cmd ending
if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat"
if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd"
:skipRcPost
@REM pause the script if MAVEN_BATCH_PAUSE is set to 'on'
if "%MAVEN_BATCH_PAUSE%"=="on" pause
if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE%
cmd /C exit /B %ERROR_CODE%

134
pom.xml
View File

@ -4,7 +4,7 @@
<groupId>de.stklcode.jvault</groupId> <groupId>de.stklcode.jvault</groupId>
<artifactId>jvault-connector</artifactId> <artifactId>jvault-connector</artifactId>
<version>1.2.0</version> <version>1.5.1-SNAPSHOT</version>
<packaging>jar</packaging> <packaging>jar</packaging>
@ -33,6 +33,7 @@
<connection>scm:git:git://github.com/stklcode/jvaultconnector.git</connection> <connection>scm:git:git://github.com/stklcode/jvaultconnector.git</connection>
<developerConnection>scm:git:git@github.com:stklcode/jvaultconnector.git</developerConnection> <developerConnection>scm:git:git@github.com:stklcode/jvaultconnector.git</developerConnection>
<url>https://github.com/stklcode/jvaultconnector</url> <url>https://github.com/stklcode/jvaultconnector</url>
<tag>HEAD</tag>
</scm> </scm>
<issueManagement> <issueManagement>
@ -49,24 +50,24 @@
<dependency> <dependency>
<groupId>com.fasterxml.jackson.core</groupId> <groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId> <artifactId>jackson-databind</artifactId>
<version>2.16.0</version> <version>2.18.3</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>com.fasterxml.jackson.datatype</groupId> <groupId>com.fasterxml.jackson.datatype</groupId>
<artifactId>jackson-datatype-jsr310</artifactId> <artifactId>jackson-datatype-jsr310</artifactId>
<version>2.16.0</version> <version>2.18.3</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.junit.jupiter</groupId> <groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter</artifactId> <artifactId>junit-jupiter</artifactId>
<version>5.10.1</version> <version>5.12.1</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.mockito</groupId> <groupId>org.mockito</groupId>
<artifactId>mockito-core</artifactId> <artifactId>mockito-core</artifactId>
<version>5.8.0</version> <version>5.17.0</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
@ -78,25 +79,25 @@
<dependency> <dependency>
<groupId>org.wiremock</groupId> <groupId>org.wiremock</groupId>
<artifactId>wiremock</artifactId> <artifactId>wiremock</artifactId>
<version>3.3.1</version> <version>3.13.0</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
<groupId>commons-io</groupId> <groupId>commons-io</groupId>
<artifactId>commons-io</artifactId> <artifactId>commons-io</artifactId>
<version>2.15.1</version> <version>2.19.0</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
<groupId>nl.jqno.equalsverifier</groupId> <groupId>nl.jqno.equalsverifier</groupId>
<artifactId>equalsverifier</artifactId> <artifactId>equalsverifier</artifactId>
<version>3.15.4</version> <version>3.19.3</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.awaitility</groupId> <groupId>org.awaitility</groupId>
<artifactId>awaitility</artifactId> <artifactId>awaitility</artifactId>
<version>4.2.0</version> <version>4.3.0</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
</dependencies> </dependencies>
@ -107,26 +108,25 @@
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId> <artifactId>maven-compiler-plugin</artifactId>
<version>3.11.0</version> <version>3.14.0</version>
<configuration> <configuration>
<source>11</source> <release>11</release>
<target>11</target>
</configuration> </configuration>
</plugin> </plugin>
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-clean-plugin</artifactId> <artifactId>maven-clean-plugin</artifactId>
<version>3.3.2</version> <version>3.4.1</version>
</plugin> </plugin>
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId> <artifactId>maven-deploy-plugin</artifactId>
<version>3.1.1</version> <version>3.1.4</version>
</plugin> </plugin>
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId> <artifactId>maven-failsafe-plugin</artifactId>
<version>3.2.2</version> <version>3.5.3</version>
<configuration> <configuration>
<argLine> <argLine>
@{argLine} @{argLine}
@ -137,19 +137,12 @@
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-install-plugin</artifactId> <artifactId>maven-install-plugin</artifactId>
<version>3.1.1</version> <version>3.1.4</version>
</plugin> </plugin>
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId> <artifactId>maven-jar-plugin</artifactId>
<version>3.3.0</version> <version>3.4.2</version>
<configuration>
<archive>
<manifestEntries>
<Automatic-Module-Name>de.stklcode.jvault.connector</Automatic-Module-Name>
</manifestEntries>
</archive>
</configuration>
</plugin> </plugin>
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
@ -159,12 +152,12 @@
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId> <artifactId>maven-source-plugin</artifactId>
<version>3.3.0</version> <version>3.3.1</version>
</plugin> </plugin>
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId> <artifactId>maven-surefire-plugin</artifactId>
<version>3.2.2</version> <version>3.5.3</version>
<configuration> <configuration>
<argLine> <argLine>
@{argLine} @{argLine}
@ -179,18 +172,49 @@
</argLine> </argLine>
</configuration> </configuration>
</plugin> </plugin>
<plugin>
<groupId>org.cyclonedx</groupId>
<artifactId>cyclonedx-maven-plugin</artifactId>
<version>2.9.1</version>
</plugin>
<plugin> <plugin>
<groupId>org.jacoco</groupId> <groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId> <artifactId>jacoco-maven-plugin</artifactId>
<version>0.8.11</version> <version>0.8.13</version>
</plugin> </plugin>
<plugin> <plugin>
<groupId>org.sonarsource.scanner.maven</groupId> <groupId>org.sonarsource.scanner.maven</groupId>
<artifactId>sonar-maven-plugin</artifactId> <artifactId>sonar-maven-plugin</artifactId>
<version>3.10.0.2594</version> <version>5.1.0.4751</version>
</plugin> </plugin>
</plugins> </plugins>
</pluginManagement> </pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>3.5.0</version>
<executions>
<execution>
<id>enforce-versions</id>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<requireMavenVersion>
<version>[3.6.3,)</version>
</requireMavenVersion>
<requireJavaVersion>
<version>[11,)</version>
</requireJavaVersion>
</rules>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build> </build>
<profiles> <profiles>
@ -227,7 +251,7 @@
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId> <artifactId>maven-javadoc-plugin</artifactId>
<version>3.6.2</version> <version>3.11.2</version>
<configuration> <configuration>
<source>11</source> <source>11</source>
</configuration> </configuration>
@ -244,6 +268,29 @@
</build> </build>
</profile> </profile>
<profile>
<id>sbom</id>
<build>
<plugins>
<plugin>
<groupId>org.cyclonedx</groupId>
<artifactId>cyclonedx-maven-plugin</artifactId>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>makeBom</goal>
</goals>
<configuration>
<skipNotDeployed>false</skipNotDeployed>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
<profile> <profile>
<id>sign</id> <id>sign</id>
<build> <build>
@ -251,7 +298,7 @@
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId> <artifactId>maven-gpg-plugin</artifactId>
<version>3.1.0</version> <version>3.2.7</version>
<executions> <executions>
<execution> <execution>
<id>sign-artifacts</id> <id>sign-artifacts</id>
@ -322,7 +369,7 @@
<plugin> <plugin>
<groupId>org.owasp</groupId> <groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId> <artifactId>dependency-check-maven</artifactId>
<version>9.0.4</version> <version>12.1.1</version>
<configuration> <configuration>
<nvdApiKey>${env.NVD_API_KEY}</nvdApiKey> <nvdApiKey>${env.NVD_API_KEY}</nvdApiKey>
<nvdDatafeedUrl>${env.NVD_DATAFEED_URL}</nvdDatafeedUrl> <nvdDatafeedUrl>${env.NVD_DATAFEED_URL}</nvdDatafeedUrl>
@ -340,17 +387,20 @@
</profile> </profile>
<profile> <profile>
<id>sonatype</id> <id>central</id>
<distributionManagement> <build>
<repository> <plugins>
<id>ossrh</id> <plugin>
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url> <groupId>org.sonatype.central</groupId>
</repository> <artifactId>central-publishing-maven-plugin</artifactId>
<snapshotRepository> <version>0.7.0</version>
<id>ossrh</id> <extensions>true</extensions>
<url>https://oss.sonatype.org/content/repositories/snapshots</url> <configuration>
</snapshotRepository> <publishingServerId>central</publishingServerId>
</distributionManagement> </configuration>
</plugin>
</plugins>
</build>
</profile> </profile>
<profile> <profile>

97
src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -58,7 +58,6 @@ public class HTTPVaultConnector implements VaultConnector {
private static final String PATH_ROLES = "/roles"; private static final String PATH_ROLES = "/roles";
private static final String PATH_CREATE_ORPHAN = "/create-orphan"; private static final String PATH_CREATE_ORPHAN = "/create-orphan";
private static final String PATH_AUTH_USERPASS = PATH_AUTH + "/userpass/login/"; private static final String PATH_AUTH_USERPASS = PATH_AUTH + "/userpass/login/";
private static final String PATH_AUTH_APPID = PATH_AUTH + "/app-id";
private static final String PATH_AUTH_APPROLE = PATH_AUTH + "/approle"; private static final String PATH_AUTH_APPROLE = PATH_AUTH + "/approle";
private static final String PATH_AUTH_APPROLE_ROLE = PATH_AUTH_APPROLE + "/role/%s%s"; private static final String PATH_AUTH_APPROLE_ROLE = PATH_AUTH_APPROLE + "/role/%s%s";
@ -69,6 +68,11 @@ public class HTTPVaultConnector implements VaultConnector {
private static final String PATH_UNDELETE = "/undelete/"; private static final String PATH_UNDELETE = "/undelete/";
private static final String PATH_DESTROY = "/destroy/"; private static final String PATH_DESTROY = "/destroy/";
private static final String PATH_TRANSIT = "transit";
private static final String PATH_TRANSIT_ENCRYPT = PATH_TRANSIT + "/encrypt/";
private static final String PATH_TRANSIT_DECRYPT = PATH_TRANSIT + "/decrypt/";
private static final String PATH_TRANSIT_HASH = PATH_TRANSIT + "/hash/";
private final RequestHelper request; private final RequestHelper request;
private boolean authorized = false; // Authorization status. private boolean authorized = false; // Authorization status.
@ -200,18 +204,6 @@ public class HTTPVaultConnector implements VaultConnector {
return queryAuth(PATH_AUTH_USERPASS + username, payload); return queryAuth(PATH_AUTH_USERPASS + username, payload);
} }
@Override
@Deprecated(since = "0.4", forRemoval = true)
public final AuthResponse authAppId(final String appID, final String userID) throws VaultConnectorException {
return queryAuth(
PATH_AUTH_APPID + PATH_LOGIN,
Map.of(
"app_id", appID,
"user_id", userID
)
);
}
@Override @Override
public final AuthResponse authAppRole(final String roleID, final String secretID) throws VaultConnectorException { public final AuthResponse authAppRole(final String roleID, final String secretID) throws VaultConnectorException {
final Map<String, String> payload = mapOfStrings( final Map<String, String> payload = mapOfStrings(
@ -241,40 +233,6 @@ public class HTTPVaultConnector implements VaultConnector {
return auth; return auth;
} }
@Override
@Deprecated(since = "0.4", forRemoval = true)
public final boolean registerAppId(final String appID, final String policy, final String displayName)
throws VaultConnectorException {
requireAuth();
/* Issue request and expect code 204 with empty response */
request.postWithoutResponse(
PATH_AUTH_APPID + "/map/app-id/" + appID,
Map.of(
"value", policy,
"display_name", displayName
),
token
);
return true;
}
@Override
@Deprecated(since = "0.4", forRemoval = true)
public final boolean registerUserId(final String appID, final String userID) throws VaultConnectorException {
requireAuth();
/* Issue request and expect code 204 with empty response */
request.postWithoutResponse(
PATH_AUTH_APPID + "/map/user-id/" + userID,
singletonMap("value", appID),
token
);
return true;
}
@Override @Override
public final boolean createAppRole(final AppRole role) throws VaultConnectorException { public final boolean createAppRole(final AppRole role) throws VaultConnectorException {
requireAuth(); requireAuth();
@ -496,7 +454,7 @@ public class HTTPVaultConnector implements VaultConnector {
throw new InvalidRequestException("Secret path must not be empty."); throw new InvalidRequestException("Secret path must not be empty.");
} }
// By default data is directly passed as payload. // By default, data is directly passed as payload.
Object payload = data; Object payload = data;
// If options are given, split payload in two parts. // If options are given, split payload in two parts.
@ -693,6 +651,47 @@ public class HTTPVaultConnector implements VaultConnector {
return true; return true;
} }
@Override
public final TransitResponse transitEncrypt(final String keyName, final String plaintext)
throws VaultConnectorException {
requireAuth();
Map<String, Object> payload = mapOf(
"plaintext", plaintext
);
return request.post(PATH_TRANSIT_ENCRYPT + keyName, payload, token, TransitResponse.class);
}
@Override
public final TransitResponse transitDecrypt(final String keyName, final String ciphertext)
throws VaultConnectorException {
requireAuth();
Map<String, Object> payload = mapOf(
"ciphertext", ciphertext
);
return request.post(PATH_TRANSIT_DECRYPT + keyName, payload, token, TransitResponse.class);
}
@Override
public final TransitResponse transitHash(final String algorithm, final String input, final String format)
throws VaultConnectorException {
if (format != null && !"hex".equals(format) && !"base64".equals(format)) {
throw new IllegalArgumentException("Unsupported format " + format);
}
requireAuth();
Map<String, Object> payload = mapOf(
"input", input,
"format", format
);
return request.post(PATH_TRANSIT_HASH + algorithm, payload, token, TransitResponse.class);
}
/** /**
* Check for required authorization. * Check for required authorization.
* *

58
src/main/java/de/stklcode/jvault/connector/HTTPVaultConnectorBuilder.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -20,18 +20,17 @@ import de.stklcode.jvault.connector.exception.ConnectionException;
import de.stklcode.jvault.connector.exception.TlsException; import de.stklcode.jvault.connector.exception.TlsException;
import de.stklcode.jvault.connector.exception.VaultConnectorException; import de.stklcode.jvault.connector.exception.VaultConnectorException;
import java.io.ByteArrayInputStream;
import java.io.IOException; import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URI; import java.net.URI;
import java.net.URISyntaxException; import java.net.URISyntaxException;
import java.net.URL; import java.nio.charset.StandardCharsets;
import java.nio.file.Files; import java.nio.file.Files;
import java.nio.file.Path; import java.nio.file.Path;
import java.nio.file.Paths; import java.nio.file.Paths;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory; import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.util.Objects;
/** /**
* Vault Connector Builder implementation for HTTP Vault connectors. * Vault Connector Builder implementation for HTTP Vault connectors.
@ -96,10 +95,14 @@ public final class HTTPVaultConnectorBuilder {
* @since 1.0 * @since 1.0
*/ */
public HTTPVaultConnectorBuilder withBaseURL(final URI baseURL) { public HTTPVaultConnectorBuilder withBaseURL(final URI baseURL) {
return withTLS(!("http".equalsIgnoreCase(Objects.requireNonNullElse(baseURL.getScheme(), "")))) String path = baseURL.getPath();
if (path == null || path.isBlank()) {
path = DEFAULT_PREFIX;
}
return withTLS(!("http".equalsIgnoreCase(baseURL.getScheme())))
.withHost(baseURL.getHost()) .withHost(baseURL.getHost())
.withPort(baseURL.getPort()) .withPort(baseURL.getPort())
.withPrefix(baseURL.getPath()); .withPrefix(path);
} }
/** /**
@ -293,7 +296,7 @@ public final class HTTPVaultConnectorBuilder {
} }
/** /**
* Build connector based on the {@code }VAULT_ADDR} and {@code VAULT_CACERT} (optional) environment variables. * Build connector based on the {@code VAULT_ADDR} and {@code VAULT_CACERT} (optional) environment variables.
* *
* @return self * @return self
* @throws VaultConnectorException if Vault address from environment variables is malformed * @throws VaultConnectorException if Vault address from environment variables is malformed
@ -301,13 +304,10 @@ public final class HTTPVaultConnectorBuilder {
*/ */
public HTTPVaultConnectorBuilder fromEnv() throws VaultConnectorException { public HTTPVaultConnectorBuilder fromEnv() throws VaultConnectorException {
/* Parse URL from environment variable */ /* Parse URL from environment variable */
if (System.getenv(ENV_VAULT_ADDR) != null && !System.getenv(ENV_VAULT_ADDR).trim().isEmpty()) { if (System.getenv(ENV_VAULT_ADDR) != null && !System.getenv(ENV_VAULT_ADDR).isBlank()) {
try { try {
var url = new URL(System.getenv(ENV_VAULT_ADDR)); withBaseURL(System.getenv(ENV_VAULT_ADDR));
this.host = url.getHost(); } catch (URISyntaxException e) {
this.port = url.getPort();
this.tls = url.getProtocol().equals("https");
} catch (MalformedURLException e) {
throw new ConnectionException("URL provided in environment variable malformed", e); throw new ConnectionException("URL provided in environment variable malformed", e);
} }
} }
@ -315,7 +315,7 @@ public final class HTTPVaultConnectorBuilder {
/* Read number of retries */ /* Read number of retries */
if (System.getenv(ENV_VAULT_MAX_RETRIES) != null) { if (System.getenv(ENV_VAULT_MAX_RETRIES) != null) {
try { try {
numberOfRetries = Integer.parseInt(System.getenv(ENV_VAULT_MAX_RETRIES)); withNumberOfRetries(Integer.parseInt(System.getenv(ENV_VAULT_MAX_RETRIES)));
} catch (NumberFormatException ignored) { } catch (NumberFormatException ignored) {
/* Ignore malformed values. */ /* Ignore malformed values. */
} }
@ -325,8 +325,12 @@ public final class HTTPVaultConnectorBuilder {
token = System.getenv(ENV_VAULT_TOKEN); token = System.getenv(ENV_VAULT_TOKEN);
/* Parse certificate, if set */ /* Parse certificate, if set */
if (System.getenv(ENV_VAULT_CACERT) != null && !System.getenv(ENV_VAULT_CACERT).trim().isEmpty()) { if (System.getenv(ENV_VAULT_CACERT) != null && !System.getenv(ENV_VAULT_CACERT).isBlank()) {
return withTrustedCA(Paths.get(System.getenv(ENV_VAULT_CACERT))); X509Certificate cert = certificateFromString(System.getenv(ENV_VAULT_CACERT));
if (cert == null) {
cert = certificateFromFile(Paths.get(System.getenv(ENV_VAULT_CACERT)));
}
return withTrustedCA(cert);
} }
return this; return this;
} }
@ -398,6 +402,28 @@ public final class HTTPVaultConnectorBuilder {
return con; return con;
} }
/**
* Read given certificate file to X.509 certificate.
*
* @param cert Certificate string (optionally PEM)
* @return X.509 Certificate object if parseable, else {@code null}
* @throws TlsException on error
* @since 1.5.0
*/
private X509Certificate certificateFromString(final String cert) throws TlsException {
// Check if PEM header is present in given string
if (cert.contains("-BEGIN ") && cert.contains("-END")) {
try (var is = new ByteArrayInputStream(cert.getBytes(StandardCharsets.UTF_8))) {
return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(is);
} catch (IOException | CertificateException e) {
throw new TlsException("Unable to read certificate.", e);
}
}
// Not am PEM string, skip
return null;
}
/** /**
* Read given certificate file to X.509 certificate. * Read given certificate file to X.509 certificate.
* *

157
src/main/java/de/stklcode/jvault/connector/VaultConnector.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -21,10 +21,7 @@ import de.stklcode.jvault.connector.model.*;
import de.stklcode.jvault.connector.model.response.*; import de.stklcode.jvault.connector.model.response.*;
import java.io.Serializable; import java.io.Serializable;
import java.util.ArrayList; import java.util.*;
import java.util.Collections;
import java.util.List;
import java.util.Map;
/** /**
* Vault Connector interface. * Vault Connector interface.
@ -112,19 +109,6 @@ public interface VaultConnector extends AutoCloseable, Serializable {
*/ */
AuthResponse authUserPass(final String username, final String password) throws VaultConnectorException; AuthResponse authUserPass(final String username, final String password) throws VaultConnectorException;
/**
* Authorize to Vault using AppID method.
*
* @param appID The App ID
* @param userID The User ID
* @return The {@link AuthResponse}
* @throws VaultConnectorException on error
* @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole. App-ID was removed in Vault 1.12.
* Consider using {@link #authAppRole} instead.
*/
@Deprecated(since = "0.4", forRemoval = true)
AuthResponse authAppId(final String appID, final String userID) throws VaultConnectorException;
/** /**
* Authorize to Vault using AppRole method without secret ID. * Authorize to Vault using AppRole method without secret ID.
* *
@ -148,21 +132,6 @@ public interface VaultConnector extends AutoCloseable, Serializable {
*/ */
AuthResponse authAppRole(final String roleID, final String secretID) throws VaultConnectorException; AuthResponse authAppRole(final String roleID, final String secretID) throws VaultConnectorException;
/**
* Register new App-ID with policy.
*
* @param appID The unique App-ID
* @param policy The policy to associate with
* @param displayName Arbitrary name to display
* @return {@code true} on success
* @throws VaultConnectorException on error
* @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole. App-ID was removed in Vault 1.12.
* Consider using {@link #createAppRole} instead.
*/
@Deprecated(since = "0.4", forRemoval = true)
boolean registerAppId(final String appID, final String policy, final String displayName)
throws VaultConnectorException;
/** /**
* Register a new AppRole role from given metamodel. * Register a new AppRole role from given metamodel.
* *
@ -344,38 +313,6 @@ public interface VaultConnector extends AutoCloseable, Serializable {
*/ */
List<String> listAppRoleSecrets(final String roleName) throws VaultConnectorException; List<String> listAppRoleSecrets(final String roleName) throws VaultConnectorException;
/**
* Register User-ID with App-ID.
*
* @param appID The App-ID
* @param userID The User-ID
* @return {@code true} on success
* @throws VaultConnectorException on error
* @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole. App-ID was removed in Vault 1.12.
* Consider using {@link #createAppRoleSecret} instead.
*/
@Deprecated(since = "0.4", forRemoval = true)
boolean registerUserId(final String appID, final String userID) throws VaultConnectorException;
/**
* Register new App-ID and User-ID at once.
*
* @param appID The App-ID
* @param policy The policy to associate with
* @param displayName Arbitrary name to display
* @param userID The User-ID
* @return {@code true} on success
* @throws VaultConnectorException on error
* @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole. App-ID was removed in Vault 1.12.
*/
@Deprecated(since = "0.4", forRemoval = true)
default boolean registerAppUserId(final String appID,
final String policy,
final String displayName,
final String userID) throws VaultConnectorException {
return registerAppId(appID, policy, userID) && registerUserId(appID, userID);
}
/** /**
* Get authorization status. * Get authorization status.
* *
@ -734,6 +671,82 @@ public interface VaultConnector extends AutoCloseable, Serializable {
*/ */
boolean deleteTokenRole(final String name) throws VaultConnectorException; boolean deleteTokenRole(final String name) throws VaultConnectorException;
/**
* Encrypt plaintext via transit engine from Vault.
*
* @param keyName Transit key name
* @param plaintext Text to encrypt (Base64 encoded)
* @return Transit response
* @throws VaultConnectorException on error
* @since 1.5.0
*/
TransitResponse transitEncrypt(final String keyName, final String plaintext) throws VaultConnectorException;
/**
* Encrypt plaintext via transit engine from Vault.
*
* @param keyName Transit key name
* @param plaintext Binary data to encrypt
* @return Transit response
* @throws VaultConnectorException on error
* @since 1.5.0
*/
default TransitResponse transitEncrypt(final String keyName, final byte[] plaintext)
throws VaultConnectorException {
return transitEncrypt(keyName, Base64.getEncoder().encodeToString(plaintext));
}
/**
* Decrypt ciphertext via transit engine from Vault.
*
* @param keyName Transit key name
* @param ciphertext Text to decrypt
* @return Transit response
* @throws VaultConnectorException on error
* @since 1.5.0
*/
TransitResponse transitDecrypt(final String keyName, final String ciphertext) throws VaultConnectorException;
/**
* Hash data in hex format via transit engine from Vault.
*
* @param algorithm Specifies the hash algorithm to use
* @param input Data to hash
* @return Transit response
* @throws VaultConnectorException on error
* @since 1.5.0
*/
default TransitResponse transitHash(final String algorithm, final String input) throws VaultConnectorException {
return transitHash(algorithm, input, "hex");
}
/**
* Hash data via transit engine from Vault.
*
* @param algorithm Specifies the hash algorithm to use
* @param input Data to hash (Base64 encoded)
* @param format Specifies the output encoding (hex/base64)
* @return Transit response
* @throws VaultConnectorException on error
* @since 1.5.0
*/
TransitResponse transitHash(final String algorithm, final String input, final String format)
throws VaultConnectorException;
/**
* Hash data via transit engine from Vault.
*
* @param algorithm Specifies the hash algorithm to use
* @param input Data to hash
* @return Transit response
* @throws VaultConnectorException on error
* @since 1.5.0
*/
default TransitResponse transitHash(final String algorithm, final byte[] input, final String format)
throws VaultConnectorException {
return transitHash(algorithm, Base64.getEncoder().encodeToString(input), format);
}
/** /**
* Read credentials for MySQL backend at default mount point. * Read credentials for MySQL backend at default mount point.
* *
@ -741,7 +754,9 @@ public interface VaultConnector extends AutoCloseable, Serializable {
* @return the credentials response * @return the credentials response
* @throws VaultConnectorException on error * @throws VaultConnectorException on error
* @since 0.5.0 * @since 0.5.0
* @deprecated use {@link #readDbCredentials(String, String)} your MySQL mountpoint
*/ */
@Deprecated(since = "1.5.0", forRemoval = true)
default CredentialsResponse readMySqlCredentials(final String role) throws VaultConnectorException { default CredentialsResponse readMySqlCredentials(final String role) throws VaultConnectorException {
return readDbCredentials(role, "mysql"); return readDbCredentials(role, "mysql");
} }
@ -753,7 +768,9 @@ public interface VaultConnector extends AutoCloseable, Serializable {
* @return the credentials response * @return the credentials response
* @throws VaultConnectorException on error * @throws VaultConnectorException on error
* @since 0.5.0 * @since 0.5.0
* @deprecated use {@link #readDbCredentials(String, String)} your PostgreSQL mountpoint
*/ */
@Deprecated(since = "1.5.0", forRemoval = true)
default CredentialsResponse readPostgreSqlCredentials(final String role) throws VaultConnectorException { default CredentialsResponse readPostgreSqlCredentials(final String role) throws VaultConnectorException {
return readDbCredentials(role, "postgresql"); return readDbCredentials(role, "postgresql");
} }
@ -765,28 +782,32 @@ public interface VaultConnector extends AutoCloseable, Serializable {
* @return the credentials response * @return the credentials response
* @throws VaultConnectorException on error * @throws VaultConnectorException on error
* @since 0.5.0 * @since 0.5.0
* @deprecated use {@link #readDbCredentials(String, String)} your MSSQL mountpoint
*/ */
@Deprecated(since = "1.5.0", forRemoval = true)
default CredentialsResponse readMsSqlCredentials(final String role) throws VaultConnectorException { default CredentialsResponse readMsSqlCredentials(final String role) throws VaultConnectorException {
return readDbCredentials(role, "mssql"); return readDbCredentials(role, "mssql");
} }
/** /**
* Read credentials for MSSQL backend at default mount point. * Read credentials for MongoDB backend at default mount point.
* *
* @param role the role name * @param role the role name
* @return the credentials response * @return the credentials response
* @throws VaultConnectorException on error * @throws VaultConnectorException on error
* @since 0.5.0 * @since 0.5.0
* @deprecated use {@link #readDbCredentials(String, String)} your MongoDB mountpoint
*/ */
@Deprecated(since = "1.5.0", forRemoval = true)
default CredentialsResponse readMongoDbCredentials(final String role) throws VaultConnectorException { default CredentialsResponse readMongoDbCredentials(final String role) throws VaultConnectorException {
return readDbCredentials(role, "mongodb"); return readDbCredentials(role, "mongodb");
} }
/** /**
* Read credentials for SQL backends. * Read credentials for database backends.
* *
* @param role the role name * @param role the role name
* @param mount mount point of the SQL backend * @param mount mount point of the database backend
* @return the credentials response * @return the credentials response
* @throws VaultConnectorException on error * @throws VaultConnectorException on error
* @since 0.5.0 * @since 0.5.0

3
src/main/java/de/stklcode/jvault/connector/exception/AuthorizationRequiredException.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -23,4 +23,5 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1 * @since 0.1
*/ */
public class AuthorizationRequiredException extends VaultConnectorException { public class AuthorizationRequiredException extends VaultConnectorException {
private static final long serialVersionUID = 2629577936657393880L;
} }

4
src/main/java/de/stklcode/jvault/connector/exception/ConnectionException.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -23,6 +23,8 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1 * @since 0.1
*/ */
public class ConnectionException extends VaultConnectorException { public class ConnectionException extends VaultConnectorException {
private static final long serialVersionUID = 3005430116002990418L;
/** /**
* Constructs a new empty exception. * Constructs a new empty exception.
*/ */

4
src/main/java/de/stklcode/jvault/connector/exception/InvalidRequestException.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -23,6 +23,8 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1 * @since 0.1
*/ */
public class InvalidRequestException extends VaultConnectorException { public class InvalidRequestException extends VaultConnectorException {
private static final long serialVersionUID = -6712239648281809159L;
/** /**
* Constructs a new empty exception. * Constructs a new empty exception.
*/ */

4
src/main/java/de/stklcode/jvault/connector/exception/InvalidResponseException.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -24,6 +24,8 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1 * @since 0.1
*/ */
public final class InvalidResponseException extends VaultConnectorException { public final class InvalidResponseException extends VaultConnectorException {
private static final long serialVersionUID = 2003151038614163479L;
private final Integer statusCode; private final Integer statusCode;
private final String response; private final String response;

4
src/main/java/de/stklcode/jvault/connector/exception/PermissionDeniedException.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -23,6 +23,8 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1 * @since 0.1
*/ */
public class PermissionDeniedException extends VaultConnectorException { public class PermissionDeniedException extends VaultConnectorException {
private static final long serialVersionUID = -7149134015090750776L;
/** /**
* Constructs a new empty exception. * Constructs a new empty exception.
*/ */

4
src/main/java/de/stklcode/jvault/connector/exception/TlsException.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -23,6 +23,8 @@ package de.stklcode.jvault.connector.exception;
* @since 0.4.0 * @since 0.4.0
*/ */
public class TlsException extends VaultConnectorException { public class TlsException extends VaultConnectorException {
private static final long serialVersionUID = -5139276834988258086L;
/** /**
* Constructs a new empty exception. * Constructs a new empty exception.
*/ */

4
src/main/java/de/stklcode/jvault/connector/exception/VaultConnectorException.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -23,6 +23,8 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1 * @since 0.1
*/ */
public abstract class VaultConnectorException extends Exception { public abstract class VaultConnectorException extends Exception {
private static final long serialVersionUID = -2612477894310906036L;
/** /**
* Constructs a new empty exception. * Constructs a new empty exception.
*/ */

2
src/main/java/de/stklcode/jvault/connector/exception/package-info.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/internal/Error.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

22
src/main/java/de/stklcode/jvault/connector/internal/RequestHelper.java
View File

@ -2,8 +2,8 @@ package de.stklcode.jvault.connector.internal;
import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationFeature; import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature; import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.databind.json.JsonMapper;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import de.stklcode.jvault.connector.exception.*; import de.stklcode.jvault.connector.exception.*;
import de.stklcode.jvault.connector.model.response.ErrorResponse; import de.stklcode.jvault.connector.model.response.ErrorResponse;
@ -44,7 +44,7 @@ public final class RequestHelper implements Serializable {
private final int retries; // Number of retries on 5xx errors. private final int retries; // Number of retries on 5xx errors.
private final String tlsVersion; // TLS version (#22). private final String tlsVersion; // TLS version (#22).
private final X509Certificate trustedCaCert; // Trusted CA certificate. private final X509Certificate trustedCaCert; // Trusted CA certificate.
private final ObjectMapper jsonMapper; private final JsonMapper jsonMapper;
/** /**
* Constructor of the request helper. * Constructor of the request helper.
@ -65,10 +65,11 @@ public final class RequestHelper implements Serializable {
this.timeout = timeout; this.timeout = timeout;
this.tlsVersion = tlsVersion; this.tlsVersion = tlsVersion;
this.trustedCaCert = trustedCaCert; this.trustedCaCert = trustedCaCert;
this.jsonMapper = new ObjectMapper() this.jsonMapper = JsonMapper.builder()
.registerModule(new JavaTimeModule()) .addModule(new JavaTimeModule())
.enable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS) .enable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS)
.disable(DeserializationFeature.ADJUST_DATES_TO_CONTEXT_TIME_ZONE); .disable(DeserializationFeature.ADJUST_DATES_TO_CONTEXT_TIME_ZONE)
.build();
} }
/** /**
@ -431,18 +432,19 @@ public final class RequestHelper implements Serializable {
* @throws VaultConnectorException Expected exception with details to throw * @throws VaultConnectorException Expected exception with details to throw
*/ */
private void handleError(final HttpResponse<InputStream> response) throws VaultConnectorException { private void handleError(final HttpResponse<InputStream> response) throws VaultConnectorException {
if (response.body() != null) { try (var body = response.body()) {
try (var reader = new BufferedReader(new InputStreamReader(response.body(), UTF_8))) { if (body != null) {
var responseString = reader.lines().collect(Collectors.joining("\n")); try (var reader = new BufferedReader(new InputStreamReader(body, UTF_8))) {
ErrorResponse er = jsonMapper.readValue(responseString, ErrorResponse.class); ErrorResponse er = jsonMapper.readValue(reader, ErrorResponse.class);
/* Check for "permission denied" response */ /* Check for "permission denied" response */
if (!er.getErrors().isEmpty() && er.getErrors().get(0).equals("permission denied")) { if (!er.getErrors().isEmpty() && er.getErrors().get(0).equals("permission denied")) {
throw new PermissionDeniedException(); throw new PermissionDeniedException();
} }
throw new InvalidResponseException(Error.RESPONSE_CODE, response.statusCode(), er.toString()); throw new InvalidResponseException(Error.RESPONSE_CODE, response.statusCode(), er.toString());
}
}
} catch (IOException ignored) { } catch (IOException ignored) {
// Exception ignored. // Exception ignored.
} }
} }
} }
}

28
src/main/java/de/stklcode/jvault/connector/model/AppRole.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -32,7 +32,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class AppRole implements Serializable { public final class AppRole implements Serializable {
private static final long serialVersionUID = -6248529625864573990L; private static final long serialVersionUID = 693228837510483448L;
@JsonProperty("role_name") @JsonProperty("role_name")
private String name; private String name;
@ -55,9 +55,9 @@ public final class AppRole implements Serializable {
@JsonInclude(JsonInclude.Include.NON_NULL) @JsonInclude(JsonInclude.Include.NON_NULL)
private Integer secretIdTtl; private Integer secretIdTtl;
@JsonProperty("enable_local_secret_ids") @JsonProperty("local_secret_ids")
@JsonInclude(JsonInclude.Include.NON_NULL) @JsonInclude(JsonInclude.Include.NON_NULL)
private Boolean enableLocalSecretIds; private Boolean localSecretIds;
@JsonProperty("token_ttl") @JsonProperty("token_ttl")
@JsonInclude(JsonInclude.Include.NON_NULL) @JsonInclude(JsonInclude.Include.NON_NULL)
@ -111,7 +111,7 @@ public final class AppRole implements Serializable {
this.secretIdBoundCidrs = builder.secretIdBoundCidrs; this.secretIdBoundCidrs = builder.secretIdBoundCidrs;
this.secretIdNumUses = builder.secretIdNumUses; this.secretIdNumUses = builder.secretIdNumUses;
this.secretIdTtl = builder.secretIdTtl; this.secretIdTtl = builder.secretIdTtl;
this.enableLocalSecretIds = builder.enableLocalSecretIds; this.localSecretIds = builder.localSecretIds;
this.tokenTtl = builder.tokenTtl; this.tokenTtl = builder.tokenTtl;
this.tokenMaxTtl = builder.tokenMaxTtl; this.tokenMaxTtl = builder.tokenMaxTtl;
this.tokenPolicies = builder.tokenPolicies; this.tokenPolicies = builder.tokenPolicies;
@ -262,9 +262,10 @@ public final class AppRole implements Serializable {
/** /**
* @return Enable local secret IDs? * @return Enable local secret IDs?
* @since 0.9 * @since 0.9
* @since 1.3 renamed to {@code getLocalSecretIds()}
*/ */
public Boolean getEnableLocalSecretIds() { public Boolean getLocalSecretIds() {
return enableLocalSecretIds; return localSecretIds;
} }
/** /**
@ -335,7 +336,7 @@ public final class AppRole implements Serializable {
Objects.equals(secretIdBoundCidrs, appRole.secretIdBoundCidrs) && Objects.equals(secretIdBoundCidrs, appRole.secretIdBoundCidrs) &&
Objects.equals(secretIdNumUses, appRole.secretIdNumUses) && Objects.equals(secretIdNumUses, appRole.secretIdNumUses) &&
Objects.equals(secretIdTtl, appRole.secretIdTtl) && Objects.equals(secretIdTtl, appRole.secretIdTtl) &&
Objects.equals(enableLocalSecretIds, appRole.enableLocalSecretIds) && Objects.equals(localSecretIds, appRole.localSecretIds) &&
Objects.equals(tokenTtl, appRole.tokenTtl) && Objects.equals(tokenTtl, appRole.tokenTtl) &&
Objects.equals(tokenMaxTtl, appRole.tokenMaxTtl) && Objects.equals(tokenMaxTtl, appRole.tokenMaxTtl) &&
Objects.equals(tokenPolicies, appRole.tokenPolicies) && Objects.equals(tokenPolicies, appRole.tokenPolicies) &&
@ -350,7 +351,7 @@ public final class AppRole implements Serializable {
@Override @Override
public int hashCode() { public int hashCode() {
return Objects.hash(name, id, bindSecretId, secretIdBoundCidrs, secretIdNumUses, secretIdTtl, return Objects.hash(name, id, bindSecretId, secretIdBoundCidrs, secretIdNumUses, secretIdTtl,
enableLocalSecretIds, tokenTtl, tokenMaxTtl, tokenPolicies, tokenBoundCidrs, tokenExplicitMaxTtl, localSecretIds, tokenTtl, tokenMaxTtl, tokenPolicies, tokenBoundCidrs, tokenExplicitMaxTtl,
tokenNoDefaultPolicy, tokenNumUses, tokenPeriod, tokenType); tokenNoDefaultPolicy, tokenNumUses, tokenPeriod, tokenType);
} }
@ -370,7 +371,7 @@ public final class AppRole implements Serializable {
private List<String> tokenPolicies; private List<String> tokenPolicies;
private Integer secretIdNumUses; private Integer secretIdNumUses;
private Integer secretIdTtl; private Integer secretIdTtl;
private Boolean enableLocalSecretIds; private Boolean localSecretIds;
private Integer tokenTtl; private Integer tokenTtl;
private Integer tokenMaxTtl; private Integer tokenMaxTtl;
private List<String> tokenBoundCidrs; private List<String> tokenBoundCidrs;
@ -527,12 +528,13 @@ public final class AppRole implements Serializable {
/** /**
* Enable or disable local secret IDs. * Enable or disable local secret IDs.
* *
* @param enableLocalSecretIds Enable local secret IDs? * @param localSecretIds Enable local secret IDs?
* @return self * @return self
* @since 0.9 * @since 0.9
* @since 1.3 renamed to {@code withLocalSecretIds()}
*/ */
public Builder withEnableLocalSecretIds(final Boolean enableLocalSecretIds) { public Builder withLocalSecretIds(final Boolean localSecretIds) {
this.enableLocalSecretIds = enableLocalSecretIds; this.localSecretIds = localSecretIds;
return this; return this;
} }

2
src/main/java/de/stklcode/jvault/connector/model/AppRoleSecret.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

4
src/main/java/de/stklcode/jvault/connector/model/AuthBackend.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -24,8 +24,6 @@ package de.stklcode.jvault.connector.model;
*/ */
public enum AuthBackend { public enum AuthBackend {
TOKEN("token"), TOKEN("token"),
@Deprecated(since = "1.1.3", forRemoval = true)
APPID("app-id"),
APPROLE("approle"), APPROLE("approle"),
USERPASS("userpass"), USERPASS("userpass"),
GITHUB("github"), // Not supported yet. GITHUB("github"), // Not supported yet.

2
src/main/java/de/stklcode/jvault/connector/model/Token.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/TokenRole.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/package-info.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/AppRoleResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/AppRoleSecretResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/AuthMethodsResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

31
src/main/java/de/stklcode/jvault/connector/model/response/AuthResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -17,11 +17,8 @@
package de.stklcode.jvault.connector.model.response; package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.response.embedded.AuthData; import de.stklcode.jvault.connector.model.response.embedded.AuthData;
import java.util.Objects;
/** /**
* Vault response for authentication providing auth info in {@link AuthData} field. * Vault response for authentication providing auth info in {@link AuthData} field.
* *
@ -31,30 +28,4 @@ import java.util.Objects;
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class AuthResponse extends VaultDataResponse { public final class AuthResponse extends VaultDataResponse {
private static final long serialVersionUID = 1628851361067456715L; private static final long serialVersionUID = 1628851361067456715L;
@JsonProperty("auth")
private AuthData auth;
/**
* @return Authentication data
*/
public AuthData getAuth() {
return auth;
}
@Override
public boolean equals(Object o) {
if (this == o) {
return true;
} else if (o == null || getClass() != o.getClass() || !super.equals(o)) {
return false;
}
AuthResponse that = (AuthResponse) o;
return Objects.equals(auth, that.auth);
}
@Override
public int hashCode() {
return Objects.hash(super.hashCode(), auth);
}
} }

2
src/main/java/de/stklcode/jvault/connector/model/response/CredentialsResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/ErrorResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

57
src/main/java/de/stklcode/jvault/connector/model/response/HealthResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -29,7 +29,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class HealthResponse implements VaultResponse { public final class HealthResponse implements VaultResponse {
private static final long serialVersionUID = 6483840078694294401L; private static final long serialVersionUID = 8675155916902904516L;
@JsonProperty("cluster_id") @JsonProperty("cluster_id")
private String clusterID; private String clusterID;
@ -61,6 +61,18 @@ public final class HealthResponse implements VaultResponse {
@JsonProperty("performance_standby") @JsonProperty("performance_standby")
private Boolean performanceStandby; private Boolean performanceStandby;
@JsonProperty("echo_duration_ms")
private Long echoDurationMs;
@JsonProperty("clock_skew_ms")
private Long clockSkewMs;
@JsonProperty("replication_primary_canary_age_ms")
private Long replicationPrimaryCanaryAgeMs;
@JsonProperty("enterprise")
private Boolean enterprise;
/** /**
* @return The Cluster ID. * @return The Cluster ID.
*/ */
@ -134,6 +146,38 @@ public final class HealthResponse implements VaultResponse {
return performanceStandby; return performanceStandby;
} }
/**
* @return Heartbeat echo duration in milliseconds (since Vault 1.16)
* @since 1.3
*/
public Long getEchoDurationMs() {
return echoDurationMs;
}
/**
* @return Clock skew in milliseconds (since Vault 1.16)
* @since 1.3
*/
public Long getClockSkewMs() {
return clockSkewMs;
}
/**
* @return Replication primary canary age in milliseconds (since Vault 1.17)
* @since 1.3
*/
public Long getReplicationPrimaryCanaryAgeMs() {
return replicationPrimaryCanaryAgeMs;
}
/**
* @return Enterprise instance? (since Vault 1.17)
* @since 1.3
*/
public Boolean isEnterprise() {
return enterprise;
}
@Override @Override
public boolean equals(Object o) { public boolean equals(Object o) {
if (this == o) { if (this == o) {
@ -151,12 +195,17 @@ public final class HealthResponse implements VaultResponse {
Objects.equals(initialized, that.initialized) && Objects.equals(initialized, that.initialized) &&
Objects.equals(replicationPerfMode, that.replicationPerfMode) && Objects.equals(replicationPerfMode, that.replicationPerfMode) &&
Objects.equals(replicationDrMode, that.replicationDrMode) && Objects.equals(replicationDrMode, that.replicationDrMode) &&
Objects.equals(performanceStandby, that.performanceStandby); Objects.equals(performanceStandby, that.performanceStandby) &&
Objects.equals(echoDurationMs, that.echoDurationMs) &&
Objects.equals(clockSkewMs, that.clockSkewMs) &&
Objects.equals(replicationPrimaryCanaryAgeMs, that.replicationPrimaryCanaryAgeMs) &&
Objects.equals(enterprise, that.enterprise);
} }
@Override @Override
public int hashCode() { public int hashCode() {
return Objects.hash(clusterID, clusterName, version, serverTimeUTC, standby, sealed, initialized, return Objects.hash(clusterID, clusterName, version, serverTimeUTC, standby, sealed, initialized,
replicationPerfMode, replicationDrMode, performanceStandby); replicationPerfMode, replicationDrMode, performanceStandby, echoDurationMs, clockSkewMs,
replicationPrimaryCanaryAgeMs, enterprise);
} }
} }

2
src/main/java/de/stklcode/jvault/connector/model/response/HelpResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/MetaSecretResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2021 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/MetadataResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/PlainSecretResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2021 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/RawDataResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/SealResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/SecretListResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

11
src/main/java/de/stklcode/jvault/connector/model/response/SecretResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -18,8 +18,8 @@ package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.databind.DeserializationFeature; import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature; import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.databind.json.JsonMapper;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import de.stklcode.jvault.connector.exception.InvalidResponseException; import de.stklcode.jvault.connector.exception.InvalidResponseException;
import de.stklcode.jvault.connector.model.response.embedded.VersionMetadata; import de.stklcode.jvault.connector.model.response.embedded.VersionMetadata;
@ -85,10 +85,11 @@ public abstract class SecretResponse extends VaultDataResponse {
} else if (type.isInstance(rawValue)) { } else if (type.isInstance(rawValue)) {
return type.cast(rawValue); return type.cast(rawValue);
} else { } else {
var om = new ObjectMapper() var om = JsonMapper.builder()
.registerModule(new JavaTimeModule()) .addModule(new JavaTimeModule())
.enable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS) .enable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS)
.disable(DeserializationFeature.ADJUST_DATES_TO_CONTEXT_TIME_ZONE); .disable(DeserializationFeature.ADJUST_DATES_TO_CONTEXT_TIME_ZONE)
.build();
if (rawValue instanceof String) { if (rawValue instanceof String) {
return om.readValue((String) rawValue, type); return om.readValue((String) rawValue, type);

2
src/main/java/de/stklcode/jvault/connector/model/response/SecretVersionResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

17
src/main/java/de/stklcode/jvault/connector/model/response/TokenResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -30,14 +30,11 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class TokenResponse extends VaultDataResponse { public final class TokenResponse extends VaultDataResponse {
private static final long serialVersionUID = -4053126653764241197L; private static final long serialVersionUID = -4341114947980033457L;
@JsonProperty("data") @JsonProperty("data")
private TokenData data; private TokenData data;
@JsonProperty("auth")
private Boolean auth;
/** /**
* @return Token data * @return Token data
*/ */
@ -45,12 +42,6 @@ public final class TokenResponse extends VaultDataResponse {
return data; return data;
} }
/**
* @return Auth data
*/
public Boolean getAuth() {
return auth;
}
@Override @Override
public boolean equals(Object o) { public boolean equals(Object o) {
@ -60,11 +51,11 @@ public final class TokenResponse extends VaultDataResponse {
return false; return false;
} }
TokenResponse that = (TokenResponse) o; TokenResponse that = (TokenResponse) o;
return Objects.equals(data, that.data) && Objects.equals(auth, that.auth); return Objects.equals(data, that.data);
} }
@Override @Override
public int hashCode() { public int hashCode() {
return Objects.hash(super.hashCode(), data, auth); return Objects.hash(super.hashCode(), data);
} }
} }

2
src/main/java/de/stklcode/jvault/connector/model/response/TokenRoleResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

92
src/main/java/de/stklcode/jvault/connector/model/response/TransitResponse.java Normal file
View File

@ -0,0 +1,92 @@
/*
* Copyright 2016-2025 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonSetter;
import java.util.Map;
import java.util.Objects;
/**
* Response entity for transit operations.
*
* @author Stefan Kalscheuer
* @since 1.5.0
*/
public class TransitResponse extends VaultDataResponse {
private static final long serialVersionUID = 6873804240772242771L;
private String ciphertext;
private String plaintext;
private String sum;
@JsonSetter("data")
private void setData(Map<String, String> data) {
ciphertext = data.get("ciphertext");
plaintext = data.get("plaintext");
sum = data.get("sum");
}
/**
* Get ciphertext.
* Populated after encryption.
*
* @return Ciphertext
*/
public String getCiphertext() {
return ciphertext;
}
/**
* Get plaintext.
* Base64 encoded, populated after decryption.
*
* @return Plaintext
*/
public String getPlaintext() {
return plaintext;
}
/**
* Get hash sum.
* Hex or Base64 string. Populated after hashing.
*
* @return Hash sum
*/
public String getSum() {
return sum;
}
@Override
public boolean equals(Object o) {
if (this == o) {
return true;
} else if (o == null || getClass() != o.getClass() || !super.equals(o)) {
return false;
}
TransitResponse that = (TransitResponse) o;
return Objects.equals(ciphertext, that.ciphertext) &&
Objects.equals(plaintext, that.plaintext) &&
Objects.equals(sum, that.sum);
}
@Override
public int hashCode() {
return Objects.hash(super.hashCode(), ciphertext, plaintext, sum);
}
}

33
src/main/java/de/stklcode/jvault/connector/model/response/VaultDataResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -17,6 +17,7 @@
package de.stklcode.jvault.connector.model.response; package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.response.embedded.AuthData;
import de.stklcode.jvault.connector.model.response.embedded.WrapInfo; import de.stklcode.jvault.connector.model.response.embedded.WrapInfo;
import java.util.List; import java.util.List;
@ -29,7 +30,7 @@ import java.util.Objects;
* @since 0.1 * @since 0.1
*/ */
public abstract class VaultDataResponse implements VaultResponse { public abstract class VaultDataResponse implements VaultResponse {
private static final long serialVersionUID = 7486270767477652184L; private static final long serialVersionUID = 4787715235558510045L;
@JsonProperty("request_id") @JsonProperty("request_id")
private String requestId; private String requestId;
@ -49,6 +50,12 @@ public abstract class VaultDataResponse implements VaultResponse {
@JsonProperty("wrap_info") @JsonProperty("wrap_info")
private WrapInfo wrapInfo; private WrapInfo wrapInfo;
@JsonProperty("auth")
private AuthData auth;
@JsonProperty("mount_type")
private String mountType;
/** /**
* @return Request ID * @return Request ID
* @since 1.1 * @since 1.1
@ -93,6 +100,22 @@ public abstract class VaultDataResponse implements VaultResponse {
return wrapInfo; return wrapInfo;
} }
/**
* @return Authentication information for this response
* @since 1.3
*/
public final AuthData getAuth() {
return auth;
}
/**
* @return Information about the type of mount this secret is from (since Vault 1.17)
* @since 1.3
*/
public final String getMountType() {
return mountType;
}
@Override @Override
public boolean equals(Object o) { public boolean equals(Object o) {
if (this == o) { if (this == o) {
@ -106,11 +129,13 @@ public abstract class VaultDataResponse implements VaultResponse {
Objects.equals(leaseId, that.leaseId) && Objects.equals(leaseId, that.leaseId) &&
Objects.equals(leaseDuration, that.leaseDuration) && Objects.equals(leaseDuration, that.leaseDuration) &&
Objects.equals(warnings, that.warnings) && Objects.equals(warnings, that.warnings) &&
Objects.equals(wrapInfo, that.wrapInfo); Objects.equals(wrapInfo, that.wrapInfo) &&
Objects.equals(auth, that.auth) &&
Objects.equals(mountType, that.mountType);
} }
@Override @Override
public int hashCode() { public int hashCode() {
return Objects.hash(requestId, leaseId, renewable, leaseDuration, warnings, wrapInfo); return Objects.hash(requestId, leaseId, renewable, leaseDuration, warnings, wrapInfo, auth, mountType);
} }
} }

2
src/main/java/de/stklcode/jvault/connector/model/response/VaultResponse.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

18
src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthData.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -33,7 +33,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class AuthData implements Serializable { public final class AuthData implements Serializable {
private static final long serialVersionUID = 3067695351664603536L; private static final long serialVersionUID = 5969334512309655317L;
@JsonProperty("client_token") @JsonProperty("client_token")
private String clientToken; private String clientToken;
@ -65,6 +65,9 @@ public final class AuthData implements Serializable {
@JsonProperty("orphan") @JsonProperty("orphan")
private boolean orphan; private boolean orphan;
@JsonProperty("num_uses")
private Integer numUses;
@JsonProperty("mfa_requirement") @JsonProperty("mfa_requirement")
private MfaRequirement mfaRequirement; private MfaRequirement mfaRequirement;
@ -134,6 +137,14 @@ public final class AuthData implements Serializable {
return accessor; return accessor;
} }
/**
* @return allowed number of uses for the issued token
* @since 1.3
*/
public Integer getNumUses() {
return numUses;
}
/** /**
* @return Token is orphan * @return Token is orphan
* @since 0.9 * @since 0.9
@ -169,12 +180,13 @@ public final class AuthData implements Serializable {
Objects.equals(leaseDuration, authData.leaseDuration) && Objects.equals(leaseDuration, authData.leaseDuration) &&
Objects.equals(entityId, authData.entityId) && Objects.equals(entityId, authData.entityId) &&
Objects.equals(tokenType, authData.tokenType) && Objects.equals(tokenType, authData.tokenType) &&
Objects.equals(numUses, authData.numUses) &&
Objects.equals(mfaRequirement, authData.mfaRequirement); Objects.equals(mfaRequirement, authData.mfaRequirement);
} }
@Override @Override
public int hashCode() { public int hashCode() {
return Objects.hash(clientToken, accessor, policies, tokenPolicies, metadata, leaseDuration, renewable, return Objects.hash(clientToken, accessor, policies, tokenPolicies, metadata, leaseDuration, renewable,
entityId, tokenType, orphan, mfaRequirement); entityId, tokenType, orphan, numUses, mfaRequirement);
} }
} }

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthMethod.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/MfaConstraintAny.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/MfaMethodId.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/MfaRequirement.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

72
src/main/java/de/stklcode/jvault/connector/model/response/embedded/SecretMetadata.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -21,7 +21,7 @@ import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serializable; import java.io.Serializable;
import java.time.ZonedDateTime; import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter; import java.util.HashMap;
import java.util.Map; import java.util.Map;
import java.util.Objects; import java.util.Objects;
@ -34,10 +34,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class SecretMetadata implements Serializable { public final class SecretMetadata implements Serializable {
private static final long serialVersionUID = -4967896264361344676L; private static final long serialVersionUID = -905059942871916214L;
private static final DateTimeFormatter TIME_FORMAT =
DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss.SSSSSSSSSXXX");
@JsonProperty("created_time") @JsonProperty("created_time")
private ZonedDateTime createdTime; private ZonedDateTime createdTime;
@ -57,18 +54,14 @@ public final class SecretMetadata implements Serializable {
@JsonProperty("versions") @JsonProperty("versions")
private Map<Integer, VersionMetadata> versions; private Map<Integer, VersionMetadata> versions;
/** @JsonProperty("cas_required")
* @return Time of secret creation as raw string representation. private Boolean casRequired;
* @deprecated Method left for backwards compatibility only. Use {@link #getCreatedTime()} instead.
*/
@Deprecated(since = "1.2", forRemoval = true)
public String getCreatedTimeString() {
if (createdTime != null) {
return TIME_FORMAT.format(createdTime);
}
return null; @JsonProperty("custom_metadata")
} private HashMap<String, String> customMetadata;
@JsonProperty("delete_version_after")
private String deleteVersionAfter;
/** /**
* @return Time of secret creation. * @return Time of secret creation.
@ -98,19 +91,6 @@ public final class SecretMetadata implements Serializable {
return oldestVersion; return oldestVersion;
} }
/**
* @return Time of secret update as raw string representation.
* @deprecated Method left for backwards compatibility only. Use {@link #getUpdatedTime()} instead.
*/
@Deprecated(since = "1.2", forRemoval = true)
public String getUpdatedTimeString() {
if (updatedTime != null) {
return TIME_FORMAT.format(updatedTime);
}
return null;
}
/** /**
* @return Time of secret update. * @return Time of secret update.
*/ */
@ -125,6 +105,30 @@ public final class SecretMetadata implements Serializable {
return versions; return versions;
} }
/**
* @return CAS required?
* @since 1.3
*/
public Boolean isCasRequired() {
return casRequired;
}
/**
* @return Custom metadata.
* @since 1.3
*/
public Map<String, String> getCustomMetadata() {
return customMetadata;
}
/**
* @return time duration to delete version
* @since 1.3
*/
public String getDeleteVersionAfter() {
return deleteVersionAfter;
}
@Override @Override
public boolean equals(Object o) { public boolean equals(Object o) {
if (this == o) { if (this == o) {
@ -138,11 +142,15 @@ public final class SecretMetadata implements Serializable {
Objects.equals(maxVersions, that.maxVersions) && Objects.equals(maxVersions, that.maxVersions) &&
Objects.equals(oldestVersion, that.oldestVersion) && Objects.equals(oldestVersion, that.oldestVersion) &&
Objects.equals(updatedTime, that.updatedTime) && Objects.equals(updatedTime, that.updatedTime) &&
Objects.equals(versions, that.versions); Objects.equals(versions, that.versions) &&
Objects.equals(casRequired, that.casRequired) &&
Objects.equals(customMetadata, that.customMetadata) &&
Objects.equals(deleteVersionAfter, that.deleteVersionAfter);
} }
@Override @Override
public int hashCode() { public int hashCode() {
return Objects.hash(createdTime, currentVersion, maxVersions, oldestVersion, updatedTime, versions); return Objects.hash(createdTime, currentVersion, maxVersions, oldestVersion, updatedTime, versions, casRequired,
customMetadata, deleteVersionAfter);
} }
} }

34
src/main/java/de/stklcode/jvault/connector/model/response/embedded/TokenData.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -21,7 +21,6 @@ import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serializable; import java.io.Serializable;
import java.time.ZonedDateTime; import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Objects; import java.util.Objects;
@ -37,9 +36,6 @@ import java.util.Objects;
public final class TokenData implements Serializable { public final class TokenData implements Serializable {
private static final long serialVersionUID = -5749716740973138916L; private static final long serialVersionUID = -5749716740973138916L;
private static final DateTimeFormatter TIME_FORMAT =
DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss.SSSSSSSSSXXX");
@JsonProperty("accessor") @JsonProperty("accessor")
private String accessor; private String accessor;
@ -127,20 +123,6 @@ public final class TokenData implements Serializable {
return entityId; return entityId;
} }
/**
* @return Expire time as raw string value
* @since 0.9
* @deprecated Method left for backwards compatibility only. Use {@link #getExpireTime()} instead.
*/
@Deprecated(since = "1.2", forRemoval = true)
public String getExpireTimeString() {
if (expireTime != null) {
return TIME_FORMAT.format(expireTime);
}
return null;
}
/** /**
* @return Expire time (parsed) * @return Expire time (parsed)
* @since 0.9 * @since 0.9
@ -164,20 +146,6 @@ public final class TokenData implements Serializable {
return id; return id;
} }
/**
* @return Issue time as raw string value
* @since 0.9
* @deprecated Method left for backwards compatibility only. Use {@link #getIssueTime()} instead.
*/
@Deprecated(since = "1.2", forRemoval = true)
public String getIssueTimeString() {
if (issueTime != null) {
return TIME_FORMAT.format(issueTime);
}
return null;
}
/** /**
* @return Expire time (parsed) * @return Expire time (parsed)
* @since 0.9 * @since 0.9

50
src/main/java/de/stklcode/jvault/connector/model/response/embedded/VersionMetadata.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -21,7 +21,8 @@ import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serializable; import java.io.Serializable;
import java.time.ZonedDateTime; import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter; import java.util.HashMap;
import java.util.Map;
import java.util.Objects; import java.util.Objects;
/** /**
@ -33,10 +34,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class VersionMetadata implements Serializable { public final class VersionMetadata implements Serializable {
private static final long serialVersionUID = -6815731513868586713L; private static final long serialVersionUID = 8495687554714216478L;
private static final DateTimeFormatter TIME_FORMAT =
DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss.SSSSSSSSSXXX");
@JsonProperty("created_time") @JsonProperty("created_time")
private ZonedDateTime createdTime; private ZonedDateTime createdTime;
@ -50,18 +48,8 @@ public final class VersionMetadata implements Serializable {
@JsonProperty("version") @JsonProperty("version")
private Integer version; private Integer version;
/** @JsonProperty("custom_metadata")
* @return Time of secret creation as raw string representation. private HashMap<String, String> customMetadata;
* @deprecated Method left for backwards compatibility only. Use {@link #getCreatedTime()} instead.
*/
@Deprecated(since = "1.2", forRemoval = true)
public String getCreatedTimeString() {
if (createdTime != null) {
return TIME_FORMAT.format(createdTime);
}
return null;
}
/** /**
* @return Time of secret creation. * @return Time of secret creation.
@ -70,19 +58,6 @@ public final class VersionMetadata implements Serializable {
return createdTime; return createdTime;
} }
/**
* @return Time for secret deletion as raw string representation.
* @deprecated Method left for backwards compatibility only. Use {@link #getDeletionTime()} instead.
*/
@Deprecated(since = "1.2", forRemoval = true)
public String getDeletionTimeString() {
if (deletionTime != null) {
return TIME_FORMAT.format(deletionTime);
}
return null;
}
/** /**
* @return Time for secret deletion. * @return Time for secret deletion.
*/ */
@ -104,6 +79,14 @@ public final class VersionMetadata implements Serializable {
return version; return version;
} }
/**
* @return Custom metadata.
* @since 1.3
*/
public Map<String, String> getCustomMetadata() {
return customMetadata;
}
@Override @Override
public boolean equals(Object o) { public boolean equals(Object o) {
if (this == o) { if (this == o) {
@ -115,11 +98,12 @@ public final class VersionMetadata implements Serializable {
return destroyed == that.destroyed && return destroyed == that.destroyed &&
Objects.equals(createdTime, that.createdTime) && Objects.equals(createdTime, that.createdTime) &&
Objects.equals(deletionTime, that.deletionTime) && Objects.equals(deletionTime, that.deletionTime) &&
Objects.equals(version, that.version); Objects.equals(version, that.version) &&
Objects.equals(customMetadata, that.customMetadata);
} }
@Override @Override
public int hashCode() { public int hashCode() {
return Objects.hash(createdTime, deletionTime, destroyed, version); return Objects.hash(createdTime, deletionTime, destroyed, version, customMetadata);
} }
} }

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/WrapInfo.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/package-info.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/package-info.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/package-info.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
src/main/java/module-info.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -31,6 +31,7 @@ module de.stklcode.jvault.connector {
opens de.stklcode.jvault.connector.model.response.embedded to com.fasterxml.jackson.databind; opens de.stklcode.jvault.connector.model.response.embedded to com.fasterxml.jackson.databind;
requires java.net.http; requires java.net.http;
requires com.fasterxml.jackson.annotation;
requires com.fasterxml.jackson.databind; requires com.fasterxml.jackson.databind;
requires com.fasterxml.jackson.datatype.jsr310; requires com.fasterxml.jackson.datatype.jsr310;
} }

100
src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorBuilderTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -25,7 +25,10 @@ import org.junit.jupiter.api.io.TempDir;
import java.io.File; import java.io.File;
import java.lang.reflect.Field; import java.lang.reflect.Field;
import java.net.URISyntaxException; import java.net.URISyntaxException;
import java.nio.file.Files;
import java.nio.file.NoSuchFileException; import java.nio.file.NoSuchFileException;
import java.nio.file.Paths;
import java.util.concurrent.atomic.AtomicReference;
import static com.github.stefanbirkner.systemlambda.SystemLambda.withEnvironmentVariable; import static com.github.stefanbirkner.systemlambda.SystemLambda.withEnvironmentVariable;
import static org.junit.jupiter.api.Assertions.*; import static org.junit.jupiter.api.Assertions.*;
@ -38,6 +41,8 @@ import static org.junit.jupiter.api.Assertions.*;
*/ */
class HTTPVaultConnectorBuilderTest { class HTTPVaultConnectorBuilderTest {
private static final String VAULT_ADDR = "https://localhost:8201"; private static final String VAULT_ADDR = "https://localhost:8201";
private static final String VAULT_ADDR_2 = "http://localhost";
private static final String VAULT_ADDR_3 = "https://localhost/vault/";
private static final Integer VAULT_MAX_RETRIES = 13; private static final Integer VAULT_MAX_RETRIES = 13;
private static final String VAULT_TOKEN = "00001111-2222-3333-4444-555566667777"; private static final String VAULT_TOKEN = "00001111-2222-3333-4444-555566667777";
@ -112,6 +117,22 @@ class HTTPVaultConnectorBuilderTest {
return null; return null;
}); });
withVaultEnv(VAULT_ADDR_2, null, null, null).execute(() -> {
HTTPVaultConnectorBuilder builder = assertDoesNotThrow(
() -> HTTPVaultConnector.builder().fromEnv(),
"Factory creation from minimal environment failed"
);
assertEquals(VAULT_ADDR_2 + "/v1/", getRequestHelperPrivate(builder.build(), "baseURL"), "URL without port not set correctly");
return null;
});
withVaultEnv(VAULT_ADDR_3, null, null, null).execute(() -> {
HTTPVaultConnectorBuilder builder = assertDoesNotThrow(
() -> HTTPVaultConnector.builder().fromEnv(),
"Factory creation from minimal environment failed"
);
assertEquals(VAULT_ADDR_3, getRequestHelperPrivate(builder.build(), "baseURL"), "URL with custom path not set correctly");
return null;
});
// Provide address and number of retries. // Provide address and number of retries.
withVaultEnv(VAULT_ADDR, null, VAULT_MAX_RETRIES.toString(), null).execute(() -> { withVaultEnv(VAULT_ADDR, null, VAULT_MAX_RETRIES.toString(), null).execute(() -> {
@ -128,20 +149,6 @@ class HTTPVaultConnectorBuilderTest {
return null; return null;
}); });
// Provide CA certificate.
String VAULT_CACERT = tempDir.toString() + "/doesnotexist";
withVaultEnv(VAULT_ADDR, VAULT_CACERT, VAULT_MAX_RETRIES.toString(), null).execute(() -> {
TlsException e = assertThrows(
TlsException.class,
() -> HTTPVaultConnector.builder().fromEnv(),
"Creation with unknown cert path failed"
);
assertTrue(e.getCause() instanceof NoSuchFileException);
assertEquals(VAULT_CACERT, ((NoSuchFileException) e.getCause()).getFile());
return null;
});
// Automatic authentication. // Automatic authentication.
withVaultEnv(VAULT_ADDR, null, VAULT_MAX_RETRIES.toString(), VAULT_TOKEN).execute(() -> { withVaultEnv(VAULT_ADDR, null, VAULT_MAX_RETRIES.toString(), VAULT_TOKEN).execute(() -> {
HTTPVaultConnectorBuilder builder = assertDoesNotThrow( HTTPVaultConnectorBuilder builder = assertDoesNotThrow(
@ -165,11 +172,64 @@ class HTTPVaultConnectorBuilderTest {
}); });
} }
private SystemLambda.WithEnvironmentVariables withVaultEnv(String vault_addr, String vault_cacert, String vault_max_retries, String vault_token) { /**
return withEnvironmentVariable("VAULT_ADDR", vault_addr) * Test CA certificate handling from environment variables
.and("VAULT_CACERT", vault_cacert) */
.and("VAULT_MAX_RETRIES", vault_max_retries) @Test
.and("VAULT_TOKEN", vault_token); void testCertificateFromEnv() throws Exception {
// From direct PEM content
String pem = Files.readString(Paths.get(getClass().getResource("/tls/ca.pem").toURI()));
AtomicReference<Object> certFromPem = new AtomicReference<>();
withVaultEnv(VAULT_ADDR, pem, null, null).execute(() -> {
HTTPVaultConnectorBuilder builder = assertDoesNotThrow(
() -> HTTPVaultConnector.builder().fromEnv(),
"Builder with PEM certificate from environment failed"
);
HTTPVaultConnector connector = builder.build();
certFromPem.set(getRequestHelperPrivate(connector, "trustedCaCert"));
assertNotNull(certFromPem.get(), "Trusted CA cert from PEM not set");
return null;
});
// From file path
String file = Paths.get(getClass().getResource("/tls/ca.pem").toURI()).toString();
AtomicReference<Object> certFromFile = new AtomicReference<>();
withVaultEnv(VAULT_ADDR, file, null, null).execute(() -> {
HTTPVaultConnectorBuilder builder = assertDoesNotThrow(
() -> HTTPVaultConnector.builder().fromEnv(),
"Builder with certificate path from environment failed"
);
HTTPVaultConnector connector = builder.build();
certFromFile.set(getRequestHelperPrivate(connector, "trustedCaCert"));
assertNotNull(certFromFile.get(), "Trusted CA cert from file not set");
return null;
});
assertEquals(certFromPem.get(), certFromFile.get(), "Certificates from PEM and file should be equal");
// Non-existing path CA certificate path
String doesNotExist = tempDir.toString() + "/doesnotexist";
withVaultEnv(VAULT_ADDR, doesNotExist, VAULT_MAX_RETRIES.toString(), null).execute(() -> {
TlsException e = assertThrows(
TlsException.class,
() -> HTTPVaultConnector.builder().fromEnv(),
"Creation with unknown cert path failed"
);
assertEquals(doesNotExist, assertInstanceOf(NoSuchFileException.class, e.getCause()).getFile());
return null;
});
}
private SystemLambda.WithEnvironmentVariables withVaultEnv(String vaultAddr, String vaultCacert, String vaultMaxRetries, String vaultToken) {
return withEnvironmentVariable("VAULT_ADDR", vaultAddr)
.and("VAULT_CACERT", vaultCacert)
.and("VAULT_MAX_RETRIES", vaultMaxRetries)
.and("VAULT_TOKEN", vaultToken);
} }
private Object getRequestHelperPrivate(HTTPVaultConnector connector, String fieldName) throws NoSuchFieldException, IllegalAccessException { private Object getRequestHelperPrivate(HTTPVaultConnector connector, String fieldName) throws NoSuchFieldException, IllegalAccessException {

204
src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorIT.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -25,17 +25,18 @@ import de.stklcode.jvault.connector.model.response.*;
import de.stklcode.jvault.connector.test.Credentials; import de.stklcode.jvault.connector.test.Credentials;
import de.stklcode.jvault.connector.test.VaultConfiguration; import de.stklcode.jvault.connector.test.VaultConfiguration;
import org.junit.jupiter.api.*; import org.junit.jupiter.api.*;
import org.junit.jupiter.api.condition.EnabledIf;
import org.junit.jupiter.api.io.TempDir; import org.junit.jupiter.api.io.TempDir;
import java.io.*; import java.io.*;
import java.lang.reflect.Field; import java.lang.reflect.Field;
import java.net.ServerSocket; import java.net.ServerSocket;
import java.nio.file.Files;
import java.nio.file.Paths; import java.nio.file.Paths;
import java.util.*; import java.util.*;
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
import java.util.regex.Pattern; import java.util.regex.Pattern;
import static java.nio.charset.StandardCharsets.UTF_8;
import static java.util.Collections.singletonMap; import static java.util.Collections.singletonMap;
import static org.apache.commons.io.FileUtils.copyDirectory; import static org.apache.commons.io.FileUtils.copyDirectory;
import static org.awaitility.Awaitility.await; import static org.awaitility.Awaitility.await;
@ -51,7 +52,7 @@ import static org.junit.jupiter.api.Assumptions.assumeTrue;
* @since 0.1 * @since 0.1
*/ */
class HTTPVaultConnectorIT { class HTTPVaultConnectorIT {
private static String VAULT_VERSION = "1.15.4"; // The vault version this test is supposed to run against. private static String VAULT_VERSION = "1.19.0"; // The vault version this test is supposed to run against.
private static final String KEY1 = "E38bkCm0VhUvpdCKGQpcohhD9XmcHJ/2hreOSY019Lho"; private static final String KEY1 = "E38bkCm0VhUvpdCKGQpcohhD9XmcHJ/2hreOSY019Lho";
private static final String KEY2 = "O5OHwDleY3IiPdgw61cgHlhsrEm6tVJkrxhF6QAnILd1"; private static final String KEY2 = "O5OHwDleY3IiPdgw61cgHlhsrEm6tVJkrxhF6QAnILd1";
private static final String KEY3 = "mw7Bm3nbt/UWa/juDjjL2EPQ04kiJ0saC5JEXwJvXYsB"; private static final String KEY3 = "mw7Bm3nbt/UWa/juDjjL2EPQ04kiJ0saC5JEXwJvXYsB";
@ -59,7 +60,6 @@ class HTTPVaultConnectorIT {
private static final String USER_VALID = "validUser"; private static final String USER_VALID = "validUser";
private static final String PASS_VALID = "validPass"; private static final String PASS_VALID = "validPass";
private static boolean legacy;
private Process vaultProcess; private Process vaultProcess;
private VaultConnector connector; private VaultConnector connector;
@ -70,9 +70,6 @@ class HTTPVaultConnectorIT {
VAULT_VERSION = System.getenv("VAULT_VERSION"); VAULT_VERSION = System.getenv("VAULT_VERSION");
System.out.println("Vault version set to " + VAULT_VERSION); System.out.println("Vault version set to " + VAULT_VERSION);
} }
if (compareVersions(VAULT_VERSION, "1.12.0") < 0) {
legacy = true;
}
} }
/** /**
@ -129,13 +126,11 @@ class HTTPVaultConnectorIT {
@Test @Test
@Order(10) @Order(10)
@DisplayName("Read secrets") @DisplayName("Read secrets")
@SuppressWarnings("deprecation")
void readSecretTest() { void readSecretTest() {
authUser(); authUser();
assumeTrue(connector.isAuthorized()); assumeTrue(connector.isAuthorized());
// Try to read path user has no permission to read. // Try to read path user has no permission to read.
SecretResponse res = null;
final String invalidPath = "secret/invalid/path"; final String invalidPath = "secret/invalid/path";
VaultConnectorException e = assertThrows( VaultConnectorException e = assertThrows(
@ -151,7 +146,7 @@ class HTTPVaultConnectorIT {
assertFalse(Pattern.compile("[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}").matcher(stackTrace(e)).find()); assertFalse(Pattern.compile("[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}").matcher(stackTrace(e)).find());
// Try to read accessible path with known value. // Try to read accessible path with known value.
res = assertDoesNotThrow( SecretResponse res = assertDoesNotThrow(
() -> connector.read(SECRET_PATH + "/" + SECRET_KEY), () -> connector.read(SECRET_PATH + "/" + SECRET_KEY),
"Valid secret path could not be read" "Valid secret path could not be read"
); );
@ -216,7 +211,6 @@ class HTTPVaultConnectorIT {
@Test @Test
@Order(30) @Order(30)
@DisplayName("Write secrets") @DisplayName("Write secrets")
@SuppressWarnings("deprecation")
void writeSecretTest() { void writeSecretTest() {
authUser(); authUser();
assumeTrue(connector.isAuthorized()); assumeTrue(connector.isAuthorized());
@ -550,74 +544,6 @@ class HTTPVaultConnectorIT {
} }
} }
@Nested
@DisplayName("App-ID Tests")
@EnabledIf(value = "de.stklcode.jvault.connector.HTTPVaultConnectorIT#isLegacy",
disabledReason = "AppID tests no longer available for Vault 1.12 and above")
@SuppressWarnings("deprecation")
class AppIdTests {
private static final String APP_ID = "152AEA38-85FB-47A8-9CBD-612D645BFACA";
private static final String USER_ID = "5ADF8218-D7FB-4089-9E38-287465DBF37E";
/**
* App-ID authentication roundtrip.
*/
@Test
@Order(10)
@DisplayName("Authenticate with App-ID")
void authAppIdTest() {
// Try unauthorized access first.
assumeFalse(connector.isAuthorized());
assertThrows(
AuthorizationRequiredException.class,
() -> connector.registerAppId("", "", ""),
"Expected exception not thrown"
);
assertThrows(
AuthorizationRequiredException.class,
() -> connector.registerUserId("", ""),
"Expected exception not thrown"
);
}
/**
* App-ID authentication roundtrip.
*/
@Test
@Order(20)
@DisplayName("Register App-ID")
void registerAppIdTest() {
// Authorize.
authRoot();
assumeTrue(connector.isAuthorized());
// Register App-ID.
boolean res = assertDoesNotThrow(
() -> connector.registerAppId(APP_ID, "user", "App Name"),
"Failed to register App-ID"
);
assertTrue(res, "Failed to register App-ID");
// Register User-ID.
res = assertDoesNotThrow(
() -> connector.registerUserId(APP_ID, USER_ID),
"Failed to register App-ID"
);
assertTrue(res, "Failed to register App-ID");
connector.resetAuth();
assumeFalse(connector.isAuthorized());
// Authenticate with created credentials.
AuthResponse resp = assertDoesNotThrow(
() -> connector.authAppId(APP_ID, USER_ID),
"Failed to authenticate using App-ID"
);
assertTrue(connector.isAuthorized(), "Authorization flag not set after App-ID login");
}
}
@Nested @Nested
@DisplayName("AppRole Tests") @DisplayName("AppRole Tests")
@TestMethodOrder(MethodOrderer.OrderAnnotation.class) @TestMethodOrder(MethodOrderer.OrderAnnotation.class)
@ -909,7 +835,7 @@ class HTTPVaultConnectorIT {
assertFalse(res.getAuth().isRenewable(), "Root token should not be renewable"); assertFalse(res.getAuth().isRenewable(), "Root token should not be renewable");
assertFalse(res.getAuth().isOrphan(), "Root token should not be orphan"); assertFalse(res.getAuth().isOrphan(), "Root token should not be orphan");
// Starting with Vault 1.0 a warning "custom ID uses weaker SHA1.." is given. // Starting with Vault 1.0 a warning "custom ID uses weaker SHA1..." is given.
// Starting with Vault 1.11 a second warning "Endpoint ignored unrecognized parameters" is given. // Starting with Vault 1.11 a second warning "Endpoint ignored unrecognized parameters" is given.
assertFalse(res.getWarnings().isEmpty(), "Token creation did not return expected warning"); assertFalse(res.getWarnings().isEmpty(), "Token creation did not return expected warning");
@ -1063,6 +989,75 @@ class HTTPVaultConnectorIT {
} }
} }
@Nested
@DisplayName("Transit Tests")
class TransitTests {
@Test
@DisplayName("Transit encryption")
void transitEncryptTest() {
assertDoesNotThrow(() -> connector.authToken(TOKEN_ROOT));
assumeTrue(connector.isAuthorized());
TransitResponse transitResponse = assertDoesNotThrow(
() -> connector.transitEncrypt("my-key", "dGVzdCBtZQ=="),
"Failed to encrypt via transit"
);
assertNotNull(transitResponse.getCiphertext());
assertTrue(transitResponse.getCiphertext().startsWith("vault:v1:"));
transitResponse = assertDoesNotThrow(
() -> connector.transitEncrypt("my-key", "test me".getBytes(UTF_8)),
"Failed to encrypt binary data via transit"
);
assertNotNull(transitResponse.getCiphertext());
assertTrue(transitResponse.getCiphertext().startsWith("vault:v1:"));
}
@Test
@DisplayName("Transit decryption")
void transitDecryptTest() {
assertDoesNotThrow(() -> connector.authToken(TOKEN_ROOT));
assumeTrue(connector.isAuthorized());
TransitResponse transitResponse = assertDoesNotThrow(
() -> connector.transitDecrypt("my-key", "vault:v1:1mhLVkBAR2nrFtIkJF/qg57DWfRj0FWgR6tvkGO8XOnL6sw="),
"Failed to decrypt via transit"
);
assertEquals("dGVzdCBtZQ==", transitResponse.getPlaintext());
}
@Test
@DisplayName("Transit hash")
void transitHashText() {
assertDoesNotThrow(() -> connector.authToken(TOKEN_ROOT));
assumeTrue(connector.isAuthorized());
TransitResponse transitResponse = assertDoesNotThrow(
() -> connector.transitHash("sha2-512", "dGVzdCBtZQ=="),
"Failed to hash via transit"
);
assertEquals("7677af0ee4effaa9f35e9b1e82d182f79516ab8321786baa23002de7c06851059492dd37d5fc3791f17d81d4b58198d24a6fd8bbd62c42c1c30b371da500f193", transitResponse.getSum());
TransitResponse transitResponseBase64 = assertDoesNotThrow(
() -> connector.transitHash("sha2-256", "dGVzdCBtZQ==", "base64"),
"Failed to hash via transit with base64 output"
);
assertEquals("5DfYkW7cvGLkfy36cXhqmZcygEy9HpnFNB4WWXKOl1M=", transitResponseBase64.getSum());
transitResponseBase64 = assertDoesNotThrow(
() -> connector.transitHash("sha2-256", "test me".getBytes(UTF_8), "base64"),
"Failed to hash binary data via transit"
);
assertEquals("5DfYkW7cvGLkfy36cXhqmZcygEy9HpnFNB4WWXKOl1M=", transitResponseBase64.getSum());
}
}
@Nested @Nested
@DisplayName("Misc Tests") @DisplayName("Misc Tests")
class MiscTests { class MiscTests {
@ -1080,14 +1075,10 @@ class HTTPVaultConnectorIT {
() -> connector.getAuthBackends(), () -> connector.getAuthBackends(),
"Could not list supported auth backends" "Could not list supported auth backends"
); );
if (legacy) {
assertEquals(4, supportedBackends.size());
assertTrue(supportedBackends.containsAll(List.of(AuthBackend.TOKEN, AuthBackend.USERPASS, AuthBackend.APPID, AuthBackend.APPROLE)));
} else {
assertEquals(3, supportedBackends.size()); assertEquals(3, supportedBackends.size());
assertTrue(supportedBackends.containsAll(List.of(AuthBackend.TOKEN, AuthBackend.USERPASS, AuthBackend.APPROLE))); assertTrue(supportedBackends.containsAll(List.of(AuthBackend.TOKEN, AuthBackend.USERPASS, AuthBackend.APPROLE)));
} }
}
/** /**
* Test authentication using username and password. * Test authentication using username and password.
@ -1212,11 +1203,7 @@ class HTTPVaultConnectorIT {
*/ */
private VaultConfiguration initializeVault(File dir, boolean tls) throws IllegalStateException, IOException { private VaultConfiguration initializeVault(File dir, boolean tls) throws IllegalStateException, IOException {
File dataDir = new File(dir, "data"); File dataDir = new File(dir, "data");
if (legacy) {
copyDirectory(new File(getClass().getResource("/data_dir_legacy").getPath()), dataDir);
} else {
copyDirectory(new File(getClass().getResource("/data_dir").getPath()), dataDir); copyDirectory(new File(getClass().getResource("/data_dir").getPath()), dataDir);
}
// Generate vault local unencrypted configuration. // Generate vault local unencrypted configuration.
VaultConfiguration config = new VaultConfiguration() VaultConfiguration config = new VaultConfiguration()
@ -1234,15 +1221,17 @@ class HTTPVaultConnectorIT {
// Write configuration file. // Write configuration file.
File configFile = new File(dir, "vault.conf"); File configFile = new File(dir, "vault.conf");
try (BufferedWriter bw = new BufferedWriter(new FileWriter(configFile))) { try {
bw.write(config.toString()); Files.write(configFile.toPath(), config.toString().getBytes(UTF_8));
} catch (IOException e) { } catch (IOException e) {
throw new IllegalStateException("Unable to generate config file", e); throw new IllegalStateException("Unable to generate config file", e);
} }
// Start vault process. // Start vault process.
try { try {
vaultProcess = Runtime.getRuntime().exec("vault server -config " + configFile); vaultProcess = new ProcessBuilder("vault", "server", "-config", configFile.toString())
.directory(dir)
.start();
} catch (IOException e) { } catch (IOException e) {
throw new IllegalStateException("Unable to start vault. Make sure vault binary is in your executable path", e); throw new IllegalStateException("Unable to start vault. Make sure vault binary is in your executable path", e);
} }
@ -1310,35 +1299,4 @@ class HTTPVaultConnectorIT {
th.printStackTrace(new PrintWriter(sw, true)); th.printStackTrace(new PrintWriter(sw, true));
return sw.getBuffer().toString(); return sw.getBuffer().toString();
} }
/**
* Compare two version strings.
*
* @param version1 Version 1
* @param version2 Version 2
* @return negative value if version 1 is smaller than version2, positive value of version 1 is greater, 0 if equal
*/
private static int compareVersions(String version1, String version2) {
int comparisonResult = 0;
String[] version1Splits = version1.split("\\.");
String[] version2Splits = version2.split("\\.");
int maxLengthOfVersionSplits = Math.max(version1Splits.length, version2Splits.length);
for (int i = 0; i < maxLengthOfVersionSplits; i++) {
Integer v1 = i < version1Splits.length ? Integer.parseInt(version1Splits[i]) : 0;
Integer v2 = i < version2Splits.length ? Integer.parseInt(version2Splits[i]) : 0;
int compare = v1.compareTo(v2);
if (compare != 0) {
comparisonResult = compare;
break;
}
}
return comparisonResult;
}
private static boolean isLegacy() {
return legacy;
}
} }

51
src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -17,13 +17,13 @@
package de.stklcode.jvault.connector; package de.stklcode.jvault.connector;
import com.github.tomakehurst.wiremock.client.WireMock; import com.github.tomakehurst.wiremock.client.WireMock;
import com.github.tomakehurst.wiremock.junit5.WireMockExtension; import com.github.tomakehurst.wiremock.junit5.WireMockRuntimeInfo;
import com.github.tomakehurst.wiremock.junit5.WireMockTest;
import de.stklcode.jvault.connector.exception.ConnectionException; import de.stklcode.jvault.connector.exception.ConnectionException;
import de.stklcode.jvault.connector.exception.InvalidResponseException; import de.stklcode.jvault.connector.exception.InvalidResponseException;
import de.stklcode.jvault.connector.exception.PermissionDeniedException; import de.stklcode.jvault.connector.exception.PermissionDeniedException;
import de.stklcode.jvault.connector.exception.VaultConnectorException; import de.stklcode.jvault.connector.exception.VaultConnectorException;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.RegisterExtension;
import org.junit.jupiter.api.function.Executable; import org.junit.jupiter.api.function.Executable;
import java.io.IOException; import java.io.IOException;
@ -36,9 +36,7 @@ import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.util.Collections; import java.util.Collections;
import static com.github.tomakehurst.wiremock.client.WireMock.aResponse; import static com.github.tomakehurst.wiremock.client.WireMock.*;
import static com.github.tomakehurst.wiremock.client.WireMock.anyUrl;
import static com.github.tomakehurst.wiremock.core.WireMockConfiguration.wireMockConfig;
import static org.junit.jupiter.api.Assertions.*; import static org.junit.jupiter.api.Assertions.*;
/** /**
@ -48,18 +46,15 @@ import static org.junit.jupiter.api.Assertions.*;
* @author Stefan Kalscheuer * @author Stefan Kalscheuer
* @since 0.7.0 * @since 0.7.0
*/ */
@WireMockTest
class HTTPVaultConnectorTest { class HTTPVaultConnectorTest {
@RegisterExtension
static WireMockExtension wireMock = WireMockExtension.newInstance()
.options(wireMockConfig().dynamicPort())
.build();
/** /**
* Test exceptions thrown during request. * Test exceptions thrown during request.
*/ */
@Test @Test
void requestExceptionTest() throws IOException, URISyntaxException { void requestExceptionTest(WireMockRuntimeInfo wireMock) throws IOException, URISyntaxException {
HTTPVaultConnector connector = HTTPVaultConnector.builder(wireMock.url("/")).withTimeout(250).build(); HTTPVaultConnector connector = HTTPVaultConnector.builder(wireMock.getHttpBaseUrl()).withTimeout(250).build();
// Test invalid response code. // Test invalid response code.
final int responseCode = 400; final int responseCode = 400;
@ -91,12 +86,12 @@ class HTTPVaultConnectorTest {
"Querying health status succeeded on invalid instance" "Querying health status succeeded on invalid instance"
); );
assertEquals("Unable to connect to Vault server", e.getMessage(), "Unexpected exception message"); assertEquals("Unable to connect to Vault server", e.getMessage(), "Unexpected exception message");
assertTrue(e.getCause() instanceof IOException, "Unexpected cause"); assertInstanceOf(IOException.class, e.getCause(), "Unexpected cause");
// Now simulate a failing request that succeeds on second try. // Now simulate a failing request that succeeds on second try.
connector = HTTPVaultConnector.builder(wireMock.url("/")).withNumberOfRetries(1).withTimeout(250).build(); connector = HTTPVaultConnector.builder(wireMock.getHttpBaseUrl()).withNumberOfRetries(1).withTimeout(250).build();
wireMock.stubFor( stubFor(
WireMock.any(anyUrl()) WireMock.any(anyUrl())
.willReturn(aResponse().withStatus(500)) .willReturn(aResponse().withStatus(500))
.willReturn(aResponse().withStatus(500)) .willReturn(aResponse().withStatus(500))
@ -193,8 +188,8 @@ class HTTPVaultConnectorTest {
* Test behavior on unparsable responses. * Test behavior on unparsable responses.
*/ */
@Test @Test
void parseExceptionTest() throws URISyntaxException { void parseExceptionTest(WireMockRuntimeInfo wireMock) throws URISyntaxException {
HTTPVaultConnector connector = HTTPVaultConnector.builder(wireMock.url("/")).withTimeout(250).build(); HTTPVaultConnector connector = HTTPVaultConnector.builder(wireMock.getHttpBaseUrl()).withTimeout(250).build();
// Mock authorization. // Mock authorization.
setPrivate(connector, "authorized", true); setPrivate(connector, "authorized", true);
// Mock response. // Mock response.
@ -227,26 +222,14 @@ class HTTPVaultConnectorTest {
* Test requests that expect an empty response with code 204, but receive a 200 body. * Test requests that expect an empty response with code 204, but receive a 200 body.
*/ */
@Test @Test
void nonEmpty204ResponseTest() throws URISyntaxException { void nonEmpty204ResponseTest(WireMockRuntimeInfo wireMock) throws URISyntaxException {
HTTPVaultConnector connector = HTTPVaultConnector.builder(wireMock.url("/")).withTimeout(250).build(); HTTPVaultConnector connector = HTTPVaultConnector.builder(wireMock.getHttpBaseUrl()).withTimeout(250).build();
// Mock authorization. // Mock authorization.
setPrivate(connector, "authorized", true); setPrivate(connector, "authorized", true);
// Mock response. // Mock response.
mockHttpResponse(200, "{}", "application/json"); mockHttpResponse(200, "{}", "application/json");
// Now test the methods expecting a 204. // Now test the methods expecting a 204.
assertThrows(
InvalidResponseException.class,
() -> connector.registerAppId("appID", "policy", "displayName"),
"registerAppId() with 200 response succeeded"
);
assertThrows(
InvalidResponseException.class,
() -> connector.registerUserId("appID", "userID"),
"registerUserId() with 200 response succeeded"
);
assertThrows( assertThrows(
InvalidResponseException.class, InvalidResponseException.class,
() -> connector.createAppRole("appID", Collections.singletonList("policy")), () -> connector.createAppRole("appID", Collections.singletonList("policy")),
@ -300,7 +283,7 @@ class HTTPVaultConnectorTest {
private Object getPrivate(Object target, String fieldName) throws NoSuchFieldException, IllegalAccessException { private Object getPrivate(Object target, String fieldName) throws NoSuchFieldException, IllegalAccessException {
Field field = target.getClass().getDeclaredField(fieldName); Field field = target.getClass().getDeclaredField(fieldName);
if (field.isAccessible()) { if (field.canAccess(target)) {
return field.get(target); return field.get(target);
} }
field.setAccessible(true); field.setAccessible(true);
@ -312,7 +295,7 @@ class HTTPVaultConnectorTest {
private void setPrivate(Object target, String fieldName, Object value) { private void setPrivate(Object target, String fieldName, Object value) {
try { try {
Field field = target.getClass().getDeclaredField(fieldName); Field field = target.getClass().getDeclaredField(fieldName);
boolean accessible = field.isAccessible(); boolean accessible = field.canAccess(target);
field.setAccessible(true); field.setAccessible(true);
field.set(target, value); field.set(target, value);
field.setAccessible(accessible); field.setAccessible(accessible);
@ -322,7 +305,7 @@ class HTTPVaultConnectorTest {
} }
private void mockHttpResponse(int status, String body, String contentType) { private void mockHttpResponse(int status, String body, String contentType) {
wireMock.stubFor( stubFor(
WireMock.any(anyUrl()).willReturn( WireMock.any(anyUrl()).willReturn(
aResponse().withStatus(status).withBody(body).withHeader("Content-Type", contentType) aResponse().withStatus(status).withBody(body).withHeader("Content-Type", contentType)
) )

2
src/test/java/de/stklcode/jvault/connector/exception/VaultConnectorExceptionTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

8
src/test/java/de/stklcode/jvault/connector/model/AbstractModelTest.java
View File

@ -3,6 +3,7 @@ package de.stklcode.jvault.connector.model;
import com.fasterxml.jackson.databind.DeserializationFeature; import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature; import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.databind.json.JsonMapper;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import nl.jqno.equalsverifier.EqualsVerifier; import nl.jqno.equalsverifier.EqualsVerifier;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
@ -29,10 +30,11 @@ public abstract class AbstractModelTest<T> {
*/ */
protected AbstractModelTest(Class<T> modelClass) { protected AbstractModelTest(Class<T> modelClass) {
this.modelClass = modelClass; this.modelClass = modelClass;
this.objectMapper = new ObjectMapper() this.objectMapper = JsonMapper.builder()
.registerModule(new JavaTimeModule()) .addModule(new JavaTimeModule())
.enable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS) .enable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS)
.disable(DeserializationFeature.ADJUST_DATES_TO_CONTEXT_TIME_ZONE); .disable(DeserializationFeature.ADJUST_DATES_TO_CONTEXT_TIME_ZONE)
.build();
} }
/** /**

8
src/test/java/de/stklcode/jvault/connector/model/AppRoleSecretTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -115,7 +115,7 @@ class AppRoleSecretTest extends AbstractModelTest<AppRoleSecret> {
*/ */
@Test @Test
void jsonTest() throws NoSuchFieldException, IllegalAccessException { void jsonTest() throws NoSuchFieldException, IllegalAccessException {
// A simple roundtrip first. All set fields should be present afterwards.. // A simple roundtrip first. All set fields should be present afterward.
AppRoleSecret secret = new AppRoleSecret(TEST_ID, TEST_META, TEST_CIDR); AppRoleSecret secret = new AppRoleSecret(TEST_ID, TEST_META, TEST_CIDR);
String secretJson = assertDoesNotThrow(() -> objectMapper.writeValueAsString(secret), "Serialization failed"); String secretJson = assertDoesNotThrow(() -> objectMapper.writeValueAsString(secret), "Serialization failed");
// CIDR list is comma-separated when used as input, but List otherwise, hence convert string to list. // CIDR list is comma-separated when used as input, but List otherwise, hence convert string to list.
@ -173,14 +173,14 @@ class AppRoleSecretTest extends AbstractModelTest<AppRoleSecret> {
private static void setPrivateField(Object object, String fieldName, Object value) throws NoSuchFieldException, IllegalAccessException { private static void setPrivateField(Object object, String fieldName, Object value) throws NoSuchFieldException, IllegalAccessException {
Field field = object.getClass().getDeclaredField(fieldName); Field field = object.getClass().getDeclaredField(fieldName);
boolean accessible = field.isAccessible(); boolean accessible = field.canAccess(object);
field.setAccessible(true); field.setAccessible(true);
field.set(object, value); field.set(object, value);
field.setAccessible(accessible); field.setAccessible(accessible);
} }
private static String commaSeparatedToList(String json) { private static String commaSeparatedToList(String json) {
return json.replaceAll("\"cidr_list\":\"([^\"]*)\"", "\"cidr_list\":\\[$1\\]") return json.replaceAll("\"cidr_list\":\"([^\"]*)\"", "\"cidr_list\":[$1]")
.replaceAll("(\\d+\\.\\d+\\.\\d+\\.\\d+/\\d+)", "\"$1\""); .replaceAll("(\\d+\\.\\d+\\.\\d+\\.\\d+/\\d+)", "\"$1\"");
} }
} }

14
src/test/java/de/stklcode/jvault/connector/model/AppRoleTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -43,7 +43,7 @@ class AppRoleTest extends AbstractModelTest<AppRole> {
private static final String POLICY_2 = "policy2"; private static final String POLICY_2 = "policy2";
private static final Integer SECRET_ID_NUM_USES = 10; private static final Integer SECRET_ID_NUM_USES = 10;
private static final Integer SECRET_ID_TTL = 7200; private static final Integer SECRET_ID_TTL = 7200;
private static final Boolean ENABLE_LOCAL_SECRET_IDS = false; private static final Boolean LOCAL_SECRET_IDS = false;
private static final Integer TOKEN_TTL = 4800; private static final Integer TOKEN_TTL = 4800;
private static final Integer TOKEN_MAX_TTL = 9600; private static final Integer TOKEN_MAX_TTL = 9600;
private static final Integer TOKEN_EXPLICIT_MAX_TTL = 14400; private static final Integer TOKEN_EXPLICIT_MAX_TTL = 14400;
@ -52,8 +52,8 @@ class AppRoleTest extends AbstractModelTest<AppRole> {
private static final Integer TOKEN_PERIOD = 1234; private static final Integer TOKEN_PERIOD = 1234;
private static final Token.Type TOKEN_TYPE = Token.Type.DEFAULT_SERVICE; private static final Token.Type TOKEN_TYPE = Token.Type.DEFAULT_SERVICE;
private static final String JSON_MIN = "{\"role_name\":\"" + NAME + "\"}"; private static final String JSON_MIN = "{\"role_name\":\"" + NAME + "\"}";
private static final String JSON_FULL = String.format("{\"role_name\":\"%s\",\"role_id\":\"%s\",\"bind_secret_id\":%s,\"secret_id_bound_cidrs\":\"%s\",\"secret_id_num_uses\":%d,\"secret_id_ttl\":%d,\"enable_local_secret_ids\":%s,\"token_ttl\":%d,\"token_max_ttl\":%d,\"token_policies\":\"%s\",\"token_bound_cidrs\":\"%s\",\"token_explicit_max_ttl\":%d,\"token_no_default_policy\":%s,\"token_num_uses\":%d,\"token_period\":%d,\"token_type\":\"%s\"}", private static final String JSON_FULL = String.format("{\"role_name\":\"%s\",\"role_id\":\"%s\",\"bind_secret_id\":%s,\"secret_id_bound_cidrs\":\"%s\",\"secret_id_num_uses\":%d,\"secret_id_ttl\":%d,\"local_secret_ids\":%s,\"token_ttl\":%d,\"token_max_ttl\":%d,\"token_policies\":\"%s\",\"token_bound_cidrs\":\"%s\",\"token_explicit_max_ttl\":%d,\"token_no_default_policy\":%s,\"token_num_uses\":%d,\"token_period\":%d,\"token_type\":\"%s\"}",
NAME, ID, BIND_SECRET_ID, CIDR_1, SECRET_ID_NUM_USES, SECRET_ID_TTL, ENABLE_LOCAL_SECRET_IDS, TOKEN_TTL, TOKEN_MAX_TTL, POLICY, CIDR_1, TOKEN_EXPLICIT_MAX_TTL, TOKEN_NO_DEFAULT_POLICY, TOKEN_NUM_USES, TOKEN_PERIOD, TOKEN_TYPE.value()); NAME, ID, BIND_SECRET_ID, CIDR_1, SECRET_ID_NUM_USES, SECRET_ID_TTL, LOCAL_SECRET_IDS, TOKEN_TTL, TOKEN_MAX_TTL, POLICY, CIDR_1, TOKEN_EXPLICIT_MAX_TTL, TOKEN_NO_DEFAULT_POLICY, TOKEN_NUM_USES, TOKEN_PERIOD, TOKEN_TYPE.value());
AppRoleTest() { AppRoleTest() {
super(AppRole.class); super(AppRole.class);
@ -68,7 +68,7 @@ class AppRoleTest extends AbstractModelTest<AppRole> {
.withTokenPolicies(POLICIES) .withTokenPolicies(POLICIES)
.withSecretIdNumUses(SECRET_ID_NUM_USES) .withSecretIdNumUses(SECRET_ID_NUM_USES)
.withSecretIdTtl(SECRET_ID_TTL) .withSecretIdTtl(SECRET_ID_TTL)
.withEnableLocalSecretIds(ENABLE_LOCAL_SECRET_IDS) .withLocalSecretIds(LOCAL_SECRET_IDS)
.withTokenTtl(TOKEN_TTL) .withTokenTtl(TOKEN_TTL)
.withTokenMaxTtl(TOKEN_MAX_TTL) .withTokenMaxTtl(TOKEN_MAX_TTL)
.withTokenBoundCidrs(BOUND_CIDR_LIST) .withTokenBoundCidrs(BOUND_CIDR_LIST)
@ -98,7 +98,7 @@ class AppRoleTest extends AbstractModelTest<AppRole> {
assertNull(role.getTokenPolicies()); assertNull(role.getTokenPolicies());
assertNull(role.getSecretIdNumUses()); assertNull(role.getSecretIdNumUses());
assertNull(role.getSecretIdTtl()); assertNull(role.getSecretIdTtl());
assertNull(role.getEnableLocalSecretIds()); assertNull(role.getLocalSecretIds());
assertNull(role.getTokenTtl()); assertNull(role.getTokenTtl());
assertNull(role.getTokenMaxTtl()); assertNull(role.getTokenMaxTtl());
assertNull(role.getTokenBoundCidrs()); assertNull(role.getTokenBoundCidrs());
@ -125,7 +125,7 @@ class AppRoleTest extends AbstractModelTest<AppRole> {
assertEquals(POLICIES, role.getTokenPolicies()); assertEquals(POLICIES, role.getTokenPolicies());
assertEquals(SECRET_ID_NUM_USES, role.getSecretIdNumUses()); assertEquals(SECRET_ID_NUM_USES, role.getSecretIdNumUses());
assertEquals(SECRET_ID_TTL, role.getSecretIdTtl()); assertEquals(SECRET_ID_TTL, role.getSecretIdTtl());
assertEquals(ENABLE_LOCAL_SECRET_IDS, role.getEnableLocalSecretIds()); assertEquals(LOCAL_SECRET_IDS, role.getLocalSecretIds());
assertEquals(TOKEN_TTL, role.getTokenTtl()); assertEquals(TOKEN_TTL, role.getTokenTtl());
assertEquals(TOKEN_MAX_TTL, role.getTokenMaxTtl()); assertEquals(TOKEN_MAX_TTL, role.getTokenMaxTtl());
assertEquals(BOUND_CIDR_LIST, role.getTokenBoundCidrs()); assertEquals(BOUND_CIDR_LIST, role.getTokenBoundCidrs());

4
src/test/java/de/stklcode/jvault/connector/model/AuthBackendTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -33,10 +33,8 @@ class AuthBackendTest {
* Test forType() method. * Test forType() method.
*/ */
@Test @Test
@SuppressWarnings("deprecation")
void forTypeTest() { void forTypeTest() {
assertEquals(AuthBackend.TOKEN, AuthBackend.forType("token")); assertEquals(AuthBackend.TOKEN, AuthBackend.forType("token"));
assertEquals(AuthBackend.APPID, AuthBackend.forType("app-id"));
assertEquals(AuthBackend.USERPASS, AuthBackend.forType("userpass")); assertEquals(AuthBackend.USERPASS, AuthBackend.forType("userpass"));
assertEquals(AuthBackend.GITHUB, AuthBackend.forType("github")); assertEquals(AuthBackend.GITHUB, AuthBackend.forType("github"));
assertEquals(AuthBackend.UNKNOWN, AuthBackend.forType("")); assertEquals(AuthBackend.UNKNOWN, AuthBackend.forType(""));

4
src/test/java/de/stklcode/jvault/connector/model/TokenRoleTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -173,7 +173,7 @@ class TokenRoleTest extends AbstractModelTest<TokenRole> {
assertNull(role.getTokenType()); assertNull(role.getTokenType());
// Empty builder should be equal to no-arg construction. // Empty builder should be equal to no-arg construction.
assertEquals(role, new TokenRole()); assertEquals(new TokenRole(), role);
// Optional fields should be ignored, so JSON string should be empty. // Optional fields should be ignored, so JSON string should be empty.
assertEquals("{}", objectMapper.writeValueAsString(role)); assertEquals("{}", objectMapper.writeValueAsString(role));

4
src/test/java/de/stklcode/jvault/connector/model/TokenTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -105,7 +105,7 @@ class TokenTest extends AbstractModelTest<Token> {
assertEquals("{}", objectMapper.writeValueAsString(token)); assertEquals("{}", objectMapper.writeValueAsString(token));
// Empty builder should be equal to no-arg construction. // Empty builder should be equal to no-arg construction.
assertEquals(token, new Token()); assertEquals(new Token(), token);
} }
/** /**

2
src/test/java/de/stklcode/jvault/connector/model/response/AppRoleResponseTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/test/java/de/stklcode/jvault/connector/model/response/AuthMethodsResponseTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

5
src/test/java/de/stklcode/jvault/connector/model/response/AuthResponseTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -48,6 +48,7 @@ class AuthResponseTest extends AbstractModelTest<AuthResponse> {
private static final String AUTH_ENTITY_ID = ""; private static final String AUTH_ENTITY_ID = "";
private static final String AUTH_TOKEN_TYPE = "service"; private static final String AUTH_TOKEN_TYPE = "service";
private static final Boolean AUTH_ORPHAN = false; private static final Boolean AUTH_ORPHAN = false;
private static final Integer AUTH_NUM_USES = 42;
private static final String MFA_REQUEST_ID = "d0c9eec7-6921-8cc0-be62-202b289ef163"; private static final String MFA_REQUEST_ID = "d0c9eec7-6921-8cc0-be62-202b289ef163";
private static final String MFA_KEY = "enforcementConfigUserpass"; private static final String MFA_KEY = "enforcementConfigUserpass";
private static final String MFA_METHOD_TYPE = "totp"; private static final String MFA_METHOD_TYPE = "totp";
@ -75,6 +76,7 @@ class AuthResponseTest extends AbstractModelTest<AuthResponse> {
" \"entity_id\": \"" + AUTH_ENTITY_ID + "\",\n" + " \"entity_id\": \"" + AUTH_ENTITY_ID + "\",\n" +
" \"token_type\": \"" + AUTH_TOKEN_TYPE + "\",\n" + " \"token_type\": \"" + AUTH_TOKEN_TYPE + "\",\n" +
" \"orphan\": " + AUTH_ORPHAN + ",\n" + " \"orphan\": " + AUTH_ORPHAN + ",\n" +
" \"num_uses\": " + AUTH_NUM_USES + ",\n" +
" \"mfa_requirement\": {\n" + " \"mfa_requirement\": {\n" +
" \"mfa_request_id\": \"" + MFA_REQUEST_ID + "\",\n" + " \"mfa_request_id\": \"" + MFA_REQUEST_ID + "\",\n" +
" \"mfa_constraints\": {\n" + " \"mfa_constraints\": {\n" +
@ -134,6 +136,7 @@ class AuthResponseTest extends AbstractModelTest<AuthResponse> {
assertEquals(AUTH_ORPHAN, data.isOrphan(), "Incorrect auth orphan flag"); assertEquals(AUTH_ORPHAN, data.isOrphan(), "Incorrect auth orphan flag");
assertEquals(AUTH_TOKEN_TYPE, data.getTokenType(), "Incorrect auth token type"); assertEquals(AUTH_TOKEN_TYPE, data.getTokenType(), "Incorrect auth token type");
assertEquals(AUTH_ENTITY_ID, data.getEntityId(), "Incorrect auth entity id"); assertEquals(AUTH_ENTITY_ID, data.getEntityId(), "Incorrect auth entity id");
assertEquals(AUTH_NUM_USES, data.getNumUses(), "Incorrect auth num uses");
assertEquals(2, data.getPolicies().size(), "Incorrect number of policies"); assertEquals(2, data.getPolicies().size(), "Incorrect number of policies");
assertTrue(data.getPolicies().containsAll(Set.of(AUTH_POLICY_1, AUTH_POLICY_2))); assertTrue(data.getPolicies().containsAll(Set.of(AUTH_POLICY_1, AUTH_POLICY_2)));
assertEquals(2, data.getTokenPolicies().size(), "Incorrect number of token policies"); assertEquals(2, data.getTokenPolicies().size(), "Incorrect number of token policies");

7
src/test/java/de/stklcode/jvault/connector/model/response/CredentialsResponseTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -17,7 +17,6 @@
package de.stklcode.jvault.connector.model.response; package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.core.JsonProcessingException;
import de.stklcode.jvault.connector.exception.InvalidResponseException;
import de.stklcode.jvault.connector.model.AbstractModelTest; import de.stklcode.jvault.connector.model.AbstractModelTest;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
@ -60,11 +59,9 @@ class CredentialsResponseTest extends AbstractModelTest<CredentialsResponse> {
/** /**
* Test getter, setter and get-methods for response data. * Test getter, setter and get-methods for response data.
*
* @throws InvalidResponseException Should not occur
*/ */
@Test @Test
void getCredentialsTest() throws InvalidResponseException { void getCredentialsTest() {
// Create empty Object. // Create empty Object.
CredentialsResponse res = new CredentialsResponse(); CredentialsResponse res = new CredentialsResponse();
assertNull(res.getUsername(), "Username not present in data map should not return anything"); assertNull(res.getUsername(), "Username not present in data map should not return anything");

2
src/test/java/de/stklcode/jvault/connector/model/response/ErrorResponseTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2021 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

18
src/test/java/de/stklcode/jvault/connector/model/response/HealthResponseTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -31,7 +31,7 @@ import static org.junit.jupiter.api.Assertions.*;
class HealthResponseTest extends AbstractModelTest<HealthResponse> { class HealthResponseTest extends AbstractModelTest<HealthResponse> {
private static final String CLUSTER_ID = "c9abceea-4f46-4dab-a688-5ce55f89e228"; private static final String CLUSTER_ID = "c9abceea-4f46-4dab-a688-5ce55f89e228";
private static final String CLUSTER_NAME = "vault-cluster-5515c810"; private static final String CLUSTER_NAME = "vault-cluster-5515c810";
private static final String VERSION = "0.9.2"; private static final String VERSION = "0.17.0";
private static final Long SERVER_TIME_UTC = 1469555798L; private static final Long SERVER_TIME_UTC = 1469555798L;
private static final Boolean STANDBY = false; private static final Boolean STANDBY = false;
private static final Boolean SEALED = false; private static final Boolean SEALED = false;
@ -39,6 +39,10 @@ class HealthResponseTest extends AbstractModelTest<HealthResponse> {
private static final Boolean PERF_STANDBY = false; private static final Boolean PERF_STANDBY = false;
private static final String REPL_PERF_MODE = "disabled"; private static final String REPL_PERF_MODE = "disabled";
private static final String REPL_DR_MODE = "disabled"; private static final String REPL_DR_MODE = "disabled";
private static final Long ECHO_DURATION = 1L;
private static final Long CLOCK_SKEW = 0L;
private static final Long REPL_PRIM_CANARY_AGE = 2L;
private static final Boolean ENTERPRISE = false;
private static final String RES_JSON = "{\n" + private static final String RES_JSON = "{\n" +
" \"cluster_id\": \"" + CLUSTER_ID + "\",\n" + " \"cluster_id\": \"" + CLUSTER_ID + "\",\n" +
@ -50,7 +54,11 @@ class HealthResponseTest extends AbstractModelTest<HealthResponse> {
" \"initialized\": " + INITIALIZED + ",\n" + " \"initialized\": " + INITIALIZED + ",\n" +
" \"replication_performance_mode\": \"" + REPL_PERF_MODE + "\",\n" + " \"replication_performance_mode\": \"" + REPL_PERF_MODE + "\",\n" +
" \"replication_dr_mode\": \"" + REPL_DR_MODE + "\",\n" + " \"replication_dr_mode\": \"" + REPL_DR_MODE + "\",\n" +
" \"performance_standby\": " + PERF_STANDBY + "\n" + " \"performance_standby\": " + PERF_STANDBY + ",\n" +
" \"echo_duration_ms\": " + ECHO_DURATION + ",\n" +
" \"clock_skew_ms\": " + CLOCK_SKEW + ",\n" +
" \"replication_primary_canary_age_ms\": " + REPL_PRIM_CANARY_AGE + ",\n" +
" \"enterprise\": " + ENTERPRISE + "\n" +
"}"; "}";
HealthResponseTest() { HealthResponseTest() {
@ -87,5 +95,9 @@ class HealthResponseTest extends AbstractModelTest<HealthResponse> {
assertEquals(PERF_STANDBY, res.isPerformanceStandby(), "Incorrect performance standby state"); assertEquals(PERF_STANDBY, res.isPerformanceStandby(), "Incorrect performance standby state");
assertEquals(REPL_PERF_MODE, res.getReplicationPerfMode(), "Incorrect replication perf mode"); assertEquals(REPL_PERF_MODE, res.getReplicationPerfMode(), "Incorrect replication perf mode");
assertEquals(REPL_DR_MODE, res.getReplicationDrMode(), "Incorrect replication DR mode"); assertEquals(REPL_DR_MODE, res.getReplicationDrMode(), "Incorrect replication DR mode");
assertEquals(ECHO_DURATION, res.getEchoDurationMs(), "Incorrect echo duration");
assertEquals(CLOCK_SKEW, res.getClockSkewMs(), "Incorrect clock skew");
assertEquals(REPL_PRIM_CANARY_AGE, res.getReplicationPrimaryCanaryAgeMs(), "Incorrect canary age");
assertEquals(ENTERPRISE, res.isEnterprise(), "Incorrect enterprise flag");
} }
} }

2
src/test/java/de/stklcode/jvault/connector/model/response/HelpResponseTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2021 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

16
src/test/java/de/stklcode/jvault/connector/model/response/MetaSecretResponseTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -21,6 +21,7 @@ import de.stklcode.jvault.connector.model.AbstractModelTest;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import java.util.List; import java.util.List;
import java.util.Map;
import static org.junit.jupiter.api.Assertions.*; import static org.junit.jupiter.api.Assertions.*;
@ -42,6 +43,9 @@ class MetaSecretResponseTest extends AbstractModelTest<MetaSecretResponse> {
private static final String SECRET_META_CREATED = "2018-03-22T02:24:06.945319214Z"; private static final String SECRET_META_CREATED = "2018-03-22T02:24:06.945319214Z";
private static final String SECRET_META_DELETED = "2018-03-23T03:25:07.056420325Z"; private static final String SECRET_META_DELETED = "2018-03-23T03:25:07.056420325Z";
private static final List<String> SECRET_WARNINGS = null; private static final List<String> SECRET_WARNINGS = null;
private static final String CUSTOM_META_KEY = "foo";
private static final String CUSTOM_META_VAL = "bar";
private static final String SECRET_JSON_V2 = "{\n" + private static final String SECRET_JSON_V2 = "{\n" +
" \"request_id\": \"" + SECRET_REQUEST_ID + "\",\n" + " \"request_id\": \"" + SECRET_REQUEST_ID + "\",\n" +
" \"lease_id\": \"" + SECRET_LEASE_ID + "\",\n" + " \"lease_id\": \"" + SECRET_LEASE_ID + "\",\n" +
@ -54,6 +58,7 @@ class MetaSecretResponseTest extends AbstractModelTest<MetaSecretResponse> {
" },\n" + " },\n" +
" \"metadata\": {\n" + " \"metadata\": {\n" +
" \"created_time\": \"" + SECRET_META_CREATED + "\",\n" + " \"created_time\": \"" + SECRET_META_CREATED + "\",\n" +
" \"custom_metadata\": null,\n" +
" \"deletion_time\": \"\",\n" + " \"deletion_time\": \"\",\n" +
" \"destroyed\": false,\n" + " \"destroyed\": false,\n" +
" \"version\": 1\n" + " \"version\": 1\n" +
@ -73,6 +78,9 @@ class MetaSecretResponseTest extends AbstractModelTest<MetaSecretResponse> {
" },\n" + " },\n" +
" \"metadata\": {\n" + " \"metadata\": {\n" +
" \"created_time\": \"" + SECRET_META_CREATED + "\",\n" + " \"created_time\": \"" + SECRET_META_CREATED + "\",\n" +
" \"custom_metadata\": {" +
" \"" + CUSTOM_META_KEY + "\": \"" + CUSTOM_META_VAL + "\"" +
" },\n" +
" \"deletion_time\": \"" + SECRET_META_DELETED + "\",\n" + " \"deletion_time\": \"" + SECRET_META_DELETED + "\",\n" +
" \"destroyed\": true,\n" + " \"destroyed\": true,\n" +
" \"version\": 2\n" + " \"version\": 2\n" +
@ -107,12 +115,11 @@ class MetaSecretResponseTest extends AbstractModelTest<MetaSecretResponse> {
); );
assertSecretData(res); assertSecretData(res);
assertNotNull(res.getMetadata(), "SecretResponse does not contain metadata"); assertNotNull(res.getMetadata(), "SecretResponse does not contain metadata");
assertEquals(SECRET_META_CREATED, res.getMetadata().getCreatedTimeString(), "Incorrect creation date string");
assertNotNull(res.getMetadata().getCreatedTime(), "Creation date parsing failed"); assertNotNull(res.getMetadata().getCreatedTime(), "Creation date parsing failed");
assertNull(res.getMetadata().getDeletionTimeString(), "Incorrect deletion date string");
assertNull(res.getMetadata().getDeletionTime(), "Incorrect deletion date"); assertNull(res.getMetadata().getDeletionTime(), "Incorrect deletion date");
assertFalse(res.getMetadata().isDestroyed(), "Secret destroyed when not expected"); assertFalse(res.getMetadata().isDestroyed(), "Secret destroyed when not expected");
assertEquals(1, res.getMetadata().getVersion(), "Incorrect secret version"); assertEquals(1, res.getMetadata().getVersion(), "Incorrect secret version");
assertNull(res.getMetadata().getCustomMetadata(), "Incorrect custom metadata");
// Deleted KV v2 secret. // Deleted KV v2 secret.
res = assertDoesNotThrow( res = assertDoesNotThrow(
@ -121,12 +128,11 @@ class MetaSecretResponseTest extends AbstractModelTest<MetaSecretResponse> {
); );
assertSecretData(res); assertSecretData(res);
assertNotNull(res.getMetadata(), "SecretResponse does not contain metadata"); assertNotNull(res.getMetadata(), "SecretResponse does not contain metadata");
assertEquals(SECRET_META_CREATED, res.getMetadata().getCreatedTimeString(), "Incorrect creation date string");
assertNotNull(res.getMetadata().getCreatedTime(), "Creation date parsing failed"); assertNotNull(res.getMetadata().getCreatedTime(), "Creation date parsing failed");
assertEquals(SECRET_META_DELETED, res.getMetadata().getDeletionTimeString(), "Incorrect deletion date string");
assertNotNull(res.getMetadata().getDeletionTime(), "Incorrect deletion date"); assertNotNull(res.getMetadata().getDeletionTime(), "Incorrect deletion date");
assertTrue(res.getMetadata().isDestroyed(), "Secret destroyed when not expected"); assertTrue(res.getMetadata().isDestroyed(), "Secret destroyed when not expected");
assertEquals(2, res.getMetadata().getVersion(), "Incorrect secret version"); assertEquals(2, res.getMetadata().getVersion(), "Incorrect secret version");
assertEquals(Map.of(CUSTOM_META_KEY, CUSTOM_META_VAL), res.getMetadata().getCustomMetadata(), "Incorrect custom metadata");
} }
private void assertSecretData(SecretResponse res) { private void assertSecretData(SecretResponse res) {

20
src/test/java/de/stklcode/jvault/connector/model/response/MetadataResponseTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -20,6 +20,8 @@ import com.fasterxml.jackson.core.JsonProcessingException;
import de.stklcode.jvault.connector.model.AbstractModelTest; import de.stklcode.jvault.connector.model.AbstractModelTest;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import java.util.Map;
import static org.junit.jupiter.api.Assertions.*; import static org.junit.jupiter.api.Assertions.*;
/** /**
@ -35,11 +37,20 @@ class MetadataResponseTest extends AbstractModelTest<MetadataResponse> {
private static final Integer CURRENT_VERSION = 3; private static final Integer CURRENT_VERSION = 3;
private static final Integer MAX_VERSIONS = 0; private static final Integer MAX_VERSIONS = 0;
private static final Integer OLDEST_VERSION = 1; private static final Integer OLDEST_VERSION = 1;
private static final Boolean CAS_REQUIRED = false;
private static final String CUSTOM_META_KEY = "test";
private static final String CUSTOM_META_VAL = "123";
private static final String DELETE_VERSION_AFTER = "0s";
private static final String META_JSON = "{\n" + private static final String META_JSON = "{\n" +
" \"data\": {\n" + " \"data\": {\n" +
" \"cas_required\": " + CAS_REQUIRED + ",\n" +
" \"created_time\": \"" + V1_TIME + "\",\n" + " \"created_time\": \"" + V1_TIME + "\",\n" +
" \"current_version\": " + CURRENT_VERSION + ",\n" + " \"current_version\": " + CURRENT_VERSION + ",\n" +
" \"custom_metadata\": {" +
" \"" + CUSTOM_META_KEY + "\": \"" + CUSTOM_META_VAL + "\"" +
" },\n" +
" \"delete_version_after\": \"" + DELETE_VERSION_AFTER + "\"," +
" \"max_versions\": " + MAX_VERSIONS + ",\n" + " \"max_versions\": " + MAX_VERSIONS + ",\n" +
" \"oldest_version\": " + OLDEST_VERSION + ",\n" + " \"oldest_version\": " + OLDEST_VERSION + ",\n" +
" \"updated_time\": \"" + V3_TIME + "\",\n" + " \"updated_time\": \"" + V3_TIME + "\",\n" +
@ -88,18 +99,17 @@ class MetadataResponseTest extends AbstractModelTest<MetadataResponse> {
); );
assertNotNull(res, "Parsed response is NULL"); assertNotNull(res, "Parsed response is NULL");
assertNotNull(res.getMetadata(), "Parsed metadata is NULL"); assertNotNull(res.getMetadata(), "Parsed metadata is NULL");
assertEquals(V1_TIME, res.getMetadata().getCreatedTimeString(), "Incorrect created time"); assertEquals(CAS_REQUIRED, res.getMetadata().isCasRequired(), "Incorrect CAS required flag");
assertNotNull(res.getMetadata().getCreatedTime(), "Parting created time failed"); assertNotNull(res.getMetadata().getCreatedTime(), "Parting created time failed");
assertEquals(CURRENT_VERSION, res.getMetadata().getCurrentVersion(), "Incorrect current version"); assertEquals(CURRENT_VERSION, res.getMetadata().getCurrentVersion(), "Incorrect current version");
assertEquals(MAX_VERSIONS, res.getMetadata().getMaxVersions(), "Incorrect max versions"); assertEquals(MAX_VERSIONS, res.getMetadata().getMaxVersions(), "Incorrect max versions");
assertEquals(OLDEST_VERSION, res.getMetadata().getOldestVersion(), "Incorrect oldest version"); assertEquals(OLDEST_VERSION, res.getMetadata().getOldestVersion(), "Incorrect oldest version");
assertEquals(V3_TIME, res.getMetadata().getUpdatedTimeString(), "Incorrect updated time"); assertEquals(Map.of(CUSTOM_META_KEY, CUSTOM_META_VAL), res.getMetadata().getCustomMetadata(), "Incorrect custom metadata");
assertEquals(DELETE_VERSION_AFTER, res.getMetadata().getDeleteVersionAfter(), "Incorrect delete version after");
assertNotNull(res.getMetadata().getUpdatedTime(), "Parting updated time failed"); assertNotNull(res.getMetadata().getUpdatedTime(), "Parting updated time failed");
assertEquals(3, res.getMetadata().getVersions().size(), "Incorrect number of versions"); assertEquals(3, res.getMetadata().getVersions().size(), "Incorrect number of versions");
assertEquals(V2_TIME, res.getMetadata().getVersions().get(1).getDeletionTimeString(), "Incorrect version 1 delete time");
assertNotNull(res.getMetadata().getVersions().get(1).getDeletionTime(), "Parsing version delete time failed"); assertNotNull(res.getMetadata().getVersions().get(1).getDeletionTime(), "Parsing version delete time failed");
assertTrue(res.getMetadata().getVersions().get(1).isDestroyed(), "Incorrect version 1 destroyed state"); assertTrue(res.getMetadata().getVersions().get(1).isDestroyed(), "Incorrect version 1 destroyed state");
assertEquals(V2_TIME, res.getMetadata().getVersions().get(2).getCreatedTimeString(), "Incorrect version 2 created time");
assertNotNull(res.getMetadata().getVersions().get(2).getCreatedTime(), "Parsing version created failed"); assertNotNull(res.getMetadata().getVersions().get(2).getCreatedTime(), "Parsing version created failed");
assertFalse(res.getMetadata().getVersions().get(3).isDestroyed(), "Incorrect version 3 destroyed state"); assertFalse(res.getMetadata().getVersions().get(3).isDestroyed(), "Incorrect version 3 destroyed state");
} }

2
src/test/java/de/stklcode/jvault/connector/model/response/PlainSecretResponseTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2021 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/test/java/de/stklcode/jvault/connector/model/response/SealResponseTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/test/java/de/stklcode/jvault/connector/model/response/SecretListResponseTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

4
src/test/java/de/stklcode/jvault/connector/model/response/SecretVersionResponseTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -67,8 +67,6 @@ class SecretVersionResponseTest extends AbstractModelTest<SecretVersionResponse>
); );
assertNotNull(res, "Parsed response is NULL"); assertNotNull(res, "Parsed response is NULL");
assertNotNull(res.getMetadata(), "Parsed metadata is NULL"); assertNotNull(res.getMetadata(), "Parsed metadata is NULL");
assertEquals(CREATION_TIME, res.getMetadata().getCreatedTimeString(), "Incorrect created time");
assertEquals(DELETION_TIME, res.getMetadata().getDeletionTimeString(), "Incorrect deletion time");
assertFalse(res.getMetadata().isDestroyed(), "Incorrect destroyed state"); assertFalse(res.getMetadata().isDestroyed(), "Incorrect destroyed state");
assertEquals(VERSION, res.getMetadata().getVersion(), "Incorrect version"); assertEquals(VERSION, res.getMetadata().getVersion(), "Incorrect version");
} }

9
src/test/java/de/stklcode/jvault/connector/model/response/TokenResponseTest.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -55,6 +55,7 @@ class TokenResponseTest extends AbstractModelTest<TokenResponse> {
private static final String TOKEN_ID = "my-token"; private static final String TOKEN_ID = "my-token";
private static final String TOKEN_ISSUE_TIME = "2018-04-17T11:35:54.466476078-04:00"; private static final String TOKEN_ISSUE_TIME = "2018-04-17T11:35:54.466476078-04:00";
private static final String TOKEN_TYPE = "service"; private static final String TOKEN_TYPE = "service";
private static final String MOUNT_TYPE = "token";
private static final String RES_JSON = "{\n" + private static final String RES_JSON = "{\n" +
" \"lease_id\": \"\",\n" + " \"lease_id\": \"\",\n" +
@ -85,7 +86,8 @@ class TokenResponseTest extends AbstractModelTest<TokenResponse> {
" \"type\": \"" + TOKEN_TYPE + "\"\n" + " \"type\": \"" + TOKEN_TYPE + "\"\n" +
" },\n" + " },\n" +
" \"warnings\": null,\n" + " \"warnings\": null,\n" +
" \"auth\": null\n" + " \"auth\": null,\n" +
" \"mount_type\": \"" + MOUNT_TYPE + "\"\n" +
"}"; "}";
TokenResponseTest() { TokenResponseTest() {
@ -125,6 +127,7 @@ class TokenResponseTest extends AbstractModelTest<TokenResponse> {
assertEquals(RES_LEASE_DURATION, res.getLeaseDuration(), "Incorrect lease duration"); assertEquals(RES_LEASE_DURATION, res.getLeaseDuration(), "Incorrect lease duration");
assertEquals(RES_RENEWABLE, res.isRenewable(), "Incorrect response renewable flag"); assertEquals(RES_RENEWABLE, res.isRenewable(), "Incorrect response renewable flag");
assertEquals(RES_LEASE_DURATION, res.getLeaseDuration(), "Incorrect response lease duration"); assertEquals(RES_LEASE_DURATION, res.getLeaseDuration(), "Incorrect response lease duration");
assertEquals(MOUNT_TYPE, res.getMountType(), "Incorrect mount type");
// Extract token data. // Extract token data.
TokenData data = res.getData(); TokenData data = res.getData();
assertNotNull(data, "Token data is NULL"); assertNotNull(data, "Token data is NULL");
@ -133,11 +136,9 @@ class TokenResponseTest extends AbstractModelTest<TokenResponse> {
assertEquals(TOKEN_TTL, data.getCreationTtl(), "Incorrect token creation TTL"); assertEquals(TOKEN_TTL, data.getCreationTtl(), "Incorrect token creation TTL");
assertEquals(TOKEN_DISPLAY_NAME, data.getName(), "Incorrect token display name"); assertEquals(TOKEN_DISPLAY_NAME, data.getName(), "Incorrect token display name");
assertEquals(TOKEN_ENTITY_ID, data.getEntityId(), "Incorrect token entity ID"); assertEquals(TOKEN_ENTITY_ID, data.getEntityId(), "Incorrect token entity ID");
assertEquals(TOKEN_EXPIRE_TIME, data.getExpireTimeString(), "Incorrect token expire time");
assertEquals(ZonedDateTime.parse(TOKEN_EXPIRE_TIME), data.getExpireTime(), "Incorrect parsed token expire time"); assertEquals(ZonedDateTime.parse(TOKEN_EXPIRE_TIME), data.getExpireTime(), "Incorrect parsed token expire time");
assertEquals(TOKEN_EXPLICIT_MAX_TTL, data.getExplicitMaxTtl(), "Incorrect token explicit max TTL"); assertEquals(TOKEN_EXPLICIT_MAX_TTL, data.getExplicitMaxTtl(), "Incorrect token explicit max TTL");
assertEquals(TOKEN_ID, data.getId(), "Incorrect token ID"); assertEquals(TOKEN_ID, data.getId(), "Incorrect token ID");
assertEquals(TOKEN_ISSUE_TIME, data.getIssueTimeString(), "Incorrect token issue time");
assertEquals(ZonedDateTime.parse(TOKEN_ISSUE_TIME), data.getIssueTime(), "Incorrect parsed token issue time"); assertEquals(ZonedDateTime.parse(TOKEN_ISSUE_TIME), data.getIssueTime(), "Incorrect parsed token issue time");
assertEquals(Map.of(TOKEN_META_KEY, TOKEN_META_VALUE), data.getMeta(), "Incorrect token metadata"); assertEquals(Map.of(TOKEN_META_KEY, TOKEN_META_VALUE), data.getMeta(), "Incorrect token metadata");
assertEquals(TOKEN_NUM_USES, data.getNumUses(), "Incorrect token number of uses"); assertEquals(TOKEN_NUM_USES, data.getNumUses(), "Incorrect token number of uses");

137
src/test/java/de/stklcode/jvault/connector/model/response/TransitResponseTest.java Normal file
View File

@ -0,0 +1,137 @@
/*
* Copyright 2016-2025 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.core.JsonProcessingException;
import de.stklcode.jvault.connector.model.AbstractModelTest;
import org.junit.jupiter.api.Test;
import static org.junit.jupiter.api.Assertions.*;
/**
* JUnit Test for {@link TransitResponse} model.
*
* @author Stefan Kalscheuer
* @since 1.5.0
*/
class TransitResponseTest extends AbstractModelTest<TransitResponse> {
private static final String CIPHERTEXT = "vault:v1:XjsPWPjqPrBi1N2Ms2s1QM798YyFWnO4TR4lsFA=";
private static final String PLAINTEXT = "dGhlIHF1aWNrIGJyb3duIGZveAo=";
private static final String SUM = "dGhlIHF1aWNrIGJyb3duIGZveAo=";
TransitResponseTest() {
super(TransitResponse.class);
}
@Override
protected TransitResponse createFull() {
try {
return objectMapper.readValue(
json(
"\"ciphertext\": \"" + CIPHERTEXT + "\", " +
"\"plaintext\": \"" + PLAINTEXT + "\", " +
"\"sum\": \"" + SUM + "\""
),
TransitResponse.class
);
} catch (JsonProcessingException e) {
fail("Creation of full model failed", e);
return null;
}
}
@Test
void encryptionTest() {
TransitResponse res = assertDoesNotThrow(
() -> objectMapper.readValue(
json("\"ciphertext\": \"" + CIPHERTEXT + "\""),
TransitResponse.class
),
"TransitResponse deserialization failed"
);
assertNotNull(res, "Parsed response is NULL");
assertEquals("987c6daf-b0e2-4142-a970-1e61fdb249d7", res.getRequestId(), "Incorrect request id");
assertEquals("", res.getLeaseId(), "Unexpected lease id");
assertFalse(res.isRenewable(), "Unexpected renewable flag");
assertEquals(0, res.getLeaseDuration(), "Unexpected lease duration");
assertEquals(CIPHERTEXT, res.getCiphertext(), "Incorrect ciphertext");
assertNull(res.getPlaintext(), "Unexpected plaintext");
assertNull(res.getSum(), "Unexpected sum");
assertNull(res.getWrapInfo(), "Unexpected wrap info");
assertNull(res.getWarnings(), "Unexpected warnings");
assertNull(res.getAuth(), "Unexpected auth");
}
@Test
void decryptionTest() {
TransitResponse res = assertDoesNotThrow(
() -> objectMapper.readValue(
json("\"plaintext\": \"" + PLAINTEXT + "\""),
TransitResponse.class
),
"TransitResponse deserialization failed"
);
assertNotNull(res, "Parsed response is NULL");
assertEquals("987c6daf-b0e2-4142-a970-1e61fdb249d7", res.getRequestId(), "Incorrect request id");
assertEquals("", res.getLeaseId(), "Unexpected lease id");
assertFalse(res.isRenewable(), "Unexpected renewable flag");
assertEquals(0, res.getLeaseDuration(), "Unexpected lease duration");
assertNull(res.getCiphertext(), "Unexpected ciphertext");
assertEquals(PLAINTEXT, res.getPlaintext(), "Incorrect plaintext");
assertNull(res.getSum(), "Unexpected sum");
assertNull(res.getWrapInfo(), "Unexpected wrap info");
assertNull(res.getWarnings(), "Unexpected warnings");
assertNull(res.getAuth(), "Unexpected auth");
}
@Test
void hashTest() {
TransitResponse res = assertDoesNotThrow(
() -> objectMapper.readValue(
json("\"sum\": \"" + SUM + "\""),
TransitResponse.class
),
"TransitResponse deserialization failed"
);
assertNotNull(res, "Parsed response is NULL");
assertEquals("987c6daf-b0e2-4142-a970-1e61fdb249d7", res.getRequestId(), "Incorrect request id");
assertEquals("", res.getLeaseId(), "Unexpected lease id");
assertFalse(res.isRenewable(), "Unexpected renewable flag");
assertEquals(0, res.getLeaseDuration(), "Unexpected lease duration");
assertNull(res.getCiphertext(), "Unexpected ciphertext");
assertNull(res.getPlaintext(), "Unexpected plaintext");
assertEquals(SUM, res.getSum(), "Incorrect sum");
assertNull(res.getWrapInfo(), "Unexpected wrap info");
assertNull(res.getWarnings(), "Unexpected warnings");
assertNull(res.getAuth(), "Unexpected auth");
}
private static String json(String data) {
return "{\n" +
" \"request_id\" : \"987c6daf-b0e2-4142-a970-1e61fdb249d7\",\n" +
" \"lease_id\" : \"\",\n" +
" \"renewable\" : false,\n" +
" \"lease_duration\" : 0,\n" +
" \"data\" : {\n" +
" " + data + "\n" +
" },\n" +
" \"wrap_info\" : null,\n" +
" \"warnings\" : null,\n" +
" \"auth\" : null\n" +
"}";
}
}

2
src/test/java/de/stklcode/jvault/connector/test/Credentials.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/test/java/de/stklcode/jvault/connector/test/VaultConfiguration.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2016-2023 Stefan Kalscheuer * Copyright 2016-2025 Stefan Kalscheuer
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

2
src/test/resources/data_dir/core/_mounts
View File

@ -1 +1 @@
{"Value":"AAAAAQIOTEuNxtf2ZfGu6k9+65GFonDBiaetJnyLYFk1qfWPrE/VqUunbxuTv/QyK4pgC/q14sqypdxPe4Ygp/5mxzzuY6JXB0VKiDMXe9R5BltTG7++rLmKH/j+G7nEh71LER1/qVktU6x8dmDmTbpTgl5xzAB5DIXLMMKjjWda/7qJ3ivNI0pEOQ3JyT27SkqjqM49Dp1JIgKnjIEVQORqKcsSP+aqIncMjIo2iGXOGlDYAesp5tZ4hln3VCwXaIlrU8z6Mmntgcg7NeK/O2WTl86K644dbJUh6frGFDujrjOh/Pgp9n9u0BI3E9K9GD1Z1S1wEb1MCqzT/e9oHG7I7D8ku8PH11wGWGH6BmYlESYUG/KRVqu0XOQEfroLHZQiLE00yHBdStW/UJ9y5pmGpu1aiQ88Q8fpjF5xmRey99b4c6KUIpHjw5Af0XA9ZKsEJUyjS/dbMKPM6PBOW21LYefXH5b0poXMWgLW6LJV0zLuVMyVZJqANbzCVtheDPSsEjkHHwR/CLa2zs2Z6wJF3j1GDZxUFf4nbnuXQzz3M3kVPPtS6htlb0d8RN0/dkOrqUue+c4UjnXhiacXyVUnQQzUVu0sGak4vrQi0020aBzMXM2ZG7rNgvw+wcYFS4txO90kwJL6aOMXT2BeJiQ3wjjHb7M74/sSd0ffRTUlJSODSDotO7Q7Dfcnc1FLrIhXPRFPavTjFoL5HRy77xuGG7U7jTMoGra+rK54v0sxqKbS5WZi1hADQmAVIO8bPb+jA1qoejRFygW6sLgAdmEFQQJOhCV/BoKP3A=="} {"Value":"AAAAAQJ7mykBIbHX5k81qdXEpvlLgRF1ZSlODETcB1JBZ7nj0Muskpvvl3jofN5XH1Td8ibJlrR0o5o/OUjZAz9t0Da+ZzCy4ga9G2SmgWkUAravTqfPO/ZxWh2hqTso2WPBXRM3/IeR0SAv/zh7m7JILxjKybJmnl9U6fkjPID/us0AscckZ9kgJ4g8jwaTzPfRp5U8jMebHYbABXZ65PeUOvNiDVcOvQDWPJrMxICz12xbeJ8mKs5MHpcNkLtPoRCQSpsh0YYTwkuF7NvpIciqIJ4/Yb7wYO+vp9AATbiIs3sSFBWxXEl0OAg/SAmOvaR27Y7/NHN//mg81jkMOHv62/Fxf11I8t1d63oyWFQhP0xR9eoq5hGNQ/30I2m1prhZtLRC2ieKASBDMxTzyNS5G5bsVXvhCsxn8tiC0Ma+ySOfxMQzBRfbx8rtoGmLFP+l/d6VMOPGFxmYqzLS5HvvpCryscCqLn7A8i6TMSrZiF7ZevyfEBpThqhJiYHzUxf07O5IAe6JBSGuNV9gLE+uJXaiYLedJwSfjRKwdQyzer730dU1IegW3KYTb/5hSW4eaETKkjc/alC536WlvAv+5FyckDBc3aVC+hHB7lKZG5YANkOUS3m5I8epemOmuKQ5pnXLOdDkQ14DyNCC79NwLltkp0d6sTNstQ44XAbs0HlLjs4EFwg5Hps9qHeXgTOXeAvwUerJgM20nKszlB+Oy+JzZm0xOK5xoJwy+z0/U3PtJ+7pwAipesIa2QEzqMt3EneuPuwEcv3bPUcowukq542sCEK0CuZjLqTUU9nNqiZan5f5pWuL0hYw4NFIkNfQyRlqgKpMaplDk/2fBqaV98yn0DWceEMWRY4NXpEMS+ysPDIeamX99auWqakb95AZ7tySpkRAkZYtq1nY5Nu0w7NyJrJZ1lhBHs2ZjW0tpXn2CL0MhMVArg=="}

1
src/test/resources/data_dir/logical/c49ee9eb-94d9-928c-c958-95d092130c30/archive/_my-key Normal file
View File

@ -0,0 +1 @@
{"Value":"AAAAAQIwsBgPcs7Hxl7UnB8OkTq9+5HERx4Fzn8jAzR8uIhoQZfpNG/15m2LEEsDJw1o+lxc6u+h7XcOB1QRqrKz8k7CFR15A+qsxD0UclHZdnk+MmMwXL9SSvYugp7XPiXmpG/uTZVf1QtigXQuehEEJeFfJVI7aFACu2AHEGVt+5b6yDQEgTUruo0seazRXuVU+J6NFCDU3ZvkR8e0al6OcMail59KamzjSCYiqDF4TeUuOQ6Zyr7zIG7gSaas1sog2JIlvrh+wkHW6I+OyD9SJSTinGEGRXl0tq15qoBJ4srfXdWODmKtExEupArbiDR5PyvSI3KlIHKIFduslJZKkJwiV3dBscdva4Rqb98FffMVYuM4G4s+VpvDDX+WVsqWF1ssoHRAFWCNAJGsenVDTxblzAF/4rGkJ7LC9yjLGsBtMOCkCZAKDQ3C9VFu+LGhbMRA5p2RKxNKWGem4Cyp5AqMmx62UzDAgMLGgm89A0g9s1/3FnCoLPdVmlWc6cg4QahN30qJCInJeAmH7T9NwIjv6/QxyJxyDVtdMtcfnMNxx15Q29lbyWTcbaI1iabHpc16iS/gwAPQeBTSbcvc4OxqwC5PDFThFq6bwZXaekYz4ghC13j9Ht79GVKH9cPZb5M="}

1
src/test/resources/data_dir/logical/c49ee9eb-94d9-928c-c958-95d092130c30/policy/_my-key Normal file
View File

@ -0,0 +1 @@
{"Value":"AAAAAQKfotDJ0SihB+f5i4PxZ6lq1kxtH4QMprGI7Hj8HimEwXsW0Gbj/1B7YM4DQt4t5JFD4gKwFVOwlJDyusaJj92ar0QLSreCWyJTKUadqZplMFyB/bAdK42QdH+ZS8Z9KHUNchbRpNhnvOFIahoDG8dZ+nbCIXblJONCaey4/ri3H+GQbk/jfre1VByh7zVIN0ISew5PzZRCTkbO1CvcQZhrRGoUGiPmLywKVbHEMsvimVuZY5py6OfL+70QmElBmN9O45bTgX9XPbfSmyQIcGrElO1foi0WwZLPsb/fZcAIgrhC768jOnzeimChoX4zc0DPxuyV1YPvsD1yAlsnsFuJW6CP7TGkszbJU+rwDpg0TgqKtvFr1Lgkxyfcxg0h++1BSiEgoJU7b2IgIWP7reJVjc1tbAsoR1tOBCSAAhvqWZVpn2oht5rfe9aN370bV3Jcu17hFWyhB+VhzbCCPRcofPXX3f2U2dcQ0X7bU4nMiq1v6NQP6u/D5GAPj4Jc0519tPW4KQrd9SNqR20ct6OvqxjMFWV4GZXVcsL4+3xup87Yib6EDb0+hhe6XEpC6isYgD3D5OTTOWphHlsglGkGFi9lUc+h8zNPM4FHwha6uVTLmaqaLGbLziwT9WXF1ATacwtNW0t3kZlFUBvMwSwWzoPqO1+jxs+id4ie/VI6ZTOeowi4ceK2eWJ1/t9MB/gjvadpgE+FYt5QG6dFav4ujQN5Ne/yY78PGF5tp0CT4koox0rMUuxyD1xOIXkm0NBpJm1y9/J06yqLpMKqS40/jGcSQaycRngXDb+6H9rj7mheiO4qxcFGqViqECCUjDG3PnLP/fy9py5kFq7mf0pq7L0Jq/lLWC+iKJF9UaZmCaz8DwlQ9zC03XOFqABPNe8gMFlb8zU09VKBbY+g5gukOonjcBeoFOTRqQxuaWwwwB2lj8XnZScOyIcVJGkH"}

1
src/test/resources/data_dir_legacy/auth/243a5842-b58f-24d5-d3b0-24304c57b7cc/user/_validuser
View File

@ -1 +0,0 @@
{"Value":"AAAAAQINZKQEssY4IzHI/0k27nBtxSvnC6LkivYrqky6CblcjyAmQIg/4/cKQIBCXzmrWEv/SqMQbLw+4Lp63Xu1niF+U0NbyqDmFaPqnD2yfPs7meXvZr21+P9E/0APZMHQaSR7DIEY46zedHRjQ/pkhR2Axcjuy5gdfzBzC2XvUcNqdyR0pQwcDwGhAIdO0gxJfZCeBuvv8ceYS+aPs4gDHtIlA3szi+5qAQ8HvPBTDKQn1lHVYnzTdNbMS7v3mtzCyG8AeMkaUw=="}

1
src/test/resources/data_dir_legacy/auth/3ec9e5b4-41b0-a20c-cc8f-04c2b7bb2602/_salt
View File

@ -1 +0,0 @@
{"Value":"AAAAAQJiN0bHxM8aNJpY7aHGZ/p3qOhJbd7JIXwFMEI4LtKmO6pP5Oa4P5z+2LK+2qzZhhX/iDeM4u+nR+lxt/GsBPKf"}

1
src/test/resources/data_dir_legacy/auth/3ec9e5b4-41b0-a20c-cc8f-04c2b7bb2602/accessor/_a9566f93ca05120fa8955f887ee0ca1a1422802df2ad979f2ac2951e95703089
View File

@ -1 +0,0 @@
{"Value":"AAAAAQIZ5rvzLtBcBQvWqwwDoRADwUo6W0ECKgmcvXejbLKiYcbO0hP8fceCqB12J41wxcMViQ8vvWoIgyOX2HwcZS09GGCqQbjvyVfz/w+kyox9dJzr845f26tJjHVYlHX2YFsnxytwe5qCKdCsD5QP9kyz8J0="}

1
src/test/resources/data_dir_legacy/auth/3ec9e5b4-41b0-a20c-cc8f-04c2b7bb2602/role/_testrole1
View File

@ -1 +0,0 @@
{"Value":"AAAAAQJIKXgvJ2Prr92Fn7qZK/WZxb+Q+vJsXyjMo44en/+zqbbnLfs5m7uH7hEUOfDM/MjzTrhfkOWxf6qcrC4MR3ocrFJwtbJ6j+QrNLg61gVIiLBUVBkvh8ErqCFnSjNIqhaIMQhuZXWANsgGF9K2+HBGJerWGe26C1rdWRZV4J0M23HnxLBf8aYDlOfkHe24I30rHUqXIk9/BKEuekcnhETw9Tx4Fk7KxxxEdGmHPbg+4G14c27wVj8IrpWHBpyLmt55Qdb/y24i5RzFYv1FQ2kQZIO6TQiYkwAUxJ5cIdCiAsEDNt+rBJ9zX1MvkEfkVj/WvzC9pxB7ad+j5vYIJgCUD1o09t0w2ChjBojGoOAWDSvNAeY8kr5PDKwYk+gBY5M2JHDI6ELvOVu8gsW+sqk9St9V3VisShTfU3+qln7TOWw/LQ+fUzGvYrAWG6UyPVpIEYeNmN0iGCIM8rzjQYvVC3KcQMG96MwK3ZlSQzgPpvTGxNxFm2omTn3ue7QHn7Ni6+c/K6xVy0bbJ+jS4yyfl2wFBm1tF1l3BITLqw3TiP3LEw=="}

1
src/test/resources/data_dir_legacy/auth/3ec9e5b4-41b0-a20c-cc8f-04c2b7bb2602/role/_testrole2
View File

@ -1 +0,0 @@
{"Value":"AAAAAQIUt2iYYy9zOwkx1mtNMHt69RjdHbUmcN8zydVQTMGjhv1kjEW+d4AaBv1qE22rPTs0xL3pJ1AjIvkBXXVBAuc/FE63t5dE81Fa+MvSY4tBeMtl6i09ykkAYyQUeeV2HlbjRpMUwPyq2QIslYw3d4lc73yT0S82s5I3MfjodKmDpheWMOgg5hGes/wstBHN5HEZkKV8gOPRZ/BsTM7tMXH1piM/JT8sNfsDh6TAGD1OEsS+N2QlKvS4yImNzcKrH0EgdkXB4sRZ9e/SmMaEVaagB1n0M5LukC+pyExgC7eK4EU8o2Xye3iij3YMWBaGollDzJBJFP5aSO4E5u+NnRc5/ZbLRCbqgfQj8IY86WF9hya31aJxbc8Pg28Yfez8hbGRJZZws/ojIUgEz+VtH3OyaW2Wohnycop7i4fK8xlJ2gYOGvlw43czOH6Y6joTce+QBZWI7KR6ugB0dI8pnK2eFy14OZeww1NEew7r1u7PgD10Obg8okIJSD8cGkxUHu/oOLxvKKOAJBLSPfKnJfKEiKrqYED7EPkmgP/t7okvo4c95qeuWy1BLtKfxw5lkv0="}

1
src/test/resources/data_dir_legacy/auth/3ec9e5b4-41b0-a20c-cc8f-04c2b7bb2602/role_id/_4b3d052da8b3d9af8d551a4e515289bc4319f2c21012a70de2c9e9fea6e0f7e0
View File

@ -1 +0,0 @@
{"Value":"AAAAAQKv0Yr+QFSWxYe8o51TBwGz/yAhNYFmkNHPISEK6EbIVGkpEJMHFYvHWxTXUzF7f2/a"}

1
src/test/resources/data_dir_legacy/auth/3ec9e5b4-41b0-a20c-cc8f-04c2b7bb2602/role_id/_c779a2e6599b8e4b6b6a3c68a7690a8e7d31fa0201ad73973dcd24f83e2950de
View File

@ -1 +0,0 @@
{"Value":"AAAAAQKs2/ICwQPLv6siBGDbBnB52fBVo52BkSKGvm74p4oHrdMEvejJ4cJljOADYyDT2QYa"}

Some files were not shown because too many files have changed in this diff Show More