stklcode/jvaultconnector
1
0
Fork 0
Code Issues Actions Releases 34 Wiki Activity

Compare commits

base: stklcode:v1.2.0
Branches Tags
stklcode:main stklcode:develop stklcode:experimental/jackson3
stklcode:v1.5.1 stklcode:v1.5.0 stklcode:v1.4.0 stklcode:v1.3.1 stklcode:v1.3.0 stklcode:v1.2.0 stklcode:v1.1.5 stklcode:v1.1.4 stklcode:v1.1.3 stklcode:v1.1.2 stklcode:v1.1.1 stklcode:v1.1.0 stklcode:v1.0.1 stklcode:v1.0.0 stklcode:v0.9.5 stklcode:v0.9.4 stklcode:v0.9.3 stklcode:v0.9.2 stklcode:v0.9.1 stklcode:v0.9.0 stklcode:v0.8.2 stklcode:v0.8.1 stklcode:v0.8.0 stklcode:v0.7.1 stklcode:v0.7.0 stklcode:v0.6.2 stklcode:v0.6.1 stklcode:v0.6.0 stklcode:v0.5.0 stklcode:v0.4.1 stklcode:v0.4.0 stklcode:v0.3.0 stklcode:v0.2.0 stklcode:v0.1.1 stklcode:v0.1
..
compare: stklcode:v1.4.0
Branches Tags
stklcode:develop stklcode:main stklcode:experimental/jackson3
stklcode:v1.5.1 stklcode:v1.5.0 stklcode:v1.4.0 stklcode:v1.3.1 stklcode:v1.3.0 stklcode:v1.2.0 stklcode:v1.1.5 stklcode:v1.1.4 stklcode:v1.1.3 stklcode:v1.1.2 stklcode:v1.1.1 stklcode:v1.1.0 stklcode:v1.0.1 stklcode:v1.0.0 stklcode:v0.9.5 stklcode:v0.9.4 stklcode:v0.9.3 stklcode:v0.9.2 stklcode:v0.9.1 stklcode:v0.9.0 stklcode:v0.8.2 stklcode:v0.8.1 stklcode:v0.8.0 stklcode:v0.7.1 stklcode:v0.7.0 stklcode:v0.6.2 stklcode:v0.6.1 stklcode:v0.6.0 stklcode:v0.5.0 stklcode:v0.4.1 stklcode:v0.4.0 stklcode:v0.3.0 stklcode:v0.2.0 stklcode:v0.1.1 stklcode:v0.1

65 Commits
v1.2.0 ... v1.4.0

Author SHA1 Message Date
Stefan Kalscheuer
92d5750c1d prepare release of v1.4.0 (#88)
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 53s
Details
CI / build-with-it (11, 1.18.2) (push) Successful in 1m1s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 54s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 51s
Details
CI / build-with-it (true, 21, 1.18.2) (push) Successful in 59s
Details
CI / build-with-it (17, 1.18.2) (push) Successful in 49s
Details
CI / build (11) (push) Successful in 41s
Details
CI / build (17) (push) Successful in 41s
Details
CI / build (true, 21) (push) Successful in 32s
Details
2024-12-07 11:54:46 +01:00
Stefan Kalscheuer
2011a83fd9 deps: update test dependencies and maven plugins
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 55s
Details
CI / build-with-it (11, 1.18.2) (push) Successful in 1m3s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 57s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 52s
Details
CI / build-with-it (true, 21, 1.18.2) (push) Successful in 1m0s
Details
CI / build-with-it (17, 1.18.2) (push) Successful in 50s
Details 
* equalsverifier 3.17.5
* dependency-check-maven 1.11.1
 2024-12-07 11:47:45 +01:00
Stefan Kalscheuer
d3da00372c test: run IT against Vault 1.18.2 and remove 1.11 job (#87)
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 59s
Details
CI / build-with-it (11, 1.18.2) (push) Successful in 1m5s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 56s
Details
CI / build-with-it (17, 1.18.2) (push) Successful in 1m3s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 52s
Details
CI / build-with-it (true, 21, 1.18.2) (push) Successful in 1m1s
Details
CI / build (11) (push) Successful in 38s
Details
CI / build (17) (push) Successful in 38s
Details
CI / build (true, 21) (push) Successful in 34s
Details
2024-12-07 11:26:54 +01:00
Stefan Kalscheuer
d90dfc8ba7 ci: remove Drone CI configuration
All checks were successful
CI / build-with-it (11, 1.18.0) (push) Successful in 1m0s
Details
CI / build-with-it (11, 1.11.12) (push) Successful in 1m4s
Details
CI / build-with-it (11, 1.2.0) (push) Successful in 54s
Details
CI / build-with-it (17, 1.11.12) (push) Successful in 1m5s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 54s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 53s
Details
CI / build-with-it (21, 1.11.12) (push) Successful in 1m3s
Details
CI / build (11) (push) Successful in 38s
Details
CI / build-with-it (true, 21, 1.18.0) (push) Successful in 1m3s
Details
CI / build (17) (push) Successful in 37s
Details
CI / build (true, 21) (push) Successful in 33s
Details
CI / build-with-it (17, 1.18.0) (push) Successful in 51s
Details 
All build systems now GitHub Actions workflows, so we can remove the
alternative configuration and only keep a single pipeline definition.
 2024-12-07 11:12:25 +01:00
Stefan Kalscheuer
8bf0f9c45f ci: split jobs for unit and integration tests 2024-12-07 11:11:17 +01:00
Stefan Kalscheuer
4fcfa6938e build: introduce maven wrapper
Some checks failed
continuous-integration/drone/push Build is passing
Details
CI / build (11, 1.11.12) (push) Successful in 41s
Details
CI / build (11, 1.18.0) (push) Successful in 39s
Details
CI / build (11, 1.2.0) (push) Successful in 38s
Details
CI / build (17, 1.11.12) (push) Successful in 39s
Details
CI / build (17, 1.18.0) (push) Successful in 39s
Details
CI / build (17, 1.2.0) (push) Successful in 38s
Details
CI / build (21, 1.11.12) (push) Successful in 38s
Details
CI / build (21, 1.2.0) (push) Successful in 38s
Details
CI / build (true, 21, 1.18.0) (push) Failing after 37s
Details
2024-12-07 10:54:24 +01:00
Stefan Kalscheuer
26cfceb581 deps: update test dependencies and maven plugins
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-11-29 20:25:20 +01:00
Stefan Kalscheuer
ccf820d524 deps: update jackson to 2.18.2 (#85) 2024-11-29 20:22:34 +01:00
Stefan Kalscheuer
5a9d6d9183 fix: add jackson annotation module dependency (#84)
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-11-23 12:42:50 +01:00
Stefan Kalscheuer
a1dd2b20fb build: use release option instead of source and target for compiler
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-11-23 10:45:18 +01:00
Stefan Kalscheuer
b0c6ea2d19 deps: update jackson to 2.18.1 (#83)
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-10-31 12:14:56 +01:00
Stefan Kalscheuer
9b6aa91e52 deps: update test dependencies and maven plugins 2024-10-31 12:12:47 +01:00
Stefan Kalscheuer
01812bf492 ci: run integration tests on PR against main branch
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-10-09 18:23:45 +02:00
Stefan Kalscheuer
e6ef19f1a1 test: run IT against Vault 1.18.0 (#82) 2024-10-09 18:09:30 +02:00
Stefan Kalscheuer
d4066c1829 drop support for deprecated App-ID auth backend (#61) (#78)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
App-ID is deprecated since Vault 0.6 and was removed in 1.12.
Our compatibility methods are deprecated since Connector 0.4. It's time
to drop it for good.
 2024-06-29 15:09:38 +02:00
Stefan Kalscheuer
498e46d94d remove deprecated get...TimeString() methods from model classes (#77)
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-29 15:07:47 +02:00
Stefan Kalscheuer
658f005433 build: migrate maven central deployment to publishing api
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-10-03 18:57:22 +02:00
Stefan Kalscheuer
c8a8f4cbbf prepare release of v1.3.1
All checks were successful
continuous-integration/drone/tag Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2024-10-03 13:10:38 +02:00
Stefan Kalscheuer
0964c8c41a docs: update badges in README.md 2024-10-03 13:09:30 +02:00
Stefan Kalscheuer
ae00b29b4d test: run IT against Vault 1.17.6
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-10-03 12:58:52 +02:00
Stefan Kalscheuer
10395007bc deps: update equalsverifier to 3.17.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-10-03 12:55:41 +02:00
Stefan Kalscheuer
91bd6cd572 build: update maven plugins
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-10-01 20:25:40 +02:00
Stefan Kalscheuer
8a7ef2d455 deps: update test dependencies 2024-10-01 20:23:31 +02:00
Stefan Kalscheuer
4588703f5c deps: update jackson to 2.18.0 (#80)
Some checks failed
continuous-integration/drone/push Build is failing
Details
2024-10-01 20:16:46 +02:00
Stefan Kalscheuer
8a4ebeaad8 deps: update mockito to 5.13.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-09-07 13:03:02 +02:00
Stefan Kalscheuer
e2c3dd1c35 build: update maven plugins 2024-09-07 13:02:44 +02:00
Stefan Kalscheuer
b2f7c61654 build: remove Automatic-Module-Name from JAR manifest (#79) 
We do provide a module-info already, so we should remove ths artifact
from the Java 8 days.
 2024-08-30 20:12:50 +02:00
Stefan Kalscheuer
8ae024fc36 build: update maven plugins
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-08-24 09:48:17 +02:00
Stefan Kalscheuer
c6a9cc2b1a deps: update test dependencies
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-08-24 09:45:52 +02:00
Stefan Kalscheuer
610464327d build: update GitHub actions
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-08-03 17:03:39 +02:00
Stefan Kalscheuer
077d670609 deps: update wiremock to 3.9.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-08-03 16:59:29 +02:00
Stefan Kalscheuer
d099995409 build: update maven plugins 2024-08-03 16:58:24 +02:00
Stefan Kalscheuer
b751b58f11 deps: update jackson to 2.17.2
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-07-13 10:20:52 +02:00
Stefan Kalscheuer
59af162c7d build: update dependency-check-maven to 10.0.2 2024-07-13 10:20:06 +02:00
Stefan Kalscheuer
d6b9a805b3 build: update dependency-check-maven to 10.0.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-07-02 18:04:37 +02:00
Stefan Kalscheuer
e585777340 prepare release of v1.3.0
All checks were successful
continuous-integration/drone/tag Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2024-06-29 14:47:26 +02:00
Stefan Kalscheuer
44f0953998 test: test against Vault 1.17.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-29 12:23:30 +02:00
Stefan Kalscheuer
318186d9e0 test: minor test code refactoring
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-29 12:21:58 +02:00
Stefan Kalscheuer
15ee202167 refactor: add serialVersionUID field to exception classes
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-29 10:51:39 +02:00
Stefan Kalscheuer
defbce0782 deps: update test dependencies 2024-06-29 10:32:55 +02:00
Stefan Kalscheuer
1a18e6b73b build: generate and attach CycloneDX SBOM 2024-06-29 10:32:54 +02:00
Stefan Kalscheuer
5f1f94f59c feat: add custom_metadata, cas_required and delete_version_after fields
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-22 14:46:06 +02:00
Stefan Kalscheuer
e0711e6108 fix: rename enable_local_secret_id to local_secret_ids in AppRole model 2024-06-22 14:46:05 +02:00
Stefan Kalscheuer
a3393ae0cb feat: add auth attribute to common response model 2024-06-22 14:46:04 +02:00
Stefan Kalscheuer
8ec160a436 feat: add mount_type attribute to common response model 2024-06-22 14:46:02 +02:00
Stefan Kalscheuer
69da6b9f14 feat: add missing num_uses field to AuthData 2024-06-22 12:49:01 +02:00
Stefan Kalscheuer
936928a4fb feat: add Vault 1.16 and 1.17 flags to HealthResponse 2024-06-22 12:48:00 +02:00
Stefan Kalscheuer
a75621d67e deps: update maven plugins
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-22 12:13:07 +02:00
Stefan Kalscheuer
8cb27ed4d1 deps: update wiremock to 3.7.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-22 12:06:12 +02:00
Stefan Kalscheuer
7d5996244b deps: update jackson to 2.17.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-14 17:06:33 +02:00
Stefan Kalscheuer
20983e5089 test: test against Vault 1.17.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-06-14 16:58:56 +02:00
Stefan Kalscheuer
56fb92178c deps: update wiremock and maven plugins
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-04-27 17:20:24 +02:00
Stefan Kalscheuer
4258489dba update copyright notice to 2024 2024-04-27 17:09:40 +02:00
Stefan Kalscheuer
e49216f611 docs: fix two typos in comments
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-04-27 12:06:55 +02:00
Stefan Kalscheuer
dd5adf897a refactor: simplify JSON parsing in handleError() 
Omit reading lines to String first and pass the reader directly to the
JSON mapper.
 2024-04-27 12:04:44 +02:00
Stefan Kalscheuer
d04067db7e deps: update build and test dependencies
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Test dependencies:
* commons-io:commons-io 2.16.1
* nl.jqno.equalsverifier:equalsverifier 3.16.1
* org.wiremock:wiremock 3.5.2

Maven plugins:
* dependency-check-maven 9.1.0
* jacoco-maven-plugin 0.8.12
* maven-compiler-plugin 3.13.0
* maven-gpg-plugin 3.2.3
* maven-source-plugin 3.3.1
 2024-04-13 14:05:41 +02:00
Stefan Kalscheuer
703cc0d87b test: minor code clean-up
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-04-13 13:39:50 +02:00
Stefan Kalscheuer
c35760d0ab test: use assertInstanceOf() where applicable 2024-04-13 13:39:40 +02:00
Stefan Kalscheuer
2f5b25d847 test: replace deprecated Field.isAccessible() calls 2024-04-13 13:38:56 +02:00
Stefan Kalscheuer
7681e9e2af test: test against Vault 1.16.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-03-28 18:27:25 +01:00
Stefan Kalscheuer
4c4a38cb0b deps: update build and test dependencies
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-03-23 17:51:58 +01:00
Stefan Kalscheuer
fe309746fe deps: update jackson to 2.17.0 2024-03-23 17:49:06 +01:00
Stefan Kalscheuer
df251f1f2c deps: update test dependencies
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-02-06 20:05:36 +01:00
Stefan Kalscheuer
a008fa2b69 deps: update maven plugins 2024-02-06 20:05:07 +01:00
Stefan Kalscheuer
156156cdef deps: update jackson to 2.16.1
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Plus minor test and plugin updates.
 2024-01-02 17:07:29 +01:00
128 changed files with 1079 additions and 696 deletions
Expand all files Collapse all files

50
.drone.yml
View File

@ -1,50 +0,0 @@
kind: pipeline
name: default
steps:
- name: compile
image: maven:3-eclipse-temurin-21
commands:
- mvn -B clean compile
when:
branch:
- main
- develop
- feature/*
- fix/*
- release/*
- name: unit-tests
image: maven:3-eclipse-temurin-21
commands:
- mvn -B test
when:
branch:
- develop
- feature/*
- fix/*
- name: setup-vault
image: alpine:latest
environment:
VAULT_VERSION: 1.15.4
commands:
- wget -q -O vault_$${VAULT_VERSION}_linux_amd64.zip https://releases.hashicorp.com/vault/$${VAULT_VERSION}/vault_$${VAULT_VERSION}_linux_amd64.zip
- wget -q -O - https://releases.hashicorp.com/vault/$${VAULT_VERSION}/vault_$${VAULT_VERSION}_SHA256SUMS | grep linux_amd64 | sha256sum -c
- unzip vault_$${VAULT_VERSION}_linux_amd64.zip
- rm vault_$${VAULT_VERSION}_linux_amd64.zip
- mkdir -p .bin
- mv vault .bin/
when:
branch:
- main
- release/*
- name: unit-integration-tests
image: maven:3-eclipse-temurin-21
environment:
VAULT_VERSION: 1.15.4
commands:
- export PATH=.bin:$${PATH}
- mvn -B -P integration-test verify
when:
branch:
- main
- release/*

56
.github/workflows/ci-it.yml vendored Normal file
View File

@ -0,0 +1,56 @@
name: CI
on:
push:
branches:
- 'main'
pull_request:
branches:
- 'main'
jobs:
build-with-it:
if: github.ref_name == 'main' || github.base_ref == 'main' || startsWith(github.ref_name, 'release/')
runs-on: ubuntu-latest
strategy:
matrix:
jdk: [ 11, 17, 21 ]
vault: [ '1.2.0', '1.18.2' ]
include:
- jdk: 21
vault: '1.18.2'
analysis: true
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Java
uses: actions/setup-java@v4
with:
java-version: ${{ matrix.jdk }}
distribution: 'temurin'
- name: Compile
run: ./mvnw -B clean compile
- name: Set up Vault
run: |
wget -q "https://releases.hashicorp.com/vault/${{ matrix.vault }}/vault_${{ matrix.vault }}_linux_amd64.zip"
wget -q -O - "https://releases.hashicorp.com/vault/${{ matrix.vault }}/vault_${{ matrix.vault }}_SHA256SUMS" | grep linux_amd64 | sha256sum -c
tmp="$(mktemp -d)"
unzip "vault_${{ matrix.vault }}_linux_amd64.zip" -d "$tmp"
rm "vault_${{ matrix.vault }}_linux_amd64.zip"
sudo mv "$tmp/vault" /usr/bin/vault
rm -rf "$tmp"
- name: Test (Unit & Integration)
env:
VAULT_VERSION: ${{ matrix.vault }}
run: ./mvnw -B -P coverage -P integration-test verify
- name: Analysis
if: matrix.analysis && env.SONAR_TOKEN != ''
run: >
./mvnw -B sonar:sonar
-Dsonar.host.url=https://sonarcloud.io
-Dsonar.organization=stklcode-github
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

40
.github/workflows/ci.yml vendored
View File

@ -1,48 +1,42 @@
name: CI
on: [ push, pull_request ]
on:
push:
branches:
- '**'
- '!main'
pull_request:
branches:
- '**'
- '!main'
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
jdk: [ 11, 17, 21 ]
vault: [ '1.2.0', '1.11.12', '1.15.4' ]
include:
- jdk: 21
vault: '1.11.12'
analysis: true
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Java
uses: actions/setup-java@v3
uses: actions/setup-java@v4
with:
java-version: ${{ matrix.jdk }}
distribution: 'temurin'
- name: Compile
run: mvn -B clean compile
- name: Set up Vault
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/release/')
run: |
wget -q "https://releases.hashicorp.com/vault/${{ matrix.vault }}/vault_${{ matrix.vault }}_linux_amd64.zip"
wget -q -O - "https://releases.hashicorp.com/vault/${{ matrix.vault }}/vault_${{ matrix.vault }}_SHA256SUMS" | grep linux_amd64 | sha256sum -c
unzip "vault_${{ matrix.vault }}_linux_amd64.zip"
rm "vault_${{ matrix.vault }}_linux_amd64.zip"
sudo mv vault /usr/bin/vault
- name: Test (Unit & Integration)
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/release/')
env:
VAULT_VERSION: ${{ matrix.vault }}
run: mvn -B -P coverage -P integration-test verify
run: ./mvnw -B clean compile
- name: Test (Unit)
if: github.ref != 'refs/heads/main' && !startsWith(github.ref, 'refs/heads/release/')
run: mvn -B -P coverage verify
run: ./mvnw -B -P coverage verify
- name: Analysis
if: matrix.analysis
if: matrix.analysis && env.SONAR_TOKEN != ''
run: >
mvn -B sonar:sonar
./mvnw -B sonar:sonar
-Dsonar.host.url=https://sonarcloud.io
-Dsonar.organization=stklcode-github
env:

1
.gitignore vendored
View File

@ -7,6 +7,7 @@ release.properties
dependency-reduced-pom.xml
buildNumber.properties
.mvn/timing.properties
.mvn/wrapper/maven-wrapper.jar
.idea
*.iml

2
.mvn/wrapper/maven-wrapper.properties vendored Normal file
View File

@ -0,0 +1,2 @@
distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.9/apache-maven-3.9.9-bin.zip
wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar

50
CHANGELOG.md
View File

@ -1,3 +1,53 @@
## 1.4.0 (2024-12-07)
### Removal
* Remove deprecated `get...TimeString()` on model classes (#77)
* Drop support for deprecated `App-ID` auth backend (#61) (#78)
### Fix
* Add jackson-annotations requirement to module-info (#84)
### Dependencies
* Updated Jackson to 2.18.2 (#85)
### Test
* Tested against Vault 1.2 to 1.18
## 1.3.1 (2024-10-03)
### Dependencies
* Updated Jackson to 2.18.0 (#80)
### Fix
* Remove `Automatic-Module-Name` from JAR manifest (#79)
## 1.3.0 (2024-06-29)
### Improvements
* Simplify JSON parsing in error handler
* Add new fields from Vault 1.16 and 1.17 to `HealthResponse`
* `echo_duration_ms`
* `clock_skew_ms`
* `replication_primary_canary_age_ms`
* `enterprise`
* Add missing `num_uses` field to `AuthData`
* Add `mount_type` attribute to common response model
* Add `auth` attribute to common response model
* Add `custom_metadata`, `cas_required` and `delete_version_after` fields for KVv2 metadata
* Generate and attach CycloneDX SBOM
### Fix
* Rename `enable_local_secret_id` to `local_secret_ids` in `AppRole` model
### Dependencies
* Updated Jackson to 2.17.1
### Test
* Tested against Vault 1.2 to 1.17
## 1.2.0 (2023-12-11)
### Deprecations

13
README.md
View File

@ -1,11 +1,11 @@
# Java Vault Connector
[![CI Status](https://github.com/stklcode/jvaultconnector/actions/workflows/ci.yml/badge.svg)](https://github.com/stklcode/jvaultconnector/actions/workflows/ci.yml)
[![Quality Gate](https://sonarcloud.io/api/project_badges/measure?project=de.stklcode.jvault%3Ajvault-connector&metric=alert_status)](https://sonarcloud.io/dashboard?id=de.stklcode.jvault%3Ajvault-connector)
[![CI](https://github.com/stklcode/jvaultconnector/actions/workflows/ci.yml/badge.svg)](https://github.com/stklcode/jvaultconnector/actions/workflows/ci.yml)
[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=de.stklcode.jvault%3Ajvault-connector&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=de.stklcode.jvault%3Ajvault-connector)
[![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](https://github.com/stklcode/jvaultconnector/blob/main/LICENSE.txt)
[![Maven Central](https://img.shields.io/maven-central/v/de.stklcode.jvault/jvault-connector.svg)](https://search.maven.org/#search%7Cga%7C1%7Cg%3A%22de.stklcode.jvault%22%20AND%20a%3A%22jvault-connector%22)
[![Maven Central Version](https://img.shields.io/maven-central/v/de.stklcode.jvault/jvault-connector)](https://central.sonatype.com/artifact/de.stklcode.jvault/jvault-connector)
![Logo](https://raw.githubusercontent.com/stklcode/jvaultconnector/main/assets/logo.png)
![Logo](assets/logo.png)
Java Vault Connector is a connector library for [Vault](https://www.vaultproject.io) by [Hashicorp](https://www.hashicorp.com) written in Java. The connector allows simple usage of Vault's secret store in own applications.
@ -18,7 +18,6 @@ Java Vault Connector is a connector library for [Vault](https://www.vaultproject
* Token
* Username/Password
* AppRole (register and authenticate)
* AppID (register and authenticate) [_deprecated_]
* Tokens
* Creation and lookup of tokens and token roles
* TokenBuilder for speaking creation of complex configurations
@ -32,7 +31,7 @@ Java Vault Connector is a connector library for [Vault](https://www.vaultproject
* SQL secret handling
* KV v1 and v2 support
* Connector Factory with builder pattern
* Tested against Vault 1.2 to 1.15
* Tested against Vault 1.2 to 1.18
## Maven Artifact
@ -40,7 +39,7 @@ Java Vault Connector is a connector library for [Vault](https://www.vaultproject
<dependency>
<groupId>de.stklcode.jvault</groupId>
<artifactId>jvault-connector</artifactId>
<version>1.2.0</version>
<version>1.4.0</version>
</dependency>
```

332
mvnw vendored Executable file
View File

@ -0,0 +1,332 @@
#!/bin/sh
# ----------------------------------------------------------------------------
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
# ----------------------------------------------------------------------------
# ----------------------------------------------------------------------------
# Apache Maven Wrapper startup batch script, version 3.3.2
#
# Required ENV vars:
# ------------------
# JAVA_HOME - location of a JDK home dir
#
# Optional ENV vars
# -----------------
# MAVEN_OPTS - parameters passed to the Java VM when running Maven
# e.g. to debug Maven itself, use
# set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
# MAVEN_SKIP_RC - flag to disable loading of mavenrc files
# ----------------------------------------------------------------------------
if [ -z "$MAVEN_SKIP_RC" ]; then
if [ -f /usr/local/etc/mavenrc ]; then
. /usr/local/etc/mavenrc
fi
if [ -f /etc/mavenrc ]; then
. /etc/mavenrc
fi
if [ -f "$HOME/.mavenrc" ]; then
. "$HOME/.mavenrc"
fi
fi
# OS specific support. $var _must_ be set to either true or false.
cygwin=false
darwin=false
mingw=false
case "$(uname)" in
CYGWIN*) cygwin=true ;;
MINGW*) mingw=true ;;
Darwin*)
darwin=true
# Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home
# See https://developer.apple.com/library/mac/qa/qa1170/_index.html
if [ -z "$JAVA_HOME" ]; then
if [ -x "/usr/libexec/java_home" ]; then
JAVA_HOME="$(/usr/libexec/java_home)"
export JAVA_HOME
else
JAVA_HOME="/Library/Java/Home"
export JAVA_HOME
fi
fi
;;
esac
if [ -z "$JAVA_HOME" ]; then
if [ -r /etc/gentoo-release ]; then
JAVA_HOME=$(java-config --jre-home)
fi
fi
# For Cygwin, ensure paths are in UNIX format before anything is touched
if $cygwin; then
[ -n "$JAVA_HOME" ] \
&& JAVA_HOME=$(cygpath --unix "$JAVA_HOME")
[ -n "$CLASSPATH" ] \
&& CLASSPATH=$(cygpath --path --unix "$CLASSPATH")
fi
# For Mingw, ensure paths are in UNIX format before anything is touched
if $mingw; then
[ -n "$JAVA_HOME" ] && [ -d "$JAVA_HOME" ] \
&& JAVA_HOME="$(
cd "$JAVA_HOME" || (
echo "cannot cd into $JAVA_HOME." >&2
exit 1
)
pwd
)"
fi
if [ -z "$JAVA_HOME" ]; then
javaExecutable="$(which javac)"
if [ -n "$javaExecutable" ] && ! [ "$(expr "$javaExecutable" : '\([^ ]*\)')" = "no" ]; then
# readlink(1) is not available as standard on Solaris 10.
readLink=$(which readlink)
if [ ! "$(expr "$readLink" : '\([^ ]*\)')" = "no" ]; then
if $darwin; then
javaHome="$(dirname "$javaExecutable")"
javaExecutable="$(cd "$javaHome" && pwd -P)/javac"
else
javaExecutable="$(readlink -f "$javaExecutable")"
fi
javaHome="$(dirname "$javaExecutable")"
javaHome=$(expr "$javaHome" : '\(.*\)/bin')
JAVA_HOME="$javaHome"
export JAVA_HOME
fi
fi
fi
if [ -z "$JAVACMD" ]; then
if [ -n "$JAVA_HOME" ]; then
if [ -x "$JAVA_HOME/jre/sh/java" ]; then
# IBM's JDK on AIX uses strange locations for the executables
JAVACMD="$JAVA_HOME/jre/sh/java"
else
JAVACMD="$JAVA_HOME/bin/java"
fi
else
JAVACMD="$(
\unset -f command 2>/dev/null
\command -v java
)"
fi
fi
if [ ! -x "$JAVACMD" ]; then
echo "Error: JAVA_HOME is not defined correctly." >&2
echo " We cannot execute $JAVACMD" >&2
exit 1
fi
if [ -z "$JAVA_HOME" ]; then
echo "Warning: JAVA_HOME environment variable is not set." >&2
fi
# traverses directory structure from process work directory to filesystem root
# first directory with .mvn subdirectory is considered project base directory
find_maven_basedir() {
if [ -z "$1" ]; then
echo "Path not specified to find_maven_basedir" >&2
return 1
fi
basedir="$1"
wdir="$1"
while [ "$wdir" != '/' ]; do
if [ -d "$wdir"/.mvn ]; then
basedir=$wdir
break
fi
# workaround for JBEAP-8937 (on Solaris 10/Sparc)
if [ -d "${wdir}" ]; then
wdir=$(
cd "$wdir/.." || exit 1
pwd
)
fi
# end of workaround
done
printf '%s' "$(
cd "$basedir" || exit 1
pwd
)"
}
# concatenates all lines of a file
concat_lines() {
if [ -f "$1" ]; then
# Remove \r in case we run on Windows within Git Bash
# and check out the repository with auto CRLF management
# enabled. Otherwise, we may read lines that are delimited with
# \r\n and produce $'-Xarg\r' rather than -Xarg due to word
# splitting rules.
tr -s '\r\n' ' ' <"$1"
fi
}
log() {
if [ "$MVNW_VERBOSE" = true ]; then
printf '%s\n' "$1"
fi
}
BASE_DIR=$(find_maven_basedir "$(dirname "$0")")
if [ -z "$BASE_DIR" ]; then
exit 1
fi
MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"}
export MAVEN_PROJECTBASEDIR
log "$MAVEN_PROJECTBASEDIR"
##########################################################################################
# Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
# This allows using the maven wrapper in projects that prohibit checking in binary data.
##########################################################################################
wrapperJarPath="$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar"
if [ -r "$wrapperJarPath" ]; then
log "Found $wrapperJarPath"
else
log "Couldn't find $wrapperJarPath, downloading it ..."
if [ -n "$MVNW_REPOURL" ]; then
wrapperUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar"
else
wrapperUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar"
fi
while IFS="=" read -r key value; do
# Remove '\r' from value to allow usage on windows as IFS does not consider '\r' as a separator ( considers space, tab, new line ('\n'), and custom '=' )
safeValue=$(echo "$value" | tr -d '\r')
case "$key" in wrapperUrl)
wrapperUrl="$safeValue"
break
;;
esac
done <"$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.properties"
log "Downloading from: $wrapperUrl"
if $cygwin; then
wrapperJarPath=$(cygpath --path --windows "$wrapperJarPath")
fi
if command -v wget >/dev/null; then
log "Found wget ... using wget"
[ "$MVNW_VERBOSE" = true ] && QUIET="" || QUIET="--quiet"
if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
wget $QUIET "$wrapperUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
else
wget $QUIET --http-user="$MVNW_USERNAME" --http-password="$MVNW_PASSWORD" "$wrapperUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
fi
elif command -v curl >/dev/null; then
log "Found curl ... using curl"
[ "$MVNW_VERBOSE" = true ] && QUIET="" || QUIET="--silent"
if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
curl $QUIET -o "$wrapperJarPath" "$wrapperUrl" -f -L || rm -f "$wrapperJarPath"
else
curl $QUIET --user "$MVNW_USERNAME:$MVNW_PASSWORD" -o "$wrapperJarPath" "$wrapperUrl" -f -L || rm -f "$wrapperJarPath"
fi
else
log "Falling back to using Java to download"
javaSource="$MAVEN_PROJECTBASEDIR/.mvn/wrapper/MavenWrapperDownloader.java"
javaClass="$MAVEN_PROJECTBASEDIR/.mvn/wrapper/MavenWrapperDownloader.class"
# For Cygwin, switch paths to Windows format before running javac
if $cygwin; then
javaSource=$(cygpath --path --windows "$javaSource")
javaClass=$(cygpath --path --windows "$javaClass")
fi
if [ -e "$javaSource" ]; then
if [ ! -e "$javaClass" ]; then
log " - Compiling MavenWrapperDownloader.java ..."
("$JAVA_HOME/bin/javac" "$javaSource")
fi
if [ -e "$javaClass" ]; then
log " - Running MavenWrapperDownloader.java ..."
("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$wrapperUrl" "$wrapperJarPath") || rm -f "$wrapperJarPath"
fi
fi
fi
fi
##########################################################################################
# End of extension
##########################################################################################
# If specified, validate the SHA-256 sum of the Maven wrapper jar file
wrapperSha256Sum=""
while IFS="=" read -r key value; do
case "$key" in wrapperSha256Sum)
wrapperSha256Sum=$value
break
;;
esac
done <"$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.properties"
if [ -n "$wrapperSha256Sum" ]; then
wrapperSha256Result=false
if command -v sha256sum >/dev/null; then
if echo "$wrapperSha256Sum $wrapperJarPath" | sha256sum -c >/dev/null 2>&1; then
wrapperSha256Result=true
fi
elif command -v shasum >/dev/null; then
if echo "$wrapperSha256Sum $wrapperJarPath" | shasum -a 256 -c >/dev/null 2>&1; then
wrapperSha256Result=true
fi
else
echo "Checksum validation was requested but neither 'sha256sum' or 'shasum' are available." >&2
echo "Please install either command, or disable validation by removing 'wrapperSha256Sum' from your maven-wrapper.properties." >&2
exit 1
fi
if [ $wrapperSha256Result = false ]; then
echo "Error: Failed to validate Maven wrapper SHA-256, your Maven wrapper might be compromised." >&2
echo "Investigate or delete $wrapperJarPath to attempt a clean download." >&2
echo "If you updated your Maven version, you need to update the specified wrapperSha256Sum property." >&2
exit 1
fi
fi
MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS"
# For Cygwin, switch paths to Windows format before running java
if $cygwin; then
[ -n "$JAVA_HOME" ] \
&& JAVA_HOME=$(cygpath --path --windows "$JAVA_HOME")
[ -n "$CLASSPATH" ] \
&& CLASSPATH=$(cygpath --path --windows "$CLASSPATH")
[ -n "$MAVEN_PROJECTBASEDIR" ] \
&& MAVEN_PROJECTBASEDIR=$(cygpath --path --windows "$MAVEN_PROJECTBASEDIR")
fi
# Provide a "standardized" way to retrieve the CLI args that will
# work with both Windows and non-Windows executions.
MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $*"
export MAVEN_CMD_LINE_ARGS
WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
# shellcheck disable=SC2086 # safe args
exec "$JAVACMD" \
$MAVEN_OPTS \
$MAVEN_DEBUG_OPTS \
-classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \
"-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \
${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@"

206
mvnw.cmd vendored Normal file
View File

@ -0,0 +1,206 @@
@REM ----------------------------------------------------------------------------
@REM Licensed to the Apache Software Foundation (ASF) under one
@REM or more contributor license agreements. See the NOTICE file
@REM distributed with this work for additional information
@REM regarding copyright ownership. The ASF licenses this file
@REM to you under the Apache License, Version 2.0 (the
@REM "License"); you may not use this file except in compliance
@REM with the License. You may obtain a copy of the License at
@REM
@REM http://www.apache.org/licenses/LICENSE-2.0
@REM
@REM Unless required by applicable law or agreed to in writing,
@REM software distributed under the License is distributed on an
@REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@REM KIND, either express or implied. See the License for the
@REM specific language governing permissions and limitations
@REM under the License.
@REM ----------------------------------------------------------------------------
@REM ----------------------------------------------------------------------------
@REM Apache Maven Wrapper startup batch script, version 3.3.2
@REM
@REM Required ENV vars:
@REM JAVA_HOME - location of a JDK home dir
@REM
@REM Optional ENV vars
@REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands
@REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending
@REM MAVEN_OPTS - parameters passed to the Java VM when running Maven
@REM e.g. to debug Maven itself, use
@REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
@REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files
@REM ----------------------------------------------------------------------------
@REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on'
@echo off
@REM set title of command window
title %0
@REM enable echoing by setting MAVEN_BATCH_ECHO to 'on'
@if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO%
@REM set %HOME% to equivalent of $HOME
if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%")
@REM Execute a user defined script before this one
if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre
@REM check for pre script, once with legacy .bat ending and once with .cmd ending
if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %*
if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %*
:skipRcPre
@setlocal
set ERROR_CODE=0
@REM To isolate internal variables from possible post scripts, we use another setlocal
@setlocal
@REM ==== START VALIDATION ====
if not "%JAVA_HOME%" == "" goto OkJHome
echo. >&2
echo Error: JAVA_HOME not found in your environment. >&2
echo Please set the JAVA_HOME variable in your environment to match the >&2
echo location of your Java installation. >&2
echo. >&2
goto error
:OkJHome
if exist "%JAVA_HOME%\bin\java.exe" goto init
echo. >&2
echo Error: JAVA_HOME is set to an invalid directory. >&2
echo JAVA_HOME = "%JAVA_HOME%" >&2
echo Please set the JAVA_HOME variable in your environment to match the >&2
echo location of your Java installation. >&2
echo. >&2
goto error
@REM ==== END VALIDATION ====
:init
@REM Find the project base dir, i.e. the directory that contains the folder ".mvn".
@REM Fallback to current working directory if not found.
set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR%
IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir
set EXEC_DIR=%CD%
set WDIR=%EXEC_DIR%
:findBaseDir
IF EXIST "%WDIR%"\.mvn goto baseDirFound
cd ..
IF "%WDIR%"=="%CD%" goto baseDirNotFound
set WDIR=%CD%
goto findBaseDir
:baseDirFound
set MAVEN_PROJECTBASEDIR=%WDIR%
cd "%EXEC_DIR%"
goto endDetectBaseDir
:baseDirNotFound
set MAVEN_PROJECTBASEDIR=%EXEC_DIR%
cd "%EXEC_DIR%"
:endDetectBaseDir
IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig
@setlocal EnableExtensions EnableDelayedExpansion
for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a
@endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS%
:endReadAdditionalConfig
SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
set WRAPPER_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar"
FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
IF "%%A"=="wrapperUrl" SET WRAPPER_URL=%%B
)
@REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
@REM This allows using the maven wrapper in projects that prohibit checking in binary data.
if exist %WRAPPER_JAR% (
if "%MVNW_VERBOSE%" == "true" (
echo Found %WRAPPER_JAR%
)
) else (
if not "%MVNW_REPOURL%" == "" (
SET WRAPPER_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar"
)
if "%MVNW_VERBOSE%" == "true" (
echo Couldn't find %WRAPPER_JAR%, downloading it ...
echo Downloading from: %WRAPPER_URL%
)
powershell -Command "&{"^
"$webclient = new-object System.Net.WebClient;"^
"if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^
"$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^
"}"^
"[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%WRAPPER_URL%', '%WRAPPER_JAR%')"^
"}"
if "%MVNW_VERBOSE%" == "true" (
echo Finished downloading %WRAPPER_JAR%
)
)
@REM End of extension
@REM If specified, validate the SHA-256 sum of the Maven wrapper jar file
SET WRAPPER_SHA_256_SUM=""
FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
IF "%%A"=="wrapperSha256Sum" SET WRAPPER_SHA_256_SUM=%%B
)
IF NOT %WRAPPER_SHA_256_SUM%=="" (
powershell -Command "&{"^
"Import-Module $PSHOME\Modules\Microsoft.PowerShell.Utility -Function Get-FileHash;"^
"$hash = (Get-FileHash \"%WRAPPER_JAR%\" -Algorithm SHA256).Hash.ToLower();"^
"If('%WRAPPER_SHA_256_SUM%' -ne $hash){"^
" Write-Error 'Error: Failed to validate Maven wrapper SHA-256, your Maven wrapper might be compromised.';"^
" Write-Error 'Investigate or delete %WRAPPER_JAR% to attempt a clean download.';"^
" Write-Error 'If you updated your Maven version, you need to update the specified wrapperSha256Sum property.';"^
" exit 1;"^
"}"^
"}"
if ERRORLEVEL 1 goto error
)
@REM Provide a "standardized" way to retrieve the CLI args that will
@REM work with both Windows and non-Windows executions.
set MAVEN_CMD_LINE_ARGS=%*
%MAVEN_JAVA_EXE% ^
%JVM_CONFIG_MAVEN_PROPS% ^
%MAVEN_OPTS% ^
%MAVEN_DEBUG_OPTS% ^
-classpath %WRAPPER_JAR% ^
"-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^
%WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
if ERRORLEVEL 1 goto error
goto end
:error
set ERROR_CODE=1
:end
@endlocal & set ERROR_CODE=%ERROR_CODE%
if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost
@REM check for post script, once with legacy .bat ending and once with .cmd ending
if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat"
if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd"
:skipRcPost
@REM pause the script if MAVEN_BATCH_PAUSE is set to 'on'
if "%MAVEN_BATCH_PAUSE%"=="on" pause
if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE%
cmd /C exit /B %ERROR_CODE%

107
pom.xml
View File

@ -4,7 +4,7 @@
<groupId>de.stklcode.jvault</groupId>
<artifactId>jvault-connector</artifactId>
<version>1.2.0</version>
<version>1.4.0</version>
<packaging>jar</packaging>
@ -49,24 +49,24 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.16.0</version>
<version>2.18.2</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.datatype</groupId>
<artifactId>jackson-datatype-jsr310</artifactId>
<version>2.16.0</version>
<version>2.18.2</version>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter</artifactId>
<version>5.10.1</version>
<version>5.11.3</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-core</artifactId>
<version>5.8.0</version>
<version>5.14.2</version>
<scope>test</scope>
</dependency>
<dependency>
@ -78,25 +78,25 @@
<dependency>
<groupId>org.wiremock</groupId>
<artifactId>wiremock</artifactId>
<version>3.3.1</version>
<version>3.10.0</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.15.1</version>
<version>2.18.0</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>nl.jqno.equalsverifier</groupId>
<artifactId>equalsverifier</artifactId>
<version>3.15.4</version>
<version>3.17.5</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.awaitility</groupId>
<artifactId>awaitility</artifactId>
<version>4.2.0</version>
<version>4.2.2</version>
<scope>test</scope>
</dependency>
</dependencies>
@ -107,26 +107,25 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.11.0</version>
<version>3.13.0</version>
<configuration>
<source>11</source>
<target>11</target>
<release>11</release>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-clean-plugin</artifactId>
<version>3.3.2</version>
<version>3.4.0</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<version>3.1.1</version>
<version>3.1.3</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId>
<version>3.2.2</version>
<version>3.5.2</version>
<configuration>
<argLine>
@{argLine}
@ -137,19 +136,12 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-install-plugin</artifactId>
<version>3.1.1</version>
<version>3.1.3</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<version>3.3.0</version>
<configuration>
<archive>
<manifestEntries>
<Automatic-Module-Name>de.stklcode.jvault.connector</Automatic-Module-Name>
</manifestEntries>
</archive>
</configuration>
<version>3.4.2</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
@ -159,12 +151,12 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>3.3.0</version>
<version>3.3.1</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>3.2.2</version>
<version>3.5.2</version>
<configuration>
<argLine>
@{argLine}
@ -179,15 +171,20 @@
</argLine>
</configuration>
</plugin>
<plugin>
<groupId>org.cyclonedx</groupId>
<artifactId>cyclonedx-maven-plugin</artifactId>
<version>2.9.1</version>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>0.8.11</version>
<version>0.8.12</version>
</plugin>
<plugin>
<groupId>org.sonarsource.scanner.maven</groupId>
<artifactId>sonar-maven-plugin</artifactId>
<version>3.10.0.2594</version>
<version>5.0.0.4389</version>
</plugin>
</plugins>
</pluginManagement>
@ -227,7 +224,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>3.6.2</version>
<version>3.11.1</version>
<configuration>
<source>11</source>
</configuration>
@ -244,6 +241,29 @@
</build>
</profile>
<profile>
<id>sbom</id>
<build>
<plugins>
<plugin>
<groupId>org.cyclonedx</groupId>
<artifactId>cyclonedx-maven-plugin</artifactId>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>makeBom</goal>
</goals>
<configuration>
<skipNotDeployed>false</skipNotDeployed>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>sign</id>
<build>
@ -251,7 +271,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>3.1.0</version>
<version>3.2.7</version>
<executions>
<execution>
<id>sign-artifacts</id>
@ -322,7 +342,7 @@
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>9.0.4</version>
<version>11.1.1</version>
<configuration>
<nvdApiKey>${env.NVD_API_KEY}</nvdApiKey>
<nvdDatafeedUrl>${env.NVD_DATAFEED_URL}</nvdDatafeedUrl>
@ -340,17 +360,20 @@
</profile>
<profile>
<id>sonatype</id>
<distributionManagement>
<repository>
<id>ossrh</id>
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
<snapshotRepository>
<id>ossrh</id>
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
</snapshotRepository>
</distributionManagement>
<id>central</id>
<build>
<plugins>
<plugin>
<groupId>org.sonatype.central</groupId>
<artifactId>central-publishing-maven-plugin</artifactId>
<version>0.6.0</version>
<extensions>true</extensions>
<configuration>
<publishingServerId>central</publishingServerId>
</configuration>
</plugin>
</plugins>
</build>
</profile>
<profile>

51
src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -58,7 +58,6 @@ public class HTTPVaultConnector implements VaultConnector {
private static final String PATH_ROLES = "/roles";
private static final String PATH_CREATE_ORPHAN = "/create-orphan";
private static final String PATH_AUTH_USERPASS = PATH_AUTH + "/userpass/login/";
private static final String PATH_AUTH_APPID = PATH_AUTH + "/app-id";
private static final String PATH_AUTH_APPROLE = PATH_AUTH + "/approle";
private static final String PATH_AUTH_APPROLE_ROLE = PATH_AUTH_APPROLE + "/role/%s%s";
@ -200,18 +199,6 @@ public class HTTPVaultConnector implements VaultConnector {
return queryAuth(PATH_AUTH_USERPASS + username, payload);
}
@Override
@Deprecated(since = "0.4", forRemoval = true)
public final AuthResponse authAppId(final String appID, final String userID) throws VaultConnectorException {
return queryAuth(
PATH_AUTH_APPID + PATH_LOGIN,
Map.of(
"app_id", appID,
"user_id", userID
)
);
}
@Override
public final AuthResponse authAppRole(final String roleID, final String secretID) throws VaultConnectorException {
final Map<String, String> payload = mapOfStrings(
@ -241,40 +228,6 @@ public class HTTPVaultConnector implements VaultConnector {
return auth;
}
@Override
@Deprecated(since = "0.4", forRemoval = true)
public final boolean registerAppId(final String appID, final String policy, final String displayName)
throws VaultConnectorException {
requireAuth();
/* Issue request and expect code 204 with empty response */
request.postWithoutResponse(
PATH_AUTH_APPID + "/map/app-id/" + appID,
Map.of(
"value", policy,
"display_name", displayName
),
token
);
return true;
}
@Override
@Deprecated(since = "0.4", forRemoval = true)
public final boolean registerUserId(final String appID, final String userID) throws VaultConnectorException {
requireAuth();
/* Issue request and expect code 204 with empty response */
request.postWithoutResponse(
PATH_AUTH_APPID + "/map/user-id/" + userID,
singletonMap("value", appID),
token
);
return true;
}
@Override
public final boolean createAppRole(final AppRole role) throws VaultConnectorException {
requireAuth();
@ -496,7 +449,7 @@ public class HTTPVaultConnector implements VaultConnector {
throw new InvalidRequestException("Secret path must not be empty.");
}
// By default data is directly passed as payload.
// By default, data is directly passed as payload.
Object payload = data;
// If options are given, split payload in two parts.

4
src/main/java/de/stklcode/jvault/connector/HTTPVaultConnectorBuilder.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -293,7 +293,7 @@ public final class HTTPVaultConnectorBuilder {
}
/**
* Build connector based on the {@code }VAULT_ADDR} and {@code VAULT_CACERT} (optional) environment variables.
* Build connector based on the {@code VAULT_ADDR} and {@code VAULT_CACERT} (optional) environment variables.
*
* @return self
* @throws VaultConnectorException if Vault address from environment variables is malformed

62
src/main/java/de/stklcode/jvault/connector/VaultConnector.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -112,19 +112,6 @@ public interface VaultConnector extends AutoCloseable, Serializable {
*/
AuthResponse authUserPass(final String username, final String password) throws VaultConnectorException;
/**
* Authorize to Vault using AppID method.
*
* @param appID The App ID
* @param userID The User ID
* @return The {@link AuthResponse}
* @throws VaultConnectorException on error
* @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole. App-ID was removed in Vault 1.12.
* Consider using {@link #authAppRole} instead.
*/
@Deprecated(since = "0.4", forRemoval = true)
AuthResponse authAppId(final String appID, final String userID) throws VaultConnectorException;
/**
* Authorize to Vault using AppRole method without secret ID.
*
@ -148,21 +135,6 @@ public interface VaultConnector extends AutoCloseable, Serializable {
*/
AuthResponse authAppRole(final String roleID, final String secretID) throws VaultConnectorException;
/**
* Register new App-ID with policy.
*
* @param appID The unique App-ID
* @param policy The policy to associate with
* @param displayName Arbitrary name to display
* @return {@code true} on success
* @throws VaultConnectorException on error
* @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole. App-ID was removed in Vault 1.12.
* Consider using {@link #createAppRole} instead.
*/
@Deprecated(since = "0.4", forRemoval = true)
boolean registerAppId(final String appID, final String policy, final String displayName)
throws VaultConnectorException;
/**
* Register a new AppRole role from given metamodel.
*
@ -344,38 +316,6 @@ public interface VaultConnector extends AutoCloseable, Serializable {
*/
List<String> listAppRoleSecrets(final String roleName) throws VaultConnectorException;
/**
* Register User-ID with App-ID.
*
* @param appID The App-ID
* @param userID The User-ID
* @return {@code true} on success
* @throws VaultConnectorException on error
* @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole. App-ID was removed in Vault 1.12.
* Consider using {@link #createAppRoleSecret} instead.
*/
@Deprecated(since = "0.4", forRemoval = true)
boolean registerUserId(final String appID, final String userID) throws VaultConnectorException;
/**
* Register new App-ID and User-ID at once.
*
* @param appID The App-ID
* @param policy The policy to associate with
* @param displayName Arbitrary name to display
* @param userID The User-ID
* @return {@code true} on success
* @throws VaultConnectorException on error
* @deprecated As of Vault 0.6.1 App-ID is superseded by AppRole. App-ID was removed in Vault 1.12.
*/
@Deprecated(since = "0.4", forRemoval = true)
default boolean registerAppUserId(final String appID,
final String policy,
final String displayName,
final String userID) throws VaultConnectorException {
return registerAppId(appID, policy, userID) && registerUserId(appID, userID);
}
/**
* Get authorization status.
*

3
src/main/java/de/stklcode/jvault/connector/exception/AuthorizationRequiredException.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -23,4 +23,5 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1
*/
public class AuthorizationRequiredException extends VaultConnectorException {
private static final long serialVersionUID = 2629577936657393880L;
}

4
src/main/java/de/stklcode/jvault/connector/exception/ConnectionException.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -23,6 +23,8 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1
*/
public class ConnectionException extends VaultConnectorException {
private static final long serialVersionUID = 3005430116002990418L;
/**
* Constructs a new empty exception.
*/

4
src/main/java/de/stklcode/jvault/connector/exception/InvalidRequestException.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -23,6 +23,8 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1
*/
public class InvalidRequestException extends VaultConnectorException {
private static final long serialVersionUID = -6712239648281809159L;
/**
* Constructs a new empty exception.
*/

4
src/main/java/de/stklcode/jvault/connector/exception/InvalidResponseException.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -24,6 +24,8 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1
*/
public final class InvalidResponseException extends VaultConnectorException {
private static final long serialVersionUID = 2003151038614163479L;
private final Integer statusCode;
private final String response;

4
src/main/java/de/stklcode/jvault/connector/exception/PermissionDeniedException.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -23,6 +23,8 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1
*/
public class PermissionDeniedException extends VaultConnectorException {
private static final long serialVersionUID = -7149134015090750776L;
/**
* Constructs a new empty exception.
*/

4
src/main/java/de/stklcode/jvault/connector/exception/TlsException.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -23,6 +23,8 @@ package de.stklcode.jvault.connector.exception;
* @since 0.4.0
*/
public class TlsException extends VaultConnectorException {
private static final long serialVersionUID = -5139276834988258086L;
/**
* Constructs a new empty exception.
*/

4
src/main/java/de/stklcode/jvault/connector/exception/VaultConnectorException.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -23,6 +23,8 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1
*/
public abstract class VaultConnectorException extends Exception {
private static final long serialVersionUID = -2612477894310906036L;
/**
* Constructs a new empty exception.
*/

2
src/main/java/de/stklcode/jvault/connector/exception/package-info.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/internal/Error.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

21
src/main/java/de/stklcode/jvault/connector/internal/RequestHelper.java
View File

@ -431,18 +431,19 @@ public final class RequestHelper implements Serializable {
* @throws VaultConnectorException Expected exception with details to throw
*/
private void handleError(final HttpResponse<InputStream> response) throws VaultConnectorException {
if (response.body() != null) {
try (var reader = new BufferedReader(new InputStreamReader(response.body(), UTF_8))) {
var responseString = reader.lines().collect(Collectors.joining("\n"));
ErrorResponse er = jsonMapper.readValue(responseString, ErrorResponse.class);
/* Check for "permission denied" response */
if (!er.getErrors().isEmpty() && er.getErrors().get(0).equals("permission denied")) {
throw new PermissionDeniedException();
try (var body = response.body()) {
if (body != null) {
try (var reader = new BufferedReader(new InputStreamReader(body, UTF_8))) {
ErrorResponse er = jsonMapper.readValue(reader, ErrorResponse.class);
/* Check for "permission denied" response */
if (!er.getErrors().isEmpty() && er.getErrors().get(0).equals("permission denied")) {
throw new PermissionDeniedException();
}
throw new InvalidResponseException(Error.RESPONSE_CODE, response.statusCode(), er.toString());
}
throw new InvalidResponseException(Error.RESPONSE_CODE, response.statusCode(), er.toString());
} catch (IOException ignored) {
// Exception ignored.
}
} catch (IOException ignored) {
// Exception ignored.
}
}
}

28
src/main/java/de/stklcode/jvault/connector/model/AppRole.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -32,7 +32,7 @@ import java.util.Objects;
*/
@JsonIgnoreProperties(ignoreUnknown = true)
public final class AppRole implements Serializable {
private static final long serialVersionUID = -6248529625864573990L;
private static final long serialVersionUID = 693228837510483448L;
@JsonProperty("role_name")
private String name;
@ -55,9 +55,9 @@ public final class AppRole implements Serializable {
@JsonInclude(JsonInclude.Include.NON_NULL)
private Integer secretIdTtl;
@JsonProperty("enable_local_secret_ids")
@JsonProperty("local_secret_ids")
@JsonInclude(JsonInclude.Include.NON_NULL)
private Boolean enableLocalSecretIds;
private Boolean localSecretIds;
@JsonProperty("token_ttl")
@JsonInclude(JsonInclude.Include.NON_NULL)
@ -111,7 +111,7 @@ public final class AppRole implements Serializable {
this.secretIdBoundCidrs = builder.secretIdBoundCidrs;
this.secretIdNumUses = builder.secretIdNumUses;
this.secretIdTtl = builder.secretIdTtl;
this.enableLocalSecretIds = builder.enableLocalSecretIds;
this.localSecretIds = builder.localSecretIds;
this.tokenTtl = builder.tokenTtl;
this.tokenMaxTtl = builder.tokenMaxTtl;
this.tokenPolicies = builder.tokenPolicies;
@ -262,9 +262,10 @@ public final class AppRole implements Serializable {
/**
* @return Enable local secret IDs?
* @since 0.9
* @since 1.3 renamed to {@code getLocalSecretIds()}
*/
public Boolean getEnableLocalSecretIds() {
return enableLocalSecretIds;
public Boolean getLocalSecretIds() {
return localSecretIds;
}
/**
@ -335,7 +336,7 @@ public final class AppRole implements Serializable {
Objects.equals(secretIdBoundCidrs, appRole.secretIdBoundCidrs) &&
Objects.equals(secretIdNumUses, appRole.secretIdNumUses) &&
Objects.equals(secretIdTtl, appRole.secretIdTtl) &&
Objects.equals(enableLocalSecretIds, appRole.enableLocalSecretIds) &&
Objects.equals(localSecretIds, appRole.localSecretIds) &&
Objects.equals(tokenTtl, appRole.tokenTtl) &&
Objects.equals(tokenMaxTtl, appRole.tokenMaxTtl) &&
Objects.equals(tokenPolicies, appRole.tokenPolicies) &&
@ -350,7 +351,7 @@ public final class AppRole implements Serializable {
@Override
public int hashCode() {
return Objects.hash(name, id, bindSecretId, secretIdBoundCidrs, secretIdNumUses, secretIdTtl,
enableLocalSecretIds, tokenTtl, tokenMaxTtl, tokenPolicies, tokenBoundCidrs, tokenExplicitMaxTtl,
localSecretIds, tokenTtl, tokenMaxTtl, tokenPolicies, tokenBoundCidrs, tokenExplicitMaxTtl,
tokenNoDefaultPolicy, tokenNumUses, tokenPeriod, tokenType);
}
@ -370,7 +371,7 @@ public final class AppRole implements Serializable {
private List<String> tokenPolicies;
private Integer secretIdNumUses;
private Integer secretIdTtl;
private Boolean enableLocalSecretIds;
private Boolean localSecretIds;
private Integer tokenTtl;
private Integer tokenMaxTtl;
private List<String> tokenBoundCidrs;
@ -527,12 +528,13 @@ public final class AppRole implements Serializable {
/**
* Enable or disable local secret IDs.
*
* @param enableLocalSecretIds Enable local secret IDs?
* @param localSecretIds Enable local secret IDs?
* @return self
* @since 0.9
* @since 1.3 renamed to {@code withLocalSecretIds()}
*/
public Builder withEnableLocalSecretIds(final Boolean enableLocalSecretIds) {
this.enableLocalSecretIds = enableLocalSecretIds;
public Builder withLocalSecretIds(final Boolean localSecretIds) {
this.localSecretIds = localSecretIds;
return this;
}

2
src/main/java/de/stklcode/jvault/connector/model/AppRoleSecret.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

4
src/main/java/de/stklcode/jvault/connector/model/AuthBackend.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -24,8 +24,6 @@ package de.stklcode.jvault.connector.model;
*/
public enum AuthBackend {
TOKEN("token"),
@Deprecated(since = "1.1.3", forRemoval = true)
APPID("app-id"),
APPROLE("approle"),
USERPASS("userpass"),
GITHUB("github"), // Not supported yet.

2
src/main/java/de/stklcode/jvault/connector/model/Token.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/TokenRole.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/package-info.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/AppRoleResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/AppRoleSecretResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/AuthMethodsResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

31
src/main/java/de/stklcode/jvault/connector/model/response/AuthResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -17,11 +17,8 @@
package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.response.embedded.AuthData;
import java.util.Objects;
/**
* Vault response for authentication providing auth info in {@link AuthData} field.
*
@ -31,30 +28,4 @@ import java.util.Objects;
@JsonIgnoreProperties(ignoreUnknown = true)
public final class AuthResponse extends VaultDataResponse {
private static final long serialVersionUID = 1628851361067456715L;
@JsonProperty("auth")
private AuthData auth;
/**
* @return Authentication data
*/
public AuthData getAuth() {
return auth;
}
@Override
public boolean equals(Object o) {
if (this == o) {
return true;
} else if (o == null || getClass() != o.getClass() || !super.equals(o)) {
return false;
}
AuthResponse that = (AuthResponse) o;
return Objects.equals(auth, that.auth);
}
@Override
public int hashCode() {
return Objects.hash(super.hashCode(), auth);
}
}

2
src/main/java/de/stklcode/jvault/connector/model/response/CredentialsResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/ErrorResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

57
src/main/java/de/stklcode/jvault/connector/model/response/HealthResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -29,7 +29,7 @@ import java.util.Objects;
*/
@JsonIgnoreProperties(ignoreUnknown = true)
public final class HealthResponse implements VaultResponse {
private static final long serialVersionUID = 6483840078694294401L;
private static final long serialVersionUID = 8675155916902904516L;
@JsonProperty("cluster_id")
private String clusterID;
@ -61,6 +61,18 @@ public final class HealthResponse implements VaultResponse {
@JsonProperty("performance_standby")
private Boolean performanceStandby;
@JsonProperty("echo_duration_ms")
private Long echoDurationMs;
@JsonProperty("clock_skew_ms")
private Long clockSkewMs;
@JsonProperty("replication_primary_canary_age_ms")
private Long replicationPrimaryCanaryAgeMs;
@JsonProperty("enterprise")
private Boolean enterprise;
/**
* @return The Cluster ID.
*/
@ -134,6 +146,38 @@ public final class HealthResponse implements VaultResponse {
return performanceStandby;
}
/**
* @return Heartbeat echo duration in milliseconds (since Vault 1.16)
* @since 1.3
*/
public Long getEchoDurationMs() {
return echoDurationMs;
}
/**
* @return Clock skew in milliseconds (since Vault 1.16)
* @since 1.3
*/
public Long getClockSkewMs() {
return clockSkewMs;
}
/**
* @return Replication primary canary age in milliseconds (since Vault 1.17)
* @since 1.3
*/
public Long getReplicationPrimaryCanaryAgeMs() {
return replicationPrimaryCanaryAgeMs;
}
/**
* @return Enterprise instance? (since Vault 1.17)
* @since 1.3
*/
public Boolean isEnterprise() {
return enterprise;
}
@Override
public boolean equals(Object o) {
if (this == o) {
@ -151,12 +195,17 @@ public final class HealthResponse implements VaultResponse {
Objects.equals(initialized, that.initialized) &&
Objects.equals(replicationPerfMode, that.replicationPerfMode) &&
Objects.equals(replicationDrMode, that.replicationDrMode) &&
Objects.equals(performanceStandby, that.performanceStandby);
Objects.equals(performanceStandby, that.performanceStandby) &&
Objects.equals(echoDurationMs, that.echoDurationMs) &&
Objects.equals(clockSkewMs, that.clockSkewMs) &&
Objects.equals(replicationPrimaryCanaryAgeMs, that.replicationPrimaryCanaryAgeMs) &&
Objects.equals(enterprise, that.enterprise);
}
@Override
public int hashCode() {
return Objects.hash(clusterID, clusterName, version, serverTimeUTC, standby, sealed, initialized,
replicationPerfMode, replicationDrMode, performanceStandby);
replicationPerfMode, replicationDrMode, performanceStandby, echoDurationMs, clockSkewMs,
replicationPrimaryCanaryAgeMs, enterprise);
}
}

2
src/main/java/de/stklcode/jvault/connector/model/response/HelpResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/MetadataResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/RawDataResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/SealResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/SecretListResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/SecretResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/SecretVersionResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

17
src/main/java/de/stklcode/jvault/connector/model/response/TokenResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -30,14 +30,11 @@ import java.util.Objects;
*/
@JsonIgnoreProperties(ignoreUnknown = true)
public final class TokenResponse extends VaultDataResponse {
private static final long serialVersionUID = -4053126653764241197L;
private static final long serialVersionUID = -4341114947980033457L;
@JsonProperty("data")
private TokenData data;
@JsonProperty("auth")
private Boolean auth;
/**
* @return Token data
*/
@ -45,12 +42,6 @@ public final class TokenResponse extends VaultDataResponse {
return data;
}
/**
* @return Auth data
*/
public Boolean getAuth() {
return auth;
}
@Override
public boolean equals(Object o) {
@ -60,11 +51,11 @@ public final class TokenResponse extends VaultDataResponse {
return false;
}
TokenResponse that = (TokenResponse) o;
return Objects.equals(data, that.data) && Objects.equals(auth, that.auth);
return Objects.equals(data, that.data);
}
@Override
public int hashCode() {
return Objects.hash(super.hashCode(), data, auth);
return Objects.hash(super.hashCode(), data);
}
}

2
src/main/java/de/stklcode/jvault/connector/model/response/TokenRoleResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

32
src/main/java/de/stklcode/jvault/connector/model/response/VaultDataResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -17,6 +17,7 @@
package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.response.embedded.AuthData;
import de.stklcode.jvault.connector.model.response.embedded.WrapInfo;
import java.util.List;
@ -29,7 +30,7 @@ import java.util.Objects;
* @since 0.1
*/
public abstract class VaultDataResponse implements VaultResponse {
private static final long serialVersionUID = 7486270767477652184L;
private static final long serialVersionUID = 4787715235558510045L;
@JsonProperty("request_id")
private String requestId;
@ -49,6 +50,12 @@ public abstract class VaultDataResponse implements VaultResponse {
@JsonProperty("wrap_info")
private WrapInfo wrapInfo;
@JsonProperty("auth")
private AuthData auth;
@JsonProperty("mount_type")
private String mountType;
/**
* @return Request ID
* @since 1.1
@ -93,6 +100,21 @@ public abstract class VaultDataResponse implements VaultResponse {
return wrapInfo;
}
/**
* @return Authentication information for this response
* @since 1.3
*/
public final AuthData getAuth() {
return auth;
}
/**
* @return Information about the type of mount this secret is from (since Vault 1.17)
* @since 1.3
*/
public final String getMountType() {
return mountType;
}
@Override
public boolean equals(Object o) {
if (this == o) {
@ -106,11 +128,13 @@ public abstract class VaultDataResponse implements VaultResponse {
Objects.equals(leaseId, that.leaseId) &&
Objects.equals(leaseDuration, that.leaseDuration) &&
Objects.equals(warnings, that.warnings) &&
Objects.equals(wrapInfo, that.wrapInfo);
Objects.equals(wrapInfo, that.wrapInfo) &&
Objects.equals(auth, that.auth) &&
Objects.equals(mountType, that.mountType);
}
@Override
public int hashCode() {
return Objects.hash(requestId, leaseId, renewable, leaseDuration, warnings, wrapInfo);
return Objects.hash(requestId, leaseId, renewable, leaseDuration, warnings, wrapInfo, auth, mountType);
}
}

2
src/main/java/de/stklcode/jvault/connector/model/response/VaultResponse.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

18
src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthData.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -33,7 +33,7 @@ import java.util.Objects;
*/
@JsonIgnoreProperties(ignoreUnknown = true)
public final class AuthData implements Serializable {
private static final long serialVersionUID = 3067695351664603536L;
private static final long serialVersionUID = 5969334512309655317L;
@JsonProperty("client_token")
private String clientToken;
@ -65,6 +65,9 @@ public final class AuthData implements Serializable {
@JsonProperty("orphan")
private boolean orphan;
@JsonProperty("num_uses")
private Integer numUses;
@JsonProperty("mfa_requirement")
private MfaRequirement mfaRequirement;
@ -134,6 +137,14 @@ public final class AuthData implements Serializable {
return accessor;
}
/**
* @return allowed number of uses for the issued token
* @since 1.3
*/
public Integer getNumUses() {
return numUses;
}
/**
* @return Token is orphan
* @since 0.9
@ -169,12 +180,13 @@ public final class AuthData implements Serializable {
Objects.equals(leaseDuration, authData.leaseDuration) &&
Objects.equals(entityId, authData.entityId) &&
Objects.equals(tokenType, authData.tokenType) &&
Objects.equals(numUses, authData.numUses) &&
Objects.equals(mfaRequirement, authData.mfaRequirement);
}
@Override
public int hashCode() {
return Objects.hash(clientToken, accessor, policies, tokenPolicies, metadata, leaseDuration, renewable,
entityId, tokenType, orphan, mfaRequirement);
entityId, tokenType, orphan, numUses, mfaRequirement);
}
}

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthMethod.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/MfaConstraintAny.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/MfaMethodId.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/MfaRequirement.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

72
src/main/java/de/stklcode/jvault/connector/model/response/embedded/SecretMetadata.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -21,7 +21,7 @@ import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serializable;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
@ -34,10 +34,7 @@ import java.util.Objects;
*/
@JsonIgnoreProperties(ignoreUnknown = true)
public final class SecretMetadata implements Serializable {
private static final long serialVersionUID = -4967896264361344676L;
private static final DateTimeFormatter TIME_FORMAT =
DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss.SSSSSSSSSXXX");
private static final long serialVersionUID = -905059942871916214L;
@JsonProperty("created_time")
private ZonedDateTime createdTime;
@ -57,18 +54,14 @@ public final class SecretMetadata implements Serializable {
@JsonProperty("versions")
private Map<Integer, VersionMetadata> versions;
/**
* @return Time of secret creation as raw string representation.
* @deprecated Method left for backwards compatibility only. Use {@link #getCreatedTime()} instead.
*/
@Deprecated(since = "1.2", forRemoval = true)
public String getCreatedTimeString() {
if (createdTime != null) {
return TIME_FORMAT.format(createdTime);
}
@JsonProperty("cas_required")
private Boolean casRequired;
return null;
}
@JsonProperty("custom_metadata")
private HashMap<String, String> customMetadata;
@JsonProperty("delete_version_after")
private String deleteVersionAfter;
/**
* @return Time of secret creation.
@ -98,19 +91,6 @@ public final class SecretMetadata implements Serializable {
return oldestVersion;
}
/**
* @return Time of secret update as raw string representation.
* @deprecated Method left for backwards compatibility only. Use {@link #getUpdatedTime()} instead.
*/
@Deprecated(since = "1.2", forRemoval = true)
public String getUpdatedTimeString() {
if (updatedTime != null) {
return TIME_FORMAT.format(updatedTime);
}
return null;
}
/**
* @return Time of secret update.
*/
@ -125,6 +105,30 @@ public final class SecretMetadata implements Serializable {
return versions;
}
/**
* @return CAS required?
* @since 1.3
*/
public Boolean isCasRequired() {
return casRequired;
}
/**
* @return Custom metadata.
* @since 1.3
*/
public Map<String, String> getCustomMetadata() {
return customMetadata;
}
/**
* @return time duration to delete version
* @since 1.3
*/
public String getDeleteVersionAfter() {
return deleteVersionAfter;
}
@Override
public boolean equals(Object o) {
if (this == o) {
@ -138,11 +142,15 @@ public final class SecretMetadata implements Serializable {
Objects.equals(maxVersions, that.maxVersions) &&
Objects.equals(oldestVersion, that.oldestVersion) &&
Objects.equals(updatedTime, that.updatedTime) &&
Objects.equals(versions, that.versions);
Objects.equals(versions, that.versions) &&
Objects.equals(casRequired, that.casRequired) &&
Objects.equals(customMetadata, that.customMetadata) &&
Objects.equals(deleteVersionAfter, that.deleteVersionAfter);
}
@Override
public int hashCode() {
return Objects.hash(createdTime, currentVersion, maxVersions, oldestVersion, updatedTime, versions);
return Objects.hash(createdTime, currentVersion, maxVersions, oldestVersion, updatedTime, versions, casRequired,
customMetadata, deleteVersionAfter);
}
}

34
src/main/java/de/stklcode/jvault/connector/model/response/embedded/TokenData.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -21,7 +21,6 @@ import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serializable;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import java.util.List;
import java.util.Map;
import java.util.Objects;
@ -37,9 +36,6 @@ import java.util.Objects;
public final class TokenData implements Serializable {
private static final long serialVersionUID = -5749716740973138916L;
private static final DateTimeFormatter TIME_FORMAT =
DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss.SSSSSSSSSXXX");
@JsonProperty("accessor")
private String accessor;
@ -127,20 +123,6 @@ public final class TokenData implements Serializable {
return entityId;
}
/**
* @return Expire time as raw string value
* @since 0.9
* @deprecated Method left for backwards compatibility only. Use {@link #getExpireTime()} instead.
*/
@Deprecated(since = "1.2", forRemoval = true)
public String getExpireTimeString() {
if (expireTime != null) {
return TIME_FORMAT.format(expireTime);
}
return null;
}
/**
* @return Expire time (parsed)
* @since 0.9
@ -164,20 +146,6 @@ public final class TokenData implements Serializable {
return id;
}
/**
* @return Issue time as raw string value
* @since 0.9
* @deprecated Method left for backwards compatibility only. Use {@link #getIssueTime()} instead.
*/
@Deprecated(since = "1.2", forRemoval = true)
public String getIssueTimeString() {
if (issueTime != null) {
return TIME_FORMAT.format(issueTime);
}
return null;
}
/**
* @return Expire time (parsed)
* @since 0.9

50
src/main/java/de/stklcode/jvault/connector/model/response/embedded/VersionMetadata.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -21,7 +21,8 @@ import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serializable;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
/**
@ -33,10 +34,7 @@ import java.util.Objects;
*/
@JsonIgnoreProperties(ignoreUnknown = true)
public final class VersionMetadata implements Serializable {
private static final long serialVersionUID = -6815731513868586713L;
private static final DateTimeFormatter TIME_FORMAT =
DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss.SSSSSSSSSXXX");
private static final long serialVersionUID = 8495687554714216478L;
@JsonProperty("created_time")
private ZonedDateTime createdTime;
@ -50,18 +48,8 @@ public final class VersionMetadata implements Serializable {
@JsonProperty("version")
private Integer version;
/**
* @return Time of secret creation as raw string representation.
* @deprecated Method left for backwards compatibility only. Use {@link #getCreatedTime()} instead.
*/
@Deprecated(since = "1.2", forRemoval = true)
public String getCreatedTimeString() {
if (createdTime != null) {
return TIME_FORMAT.format(createdTime);
}
return null;
}
@JsonProperty("custom_metadata")
private HashMap<String, String> customMetadata;
/**
* @return Time of secret creation.
@ -70,19 +58,6 @@ public final class VersionMetadata implements Serializable {
return createdTime;
}
/**
* @return Time for secret deletion as raw string representation.
* @deprecated Method left for backwards compatibility only. Use {@link #getDeletionTime()} instead.
*/
@Deprecated(since = "1.2", forRemoval = true)
public String getDeletionTimeString() {
if (deletionTime != null) {
return TIME_FORMAT.format(deletionTime);
}
return null;
}
/**
* @return Time for secret deletion.
*/
@ -104,6 +79,14 @@ public final class VersionMetadata implements Serializable {
return version;
}
/**
* @return Custom metadata.
* @since 1.3
*/
public Map<String, String> getCustomMetadata() {
return customMetadata;
}
@Override
public boolean equals(Object o) {
if (this == o) {
@ -115,11 +98,12 @@ public final class VersionMetadata implements Serializable {
return destroyed == that.destroyed &&
Objects.equals(createdTime, that.createdTime) &&
Objects.equals(deletionTime, that.deletionTime) &&
Objects.equals(version, that.version);
Objects.equals(version, that.version) &&
Objects.equals(customMetadata, that.customMetadata);
}
@Override
public int hashCode() {
return Objects.hash(createdTime, deletionTime, destroyed, version);
return Objects.hash(createdTime, deletionTime, destroyed, version, customMetadata);
}
}

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/WrapInfo.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/package-info.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/model/response/package-info.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/main/java/de/stklcode/jvault/connector/package-info.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
src/main/java/module-info.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -31,6 +31,7 @@ module de.stklcode.jvault.connector {
opens de.stklcode.jvault.connector.model.response.embedded to com.fasterxml.jackson.databind;
requires java.net.http;
requires com.fasterxml.jackson.annotation;
requires com.fasterxml.jackson.databind;
requires com.fasterxml.jackson.datatype.jsr310;
}

19
src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorBuilderTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -129,15 +129,14 @@ class HTTPVaultConnectorBuilderTest {
});
// Provide CA certificate.
String VAULT_CACERT = tempDir.toString() + "/doesnotexist";
withVaultEnv(VAULT_ADDR, VAULT_CACERT, VAULT_MAX_RETRIES.toString(), null).execute(() -> {
String vaultCacert = tempDir.toString() + "/doesnotexist";
withVaultEnv(VAULT_ADDR, vaultCacert, VAULT_MAX_RETRIES.toString(), null).execute(() -> {
TlsException e = assertThrows(
TlsException.class,
() -> HTTPVaultConnector.builder().fromEnv(),
"Creation with unknown cert path failed"
);
assertTrue(e.getCause() instanceof NoSuchFileException);
assertEquals(VAULT_CACERT, ((NoSuchFileException) e.getCause()).getFile());
assertEquals(vaultCacert, assertInstanceOf(NoSuchFileException.class, e.getCause()).getFile());
return null;
});
@ -165,11 +164,11 @@ class HTTPVaultConnectorBuilderTest {
});
}
private SystemLambda.WithEnvironmentVariables withVaultEnv(String vault_addr, String vault_cacert, String vault_max_retries, String vault_token) {
return withEnvironmentVariable("VAULT_ADDR", vault_addr)
.and("VAULT_CACERT", vault_cacert)
.and("VAULT_MAX_RETRIES", vault_max_retries)
.and("VAULT_TOKEN", vault_token);
private SystemLambda.WithEnvironmentVariables withVaultEnv(String vaultAddr, String vaultCacert, String vaultMaxRetries, String vaultToken) {
return withEnvironmentVariable("VAULT_ADDR", vaultAddr)
.and("VAULT_CACERT", vaultCacert)
.and("VAULT_MAX_RETRIES", vaultMaxRetries)
.and("VAULT_TOKEN", vaultToken);
}
private Object getRequestHelperPrivate(HTTPVaultConnector connector, String fieldName) throws NoSuchFieldException, IllegalAccessException {

141
src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorIT.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -25,17 +25,18 @@ import de.stklcode.jvault.connector.model.response.*;
import de.stklcode.jvault.connector.test.Credentials;
import de.stklcode.jvault.connector.test.VaultConfiguration;
import org.junit.jupiter.api.*;
import org.junit.jupiter.api.condition.EnabledIf;
import org.junit.jupiter.api.io.TempDir;
import java.io.*;
import java.lang.reflect.Field;
import java.net.ServerSocket;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.*;
import java.util.concurrent.TimeUnit;
import java.util.regex.Pattern;
import static java.nio.charset.StandardCharsets.UTF_8;
import static java.util.Collections.singletonMap;
import static org.apache.commons.io.FileUtils.copyDirectory;
import static org.awaitility.Awaitility.await;
@ -51,7 +52,7 @@ import static org.junit.jupiter.api.Assumptions.assumeTrue;
* @since 0.1
*/
class HTTPVaultConnectorIT {
private static String VAULT_VERSION = "1.15.4"; // The vault version this test is supposed to run against.
private static String VAULT_VERSION = "1.18.2"; // The vault version this test is supposed to run against.
private static final String KEY1 = "E38bkCm0VhUvpdCKGQpcohhD9XmcHJ/2hreOSY019Lho";
private static final String KEY2 = "O5OHwDleY3IiPdgw61cgHlhsrEm6tVJkrxhF6QAnILd1";
private static final String KEY3 = "mw7Bm3nbt/UWa/juDjjL2EPQ04kiJ0saC5JEXwJvXYsB";
@ -59,7 +60,6 @@ class HTTPVaultConnectorIT {
private static final String USER_VALID = "validUser";
private static final String PASS_VALID = "validPass";
private static boolean legacy;
private Process vaultProcess;
private VaultConnector connector;
@ -70,9 +70,6 @@ class HTTPVaultConnectorIT {
VAULT_VERSION = System.getenv("VAULT_VERSION");
System.out.println("Vault version set to " + VAULT_VERSION);
}
if (compareVersions(VAULT_VERSION, "1.12.0") < 0) {
legacy = true;
}
}
/**
@ -129,13 +126,11 @@ class HTTPVaultConnectorIT {
@Test
@Order(10)
@DisplayName("Read secrets")
@SuppressWarnings("deprecation")
void readSecretTest() {
authUser();
assumeTrue(connector.isAuthorized());
// Try to read path user has no permission to read.
SecretResponse res = null;
final String invalidPath = "secret/invalid/path";
VaultConnectorException e = assertThrows(
@ -151,7 +146,7 @@ class HTTPVaultConnectorIT {
assertFalse(Pattern.compile("[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}").matcher(stackTrace(e)).find());
// Try to read accessible path with known value.
res = assertDoesNotThrow(
SecretResponse res = assertDoesNotThrow(
() -> connector.read(SECRET_PATH + "/" + SECRET_KEY),
"Valid secret path could not be read"
);
@ -216,7 +211,6 @@ class HTTPVaultConnectorIT {
@Test
@Order(30)
@DisplayName("Write secrets")
@SuppressWarnings("deprecation")
void writeSecretTest() {
authUser();
assumeTrue(connector.isAuthorized());
@ -550,74 +544,6 @@ class HTTPVaultConnectorIT {
}
}
@Nested
@DisplayName("App-ID Tests")
@EnabledIf(value = "de.stklcode.jvault.connector.HTTPVaultConnectorIT#isLegacy",
disabledReason = "AppID tests no longer available for Vault 1.12 and above")
@SuppressWarnings("deprecation")
class AppIdTests {
private static final String APP_ID = "152AEA38-85FB-47A8-9CBD-612D645BFACA";
private static final String USER_ID = "5ADF8218-D7FB-4089-9E38-287465DBF37E";
/**
* App-ID authentication roundtrip.
*/
@Test
@Order(10)
@DisplayName("Authenticate with App-ID")
void authAppIdTest() {
// Try unauthorized access first.
assumeFalse(connector.isAuthorized());
assertThrows(
AuthorizationRequiredException.class,
() -> connector.registerAppId("", "", ""),
"Expected exception not thrown"
);
assertThrows(
AuthorizationRequiredException.class,
() -> connector.registerUserId("", ""),
"Expected exception not thrown"
);
}
/**
* App-ID authentication roundtrip.
*/
@Test
@Order(20)
@DisplayName("Register App-ID")
void registerAppIdTest() {
// Authorize.
authRoot();
assumeTrue(connector.isAuthorized());
// Register App-ID.
boolean res = assertDoesNotThrow(
() -> connector.registerAppId(APP_ID, "user", "App Name"),
"Failed to register App-ID"
);
assertTrue(res, "Failed to register App-ID");
// Register User-ID.
res = assertDoesNotThrow(
() -> connector.registerUserId(APP_ID, USER_ID),
"Failed to register App-ID"
);
assertTrue(res, "Failed to register App-ID");
connector.resetAuth();
assumeFalse(connector.isAuthorized());
// Authenticate with created credentials.
AuthResponse resp = assertDoesNotThrow(
() -> connector.authAppId(APP_ID, USER_ID),
"Failed to authenticate using App-ID"
);
assertTrue(connector.isAuthorized(), "Authorization flag not set after App-ID login");
}
}
@Nested
@DisplayName("AppRole Tests")
@TestMethodOrder(MethodOrderer.OrderAnnotation.class)
@ -909,7 +835,7 @@ class HTTPVaultConnectorIT {
assertFalse(res.getAuth().isRenewable(), "Root token should not be renewable");
assertFalse(res.getAuth().isOrphan(), "Root token should not be orphan");
// Starting with Vault 1.0 a warning "custom ID uses weaker SHA1.." is given.
// Starting with Vault 1.0 a warning "custom ID uses weaker SHA1..." is given.
// Starting with Vault 1.11 a second warning "Endpoint ignored unrecognized parameters" is given.
assertFalse(res.getWarnings().isEmpty(), "Token creation did not return expected warning");
@ -1080,13 +1006,9 @@ class HTTPVaultConnectorIT {
() -> connector.getAuthBackends(),
"Could not list supported auth backends"
);
if (legacy) {
assertEquals(4, supportedBackends.size());
assertTrue(supportedBackends.containsAll(List.of(AuthBackend.TOKEN, AuthBackend.USERPASS, AuthBackend.APPID, AuthBackend.APPROLE)));
} else {
assertEquals(3, supportedBackends.size());
assertTrue(supportedBackends.containsAll(List.of(AuthBackend.TOKEN, AuthBackend.USERPASS, AuthBackend.APPROLE)));
}
assertEquals(3, supportedBackends.size());
assertTrue(supportedBackends.containsAll(List.of(AuthBackend.TOKEN, AuthBackend.USERPASS, AuthBackend.APPROLE)));
}
/**
@ -1212,11 +1134,7 @@ class HTTPVaultConnectorIT {
*/
private VaultConfiguration initializeVault(File dir, boolean tls) throws IllegalStateException, IOException {
File dataDir = new File(dir, "data");
if (legacy) {
copyDirectory(new File(getClass().getResource("/data_dir_legacy").getPath()), dataDir);
} else {
copyDirectory(new File(getClass().getResource("/data_dir").getPath()), dataDir);
}
copyDirectory(new File(getClass().getResource("/data_dir").getPath()), dataDir);
// Generate vault local unencrypted configuration.
VaultConfiguration config = new VaultConfiguration()
@ -1234,15 +1152,17 @@ class HTTPVaultConnectorIT {
// Write configuration file.
File configFile = new File(dir, "vault.conf");
try (BufferedWriter bw = new BufferedWriter(new FileWriter(configFile))) {
bw.write(config.toString());
try {
Files.write(configFile.toPath(), config.toString().getBytes(UTF_8));
} catch (IOException e) {
throw new IllegalStateException("Unable to generate config file", e);
}
// Start vault process.
try {
vaultProcess = Runtime.getRuntime().exec("vault server -config " + configFile);
vaultProcess = new ProcessBuilder("vault", "server", "-config", configFile.toString())
.directory(dir)
.start();
} catch (IOException e) {
throw new IllegalStateException("Unable to start vault. Make sure vault binary is in your executable path", e);
}
@ -1310,35 +1230,4 @@ class HTTPVaultConnectorIT {
th.printStackTrace(new PrintWriter(sw, true));
return sw.getBuffer().toString();
}
/**
* Compare two version strings.
*
* @param version1 Version 1
* @param version2 Version 2
* @return negative value if version 1 is smaller than version2, positive value of version 1 is greater, 0 if equal
*/
private static int compareVersions(String version1, String version2) {
int comparisonResult = 0;
String[] version1Splits = version1.split("\\.");
String[] version2Splits = version2.split("\\.");
int maxLengthOfVersionSplits = Math.max(version1Splits.length, version2Splits.length);
for (int i = 0; i < maxLengthOfVersionSplits; i++) {
Integer v1 = i < version1Splits.length ? Integer.parseInt(version1Splits[i]) : 0;
Integer v2 = i < version2Splits.length ? Integer.parseInt(version2Splits[i]) : 0;
int compare = v1.compareTo(v2);
if (compare != 0) {
comparisonResult = compare;
break;
}
}
return comparisonResult;
}
private static boolean isLegacy() {
return legacy;
}
}

20
src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -91,7 +91,7 @@ class HTTPVaultConnectorTest {
"Querying health status succeeded on invalid instance"
);
assertEquals("Unable to connect to Vault server", e.getMessage(), "Unexpected exception message");
assertTrue(e.getCause() instanceof IOException, "Unexpected cause");
assertInstanceOf(IOException.class, e.getCause(), "Unexpected cause");
// Now simulate a failing request that succeeds on second try.
connector = HTTPVaultConnector.builder(wireMock.url("/")).withNumberOfRetries(1).withTimeout(250).build();
@ -235,18 +235,6 @@ class HTTPVaultConnectorTest {
mockHttpResponse(200, "{}", "application/json");
// Now test the methods expecting a 204.
assertThrows(
InvalidResponseException.class,
() -> connector.registerAppId("appID", "policy", "displayName"),
"registerAppId() with 200 response succeeded"
);
assertThrows(
InvalidResponseException.class,
() -> connector.registerUserId("appID", "userID"),
"registerUserId() with 200 response succeeded"
);
assertThrows(
InvalidResponseException.class,
() -> connector.createAppRole("appID", Collections.singletonList("policy")),
@ -300,7 +288,7 @@ class HTTPVaultConnectorTest {
private Object getPrivate(Object target, String fieldName) throws NoSuchFieldException, IllegalAccessException {
Field field = target.getClass().getDeclaredField(fieldName);
if (field.isAccessible()) {
if (field.canAccess(target)) {
return field.get(target);
}
field.setAccessible(true);
@ -312,7 +300,7 @@ class HTTPVaultConnectorTest {
private void setPrivate(Object target, String fieldName, Object value) {
try {
Field field = target.getClass().getDeclaredField(fieldName);
boolean accessible = field.isAccessible();
boolean accessible = field.canAccess(target);
field.setAccessible(true);
field.set(target, value);
field.setAccessible(accessible);

2
src/test/java/de/stklcode/jvault/connector/exception/VaultConnectorExceptionTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

8
src/test/java/de/stklcode/jvault/connector/model/AppRoleSecretTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -115,7 +115,7 @@ class AppRoleSecretTest extends AbstractModelTest<AppRoleSecret> {
*/
@Test
void jsonTest() throws NoSuchFieldException, IllegalAccessException {
// A simple roundtrip first. All set fields should be present afterwards..
// A simple roundtrip first. All set fields should be present afterward.
AppRoleSecret secret = new AppRoleSecret(TEST_ID, TEST_META, TEST_CIDR);
String secretJson = assertDoesNotThrow(() -> objectMapper.writeValueAsString(secret), "Serialization failed");
// CIDR list is comma-separated when used as input, but List otherwise, hence convert string to list.
@ -173,14 +173,14 @@ class AppRoleSecretTest extends AbstractModelTest<AppRoleSecret> {
private static void setPrivateField(Object object, String fieldName, Object value) throws NoSuchFieldException, IllegalAccessException {
Field field = object.getClass().getDeclaredField(fieldName);
boolean accessible = field.isAccessible();
boolean accessible = field.canAccess(object);
field.setAccessible(true);
field.set(object, value);
field.setAccessible(accessible);
}
private static String commaSeparatedToList(String json) {
return json.replaceAll("\"cidr_list\":\"([^\"]*)\"", "\"cidr_list\":\\[$1\\]")
return json.replaceAll("\"cidr_list\":\"([^\"]*)\"", "\"cidr_list\":[$1]")
.replaceAll("(\\d+\\.\\d+\\.\\d+\\.\\d+/\\d+)", "\"$1\"");
}
}

14
src/test/java/de/stklcode/jvault/connector/model/AppRoleTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -43,7 +43,7 @@ class AppRoleTest extends AbstractModelTest<AppRole> {
private static final String POLICY_2 = "policy2";
private static final Integer SECRET_ID_NUM_USES = 10;
private static final Integer SECRET_ID_TTL = 7200;
private static final Boolean ENABLE_LOCAL_SECRET_IDS = false;
private static final Boolean LOCAL_SECRET_IDS = false;
private static final Integer TOKEN_TTL = 4800;
private static final Integer TOKEN_MAX_TTL = 9600;
private static final Integer TOKEN_EXPLICIT_MAX_TTL = 14400;
@ -52,8 +52,8 @@ class AppRoleTest extends AbstractModelTest<AppRole> {
private static final Integer TOKEN_PERIOD = 1234;
private static final Token.Type TOKEN_TYPE = Token.Type.DEFAULT_SERVICE;
private static final String JSON_MIN = "{\"role_name\":\"" + NAME + "\"}";
private static final String JSON_FULL = String.format("{\"role_name\":\"%s\",\"role_id\":\"%s\",\"bind_secret_id\":%s,\"secret_id_bound_cidrs\":\"%s\",\"secret_id_num_uses\":%d,\"secret_id_ttl\":%d,\"enable_local_secret_ids\":%s,\"token_ttl\":%d,\"token_max_ttl\":%d,\"token_policies\":\"%s\",\"token_bound_cidrs\":\"%s\",\"token_explicit_max_ttl\":%d,\"token_no_default_policy\":%s,\"token_num_uses\":%d,\"token_period\":%d,\"token_type\":\"%s\"}",
NAME, ID, BIND_SECRET_ID, CIDR_1, SECRET_ID_NUM_USES, SECRET_ID_TTL, ENABLE_LOCAL_SECRET_IDS, TOKEN_TTL, TOKEN_MAX_TTL, POLICY, CIDR_1, TOKEN_EXPLICIT_MAX_TTL, TOKEN_NO_DEFAULT_POLICY, TOKEN_NUM_USES, TOKEN_PERIOD, TOKEN_TYPE.value());
private static final String JSON_FULL = String.format("{\"role_name\":\"%s\",\"role_id\":\"%s\",\"bind_secret_id\":%s,\"secret_id_bound_cidrs\":\"%s\",\"secret_id_num_uses\":%d,\"secret_id_ttl\":%d,\"local_secret_ids\":%s,\"token_ttl\":%d,\"token_max_ttl\":%d,\"token_policies\":\"%s\",\"token_bound_cidrs\":\"%s\",\"token_explicit_max_ttl\":%d,\"token_no_default_policy\":%s,\"token_num_uses\":%d,\"token_period\":%d,\"token_type\":\"%s\"}",
NAME, ID, BIND_SECRET_ID, CIDR_1, SECRET_ID_NUM_USES, SECRET_ID_TTL, LOCAL_SECRET_IDS, TOKEN_TTL, TOKEN_MAX_TTL, POLICY, CIDR_1, TOKEN_EXPLICIT_MAX_TTL, TOKEN_NO_DEFAULT_POLICY, TOKEN_NUM_USES, TOKEN_PERIOD, TOKEN_TYPE.value());
AppRoleTest() {
super(AppRole.class);
@ -68,7 +68,7 @@ class AppRoleTest extends AbstractModelTest<AppRole> {
.withTokenPolicies(POLICIES)
.withSecretIdNumUses(SECRET_ID_NUM_USES)
.withSecretIdTtl(SECRET_ID_TTL)
.withEnableLocalSecretIds(ENABLE_LOCAL_SECRET_IDS)
.withLocalSecretIds(LOCAL_SECRET_IDS)
.withTokenTtl(TOKEN_TTL)
.withTokenMaxTtl(TOKEN_MAX_TTL)
.withTokenBoundCidrs(BOUND_CIDR_LIST)
@ -98,7 +98,7 @@ class AppRoleTest extends AbstractModelTest<AppRole> {
assertNull(role.getTokenPolicies());
assertNull(role.getSecretIdNumUses());
assertNull(role.getSecretIdTtl());
assertNull(role.getEnableLocalSecretIds());
assertNull(role.getLocalSecretIds());
assertNull(role.getTokenTtl());
assertNull(role.getTokenMaxTtl());
assertNull(role.getTokenBoundCidrs());
@ -125,7 +125,7 @@ class AppRoleTest extends AbstractModelTest<AppRole> {
assertEquals(POLICIES, role.getTokenPolicies());
assertEquals(SECRET_ID_NUM_USES, role.getSecretIdNumUses());
assertEquals(SECRET_ID_TTL, role.getSecretIdTtl());
assertEquals(ENABLE_LOCAL_SECRET_IDS, role.getEnableLocalSecretIds());
assertEquals(LOCAL_SECRET_IDS, role.getLocalSecretIds());
assertEquals(TOKEN_TTL, role.getTokenTtl());
assertEquals(TOKEN_MAX_TTL, role.getTokenMaxTtl());
assertEquals(BOUND_CIDR_LIST, role.getTokenBoundCidrs());

4
src/test/java/de/stklcode/jvault/connector/model/AuthBackendTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -33,10 +33,8 @@ class AuthBackendTest {
* Test forType() method.
*/
@Test
@SuppressWarnings("deprecation")
void forTypeTest() {
assertEquals(AuthBackend.TOKEN, AuthBackend.forType("token"));
assertEquals(AuthBackend.APPID, AuthBackend.forType("app-id"));
assertEquals(AuthBackend.USERPASS, AuthBackend.forType("userpass"));
assertEquals(AuthBackend.GITHUB, AuthBackend.forType("github"));
assertEquals(AuthBackend.UNKNOWN, AuthBackend.forType(""));

2
src/test/java/de/stklcode/jvault/connector/model/TokenRoleTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/test/java/de/stklcode/jvault/connector/model/TokenTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/test/java/de/stklcode/jvault/connector/model/response/AppRoleResponseTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/test/java/de/stklcode/jvault/connector/model/response/AuthMethodsResponseTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

5
src/test/java/de/stklcode/jvault/connector/model/response/AuthResponseTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -48,6 +48,7 @@ class AuthResponseTest extends AbstractModelTest<AuthResponse> {
private static final String AUTH_ENTITY_ID = "";
private static final String AUTH_TOKEN_TYPE = "service";
private static final Boolean AUTH_ORPHAN = false;
private static final Integer AUTH_NUM_USES = 42;
private static final String MFA_REQUEST_ID = "d0c9eec7-6921-8cc0-be62-202b289ef163";
private static final String MFA_KEY = "enforcementConfigUserpass";
private static final String MFA_METHOD_TYPE = "totp";
@ -75,6 +76,7 @@ class AuthResponseTest extends AbstractModelTest<AuthResponse> {
" \"entity_id\": \"" + AUTH_ENTITY_ID + "\",\n" +
" \"token_type\": \"" + AUTH_TOKEN_TYPE + "\",\n" +
" \"orphan\": " + AUTH_ORPHAN + ",\n" +
" \"num_uses\": " + AUTH_NUM_USES + ",\n" +
" \"mfa_requirement\": {\n" +
" \"mfa_request_id\": \"" + MFA_REQUEST_ID + "\",\n" +
" \"mfa_constraints\": {\n" +
@ -134,6 +136,7 @@ class AuthResponseTest extends AbstractModelTest<AuthResponse> {
assertEquals(AUTH_ORPHAN, data.isOrphan(), "Incorrect auth orphan flag");
assertEquals(AUTH_TOKEN_TYPE, data.getTokenType(), "Incorrect auth token type");
assertEquals(AUTH_ENTITY_ID, data.getEntityId(), "Incorrect auth entity id");
assertEquals(AUTH_NUM_USES, data.getNumUses(), "Incorrect auth num uses");
assertEquals(2, data.getPolicies().size(), "Incorrect number of policies");
assertTrue(data.getPolicies().containsAll(Set.of(AUTH_POLICY_1, AUTH_POLICY_2)));
assertEquals(2, data.getTokenPolicies().size(), "Incorrect number of token policies");

7
src/test/java/de/stklcode/jvault/connector/model/response/CredentialsResponseTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -17,7 +17,6 @@
package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.core.JsonProcessingException;
import de.stklcode.jvault.connector.exception.InvalidResponseException;
import de.stklcode.jvault.connector.model.AbstractModelTest;
import org.junit.jupiter.api.Test;
@ -60,11 +59,9 @@ class CredentialsResponseTest extends AbstractModelTest<CredentialsResponse> {
/**
* Test getter, setter and get-methods for response data.
*
* @throws InvalidResponseException Should not occur
*/
@Test
void getCredentialsTest() throws InvalidResponseException {
void getCredentialsTest() {
// Create empty Object.
CredentialsResponse res = new CredentialsResponse();
assertNull(res.getUsername(), "Username not present in data map should not return anything");

18
src/test/java/de/stklcode/jvault/connector/model/response/HealthResponseTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -31,7 +31,7 @@ import static org.junit.jupiter.api.Assertions.*;
class HealthResponseTest extends AbstractModelTest<HealthResponse> {
private static final String CLUSTER_ID = "c9abceea-4f46-4dab-a688-5ce55f89e228";
private static final String CLUSTER_NAME = "vault-cluster-5515c810";
private static final String VERSION = "0.9.2";
private static final String VERSION = "0.17.0";
private static final Long SERVER_TIME_UTC = 1469555798L;
private static final Boolean STANDBY = false;
private static final Boolean SEALED = false;
@ -39,6 +39,10 @@ class HealthResponseTest extends AbstractModelTest<HealthResponse> {
private static final Boolean PERF_STANDBY = false;
private static final String REPL_PERF_MODE = "disabled";
private static final String REPL_DR_MODE = "disabled";
private static final Long ECHO_DURATION = 1L;
private static final Long CLOCK_SKEW = 0L;
private static final Long REPL_PRIM_CANARY_AGE = 2L;
private static final Boolean ENTERPRISE = false;
private static final String RES_JSON = "{\n" +
" \"cluster_id\": \"" + CLUSTER_ID + "\",\n" +
@ -50,7 +54,11 @@ class HealthResponseTest extends AbstractModelTest<HealthResponse> {
" \"initialized\": " + INITIALIZED + ",\n" +
" \"replication_performance_mode\": \"" + REPL_PERF_MODE + "\",\n" +
" \"replication_dr_mode\": \"" + REPL_DR_MODE + "\",\n" +
" \"performance_standby\": " + PERF_STANDBY + "\n" +
" \"performance_standby\": " + PERF_STANDBY + ",\n" +
" \"echo_duration_ms\": " + ECHO_DURATION + ",\n" +
" \"clock_skew_ms\": " + CLOCK_SKEW + ",\n" +
" \"replication_primary_canary_age_ms\": " + REPL_PRIM_CANARY_AGE + ",\n" +
" \"enterprise\": " + ENTERPRISE + "\n" +
"}";
HealthResponseTest() {
@ -87,5 +95,9 @@ class HealthResponseTest extends AbstractModelTest<HealthResponse> {
assertEquals(PERF_STANDBY, res.isPerformanceStandby(), "Incorrect performance standby state");
assertEquals(REPL_PERF_MODE, res.getReplicationPerfMode(), "Incorrect replication perf mode");
assertEquals(REPL_DR_MODE, res.getReplicationDrMode(), "Incorrect replication DR mode");
assertEquals(ECHO_DURATION, res.getEchoDurationMs(), "Incorrect echo duration");
assertEquals(CLOCK_SKEW, res.getClockSkewMs(), "Incorrect clock skew");
assertEquals(REPL_PRIM_CANARY_AGE, res.getReplicationPrimaryCanaryAgeMs(), "Incorrect canary age");
assertEquals(ENTERPRISE, res.isEnterprise(), "Incorrect enterprise flag");
}
}

16
src/test/java/de/stklcode/jvault/connector/model/response/MetaSecretResponseTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -21,6 +21,7 @@ import de.stklcode.jvault.connector.model.AbstractModelTest;
import org.junit.jupiter.api.Test;
import java.util.List;
import java.util.Map;
import static org.junit.jupiter.api.Assertions.*;
@ -42,6 +43,9 @@ class MetaSecretResponseTest extends AbstractModelTest<MetaSecretResponse> {
private static final String SECRET_META_CREATED = "2018-03-22T02:24:06.945319214Z";
private static final String SECRET_META_DELETED = "2018-03-23T03:25:07.056420325Z";
private static final List<String> SECRET_WARNINGS = null;
private static final String CUSTOM_META_KEY = "foo";
private static final String CUSTOM_META_VAL = "bar";
private static final String SECRET_JSON_V2 = "{\n" +
" \"request_id\": \"" + SECRET_REQUEST_ID + "\",\n" +
" \"lease_id\": \"" + SECRET_LEASE_ID + "\",\n" +
@ -54,6 +58,7 @@ class MetaSecretResponseTest extends AbstractModelTest<MetaSecretResponse> {
" },\n" +
" \"metadata\": {\n" +
" \"created_time\": \"" + SECRET_META_CREATED + "\",\n" +
" \"custom_metadata\": null,\n" +
" \"deletion_time\": \"\",\n" +
" \"destroyed\": false,\n" +
" \"version\": 1\n" +
@ -73,6 +78,9 @@ class MetaSecretResponseTest extends AbstractModelTest<MetaSecretResponse> {
" },\n" +
" \"metadata\": {\n" +
" \"created_time\": \"" + SECRET_META_CREATED + "\",\n" +
" \"custom_metadata\": {" +
" \"" + CUSTOM_META_KEY + "\": \"" + CUSTOM_META_VAL + "\"" +
" },\n" +
" \"deletion_time\": \"" + SECRET_META_DELETED + "\",\n" +
" \"destroyed\": true,\n" +
" \"version\": 2\n" +
@ -107,12 +115,11 @@ class MetaSecretResponseTest extends AbstractModelTest<MetaSecretResponse> {
);
assertSecretData(res);
assertNotNull(res.getMetadata(), "SecretResponse does not contain metadata");
assertEquals(SECRET_META_CREATED, res.getMetadata().getCreatedTimeString(), "Incorrect creation date string");
assertNotNull(res.getMetadata().getCreatedTime(), "Creation date parsing failed");
assertNull(res.getMetadata().getDeletionTimeString(), "Incorrect deletion date string");
assertNull(res.getMetadata().getDeletionTime(), "Incorrect deletion date");
assertFalse(res.getMetadata().isDestroyed(), "Secret destroyed when not expected");
assertEquals(1, res.getMetadata().getVersion(), "Incorrect secret version");
assertNull(res.getMetadata().getCustomMetadata(), "Incorrect custom metadata");
// Deleted KV v2 secret.
res = assertDoesNotThrow(
@ -121,12 +128,11 @@ class MetaSecretResponseTest extends AbstractModelTest<MetaSecretResponse> {
);
assertSecretData(res);
assertNotNull(res.getMetadata(), "SecretResponse does not contain metadata");
assertEquals(SECRET_META_CREATED, res.getMetadata().getCreatedTimeString(), "Incorrect creation date string");
assertNotNull(res.getMetadata().getCreatedTime(), "Creation date parsing failed");
assertEquals(SECRET_META_DELETED, res.getMetadata().getDeletionTimeString(), "Incorrect deletion date string");
assertNotNull(res.getMetadata().getDeletionTime(), "Incorrect deletion date");
assertTrue(res.getMetadata().isDestroyed(), "Secret destroyed when not expected");
assertEquals(2, res.getMetadata().getVersion(), "Incorrect secret version");
assertEquals(Map.of(CUSTOM_META_KEY, CUSTOM_META_VAL), res.getMetadata().getCustomMetadata(), "Incorrect custom metadata");
}
private void assertSecretData(SecretResponse res) {

20
src/test/java/de/stklcode/jvault/connector/model/response/MetadataResponseTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -20,6 +20,8 @@ import com.fasterxml.jackson.core.JsonProcessingException;
import de.stklcode.jvault.connector.model.AbstractModelTest;
import org.junit.jupiter.api.Test;
import java.util.Map;
import static org.junit.jupiter.api.Assertions.*;
/**
@ -35,11 +37,20 @@ class MetadataResponseTest extends AbstractModelTest<MetadataResponse> {
private static final Integer CURRENT_VERSION = 3;
private static final Integer MAX_VERSIONS = 0;
private static final Integer OLDEST_VERSION = 1;
private static final Boolean CAS_REQUIRED = false;
private static final String CUSTOM_META_KEY = "test";
private static final String CUSTOM_META_VAL = "123";
private static final String DELETE_VERSION_AFTER = "0s";
private static final String META_JSON = "{\n" +
" \"data\": {\n" +
" \"cas_required\": " + CAS_REQUIRED + ",\n" +
" \"created_time\": \"" + V1_TIME + "\",\n" +
" \"current_version\": " + CURRENT_VERSION + ",\n" +
" \"custom_metadata\": {" +
" \"" + CUSTOM_META_KEY + "\": \"" + CUSTOM_META_VAL + "\"" +
" },\n" +
" \"delete_version_after\": \"" + DELETE_VERSION_AFTER + "\"," +
" \"max_versions\": " + MAX_VERSIONS + ",\n" +
" \"oldest_version\": " + OLDEST_VERSION + ",\n" +
" \"updated_time\": \"" + V3_TIME + "\",\n" +
@ -88,18 +99,17 @@ class MetadataResponseTest extends AbstractModelTest<MetadataResponse> {
);
assertNotNull(res, "Parsed response is NULL");
assertNotNull(res.getMetadata(), "Parsed metadata is NULL");
assertEquals(V1_TIME, res.getMetadata().getCreatedTimeString(), "Incorrect created time");
assertEquals(CAS_REQUIRED, res.getMetadata().isCasRequired(), "Incorrect CAS required flag");
assertNotNull(res.getMetadata().getCreatedTime(), "Parting created time failed");
assertEquals(CURRENT_VERSION, res.getMetadata().getCurrentVersion(), "Incorrect current version");
assertEquals(MAX_VERSIONS, res.getMetadata().getMaxVersions(), "Incorrect max versions");
assertEquals(OLDEST_VERSION, res.getMetadata().getOldestVersion(), "Incorrect oldest version");
assertEquals(V3_TIME, res.getMetadata().getUpdatedTimeString(), "Incorrect updated time");
assertEquals(Map.of(CUSTOM_META_KEY, CUSTOM_META_VAL), res.getMetadata().getCustomMetadata(), "Incorrect custom metadata");
assertEquals(DELETE_VERSION_AFTER, res.getMetadata().getDeleteVersionAfter(), "Incorrect delete version after");
assertNotNull(res.getMetadata().getUpdatedTime(), "Parting updated time failed");
assertEquals(3, res.getMetadata().getVersions().size(), "Incorrect number of versions");
assertEquals(V2_TIME, res.getMetadata().getVersions().get(1).getDeletionTimeString(), "Incorrect version 1 delete time");
assertNotNull(res.getMetadata().getVersions().get(1).getDeletionTime(), "Parsing version delete time failed");
assertTrue(res.getMetadata().getVersions().get(1).isDestroyed(), "Incorrect version 1 destroyed state");
assertEquals(V2_TIME, res.getMetadata().getVersions().get(2).getCreatedTimeString(), "Incorrect version 2 created time");
assertNotNull(res.getMetadata().getVersions().get(2).getCreatedTime(), "Parsing version created failed");
assertFalse(res.getMetadata().getVersions().get(3).isDestroyed(), "Incorrect version 3 destroyed state");
}

2
src/test/java/de/stklcode/jvault/connector/model/response/SealResponseTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

2
src/test/java/de/stklcode/jvault/connector/model/response/SecretListResponseTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

4
src/test/java/de/stklcode/jvault/connector/model/response/SecretVersionResponseTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -67,8 +67,6 @@ class SecretVersionResponseTest extends AbstractModelTest<SecretVersionResponse>
);
assertNotNull(res, "Parsed response is NULL");
assertNotNull(res.getMetadata(), "Parsed metadata is NULL");
assertEquals(CREATION_TIME, res.getMetadata().getCreatedTimeString(), "Incorrect created time");
assertEquals(DELETION_TIME, res.getMetadata().getDeletionTimeString(), "Incorrect deletion time");
assertFalse(res.getMetadata().isDestroyed(), "Incorrect destroyed state");
assertEquals(VERSION, res.getMetadata().getVersion(), "Incorrect version");
}

9
src/test/java/de/stklcode/jvault/connector/model/response/TokenResponseTest.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -55,6 +55,7 @@ class TokenResponseTest extends AbstractModelTest<TokenResponse> {
private static final String TOKEN_ID = "my-token";
private static final String TOKEN_ISSUE_TIME = "2018-04-17T11:35:54.466476078-04:00";
private static final String TOKEN_TYPE = "service";
private static final String MOUNT_TYPE = "token";
private static final String RES_JSON = "{\n" +
" \"lease_id\": \"\",\n" +
@ -85,7 +86,8 @@ class TokenResponseTest extends AbstractModelTest<TokenResponse> {
" \"type\": \"" + TOKEN_TYPE + "\"\n" +
" },\n" +
" \"warnings\": null,\n" +
" \"auth\": null\n" +
" \"auth\": null,\n" +
" \"mount_type\": \"" + MOUNT_TYPE + "\"\n" +
"}";
TokenResponseTest() {
@ -125,6 +127,7 @@ class TokenResponseTest extends AbstractModelTest<TokenResponse> {
assertEquals(RES_LEASE_DURATION, res.getLeaseDuration(), "Incorrect lease duration");
assertEquals(RES_RENEWABLE, res.isRenewable(), "Incorrect response renewable flag");
assertEquals(RES_LEASE_DURATION, res.getLeaseDuration(), "Incorrect response lease duration");
assertEquals(MOUNT_TYPE, res.getMountType(), "Incorrect mount type");
// Extract token data.
TokenData data = res.getData();
assertNotNull(data, "Token data is NULL");
@ -133,11 +136,9 @@ class TokenResponseTest extends AbstractModelTest<TokenResponse> {
assertEquals(TOKEN_TTL, data.getCreationTtl(), "Incorrect token creation TTL");
assertEquals(TOKEN_DISPLAY_NAME, data.getName(), "Incorrect token display name");
assertEquals(TOKEN_ENTITY_ID, data.getEntityId(), "Incorrect token entity ID");
assertEquals(TOKEN_EXPIRE_TIME, data.getExpireTimeString(), "Incorrect token expire time");
assertEquals(ZonedDateTime.parse(TOKEN_EXPIRE_TIME), data.getExpireTime(), "Incorrect parsed token expire time");
assertEquals(TOKEN_EXPLICIT_MAX_TTL, data.getExplicitMaxTtl(), "Incorrect token explicit max TTL");
assertEquals(TOKEN_ID, data.getId(), "Incorrect token ID");
assertEquals(TOKEN_ISSUE_TIME, data.getIssueTimeString(), "Incorrect token issue time");
assertEquals(ZonedDateTime.parse(TOKEN_ISSUE_TIME), data.getIssueTime(), "Incorrect parsed token issue time");
assertEquals(Map.of(TOKEN_META_KEY, TOKEN_META_VALUE), data.getMeta(), "Incorrect token metadata");
assertEquals(TOKEN_NUM_USES, data.getNumUses(), "Incorrect token number of uses");

2
src/test/java/de/stklcode/jvault/connector/test/Credentials.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

4
src/test/java/de/stklcode/jvault/connector/test/VaultConfiguration.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2016-2023 Stefan Kalscheuer
* Copyright 2016-2024 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -103,4 +103,4 @@ public class VaultConfiguration {
"}\n" +
((disableMlock) ? "disable_mlock = true" : "");
}
}
}

1
src/test/resources/data_dir_legacy/auth/243a5842-b58f-24d5-d3b0-24304c57b7cc/user/_validuser
View File

@ -1 +0,0 @@
{"Value":"AAAAAQINZKQEssY4IzHI/0k27nBtxSvnC6LkivYrqky6CblcjyAmQIg/4/cKQIBCXzmrWEv/SqMQbLw+4Lp63Xu1niF+U0NbyqDmFaPqnD2yfPs7meXvZr21+P9E/0APZMHQaSR7DIEY46zedHRjQ/pkhR2Axcjuy5gdfzBzC2XvUcNqdyR0pQwcDwGhAIdO0gxJfZCeBuvv8ceYS+aPs4gDHtIlA3szi+5qAQ8HvPBTDKQn1lHVYnzTdNbMS7v3mtzCyG8AeMkaUw=="}

1
src/test/resources/data_dir_legacy/auth/3ec9e5b4-41b0-a20c-cc8f-04c2b7bb2602/_salt
View File

@ -1 +0,0 @@
{"Value":"AAAAAQJiN0bHxM8aNJpY7aHGZ/p3qOhJbd7JIXwFMEI4LtKmO6pP5Oa4P5z+2LK+2qzZhhX/iDeM4u+nR+lxt/GsBPKf"}

1
src/test/resources/data_dir_legacy/auth/3ec9e5b4-41b0-a20c-cc8f-04c2b7bb2602/accessor/_a9566f93ca05120fa8955f887ee0ca1a1422802df2ad979f2ac2951e95703089
View File

@ -1 +0,0 @@
{"Value":"AAAAAQIZ5rvzLtBcBQvWqwwDoRADwUo6W0ECKgmcvXejbLKiYcbO0hP8fceCqB12J41wxcMViQ8vvWoIgyOX2HwcZS09GGCqQbjvyVfz/w+kyox9dJzr845f26tJjHVYlHX2YFsnxytwe5qCKdCsD5QP9kyz8J0="}

1
src/test/resources/data_dir_legacy/auth/3ec9e5b4-41b0-a20c-cc8f-04c2b7bb2602/role/_testrole1
View File

@ -1 +0,0 @@
{"Value":"AAAAAQJIKXgvJ2Prr92Fn7qZK/WZxb+Q+vJsXyjMo44en/+zqbbnLfs5m7uH7hEUOfDM/MjzTrhfkOWxf6qcrC4MR3ocrFJwtbJ6j+QrNLg61gVIiLBUVBkvh8ErqCFnSjNIqhaIMQhuZXWANsgGF9K2+HBGJerWGe26C1rdWRZV4J0M23HnxLBf8aYDlOfkHe24I30rHUqXIk9/BKEuekcnhETw9Tx4Fk7KxxxEdGmHPbg+4G14c27wVj8IrpWHBpyLmt55Qdb/y24i5RzFYv1FQ2kQZIO6TQiYkwAUxJ5cIdCiAsEDNt+rBJ9zX1MvkEfkVj/WvzC9pxB7ad+j5vYIJgCUD1o09t0w2ChjBojGoOAWDSvNAeY8kr5PDKwYk+gBY5M2JHDI6ELvOVu8gsW+sqk9St9V3VisShTfU3+qln7TOWw/LQ+fUzGvYrAWG6UyPVpIEYeNmN0iGCIM8rzjQYvVC3KcQMG96MwK3ZlSQzgPpvTGxNxFm2omTn3ue7QHn7Ni6+c/K6xVy0bbJ+jS4yyfl2wFBm1tF1l3BITLqw3TiP3LEw=="}

1
src/test/resources/data_dir_legacy/auth/3ec9e5b4-41b0-a20c-cc8f-04c2b7bb2602/role/_testrole2
View File

@ -1 +0,0 @@
{"Value":"AAAAAQIUt2iYYy9zOwkx1mtNMHt69RjdHbUmcN8zydVQTMGjhv1kjEW+d4AaBv1qE22rPTs0xL3pJ1AjIvkBXXVBAuc/FE63t5dE81Fa+MvSY4tBeMtl6i09ykkAYyQUeeV2HlbjRpMUwPyq2QIslYw3d4lc73yT0S82s5I3MfjodKmDpheWMOgg5hGes/wstBHN5HEZkKV8gOPRZ/BsTM7tMXH1piM/JT8sNfsDh6TAGD1OEsS+N2QlKvS4yImNzcKrH0EgdkXB4sRZ9e/SmMaEVaagB1n0M5LukC+pyExgC7eK4EU8o2Xye3iij3YMWBaGollDzJBJFP5aSO4E5u+NnRc5/ZbLRCbqgfQj8IY86WF9hya31aJxbc8Pg28Yfez8hbGRJZZws/ojIUgEz+VtH3OyaW2Wohnycop7i4fK8xlJ2gYOGvlw43czOH6Y6joTce+QBZWI7KR6ugB0dI8pnK2eFy14OZeww1NEew7r1u7PgD10Obg8okIJSD8cGkxUHu/oOLxvKKOAJBLSPfKnJfKEiKrqYED7EPkmgP/t7okvo4c95qeuWy1BLtKfxw5lkv0="}

1
src/test/resources/data_dir_legacy/auth/3ec9e5b4-41b0-a20c-cc8f-04c2b7bb2602/role_id/_4b3d052da8b3d9af8d551a4e515289bc4319f2c21012a70de2c9e9fea6e0f7e0
View File

@ -1 +0,0 @@
{"Value":"AAAAAQKv0Yr+QFSWxYe8o51TBwGz/yAhNYFmkNHPISEK6EbIVGkpEJMHFYvHWxTXUzF7f2/a"}

1
src/test/resources/data_dir_legacy/auth/3ec9e5b4-41b0-a20c-cc8f-04c2b7bb2602/role_id/_c779a2e6599b8e4b6b6a3c68a7690a8e7d31fa0201ad73973dcd24f83e2950de
View File

@ -1 +0,0 @@
{"Value":"AAAAAQKs2/ICwQPLv6siBGDbBnB52fBVo52BkSKGvm74p4oHrdMEvejJ4cJljOADYyDT2QYa"}

1
src/test/resources/data_dir_legacy/auth/3ec9e5b4-41b0-a20c-cc8f-04c2b7bb2602/secret_id/c79a3b6ce2e8e8b725c8c0fcdd23521375fadf2190fb5823d459a2fd2cb5a670/_f5954e87c0b1a0eb9c8fa4fc2ed7ab6f4338a8d77341e06460de0870316e7320
View File

@ -1 +0,0 @@
{"Value":"AAAAAQIq05o3NmsucipTxPrcRbT1sXpAJ8w2PpiShnof74Kuzf/4kkHj3AZL5AObGFLAkYUvUrv3RRmYBIhw6Jk4FCbgdQyJAjPNVUTwBun/kQVyzP5sQ9hUFgHJwINomtVDiDgPkOc92zk8ydr1hfnMmTAtS71G3xloHDn6CF/1Y9WI1PkHdSkZ8d+yBNxr+qjGyewrV3QVmQvAfpY56uQ6AOztItD9NgiPrtNP+clbCczsieY6Y9Ce2FZawmuKFi9svMcBtnEcMILV/SGt4iCiMgFwkCJ9gQsGEdWPifu6ITPB92LgT4Ccw4gVRO31QVcPl6S+FG6iCeN6lk2yRXYjyhBuU+GklouEZIsA6SoxlIXPZuvauyS1MWwMxtSOQUFVYr3kvtXzCpcpEHDyBOEUdxPaYUZXHNdhGtMr/JuJCN50t0ng5mEAqfhjoJfJ/tBTqAjySj4zmEHuY0RnqYLPmsp203Q="}

1
src/test/resources/data_dir_legacy/auth/77603e3c-3db8-2d39-0e51-6c8eee76c3d5/_salt
View File

@ -1 +0,0 @@
{"Value":"AAAAAQK5U1GclNj+Tga7D4bQ5wExYfVu2y+djHlAlhiJ/JHOS1gS0G/kDrjR8gCdg/Aw2UunrObAq/mrKw0HEe1wo2qA"}

1
src/test/resources/data_dir_legacy/auth/77603e3c-3db8-2d39-0e51-6c8eee76c3d5/struct/map/app-id/_sfbe1922bae1f565115b4b933d76152e1a098ab507118283971184d58528e3411
View File

@ -1 +0,0 @@
{"Value":"AAAAAQLbvc+neI458Mqhl2WUUjY5HMC1Ast0KjZ5pslwW+5TtjVHcqdzls4whrrYHGUWv+nTg6wxJaS46j5+FER+4gsgWVJE1S33ZqvGtmmueCVpac5ZM0biBDXOvE/YFQ=="}

1
src/test/resources/data_dir_legacy/auth/77603e3c-3db8-2d39-0e51-6c8eee76c3d5/struct/map/user-id/_s595229a9e81315fd0a5fb274f504622359e6024477ade54db93e36ca3b7801cf
View File

@ -1 +0,0 @@
{"Value":"AAAAAQIK4FkvUHPiWUfHY7l9lGW1qf+sU2mAIWbjlfSvEIecbg94Mu4KAPxY3E2YLwOs7VyPZtWNZrZAZDMJJJzxM/pLux2o/IctJ5oXGtfPPjTjwNRRJ4U62wpRqBnBGX4="}

1
src/test/resources/data_dir_legacy/core/_audit
View File

@ -1 +0,0 @@
{"Value":"AAAAAQI695zhv1Tv/6m1Fx/L62lITd+ZWCi+xCDHkev2YtCSIDPrZgNzYnrCHG3cUjBePZt6NYUSgzvZTXbxZPN4rK2rPj/BN9xj9v1vH1woOMY6lNPmBR7r"}

1
src/test/resources/data_dir_legacy/core/_auth
View File

@ -1 +0,0 @@
{"Value":"AAAAAQKHd7fFuNKfj/RnIQoxQEOTorNNl1NfcVtynLwYvtvZGDvhAO34YmOFKJSQVSiT4Js08ik48DWWnZHCZzAyMlK0HqNGYQRzCkuHkzYpH0uLrTcddXLuKyc7j6IiRTl3qYb1pzdlTzDtlwsi4J7s+7orETS146yY/GnGPWM/Tmet7p5qOECRq7m04gBX0pnwZl12iRqWG4aHHY5D4aFp9KjKUBKCIhz2Tb9wcSKV/Aa/ct1d0K0k8pyu1r1OkaJqCQXQeIaJR/WBMECR4omezvg7IGCoBIkMjwFR1urSaB0xNdgk+ByZE0C5zeDfmVRylYlypPAlIBrGL/Q/d6+NWiiOzXdoQoqAa/Pyg7e2gClsKDBFDvSL1QVBdsnBIskDeig2t46Ew5qM00wY58BWlUxqjlCgsNm3nPHtWpc6+XiR4ZkEZ9VeEIQhwC/R+NxS+QCDKeuSfyZM3OqQBwOx22mTL0i86YzlUph0alBmDF1b1FkDbg46MSWTANrkov1LPDnOvvNet7pb0L6exN5Q+HKitmxn36E0KAiqj1hEaHMZF6Pe+IIScLPClgPNeMkZWLeD5kvLv9kfObTYneHVHqj8O9jGtk03T4vOoaUNJY9U0irBGzlV+GkneJUgBL1QBspfK4GvFvUrd0Ds/teayJba8HDxlpCEWr6h062BXsNPg5gUn4H/uvginsFng02M8IyrDA1QOb4XS1zdfrvq"}

1
src/test/resources/data_dir_legacy/core/_keyring
View File

@ -1 +0,0 @@
{"Value":"AAAAAQKyaZ3WVPXS+CbQr/JTfSM4yHT5DN21JfJlKh7ALVkue05z4cy703LvXnlfx5ZRqszSbFAe98ZzwELK89SEq26v2GYe2/7tFYeIAp0YvWNe5uahL0N6KUhFArPtC9gMV+9f7ZdjRDS6AKIHmzWRiXVtTsb+j4MnE+RM9NmwmvpDDTRAFgzjxEQ9IT/nGXieacg49U8NhjmZMh9Dt/7db3e5bGRJFDc3IDuF5xgHr5q+NJBbGrU3X1siH0oiCUbHUKsssmbVI0rwf6lkhvFQIIckYRgwL8/70WjrfELZeN+CgBliwQ=="}

1
src/test/resources/data_dir_legacy/core/_local-audit
View File

@ -1 +0,0 @@
{"Value":"AAAAAQII71tl2nQI+IFOoGw3z5x+xUwHdaZUXNW2GLNCJaq7tc2Lv3cLz9loi+q9yDVm/tVDhqK8k0D8lA2adOOGXOiaituANawDLAZu8VrwzpX73+mwtoEk"}

1
src/test/resources/data_dir_legacy/core/_local-auth
View File

@ -1 +0,0 @@
{"Value":"AAAAAQKKxZ6U5JakeVWOBYonzhPVLF2WNyxMYFqpYnb000GLiTWD0kLJQG5rBFyPadehhAmlQQvy7zDpCf5RCcsZbeCTSIA9yUiGp+G2uBsXAgLYKRocHTw="}

1
src/test/resources/data_dir_legacy/core/_local-mounts
View File

@ -1 +0,0 @@
{"Value":"AAAAAQJEF2Kc5GCivEaBANB/amJG+W92c2JbCPoQsFfTNcycNMXgy4famQHdKIBQgp+44HNa+OLTfzOoO4gO0c8pk9mvZrLHN4Bb0ot1aC/pmaT7MGn+6ZyrpyHr86oqMc/Dl91bV2bZjsCosUhZAQDhyjXLm2IVgAU51TldHuDvz3+yWvn5rorZiyDAo4bIYhA8QPlCM71heQMVTXWk3/IynsO6gsg25vJpLrJXO2ixDo2gWsVOH1PD0Qu2dPsRyHcdER4HYmCWcPcLS+0kKsspsAEZrqch45OKd0zrWtWrrlf3QLBFhw2N/gWVy4alSNuzYgJHf25k4xotsjO5S2H8qeWJd9qllHKUuci8fa3V8OtE03xlQM2UYkKm4pf++Xjrwc2HZhHXPP8c7Ufo6bJLYmB79GMv0HmsVpBieze/+XqvibVccdoUAw=="}

1
src/test/resources/data_dir_legacy/core/_master
View File

@ -1 +0,0 @@
{"Value":"AAAAAQL1R9YHyyYMvRbw3Q5EU2oYcg77tz5teL6j9/fzZWhU953/pLdeNSLvTThDX9S9/1PX7awbCihQgV3X+buJVpaSZi4Zpo6T/emsgS3U/Hp8Ml+B8xLhbNeTZ7Swi0rL1X//qYEp8BA7znHHbaL5CWbiaTdP1oZAnfS72FvhjZ4kdQge0Vtyoxrmyy+6K18S"}

Some files were not shown because too many files have changed in this diff Show More