stklcode/jvaultconnector
1
0
Fork 0
Code Issues Actions Releases 36 Wiki Activity

Compare commits

base: stklcode:v1.5.2
Branches Tags
stklcode:main stklcode:experimental/jackson3 stklcode:java17 stklcode:develop stklcode:feat/split-clients
stklcode:v1.5.3 stklcode:v1.5.2 stklcode:v1.5.1 stklcode:v1.5.0 stklcode:v1.4.0 stklcode:v1.3.1 stklcode:v1.3.0 stklcode:v1.2.0 stklcode:v1.1.5 stklcode:v1.1.4 stklcode:v1.1.3 stklcode:v1.1.2 stklcode:v1.1.1 stklcode:v1.1.0 stklcode:v1.0.1 stklcode:v1.0.0 stklcode:v0.9.5 stklcode:v0.9.4 stklcode:v0.9.3 stklcode:v0.9.2 stklcode:v0.9.1 stklcode:v0.9.0 stklcode:v0.8.2 stklcode:v0.8.1 stklcode:v0.8.0 stklcode:v0.7.1 stklcode:v0.7.0 stklcode:v0.6.2 stklcode:v0.6.1 stklcode:v0.6.0 stklcode:v0.5.0 stklcode:v0.4.1 stklcode:v0.4.0 stklcode:v0.3.0 stklcode:v0.2.0 stklcode:v0.1.1 stklcode:v0.1
..
compare: stklcode:experimental/jackson3
Branches Tags
stklcode:experimental/jackson3 stklcode:java17 stklcode:develop stklcode:main stklcode:feat/split-clients
stklcode:v1.5.3 stklcode:v1.5.2 stklcode:v1.5.1 stklcode:v1.5.0 stklcode:v1.4.0 stklcode:v1.3.1 stklcode:v1.3.0 stklcode:v1.2.0 stklcode:v1.1.5 stklcode:v1.1.4 stklcode:v1.1.3 stklcode:v1.1.2 stklcode:v1.1.1 stklcode:v1.1.0 stklcode:v1.0.1 stklcode:v1.0.0 stklcode:v0.9.5 stklcode:v0.9.4 stklcode:v0.9.3 stklcode:v0.9.2 stklcode:v0.9.1 stklcode:v0.9.0 stklcode:v0.8.2 stklcode:v0.8.1 stklcode:v0.8.0 stklcode:v0.7.1 stklcode:v0.7.0 stklcode:v0.6.2 stklcode:v0.6.1 stklcode:v0.6.0 stklcode:v0.5.0 stklcode:v0.4.1 stklcode:v0.4.0 stklcode:v0.3.0 stklcode:v0.2.0 stklcode:v0.1.1 stklcode:v0.1

21 Commits
v1.5.2 ... experiment

Author SHA1 Message Date
Stefan Kalscheuer
0067bf3f7f deps: update jackson to 3.0.0-rc9
All checks were successful
CI / build (17) (push) Successful in 42s
Details
CI / build (true, 21) (push) Successful in 41s
Details 
Migrate packages from com.fasterxml.jackson to tools.jackson, adjust
exception handling and remove JSR310 module and replace with new
JavaTimeFeature flags.
 2025-09-09 13:39:55 +02:00
Stefan Kalscheuer
ac23b15e5c test: update equalsverifier to 4.1
All checks were successful
CI / build (17) (push) Successful in 38s
Details
CI / build (true, 21) (push) Successful in 37s
Details
2025-09-09 13:21:41 +02:00
Stefan Kalscheuer
2d86b219a4 add java.io.Serial annotations to serialVersionUID fields 2025-09-09 13:21:37 +02:00
Stefan Kalscheuer
150970bfc3 require Java 17 or later (#100) 2025-09-09 13:21:12 +02:00
Stefan Kalscheuer
b2dbf4d617 prepare for next development iteration
All checks were successful
CI / build (11) (push) Successful in 41s
Details
CI / build (17) (push) Successful in 40s
Details
CI / build (true, 21) (push) Successful in 32s
Details
2025-09-09 11:50:06 +02:00
Stefan Kalscheuer
635cf19e54 prepare release v1.5.3
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 56s
Details
CI / build-with-it (11, 1.20.3) (push) Successful in 1m12s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 53s
Details
CI / build-with-it (17, 1.20.3) (push) Successful in 1m6s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 53s
Details
CI / build-with-it (true, 21, 1.20.3) (push) Successful in 1m1s
Details
2025-09-09 11:47:52 +02:00
Stefan Kalscheuer
f5e40ca032 test: run IT against Vault 1.20.3
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 54s
Details
CI / build-with-it (11, 1.20.3) (push) Successful in 1m8s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 50s
Details
CI / build-with-it (17, 1.20.3) (push) Successful in 1m3s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 49s
Details
CI / build-with-it (true, 21, 1.20.3) (push) Successful in 58s
Details
2025-09-09 11:39:32 +02:00
Stefan Kalscheuer
15f514f877 add token_bound_cidrs field to AppRoleSecret model (#110)
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 54s
Details
CI / build-with-it (11, 1.20.0) (push) Successful in 1m9s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 49s
Details
CI / build-with-it (17, 1.20.0) (push) Successful in 1m9s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 51s
Details
CI / build-with-it (true, 21, 1.20.0) (push) Successful in 56s
Details
2025-09-08 10:25:39 +02:00
Stefan Kalscheuer
f79ed98986 encode user-provided URL parts (#109)
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 50s
Details
CI / build-with-it (11, 1.20.0) (push) Successful in 1m4s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 46s
Details
CI / build-with-it (17, 1.20.0) (push) Successful in 1m2s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 46s
Details
CI / build-with-it (true, 21, 1.20.0) (push) Successful in 54s
Details 
In various methods we use user-provided values like role names or lease
ids as parts of the API request path.

Apply URL encoding to these paths that are not expected to contain any
path separators or query args.
 2025-09-05 09:46:48 +02:00
Stefan Kalscheuer
e96ece3385 build: update maven-wrapper to 3.3.3
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 49s
Details
CI / build-with-it (11, 1.20.0) (push) Successful in 1m6s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 49s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 48s
Details
CI / build-with-it (17, 1.20.0) (push) Successful in 1m5s
Details
CI / build-with-it (true, 21, 1.20.0) (push) Successful in 59s
Details
2025-09-02 13:27:29 +02:00
Stefan Kalscheuer
41eeae6687 refactor: extract API paths into a utility class (#108)
Some checks failed
CI / build-with-it (11, 1.2.0) (push) Successful in 50s
Details
CI / build-with-it (11, 1.20.0) (push) Successful in 1m8s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 46s
Details
CI / build-with-it (true, 21, 1.20.0) (push) Has been cancelled
Details
CI / build-with-it (17, 1.20.0) (push) Has been cancelled
Details
CI / build-with-it (21, 1.2.0) (push) Has been cancelled
Details 
Extract some static String constants from HTTPVaultConnector, which is
quite long already, into an internal utility class VaultApiPath.
We just reorganize some constants that should not change any behavior.
 2025-08-30 09:53:46 +02:00
Stefan Kalscheuer
bac06c5d19 fix: prevent potential off-by-1 error in internal mapOf() helper (#107)
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 43s
Details
CI / build-with-it (11, 1.20.0) (push) Successful in 53s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 40s
Details
CI / build-with-it (17, 1.20.0) (push) Successful in 52s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 41s
Details
CI / build-with-it (true, 21, 1.20.0) (push) Successful in 45s
Details
2025-08-30 09:41:09 +02:00
Stefan Kalscheuer
e30a3bd93a build: update sonar-maven-plugin to 5.2.0.4988
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 44s
Details
CI / build-with-it (11, 1.20.0) (push) Successful in 51s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 40s
Details
CI / build-with-it (17, 1.20.0) (push) Successful in 49s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 39s
Details
CI / build-with-it (true, 21, 1.20.0) (push) Successful in 46s
Details
2025-08-30 09:11:21 +02:00
Stefan Kalscheuer
8447b572b4 build: update maven-javadoc-plugin to 3.11.3 2025-08-30 09:10:26 +02:00
Stefan Kalscheuer
a95b05ba0e build: update GitHub actions 2025-08-30 09:08:30 +02:00
Stefan Kalscheuer
29517b9d78 deps: update jackson to 2.20.0 (#106)
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 47s
Details
CI / build-with-it (11, 1.20.0) (push) Successful in 54s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 43s
Details
CI / build-with-it (17, 1.20.0) (push) Successful in 53s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 44s
Details
CI / build-with-it (true, 21, 1.20.0) (push) Successful in 51s
Details
2025-08-29 17:36:24 +02:00
Stefan Kalscheuer
1536c23cf0 test(deps): update mockito-core to 5.19.0
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 47s
Details
CI / build-with-it (11, 1.20.0) (push) Successful in 1m0s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 46s
Details
CI / build-with-it (17, 1.20.0) (push) Successful in 57s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 46s
Details
CI / build-with-it (true, 21, 1.20.0) (push) Successful in 54s
Details
2025-08-16 10:23:36 +02:00
Stefan Kalscheuer
a7a435b420 test(deps): update junit-jupiter to 5.13.3
All checks were successful
CI / build-with-it (11, 1.2.0) (push) Successful in 57s
Details
CI / build-with-it (11, 1.20.0) (push) Successful in 1m13s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 52s
Details
CI / build-with-it (17, 1.20.0) (push) Successful in 1m11s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 50s
Details
CI / build-with-it (true, 21, 1.20.0) (push) Successful in 1m4s
Details
2025-07-20 15:47:32 +02:00
Stefan Kalscheuer
d1b8b12ffe test(deps): update commons-io to 2.20.0 2025-07-20 15:47:31 +02:00
Stefan Kalscheuer
27c94870d3 deps: update jackson to 2.19.2 (#105) 2025-07-20 15:47:30 +02:00
Stefan Kalscheuer
12aee10741 prepare for next development iteration
All checks were successful
CI / build (11) (push) Successful in 38s
Details
CI / build (17) (push) Successful in 39s
Details
CI / build (true, 21) (push) Successful in 36s
Details
CI / build-with-it (11, 1.2.0) (push) Successful in 54s
Details
CI / build-with-it (11, 1.20.0) (push) Successful in 1m8s
Details
CI / build-with-it (17, 1.2.0) (push) Successful in 57s
Details
CI / build-with-it (17, 1.20.0) (push) Successful in 1m10s
Details
CI / build-with-it (21, 1.2.0) (push) Successful in 1m10s
Details
CI / build-with-it (true, 21, 1.20.0) (push) Successful in 1m13s
Details
2025-07-16 18:36:24 +02:00
58 changed files with 734 additions and 580 deletions
Expand all files Collapse all files

10
.github/workflows/ci-it.yml vendored
View File

@@ -14,19 +14,19 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
matrix: matrix:
jdk: [ 11, 17, 21 ] jdk: [ 17, 21 ]
vault: [ '1.2.0', '1.20.0' ] vault: [ '1.2.0', '1.20.3' ]
include: include:
- jdk: 21 - jdk: 21
vault: '1.20.0' vault: '1.20.3'
analysis: true analysis: true
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v5
with: with:
fetch-depth: 0 fetch-depth: 0
- name: Set up Java - name: Set up Java
uses: actions/setup-java@v4 uses: actions/setup-java@v5
with: with:
java-version: ${{ matrix.jdk }} java-version: ${{ matrix.jdk }}
distribution: 'temurin' distribution: 'temurin'

6
.github/workflows/ci.yml vendored
View File

@@ -15,17 +15,17 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
matrix: matrix:
jdk: [ 11, 17, 21 ] jdk: [ 17, 21 ]
include: include:
- jdk: 21 - jdk: 21
analysis: true analysis: true
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v5
with: with:
fetch-depth: 0 fetch-depth: 0
- name: Set up Java - name: Set up Java
uses: actions/setup-java@v4 uses: actions/setup-java@v5
with: with:
java-version: ${{ matrix.jdk }} java-version: ${{ matrix.jdk }}
distribution: 'temurin' distribution: 'temurin'

2
.mvn/wrapper/maven-wrapper.properties vendored
View File

@@ -1,2 +1,2 @@
distributionType=only-script
distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.11/apache-maven-3.9.11-bin.zip distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.11/apache-maven-3.9.11-bin.zip
wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar

22
CHANGELOG.md
View File

@@ -1,7 +1,25 @@
## 1.5.2 (2025-07-16) ## 1.5.3 (2025-09-09)
### Dependencies ### Dependencies
* Updated Jackson to 2.19.1 (#101) * Updated Jackson to 2.20.0 (#106)
### Improvements
* Extract API paths into a utility class (#108)
* Encode user-provided URL parts (#109)
* Add `token_bound_cidrs` field to `AppRoleSecret` model (#110)
### Fix
* Prevent potential off-by-1 error in internal `mapOf()` helper (#107)
## 1.5.2 (2025-07-16)
### Breaking
* Requires Java 17 or later (#100)
* Required Jackson 3
### Dependencies
* Updated Jackson to 3.0.0
### Fix ### Fix
* Use `Long` for numeric TTL fields (#103) (#104) * Use `Long` for numeric TTL fields (#103) (#104)

2
README.md
View File

@@ -40,7 +40,7 @@ Java Vault Connector is a connector library for [Vault](https://www.vaultproject
<dependency> <dependency>
<groupId>de.stklcode.jvault</groupId> <groupId>de.stklcode.jvault</groupId>
<artifactId>jvault-connector</artifactId> <artifactId>jvault-connector</artifactId>
<version>1.5.2</version> <version>1.5.3</version>
</dependency> </dependency>
``` ```

489
mvnw vendored
View File

@@ -19,314 +19,277 @@
# ---------------------------------------------------------------------------- # ----------------------------------------------------------------------------
# ---------------------------------------------------------------------------- # ----------------------------------------------------------------------------
# Apache Maven Wrapper startup batch script, version 3.3.2 # Apache Maven Wrapper startup batch script, version 3.3.3
#
# Required ENV vars:
# ------------------
# JAVA_HOME - location of a JDK home dir
# #
# Optional ENV vars # Optional ENV vars
# ----------------- # -----------------
# MAVEN_OPTS - parameters passed to the Java VM when running Maven # JAVA_HOME - location of a JDK home dir, required when download maven via java source
# e.g. to debug Maven itself, use # MVNW_REPOURL - repo url base for downloading maven distribution
# set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 # MVNW_USERNAME/MVNW_PASSWORD - user and password for downloading maven
# MAVEN_SKIP_RC - flag to disable loading of mavenrc files # MVNW_VERBOSE - true: enable verbose log; debug: trace the mvnw script; others: silence the output
# ---------------------------------------------------------------------------- # ----------------------------------------------------------------------------
if [ -z "$MAVEN_SKIP_RC" ]; then set -euf
[ "${MVNW_VERBOSE-}" != debug ] || set -x
if [ -f /usr/local/etc/mavenrc ]; then # OS specific support.
. /usr/local/etc/mavenrc native_path() { printf %s\\n "$1"; }
fi
if [ -f /etc/mavenrc ]; then
. /etc/mavenrc
fi
if [ -f "$HOME/.mavenrc" ]; then
. "$HOME/.mavenrc"
fi
fi
# OS specific support. $var _must_ be set to either true or false.
cygwin=false
darwin=false
mingw=false
case "$(uname)" in case "$(uname)" in
CYGWIN*) cygwin=true ;; CYGWIN* | MINGW*)
MINGW*) mingw=true ;; [ -z "${JAVA_HOME-}" ] || JAVA_HOME="$(cygpath --unix "$JAVA_HOME")"
Darwin*) native_path() { cygpath --path --windows "$1"; }
darwin=true
# Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home
# See https://developer.apple.com/library/mac/qa/qa1170/_index.html
if [ -z "$JAVA_HOME" ]; then
if [ -x "/usr/libexec/java_home" ]; then
JAVA_HOME="$(/usr/libexec/java_home)"
export JAVA_HOME
else
JAVA_HOME="/Library/Java/Home"
export JAVA_HOME
fi
fi
;; ;;
esac esac
if [ -z "$JAVA_HOME" ]; then # set JAVACMD and JAVACCMD
if [ -r /etc/gentoo-release ]; then set_java_home() {
JAVA_HOME=$(java-config --jre-home) # For Cygwin and MinGW, ensure paths are in Unix format before anything is touched
fi if [ -n "${JAVA_HOME-}" ]; then
fi
# For Cygwin, ensure paths are in UNIX format before anything is touched
if $cygwin; then
[ -n "$JAVA_HOME" ] \
&& JAVA_HOME=$(cygpath --unix "$JAVA_HOME")
[ -n "$CLASSPATH" ] \
&& CLASSPATH=$(cygpath --path --unix "$CLASSPATH")
fi
# For Mingw, ensure paths are in UNIX format before anything is touched
if $mingw; then
[ -n "$JAVA_HOME" ] && [ -d "$JAVA_HOME" ] \
&& JAVA_HOME="$(
cd "$JAVA_HOME" || (
echo "cannot cd into $JAVA_HOME." >&2
exit 1
)
pwd
)"
fi
if [ -z "$JAVA_HOME" ]; then
javaExecutable="$(which javac)"
if [ -n "$javaExecutable" ] && ! [ "$(expr "$javaExecutable" : '\([^ ]*\)')" = "no" ]; then
# readlink(1) is not available as standard on Solaris 10.
readLink=$(which readlink)
if [ ! "$(expr "$readLink" : '\([^ ]*\)')" = "no" ]; then
if $darwin; then
javaHome="$(dirname "$javaExecutable")"
javaExecutable="$(cd "$javaHome" && pwd -P)/javac"
else
javaExecutable="$(readlink -f "$javaExecutable")"
fi
javaHome="$(dirname "$javaExecutable")"
javaHome=$(expr "$javaHome" : '\(.*\)/bin')
JAVA_HOME="$javaHome"
export JAVA_HOME
fi
fi
fi
if [ -z "$JAVACMD" ]; then
if [ -n "$JAVA_HOME" ]; then
if [ -x "$JAVA_HOME/jre/sh/java" ]; then if [ -x "$JAVA_HOME/jre/sh/java" ]; then
# IBM's JDK on AIX uses strange locations for the executables # IBM's JDK on AIX uses strange locations for the executables
JAVACMD="$JAVA_HOME/jre/sh/java" JAVACMD="$JAVA_HOME/jre/sh/java"
JAVACCMD="$JAVA_HOME/jre/sh/javac"
else else
JAVACMD="$JAVA_HOME/bin/java" JAVACMD="$JAVA_HOME/bin/java"
JAVACCMD="$JAVA_HOME/bin/javac"
if [ ! -x "$JAVACMD" ] || [ ! -x "$JAVACCMD" ]; then
echo "The JAVA_HOME environment variable is not defined correctly, so mvnw cannot run." >&2
echo "JAVA_HOME is set to \"$JAVA_HOME\", but \"\$JAVA_HOME/bin/java\" or \"\$JAVA_HOME/bin/javac\" does not exist." >&2
return 1
fi
fi fi
else else
JAVACMD="$( JAVACMD="$(
\unset -f command 2>/dev/null 'set' +e
\command -v java 'unset' -f command 2>/dev/null
)" 'command' -v java
fi )" || :
fi JAVACCMD="$(
'set' +e
'unset' -f command 2>/dev/null
'command' -v javac
)" || :
if [ ! -x "$JAVACMD" ]; then if [ ! -x "${JAVACMD-}" ] || [ ! -x "${JAVACCMD-}" ]; then
echo "Error: JAVA_HOME is not defined correctly." >&2 echo "The java/javac command does not exist in PATH nor is JAVA_HOME set, so mvnw cannot run." >&2
echo " We cannot execute $JAVACMD" >&2
exit 1
fi
if [ -z "$JAVA_HOME" ]; then
echo "Warning: JAVA_HOME environment variable is not set." >&2
fi
# traverses directory structure from process work directory to filesystem root
# first directory with .mvn subdirectory is considered project base directory
find_maven_basedir() {
if [ -z "$1" ]; then
echo "Path not specified to find_maven_basedir" >&2
return 1 return 1
fi fi
fi
}
basedir="$1" # hash string like Java String::hashCode
wdir="$1" hash_string() {
while [ "$wdir" != '/' ]; do str="${1:-}" h=0
if [ -d "$wdir"/.mvn ]; then while [ -n "$str" ]; do
basedir=$wdir char="${str%"${str#?}"}"
break h=$(((h * 31 + $(LC_CTYPE=C printf %d "'$char")) % 4294967296))
fi str="${str#?}"
# workaround for JBEAP-8937 (on Solaris 10/Sparc)
if [ -d "${wdir}" ]; then
wdir=$(
cd "$wdir/.." || exit 1
pwd
)
fi
# end of workaround
done done
printf '%s' "$( printf %x\\n $h
cd "$basedir" || exit 1
pwd
)"
} }
# concatenates all lines of a file verbose() { :; }
concat_lines() { [ "${MVNW_VERBOSE-}" != true ] || verbose() { printf %s\\n "${1-}"; }
if [ -f "$1" ]; then
# Remove \r in case we run on Windows within Git Bash
# and check out the repository with auto CRLF management
# enabled. Otherwise, we may read lines that are delimited with
# \r\n and produce $'-Xarg\r' rather than -Xarg due to word
# splitting rules.
tr -s '\r\n' ' ' <"$1"
fi
}
log() { die() {
if [ "$MVNW_VERBOSE" = true ]; then printf %s\\n "$1" >&2
printf '%s\n' "$1"
fi
}
BASE_DIR=$(find_maven_basedir "$(dirname "$0")")
if [ -z "$BASE_DIR" ]; then
exit 1 exit 1
fi }
MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"} trim() {
export MAVEN_PROJECTBASEDIR # MWRAPPER-139:
log "$MAVEN_PROJECTBASEDIR" # Trims trailing and leading whitespace, carriage returns, tabs, and linefeeds.
# Needed for removing poorly interpreted newline sequences when running in more
# exotic environments such as mingw bash on Windows.
printf "%s" "${1}" | tr -d '[:space:]'
}
########################################################################################## scriptDir="$(dirname "$0")"
# Extension to allow automatically downloading the maven-wrapper.jar from Maven-central scriptName="$(basename "$0")"
# This allows using the maven wrapper in projects that prohibit checking in binary data.
##########################################################################################
wrapperJarPath="$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar"
if [ -r "$wrapperJarPath" ]; then
log "Found $wrapperJarPath"
else
log "Couldn't find $wrapperJarPath, downloading it ..."
if [ -n "$MVNW_REPOURL" ]; then # parse distributionUrl and optional distributionSha256Sum, requires .mvn/wrapper/maven-wrapper.properties
wrapperUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar"
else
wrapperUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar"
fi
while IFS="=" read -r key value; do
# Remove '\r' from value to allow usage on windows as IFS does not consider '\r' as a separator ( considers space, tab, new line ('\n'), and custom '=' )
safeValue=$(echo "$value" | tr -d '\r')
case "$key" in wrapperUrl)
wrapperUrl="$safeValue"
break
;;
esac
done <"$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.properties"
log "Downloading from: $wrapperUrl"
if $cygwin; then
wrapperJarPath=$(cygpath --path --windows "$wrapperJarPath")
fi
if command -v wget >/dev/null; then
log "Found wget ... using wget"
[ "$MVNW_VERBOSE" = true ] && QUIET="" || QUIET="--quiet"
if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
wget $QUIET "$wrapperUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
else
wget $QUIET --http-user="$MVNW_USERNAME" --http-password="$MVNW_PASSWORD" "$wrapperUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
fi
elif command -v curl >/dev/null; then
log "Found curl ... using curl"
[ "$MVNW_VERBOSE" = true ] && QUIET="" || QUIET="--silent"
if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
curl $QUIET -o "$wrapperJarPath" "$wrapperUrl" -f -L || rm -f "$wrapperJarPath"
else
curl $QUIET --user "$MVNW_USERNAME:$MVNW_PASSWORD" -o "$wrapperJarPath" "$wrapperUrl" -f -L || rm -f "$wrapperJarPath"
fi
else
log "Falling back to using Java to download"
javaSource="$MAVEN_PROJECTBASEDIR/.mvn/wrapper/MavenWrapperDownloader.java"
javaClass="$MAVEN_PROJECTBASEDIR/.mvn/wrapper/MavenWrapperDownloader.class"
# For Cygwin, switch paths to Windows format before running javac
if $cygwin; then
javaSource=$(cygpath --path --windows "$javaSource")
javaClass=$(cygpath --path --windows "$javaClass")
fi
if [ -e "$javaSource" ]; then
if [ ! -e "$javaClass" ]; then
log " - Compiling MavenWrapperDownloader.java ..."
("$JAVA_HOME/bin/javac" "$javaSource")
fi
if [ -e "$javaClass" ]; then
log " - Running MavenWrapperDownloader.java ..."
("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$wrapperUrl" "$wrapperJarPath") || rm -f "$wrapperJarPath"
fi
fi
fi
fi
##########################################################################################
# End of extension
##########################################################################################
# If specified, validate the SHA-256 sum of the Maven wrapper jar file
wrapperSha256Sum=""
while IFS="=" read -r key value; do while IFS="=" read -r key value; do
case "$key" in wrapperSha256Sum) case "${key-}" in
wrapperSha256Sum=$value distributionUrl) distributionUrl=$(trim "${value-}") ;;
break distributionSha256Sum) distributionSha256Sum=$(trim "${value-}") ;;
esac
done <"$scriptDir/.mvn/wrapper/maven-wrapper.properties"
[ -n "${distributionUrl-}" ] || die "cannot read distributionUrl property in $scriptDir/.mvn/wrapper/maven-wrapper.properties"
case "${distributionUrl##*/}" in
maven-mvnd-*bin.*)
MVN_CMD=mvnd.sh _MVNW_REPO_PATTERN=/maven/mvnd/
case "${PROCESSOR_ARCHITECTURE-}${PROCESSOR_ARCHITEW6432-}:$(uname -a)" in
*AMD64:CYGWIN* | *AMD64:MINGW*) distributionPlatform=windows-amd64 ;;
:Darwin*x86_64) distributionPlatform=darwin-amd64 ;;
:Darwin*arm64) distributionPlatform=darwin-aarch64 ;;
:Linux*x86_64*) distributionPlatform=linux-amd64 ;;
*)
echo "Cannot detect native platform for mvnd on $(uname)-$(uname -m), use pure java version" >&2
distributionPlatform=linux-amd64
;; ;;
esac esac
done <"$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.properties" distributionUrl="${distributionUrl%-bin.*}-$distributionPlatform.zip"
if [ -n "$wrapperSha256Sum" ]; then ;;
wrapperSha256Result=false maven-mvnd-*) MVN_CMD=mvnd.sh _MVNW_REPO_PATTERN=/maven/mvnd/ ;;
if command -v sha256sum >/dev/null; then *) MVN_CMD="mvn${scriptName#mvnw}" _MVNW_REPO_PATTERN=/org/apache/maven/ ;;
if echo "$wrapperSha256Sum $wrapperJarPath" | sha256sum -c >/dev/null 2>&1; then esac
wrapperSha256Result=true
# apply MVNW_REPOURL and calculate MAVEN_HOME
# maven home pattern: ~/.m2/wrapper/dists/{apache-maven-<version>,maven-mvnd-<version>-<platform>}/<hash>
[ -z "${MVNW_REPOURL-}" ] || distributionUrl="$MVNW_REPOURL$_MVNW_REPO_PATTERN${distributionUrl#*"$_MVNW_REPO_PATTERN"}"
distributionUrlName="${distributionUrl##*/}"
distributionUrlNameMain="${distributionUrlName%.*}"
distributionUrlNameMain="${distributionUrlNameMain%-bin}"
MAVEN_USER_HOME="${MAVEN_USER_HOME:-${HOME}/.m2}"
MAVEN_HOME="${MAVEN_USER_HOME}/wrapper/dists/${distributionUrlNameMain-}/$(hash_string "$distributionUrl")"
exec_maven() {
unset MVNW_VERBOSE MVNW_USERNAME MVNW_PASSWORD MVNW_REPOURL || :
exec "$MAVEN_HOME/bin/$MVN_CMD" "$@" || die "cannot exec $MAVEN_HOME/bin/$MVN_CMD"
}
if [ -d "$MAVEN_HOME" ]; then
verbose "found existing MAVEN_HOME at $MAVEN_HOME"
exec_maven "$@"
fi
case "${distributionUrl-}" in
*?-bin.zip | *?maven-mvnd-?*-?*.zip) ;;
*) die "distributionUrl is not valid, must match *-bin.zip or maven-mvnd-*.zip, but found '${distributionUrl-}'" ;;
esac
# prepare tmp dir
if TMP_DOWNLOAD_DIR="$(mktemp -d)" && [ -d "$TMP_DOWNLOAD_DIR" ]; then
clean() { rm -rf -- "$TMP_DOWNLOAD_DIR"; }
trap clean HUP INT TERM EXIT
else
die "cannot create temp dir"
fi
mkdir -p -- "${MAVEN_HOME%/*}"
# Download and Install Apache Maven
verbose "Couldn't find MAVEN_HOME, downloading and installing it ..."
verbose "Downloading from: $distributionUrl"
verbose "Downloading to: $TMP_DOWNLOAD_DIR/$distributionUrlName"
# select .zip or .tar.gz
if ! command -v unzip >/dev/null; then
distributionUrl="${distributionUrl%.zip}.tar.gz"
distributionUrlName="${distributionUrl##*/}"
fi
# verbose opt
__MVNW_QUIET_WGET=--quiet __MVNW_QUIET_CURL=--silent __MVNW_QUIET_UNZIP=-q __MVNW_QUIET_TAR=''
[ "${MVNW_VERBOSE-}" != true ] || __MVNW_QUIET_WGET='' __MVNW_QUIET_CURL='' __MVNW_QUIET_UNZIP='' __MVNW_QUIET_TAR=v
# normalize http auth
case "${MVNW_PASSWORD:+has-password}" in
'') MVNW_USERNAME='' MVNW_PASSWORD='' ;;
has-password) [ -n "${MVNW_USERNAME-}" ] || MVNW_USERNAME='' MVNW_PASSWORD='' ;;
esac
if [ -z "${MVNW_USERNAME-}" ] && command -v wget >/dev/null; then
verbose "Found wget ... using wget"
wget ${__MVNW_QUIET_WGET:+"$__MVNW_QUIET_WGET"} "$distributionUrl" -O "$TMP_DOWNLOAD_DIR/$distributionUrlName" || die "wget: Failed to fetch $distributionUrl"
elif [ -z "${MVNW_USERNAME-}" ] && command -v curl >/dev/null; then
verbose "Found curl ... using curl"
curl ${__MVNW_QUIET_CURL:+"$__MVNW_QUIET_CURL"} -f -L -o "$TMP_DOWNLOAD_DIR/$distributionUrlName" "$distributionUrl" || die "curl: Failed to fetch $distributionUrl"
elif set_java_home; then
verbose "Falling back to use Java to download"
javaSource="$TMP_DOWNLOAD_DIR/Downloader.java"
targetZip="$TMP_DOWNLOAD_DIR/$distributionUrlName"
cat >"$javaSource" <<-END
public class Downloader extends java.net.Authenticator
{
protected java.net.PasswordAuthentication getPasswordAuthentication()
{
return new java.net.PasswordAuthentication( System.getenv( "MVNW_USERNAME" ), System.getenv( "MVNW_PASSWORD" ).toCharArray() );
}
public static void main( String[] args ) throws Exception
{
setDefault( new Downloader() );
java.nio.file.Files.copy( java.net.URI.create( args[0] ).toURL().openStream(), java.nio.file.Paths.get( args[1] ).toAbsolutePath().normalize() );
}
}
END
# For Cygwin/MinGW, switch paths to Windows format before running javac and java
verbose " - Compiling Downloader.java ..."
"$(native_path "$JAVACCMD")" "$(native_path "$javaSource")" || die "Failed to compile Downloader.java"
verbose " - Running Downloader.java ..."
"$(native_path "$JAVACMD")" -cp "$(native_path "$TMP_DOWNLOAD_DIR")" Downloader "$distributionUrl" "$(native_path "$targetZip")"
fi
# If specified, validate the SHA-256 sum of the Maven distribution zip file
if [ -n "${distributionSha256Sum-}" ]; then
distributionSha256Result=false
if [ "$MVN_CMD" = mvnd.sh ]; then
echo "Checksum validation is not supported for maven-mvnd." >&2
echo "Please disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties." >&2
exit 1
elif command -v sha256sum >/dev/null; then
if echo "$distributionSha256Sum $TMP_DOWNLOAD_DIR/$distributionUrlName" | sha256sum -c - >/dev/null 2>&1; then
distributionSha256Result=true
fi fi
elif command -v shasum >/dev/null; then elif command -v shasum >/dev/null; then
if echo "$wrapperSha256Sum $wrapperJarPath" | shasum -a 256 -c >/dev/null 2>&1; then if echo "$distributionSha256Sum $TMP_DOWNLOAD_DIR/$distributionUrlName" | shasum -a 256 -c >/dev/null 2>&1; then
wrapperSha256Result=true distributionSha256Result=true
fi fi
else else
echo "Checksum validation was requested but neither 'sha256sum' or 'shasum' are available." >&2 echo "Checksum validation was requested but neither 'sha256sum' or 'shasum' are available." >&2
echo "Please install either command, or disable validation by removing 'wrapperSha256Sum' from your maven-wrapper.properties." >&2 echo "Please install either command, or disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties." >&2
exit 1 exit 1
fi fi
if [ $wrapperSha256Result = false ]; then if [ $distributionSha256Result = false ]; then
echo "Error: Failed to validate Maven wrapper SHA-256, your Maven wrapper might be compromised." >&2 echo "Error: Failed to validate Maven distribution SHA-256, your Maven distribution might be compromised." >&2
echo "Investigate or delete $wrapperJarPath to attempt a clean download." >&2 echo "If you updated your Maven version, you need to update the specified distributionSha256Sum property." >&2
echo "If you updated your Maven version, you need to update the specified wrapperSha256Sum property." >&2
exit 1 exit 1
fi fi
fi fi
MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS" # unzip and move
if command -v unzip >/dev/null; then
# For Cygwin, switch paths to Windows format before running java unzip ${__MVNW_QUIET_UNZIP:+"$__MVNW_QUIET_UNZIP"} "$TMP_DOWNLOAD_DIR/$distributionUrlName" -d "$TMP_DOWNLOAD_DIR" || die "failed to unzip"
if $cygwin; then else
[ -n "$JAVA_HOME" ] \ tar xzf${__MVNW_QUIET_TAR:+"$__MVNW_QUIET_TAR"} "$TMP_DOWNLOAD_DIR/$distributionUrlName" -C "$TMP_DOWNLOAD_DIR" || die "failed to untar"
&& JAVA_HOME=$(cygpath --path --windows "$JAVA_HOME")
[ -n "$CLASSPATH" ] \
&& CLASSPATH=$(cygpath --path --windows "$CLASSPATH")
[ -n "$MAVEN_PROJECTBASEDIR" ] \
&& MAVEN_PROJECTBASEDIR=$(cygpath --path --windows "$MAVEN_PROJECTBASEDIR")
fi fi
# Provide a "standardized" way to retrieve the CLI args that will # Find the actual extracted directory name (handles snapshots where filename != directory name)
# work with both Windows and non-Windows executions. actualDistributionDir=""
MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $*"
export MAVEN_CMD_LINE_ARGS
WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain # First try the expected directory name (for regular distributions)
if [ -d "$TMP_DOWNLOAD_DIR/$distributionUrlNameMain" ]; then
if [ -f "$TMP_DOWNLOAD_DIR/$distributionUrlNameMain/bin/$MVN_CMD" ]; then
actualDistributionDir="$distributionUrlNameMain"
fi
fi
# shellcheck disable=SC2086 # safe args # If not found, search for any directory with the Maven executable (for snapshots)
exec "$JAVACMD" \ if [ -z "$actualDistributionDir" ]; then
$MAVEN_OPTS \ # enable globbing to iterate over items
$MAVEN_DEBUG_OPTS \ set +f
-classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \ for dir in "$TMP_DOWNLOAD_DIR"/*; do
"-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \ if [ -d "$dir" ]; then
${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@" if [ -f "$dir/bin/$MVN_CMD" ]; then
actualDistributionDir="$(basename "$dir")"
break
fi
fi
done
set -f
fi
if [ -z "$actualDistributionDir" ]; then
verbose "Contents of $TMP_DOWNLOAD_DIR:"
verbose "$(ls -la "$TMP_DOWNLOAD_DIR")"
die "Could not find Maven distribution directory in extracted archive"
fi
verbose "Found extracted Maven distribution directory: $actualDistributionDir"
printf %s\\n "$distributionUrl" >"$TMP_DOWNLOAD_DIR/$actualDistributionDir/mvnw.url"
mv -- "$TMP_DOWNLOAD_DIR/$actualDistributionDir" "$MAVEN_HOME" || [ -d "$MAVEN_HOME" ] || die "fail to move MAVEN_HOME"
clean || :
exec_maven "$@"

323
mvnw.cmd vendored
View File

@@ -1,3 +1,4 @@
<# : batch portion
@REM ---------------------------------------------------------------------------- @REM ----------------------------------------------------------------------------
@REM Licensed to the Apache Software Foundation (ASF) under one @REM Licensed to the Apache Software Foundation (ASF) under one
@REM or more contributor license agreements. See the NOTICE file @REM or more contributor license agreements. See the NOTICE file
@@ -18,189 +19,171 @@
@REM ---------------------------------------------------------------------------- @REM ----------------------------------------------------------------------------
@REM ---------------------------------------------------------------------------- @REM ----------------------------------------------------------------------------
@REM Apache Maven Wrapper startup batch script, version 3.3.2 @REM Apache Maven Wrapper startup batch script, version 3.3.3
@REM
@REM Required ENV vars:
@REM JAVA_HOME - location of a JDK home dir
@REM @REM
@REM Optional ENV vars @REM Optional ENV vars
@REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands @REM MVNW_REPOURL - repo url base for downloading maven distribution
@REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending @REM MVNW_USERNAME/MVNW_PASSWORD - user and password for downloading maven
@REM MAVEN_OPTS - parameters passed to the Java VM when running Maven @REM MVNW_VERBOSE - true: enable verbose log; others: silence the output
@REM e.g. to debug Maven itself, use
@REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
@REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files
@REM ---------------------------------------------------------------------------- @REM ----------------------------------------------------------------------------
@REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on' @IF "%__MVNW_ARG0_NAME__%"=="" (SET __MVNW_ARG0_NAME__=%~nx0)
@echo off @SET __MVNW_CMD__=
@REM set title of command window @SET __MVNW_ERROR__=
title %0 @SET __MVNW_PSMODULEP_SAVE=%PSModulePath%
@REM enable echoing by setting MAVEN_BATCH_ECHO to 'on' @SET PSModulePath=
@if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO% @FOR /F "usebackq tokens=1* delims==" %%A IN (`powershell -noprofile "& {$scriptDir='%~dp0'; $script='%__MVNW_ARG0_NAME__%'; icm -ScriptBlock ([Scriptblock]::Create((Get-Content -Raw '%~f0'))) -NoNewScope}"`) DO @(
IF "%%A"=="MVN_CMD" (set __MVNW_CMD__=%%B) ELSE IF "%%B"=="" (echo %%A) ELSE (echo %%A=%%B)
@REM set %HOME% to equivalent of $HOME
if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%")
@REM Execute a user defined script before this one
if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre
@REM check for pre script, once with legacy .bat ending and once with .cmd ending
if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %*
if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %*
:skipRcPre
@setlocal
set ERROR_CODE=0
@REM To isolate internal variables from possible post scripts, we use another setlocal
@setlocal
@REM ==== START VALIDATION ====
if not "%JAVA_HOME%" == "" goto OkJHome
echo. >&2
echo Error: JAVA_HOME not found in your environment. >&2
echo Please set the JAVA_HOME variable in your environment to match the >&2
echo location of your Java installation. >&2
echo. >&2
goto error
:OkJHome
if exist "%JAVA_HOME%\bin\java.exe" goto init
echo. >&2
echo Error: JAVA_HOME is set to an invalid directory. >&2
echo JAVA_HOME = "%JAVA_HOME%" >&2
echo Please set the JAVA_HOME variable in your environment to match the >&2
echo location of your Java installation. >&2
echo. >&2
goto error
@REM ==== END VALIDATION ====
:init
@REM Find the project base dir, i.e. the directory that contains the folder ".mvn".
@REM Fallback to current working directory if not found.
set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR%
IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir
set EXEC_DIR=%CD%
set WDIR=%EXEC_DIR%
:findBaseDir
IF EXIST "%WDIR%"\.mvn goto baseDirFound
cd ..
IF "%WDIR%"=="%CD%" goto baseDirNotFound
set WDIR=%CD%
goto findBaseDir
:baseDirFound
set MAVEN_PROJECTBASEDIR=%WDIR%
cd "%EXEC_DIR%"
goto endDetectBaseDir
:baseDirNotFound
set MAVEN_PROJECTBASEDIR=%EXEC_DIR%
cd "%EXEC_DIR%"
:endDetectBaseDir
IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig
@setlocal EnableExtensions EnableDelayedExpansion
for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a
@endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS%
:endReadAdditionalConfig
SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
set WRAPPER_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar"
FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
IF "%%A"=="wrapperUrl" SET WRAPPER_URL=%%B
) )
@SET PSModulePath=%__MVNW_PSMODULEP_SAVE%
@SET __MVNW_PSMODULEP_SAVE=
@SET __MVNW_ARG0_NAME__=
@SET MVNW_USERNAME=
@SET MVNW_PASSWORD=
@IF NOT "%__MVNW_CMD__%"=="" ("%__MVNW_CMD__%" %*)
@echo Cannot start maven from wrapper >&2 && exit /b 1
@GOTO :EOF
: end batch / begin powershell #>
@REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central $ErrorActionPreference = "Stop"
@REM This allows using the maven wrapper in projects that prohibit checking in binary data. if ($env:MVNW_VERBOSE -eq "true") {
if exist %WRAPPER_JAR% ( $VerbosePreference = "Continue"
if "%MVNW_VERBOSE%" == "true" ( }
echo Found %WRAPPER_JAR%
)
) else (
if not "%MVNW_REPOURL%" == "" (
SET WRAPPER_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.3.2/maven-wrapper-3.3.2.jar"
)
if "%MVNW_VERBOSE%" == "true" (
echo Couldn't find %WRAPPER_JAR%, downloading it ...
echo Downloading from: %WRAPPER_URL%
)
powershell -Command "&{"^ # calculate distributionUrl, requires .mvn/wrapper/maven-wrapper.properties
"$webclient = new-object System.Net.WebClient;"^ $distributionUrl = (Get-Content -Raw "$scriptDir/.mvn/wrapper/maven-wrapper.properties" | ConvertFrom-StringData).distributionUrl
"if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^ if (!$distributionUrl) {
"$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^ Write-Error "cannot read distributionUrl property in $scriptDir/.mvn/wrapper/maven-wrapper.properties"
"}"^ }
"[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%WRAPPER_URL%', '%WRAPPER_JAR%')"^
"}"
if "%MVNW_VERBOSE%" == "true" (
echo Finished downloading %WRAPPER_JAR%
)
)
@REM End of extension
@REM If specified, validate the SHA-256 sum of the Maven wrapper jar file switch -wildcard -casesensitive ( $($distributionUrl -replace '^.*/','') ) {
SET WRAPPER_SHA_256_SUM="" "maven-mvnd-*" {
FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO ( $USE_MVND = $true
IF "%%A"=="wrapperSha256Sum" SET WRAPPER_SHA_256_SUM=%%B $distributionUrl = $distributionUrl -replace '-bin\.[^.]*$',"-windows-amd64.zip"
) $MVN_CMD = "mvnd.cmd"
IF NOT %WRAPPER_SHA_256_SUM%=="" ( break
powershell -Command "&{"^ }
"Import-Module $PSHOME\Modules\Microsoft.PowerShell.Utility -Function Get-FileHash;"^ default {
"$hash = (Get-FileHash \"%WRAPPER_JAR%\" -Algorithm SHA256).Hash.ToLower();"^ $USE_MVND = $false
"If('%WRAPPER_SHA_256_SUM%' -ne $hash){"^ $MVN_CMD = $script -replace '^mvnw','mvn'
" Write-Error 'Error: Failed to validate Maven wrapper SHA-256, your Maven wrapper might be compromised.';"^ break
" Write-Error 'Investigate or delete %WRAPPER_JAR% to attempt a clean download.';"^ }
" Write-Error 'If you updated your Maven version, you need to update the specified wrapperSha256Sum property.';"^ }
" exit 1;"^
"}"^
"}"
if ERRORLEVEL 1 goto error
)
@REM Provide a "standardized" way to retrieve the CLI args that will # apply MVNW_REPOURL and calculate MAVEN_HOME
@REM work with both Windows and non-Windows executions. # maven home pattern: ~/.m2/wrapper/dists/{apache-maven-<version>,maven-mvnd-<version>-<platform>}/<hash>
set MAVEN_CMD_LINE_ARGS=%* if ($env:MVNW_REPOURL) {
$MVNW_REPO_PATTERN = if ($USE_MVND -eq $False) { "/org/apache/maven/" } else { "/maven/mvnd/" }
$distributionUrl = "$env:MVNW_REPOURL$MVNW_REPO_PATTERN$($distributionUrl -replace "^.*$MVNW_REPO_PATTERN",'')"
}
$distributionUrlName = $distributionUrl -replace '^.*/',''
$distributionUrlNameMain = $distributionUrlName -replace '\.[^.]*$','' -replace '-bin$',''
%MAVEN_JAVA_EXE% ^ $MAVEN_M2_PATH = "$HOME/.m2"
%JVM_CONFIG_MAVEN_PROPS% ^ if ($env:MAVEN_USER_HOME) {
%MAVEN_OPTS% ^ $MAVEN_M2_PATH = "$env:MAVEN_USER_HOME"
%MAVEN_DEBUG_OPTS% ^ }
-classpath %WRAPPER_JAR% ^
"-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^
%WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
if ERRORLEVEL 1 goto error
goto end
:error if (-not (Test-Path -Path $MAVEN_M2_PATH)) {
set ERROR_CODE=1 New-Item -Path $MAVEN_M2_PATH -ItemType Directory | Out-Null
}
:end $MAVEN_WRAPPER_DISTS = $null
@endlocal & set ERROR_CODE=%ERROR_CODE% if ((Get-Item $MAVEN_M2_PATH).Target[0] -eq $null) {
$MAVEN_WRAPPER_DISTS = "$MAVEN_M2_PATH/wrapper/dists"
} else {
$MAVEN_WRAPPER_DISTS = (Get-Item $MAVEN_M2_PATH).Target[0] + "/wrapper/dists"
}
if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost $MAVEN_HOME_PARENT = "$MAVEN_WRAPPER_DISTS/$distributionUrlNameMain"
@REM check for post script, once with legacy .bat ending and once with .cmd ending $MAVEN_HOME_NAME = ([System.Security.Cryptography.SHA256]::Create().ComputeHash([byte[]][char[]]$distributionUrl) | ForEach-Object {$_.ToString("x2")}) -join ''
if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat" $MAVEN_HOME = "$MAVEN_HOME_PARENT/$MAVEN_HOME_NAME"
if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd"
:skipRcPost
@REM pause the script if MAVEN_BATCH_PAUSE is set to 'on' if (Test-Path -Path "$MAVEN_HOME" -PathType Container) {
if "%MAVEN_BATCH_PAUSE%"=="on" pause Write-Verbose "found existing MAVEN_HOME at $MAVEN_HOME"
Write-Output "MVN_CMD=$MAVEN_HOME/bin/$MVN_CMD"
exit $?
}
if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE% if (! $distributionUrlNameMain -or ($distributionUrlName -eq $distributionUrlNameMain)) {
Write-Error "distributionUrl is not valid, must end with *-bin.zip, but found $distributionUrl"
}
cmd /C exit /B %ERROR_CODE% # prepare tmp dir
$TMP_DOWNLOAD_DIR_HOLDER = New-TemporaryFile
$TMP_DOWNLOAD_DIR = New-Item -Itemtype Directory -Path "$TMP_DOWNLOAD_DIR_HOLDER.dir"
$TMP_DOWNLOAD_DIR_HOLDER.Delete() | Out-Null
trap {
if ($TMP_DOWNLOAD_DIR.Exists) {
try { Remove-Item $TMP_DOWNLOAD_DIR -Recurse -Force | Out-Null }
catch { Write-Warning "Cannot remove $TMP_DOWNLOAD_DIR" }
}
}
New-Item -Itemtype Directory -Path "$MAVEN_HOME_PARENT" -Force | Out-Null
# Download and Install Apache Maven
Write-Verbose "Couldn't find MAVEN_HOME, downloading and installing it ..."
Write-Verbose "Downloading from: $distributionUrl"
Write-Verbose "Downloading to: $TMP_DOWNLOAD_DIR/$distributionUrlName"
$webclient = New-Object System.Net.WebClient
if ($env:MVNW_USERNAME -and $env:MVNW_PASSWORD) {
$webclient.Credentials = New-Object System.Net.NetworkCredential($env:MVNW_USERNAME, $env:MVNW_PASSWORD)
}
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$webclient.DownloadFile($distributionUrl, "$TMP_DOWNLOAD_DIR/$distributionUrlName") | Out-Null
# If specified, validate the SHA-256 sum of the Maven distribution zip file
$distributionSha256Sum = (Get-Content -Raw "$scriptDir/.mvn/wrapper/maven-wrapper.properties" | ConvertFrom-StringData).distributionSha256Sum
if ($distributionSha256Sum) {
if ($USE_MVND) {
Write-Error "Checksum validation is not supported for maven-mvnd. `nPlease disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties."
}
Import-Module $PSHOME\Modules\Microsoft.PowerShell.Utility -Function Get-FileHash
if ((Get-FileHash "$TMP_DOWNLOAD_DIR/$distributionUrlName" -Algorithm SHA256).Hash.ToLower() -ne $distributionSha256Sum) {
Write-Error "Error: Failed to validate Maven distribution SHA-256, your Maven distribution might be compromised. If you updated your Maven version, you need to update the specified distributionSha256Sum property."
}
}
# unzip and move
Expand-Archive "$TMP_DOWNLOAD_DIR/$distributionUrlName" -DestinationPath "$TMP_DOWNLOAD_DIR" | Out-Null
# Find the actual extracted directory name (handles snapshots where filename != directory name)
$actualDistributionDir = ""
# First try the expected directory name (for regular distributions)
$expectedPath = Join-Path "$TMP_DOWNLOAD_DIR" "$distributionUrlNameMain"
$expectedMvnPath = Join-Path "$expectedPath" "bin/$MVN_CMD"
if ((Test-Path -Path $expectedPath -PathType Container) -and (Test-Path -Path $expectedMvnPath -PathType Leaf)) {
$actualDistributionDir = $distributionUrlNameMain
}
# If not found, search for any directory with the Maven executable (for snapshots)
if (!$actualDistributionDir) {
Get-ChildItem -Path "$TMP_DOWNLOAD_DIR" -Directory | ForEach-Object {
$testPath = Join-Path $_.FullName "bin/$MVN_CMD"
if (Test-Path -Path $testPath -PathType Leaf) {
$actualDistributionDir = $_.Name
}
}
}
if (!$actualDistributionDir) {
Write-Error "Could not find Maven distribution directory in extracted archive"
}
Write-Verbose "Found extracted Maven distribution directory: $actualDistributionDir"
Rename-Item -Path "$TMP_DOWNLOAD_DIR/$actualDistributionDir" -NewName $MAVEN_HOME_NAME | Out-Null
try {
Move-Item -Path "$TMP_DOWNLOAD_DIR/$MAVEN_HOME_NAME" -Destination $MAVEN_HOME_PARENT | Out-Null
} catch {
if (! (Test-Path -Path "$MAVEN_HOME" -PathType Container)) {
Write-Error "fail to move MAVEN_HOME"
}
} finally {
try { Remove-Item $TMP_DOWNLOAD_DIR -Recurse -Force | Out-Null }
catch { Write-Warning "Cannot remove $TMP_DOWNLOAD_DIR" }
}
Write-Output "MVN_CMD=$MAVEN_HOME/bin/$MVN_CMD"

35
pom.xml
View File

@@ -3,7 +3,7 @@
<groupId>de.stklcode.jvault</groupId> <groupId>de.stklcode.jvault</groupId>
<artifactId>jvault-connector</artifactId> <artifactId>jvault-connector</artifactId>
<version>1.5.2</version> <version>2.0.0-SNAPSHOT</version>
<packaging>jar</packaging> <packaging>jar</packaging>
@@ -32,7 +32,7 @@
<connection>scm:git:git://github.com/stklcode/jvaultconnector.git</connection> <connection>scm:git:git://github.com/stklcode/jvaultconnector.git</connection>
<developerConnection>scm:git:git@github.com:stklcode/jvaultconnector.git</developerConnection> <developerConnection>scm:git:git@github.com:stklcode/jvaultconnector.git</developerConnection>
<url>https://github.com/stklcode/jvaultconnector</url> <url>https://github.com/stklcode/jvaultconnector</url>
<tag>v1.5.2</tag> <tag>HEAD</tag>
</scm> </scm>
<issueManagement> <issueManagement>
@@ -42,32 +42,26 @@
<properties> <properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.build.outputTimestamp>2025-07-16T16:17:58Z</project.build.outputTimestamp>
<argLine /> <argLine />
</properties> </properties>
<dependencies> <dependencies>
<dependency> <dependency>
<groupId>com.fasterxml.jackson.core</groupId> <groupId>tools.jackson.core</groupId>
<artifactId>jackson-databind</artifactId> <artifactId>jackson-databind</artifactId>
<version>2.19.1</version> <version>3.0.0-rc9</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.datatype</groupId>
<artifactId>jackson-datatype-jsr310</artifactId>
<version>2.19.1</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.junit.jupiter</groupId> <groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter</artifactId> <artifactId>junit-jupiter</artifactId>
<version>5.13.2</version> <version>5.13.3</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.mockito</groupId> <groupId>org.mockito</groupId>
<artifactId>mockito-core</artifactId> <artifactId>mockito-core</artifactId>
<version>5.18.0</version> <version>5.19.0</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
@@ -85,13 +79,13 @@
<dependency> <dependency>
<groupId>commons-io</groupId> <groupId>commons-io</groupId>
<artifactId>commons-io</artifactId> <artifactId>commons-io</artifactId>
<version>2.19.0</version> <version>2.20.0</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
<groupId>nl.jqno.equalsverifier</groupId> <groupId>nl.jqno.equalsverifier</groupId>
<artifactId>equalsverifier</artifactId> <artifactId>equalsverifier</artifactId>
<version>3.19.4</version> <version>4.1</version>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency> <dependency>
@@ -110,7 +104,7 @@
<artifactId>maven-compiler-plugin</artifactId> <artifactId>maven-compiler-plugin</artifactId>
<version>3.14.0</version> <version>3.14.0</version>
<configuration> <configuration>
<release>11</release> <release>17</release>
</configuration> </configuration>
</plugin> </plugin>
<plugin> <plugin>
@@ -130,8 +124,7 @@
<configuration> <configuration>
<argLine> <argLine>
@{argLine} @{argLine}
--add-opens --add-opens de.stklcode.jvault.connector/de.stklcode.jvault.connector.test=tools.jackson.databind
de.stklcode.jvault.connector/de.stklcode.jvault.connector.test=com.fasterxml.jackson.databind
</argLine> </argLine>
</configuration> </configuration>
</plugin> </plugin>
@@ -179,7 +172,7 @@
<plugin> <plugin>
<groupId>org.sonarsource.scanner.maven</groupId> <groupId>org.sonarsource.scanner.maven</groupId>
<artifactId>sonar-maven-plugin</artifactId> <artifactId>sonar-maven-plugin</artifactId>
<version>5.1.0.4751</version> <version>5.2.0.4988</version>
</plugin> </plugin>
</plugins> </plugins>
</pluginManagement> </pluginManagement>
@@ -201,7 +194,7 @@
<version>[3.6.3,)</version> <version>[3.6.3,)</version>
</requireMavenVersion> </requireMavenVersion>
<requireJavaVersion> <requireJavaVersion>
<version>[11,)</version> <version>[17,)</version>
</requireJavaVersion> </requireJavaVersion>
</rules> </rules>
</configuration> </configuration>
@@ -245,9 +238,9 @@
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId> <artifactId>maven-javadoc-plugin</artifactId>
<version>3.11.2</version> <version>3.11.3</version>
<configuration> <configuration>
<source>11</source> <source>17</source>
</configuration> </configuration>
<executions> <executions>
<execution> <execution>

119
src/main/java/de/stklcode/jvault/connector/HTTPVaultConnector.java
View File

@@ -31,6 +31,8 @@ import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.stream.Collectors; import java.util.stream.Collectors;
import static de.stklcode.jvault.connector.internal.RequestHelper.encode;
import static de.stklcode.jvault.connector.internal.VaultApiPath.*;
import static java.util.Collections.emptyMap; import static java.util.Collections.emptyMap;
import static java.util.Collections.singletonMap; import static java.util.Collections.singletonMap;
@@ -41,39 +43,6 @@ import static java.util.Collections.singletonMap;
* @since 0.1 * @since 0.1
*/ */
public class HTTPVaultConnector implements VaultConnector { public class HTTPVaultConnector implements VaultConnector {
private static final String PATH_SYS = "sys";
private static final String PATH_SYS_AUTH = PATH_SYS + "/auth";
private static final String PATH_RENEW = PATH_SYS + "/leases/renew";
private static final String PATH_REVOKE = PATH_SYS + "/leases/revoke/";
private static final String PATH_HEALTH = PATH_SYS + "/health";
private static final String PATH_SEAL = PATH_SYS + "/seal";
private static final String PATH_SEAL_STATUS = PATH_SYS + "/seal-status";
private static final String PATH_UNSEAL = PATH_SYS + "/unseal";
private static final String PATH_AUTH = "auth";
private static final String PATH_AUTH_TOKEN = PATH_AUTH + "/token";
private static final String PATH_LOOKUP = "/lookup";
private static final String PATH_LOOKUP_SELF = "/lookup-self";
private static final String PATH_CREATE = "/create";
private static final String PATH_ROLES = "/roles";
private static final String PATH_CREATE_ORPHAN = "/create-orphan";
private static final String PATH_AUTH_USERPASS = PATH_AUTH + "/userpass/login/";
private static final String PATH_AUTH_APPROLE = PATH_AUTH + "/approle";
private static final String PATH_AUTH_APPROLE_ROLE = PATH_AUTH_APPROLE + "/role/%s%s";
private static final String PATH_DATA = "/data/";
private static final String PATH_METADATA = "/metadata/";
private static final String PATH_LOGIN = "/login";
private static final String PATH_DELETE = "/delete/";
private static final String PATH_UNDELETE = "/undelete/";
private static final String PATH_DESTROY = "/destroy/";
private static final String PATH_TRANSIT = "transit";
private static final String PATH_TRANSIT_ENCRYPT = PATH_TRANSIT + "/encrypt/";
private static final String PATH_TRANSIT_DECRYPT = PATH_TRANSIT + "/decrypt/";
private static final String PATH_TRANSIT_HASH = PATH_TRANSIT + "/hash/";
private final RequestHelper request; private final RequestHelper request;
private boolean authorized = false; // Authorization status. private boolean authorized = false; // Authorization status.
@@ -140,12 +109,12 @@ public class HTTPVaultConnector implements VaultConnector {
@Override @Override
public final SealResponse sealStatus() throws VaultConnectorException { public final SealResponse sealStatus() throws VaultConnectorException {
return request.get(PATH_SEAL_STATUS, emptyMap(), token, SealResponse.class); return request.get(SYS_SEAL_STATUS, emptyMap(), token, SealResponse.class);
} }
@Override @Override
public final void seal() throws VaultConnectorException { public final void seal() throws VaultConnectorException {
request.put(PATH_SEAL, emptyMap(), token); request.put(SYS_SEAL, emptyMap(), token);
} }
@Override @Override
@@ -155,14 +124,14 @@ public class HTTPVaultConnector implements VaultConnector {
"reset", reset "reset", reset
); );
return request.put(PATH_UNSEAL, param, token, SealResponse.class); return request.put(SYS_UNSEAL, param, token, SealResponse.class);
} }
@Override @Override
public HealthResponse getHealth() throws VaultConnectorException { public HealthResponse getHealth() throws VaultConnectorException {
return request.get( return request.get(
PATH_HEALTH, SYS_HEALTH,
// Force status code to be 200, so we don't need to modify the request sequence. // Force status code to be 200, so we don't need to modify the request sequence.
Map.of( Map.of(
"standbycode", "200", // Default: 429. "standbycode", "200", // Default: 429.
@@ -182,7 +151,7 @@ public class HTTPVaultConnector implements VaultConnector {
@Override @Override
public final List<AuthBackend> getAuthBackends() throws VaultConnectorException { public final List<AuthBackend> getAuthBackends() throws VaultConnectorException {
/* Issue request and parse response */ /* Issue request and parse response */
AuthMethodsResponse amr = request.get(PATH_SYS_AUTH, emptyMap(), token, AuthMethodsResponse.class); AuthMethodsResponse amr = request.get(SYS_AUTH, emptyMap(), token, AuthMethodsResponse.class);
return amr.getSupportedMethods().values().stream().map(AuthMethod::getType).collect(Collectors.toList()); return amr.getSupportedMethods().values().stream().map(AuthMethod::getType).collect(Collectors.toList());
} }
@@ -192,7 +161,7 @@ public class HTTPVaultConnector implements VaultConnector {
/* set token */ /* set token */
this.token = token; this.token = token;
this.tokenTTL = 0; this.tokenTTL = 0;
TokenResponse res = request.get(PATH_AUTH_TOKEN + PATH_LOOKUP_SELF, emptyMap(), token, TokenResponse.class); TokenResponse res = request.get(AUTH_TOKEN + TOKEN_LOOKUP_SELF, emptyMap(), token, TokenResponse.class);
authorized = true; authorized = true;
return res; return res;
@@ -202,7 +171,7 @@ public class HTTPVaultConnector implements VaultConnector {
public final AuthResponse authUserPass(final String username, final String password) public final AuthResponse authUserPass(final String username, final String password)
throws VaultConnectorException { throws VaultConnectorException {
final Map<String, String> payload = singletonMap("password", password); final Map<String, String> payload = singletonMap("password", password);
return queryAuth(PATH_AUTH_USERPASS + username, payload); return queryAuth(AUTH_USERPASS_LOGIN + encode(username), payload);
} }
@Override @Override
@@ -211,7 +180,7 @@ public class HTTPVaultConnector implements VaultConnector {
"role_id", roleID, "role_id", roleID,
"secret_id", secretID "secret_id", secretID
); );
return queryAuth(PATH_AUTH_APPROLE + PATH_LOGIN, payload); return queryAuth(AUTH_APPROLE + "login", payload);
} }
/** /**
@@ -239,7 +208,7 @@ public class HTTPVaultConnector implements VaultConnector {
requireAuth(); requireAuth();
/* Issue request and expect code 204 with empty response */ /* Issue request and expect code 204 with empty response */
request.postWithoutResponse(String.format(PATH_AUTH_APPROLE_ROLE, role.getName(), ""), role, token); request.postWithoutResponse(AUTH_APPROLE_ROLE + encode(role.getName()), role, token);
/* Set custom ID if provided */ /* Set custom ID if provided */
return !(role.getId() != null && !role.getId().isEmpty()) || setAppRoleID(role.getName(), role.getId()); return !(role.getId() != null && !role.getId().isEmpty()) || setAppRoleID(role.getName(), role.getId());
@@ -250,7 +219,7 @@ public class HTTPVaultConnector implements VaultConnector {
requireAuth(); requireAuth();
/* Request HTTP response and parse Secret */ /* Request HTTP response and parse Secret */
return request.get( return request.get(
String.format(PATH_AUTH_APPROLE_ROLE, roleName, ""), AUTH_APPROLE_ROLE + encode(roleName),
emptyMap(), emptyMap(),
token, token,
AppRoleResponse.class AppRoleResponse.class
@@ -262,7 +231,7 @@ public class HTTPVaultConnector implements VaultConnector {
requireAuth(); requireAuth();
/* Issue request and expect code 204 with empty response */ /* Issue request and expect code 204 with empty response */
request.deleteWithoutResponse(String.format(PATH_AUTH_APPROLE_ROLE, roleName, ""), token); request.deleteWithoutResponse(AUTH_APPROLE_ROLE + encode(roleName), token);
return true; return true;
} }
@@ -272,7 +241,7 @@ public class HTTPVaultConnector implements VaultConnector {
requireAuth(); requireAuth();
/* Issue request, parse response and extract Role ID */ /* Issue request, parse response and extract Role ID */
return request.get( return request.get(
String.format(PATH_AUTH_APPROLE_ROLE, roleName, "/role-id"), AUTH_APPROLE_ROLE + encode(roleName) + "/role-id",
emptyMap(), emptyMap(),
token, token,
RawDataResponse.class RawDataResponse.class
@@ -285,7 +254,7 @@ public class HTTPVaultConnector implements VaultConnector {
/* Issue request and expect code 204 with empty response */ /* Issue request and expect code 204 with empty response */
request.postWithoutResponse( request.postWithoutResponse(
String.format(PATH_AUTH_APPROLE_ROLE, roleName, "/role-id"), AUTH_APPROLE_ROLE + encode(roleName) + "/role-id",
singletonMap("role_id", roleID), singletonMap("role_id", roleID),
token token
); );
@@ -300,14 +269,14 @@ public class HTTPVaultConnector implements VaultConnector {
if (secret.getId() != null && !secret.getId().isEmpty()) { if (secret.getId() != null && !secret.getId().isEmpty()) {
return request.post( return request.post(
String.format(PATH_AUTH_APPROLE_ROLE, roleName, "/custom-secret-id"), AUTH_APPROLE_ROLE + encode(roleName) + "/custom-secret-id",
secret, secret,
token, token,
AppRoleSecretResponse.class AppRoleSecretResponse.class
); );
} else { } else {
return request.post( return request.post(
String.format(PATH_AUTH_APPROLE_ROLE, roleName, "/secret-id"), AUTH_APPROLE_ROLE + encode(roleName) + "/secret-id",
secret, token, secret, token,
AppRoleSecretResponse.class AppRoleSecretResponse.class
); );
@@ -321,7 +290,7 @@ public class HTTPVaultConnector implements VaultConnector {
/* Issue request and parse secret response */ /* Issue request and parse secret response */
return request.post( return request.post(
String.format(PATH_AUTH_APPROLE_ROLE, roleName, "/secret-id/lookup"), AUTH_APPROLE_ROLE + encode(roleName) + "/secret-id/lookup",
new AppRoleSecret(secretID), new AppRoleSecret(secretID),
token, token,
AppRoleSecretResponse.class AppRoleSecretResponse.class
@@ -335,7 +304,7 @@ public class HTTPVaultConnector implements VaultConnector {
/* Issue request and expect code 204 with empty response */ /* Issue request and expect code 204 with empty response */
request.postWithoutResponse( request.postWithoutResponse(
String.format(PATH_AUTH_APPROLE_ROLE, roleName, "/secret-id/destroy"), AUTH_APPROLE_ROLE + encode(roleName) + "/secret-id/destroy",
new AppRoleSecret(secretID), new AppRoleSecret(secretID),
token); token);
@@ -347,7 +316,7 @@ public class HTTPVaultConnector implements VaultConnector {
requireAuth(); requireAuth();
SecretListResponse secrets = request.get( SecretListResponse secrets = request.get(
PATH_AUTH_APPROLE + "/role?list=true", AUTH_APPROLE + "role?list=true",
emptyMap(), emptyMap(),
token, token,
SecretListResponse.class SecretListResponse.class
@@ -361,7 +330,7 @@ public class HTTPVaultConnector implements VaultConnector {
requireAuth(); requireAuth();
SecretListResponse secrets = request.get( SecretListResponse secrets = request.get(
String.format(PATH_AUTH_APPROLE_ROLE, roleName, "/secret-id?list=true"), AUTH_APPROLE_ROLE + encode(roleName) + "/secret-id?list=true",
emptyMap(), emptyMap(),
token, token,
SecretListResponse.class SecretListResponse.class
@@ -384,7 +353,7 @@ public class HTTPVaultConnector implements VaultConnector {
/* Request HTTP response and parse secret metadata */ /* Request HTTP response and parse secret metadata */
Map<String, String> args = mapOfStrings("version", version); Map<String, String> args = mapOfStrings("version", version);
return request.get(mount + PATH_DATA + key, args, token, MetaSecretResponse.class); return request.get(mount + SECRET_DATA + key, args, token, MetaSecretResponse.class);
} }
@Override @Override
@@ -393,7 +362,7 @@ public class HTTPVaultConnector implements VaultConnector {
requireAuth(); requireAuth();
/* Request HTTP response and parse secret metadata */ /* Request HTTP response and parse secret metadata */
return request.get(mount + PATH_METADATA + key, emptyMap(), token, MetadataResponse.class); return request.get(mount + SECRET_METADATA + key, emptyMap(), token, MetadataResponse.class);
} }
@Override @Override
@@ -408,7 +377,7 @@ public class HTTPVaultConnector implements VaultConnector {
"cas_required", casRequired "cas_required", casRequired
); );
write(mount + PATH_METADATA + key, payload); write(mount + SECRET_METADATA + key, payload);
} }
@Override @Override
@@ -427,7 +396,7 @@ public class HTTPVaultConnector implements VaultConnector {
/* Issue request and parse metadata response */ /* Issue request and parse metadata response */
return request.post( return request.post(
mount + PATH_DATA + key, mount + SECRET_DATA + key,
Map.of( Map.of(
"data", data, "data", data,
"options", options "options", options
@@ -480,30 +449,30 @@ public class HTTPVaultConnector implements VaultConnector {
@Override @Override
public final void deleteLatestSecretVersion(final String mount, final String key) throws VaultConnectorException { public final void deleteLatestSecretVersion(final String mount, final String key) throws VaultConnectorException {
delete(mount + PATH_DATA + key); delete(mount + SECRET_DATA + key);
} }
@Override @Override
public final void deleteAllSecretVersions(final String mount, final String key) throws VaultConnectorException { public final void deleteAllSecretVersions(final String mount, final String key) throws VaultConnectorException {
delete(mount + PATH_METADATA + key); delete(mount + SECRET_METADATA + key);
} }
@Override @Override
public final void deleteSecretVersions(final String mount, final String key, final int... versions) public final void deleteSecretVersions(final String mount, final String key, final int... versions)
throws VaultConnectorException { throws VaultConnectorException {
handleSecretVersions(mount, PATH_DELETE, key, versions); handleSecretVersions(mount, SECRET_DELETE, key, versions);
} }
@Override @Override
public final void undeleteSecretVersions(final String mount, final String key, final int... versions) public final void undeleteSecretVersions(final String mount, final String key, final int... versions)
throws VaultConnectorException { throws VaultConnectorException {
handleSecretVersions(mount, PATH_UNDELETE, key, versions); handleSecretVersions(mount, SECRET_UNDELETE, key, versions);
} }
@Override @Override
public final void destroySecretVersions(final String mount, final String key, final int... versions) public final void destroySecretVersions(final String mount, final String key, final int... versions)
throws VaultConnectorException { throws VaultConnectorException {
handleSecretVersions(mount, PATH_DESTROY, key, versions); handleSecretVersions(mount, SECRET_DESTROY, key, versions);
} }
/** /**
@@ -534,7 +503,7 @@ public class HTTPVaultConnector implements VaultConnector {
requireAuth(); requireAuth();
/* Issue request and expect code 204 with empty response */ /* Issue request and expect code 204 with empty response */
request.putWithoutResponse(PATH_REVOKE + leaseID, emptyMap(), token); request.putWithoutResponse(SYS_LEASES_REVOKE + encode(leaseID), emptyMap(), token);
} }
@Override @Override
@@ -547,17 +516,17 @@ public class HTTPVaultConnector implements VaultConnector {
); );
/* Issue request and parse secret response */ /* Issue request and parse secret response */
return request.put(PATH_RENEW, payload, token, SecretResponse.class); return request.put(SYS_LEASES_RENEW, payload, token, SecretResponse.class);
} }
@Override @Override
public final AuthResponse createToken(final Token token) throws VaultConnectorException { public final AuthResponse createToken(final Token token) throws VaultConnectorException {
return createTokenInternal(token, PATH_AUTH_TOKEN + PATH_CREATE); return createTokenInternal(token, AUTH_TOKEN + TOKEN_CREATE);
} }
@Override @Override
public final AuthResponse createToken(final Token token, final boolean orphan) throws VaultConnectorException { public final AuthResponse createToken(final Token token, final boolean orphan) throws VaultConnectorException {
return createTokenInternal(token, PATH_AUTH_TOKEN + PATH_CREATE_ORPHAN); return createTokenInternal(token, AUTH_TOKEN + TOKEN_CREATE_ORPHAN);
} }
@Override @Override
@@ -565,7 +534,7 @@ public class HTTPVaultConnector implements VaultConnector {
if (role == null || role.isEmpty()) { if (role == null || role.isEmpty()) {
throw new InvalidRequestException("No role name specified."); throw new InvalidRequestException("No role name specified.");
} }
return createTokenInternal(token, PATH_AUTH_TOKEN + PATH_CREATE + "/" + role); return createTokenInternal(token, AUTH_TOKEN + TOKEN_CREATE + "/" + encode(role));
} }
@Override @Override
@@ -600,7 +569,7 @@ public class HTTPVaultConnector implements VaultConnector {
/* Request HTTP response and parse Secret */ /* Request HTTP response and parse Secret */
return request.get( return request.get(
PATH_AUTH_TOKEN + PATH_LOOKUP, AUTH_TOKEN + TOKEN_LOOKUP,
singletonMap("token", token), singletonMap("token", token),
token, token,
TokenResponse.class TokenResponse.class
@@ -618,7 +587,7 @@ public class HTTPVaultConnector implements VaultConnector {
} }
// Issue request and expect code 204 with empty response. // Issue request and expect code 204 with empty response.
request.postWithoutResponse(PATH_AUTH_TOKEN + PATH_ROLES + "/" + name, role, token); request.postWithoutResponse(AUTH_TOKEN + TOKEN_ROLES + "/" + encode(name), role, token);
return true; return true;
} }
@@ -628,14 +597,14 @@ public class HTTPVaultConnector implements VaultConnector {
requireAuth(); requireAuth();
// Request HTTP response and parse response. // Request HTTP response and parse response.
return request.get(PATH_AUTH_TOKEN + PATH_ROLES + "/" + name, emptyMap(), token, TokenRoleResponse.class); return request.get(AUTH_TOKEN + TOKEN_ROLES + "/" + encode(name), emptyMap(), token, TokenRoleResponse.class);
} }
@Override @Override
public List<String> listTokenRoles() throws VaultConnectorException { public List<String> listTokenRoles() throws VaultConnectorException {
requireAuth(); requireAuth();
return list(PATH_AUTH_TOKEN + PATH_ROLES); return list(AUTH_TOKEN + TOKEN_ROLES);
} }
@Override @Override
@@ -647,7 +616,7 @@ public class HTTPVaultConnector implements VaultConnector {
} }
// Issue request and expect code 204 with empty response. // Issue request and expect code 204 with empty response.
request.deleteWithoutResponse(PATH_AUTH_TOKEN + PATH_ROLES + "/" + name, token); request.deleteWithoutResponse(AUTH_TOKEN + TOKEN_ROLES + "/" + encode(name), token);
return true; return true;
} }
@@ -661,7 +630,7 @@ public class HTTPVaultConnector implements VaultConnector {
"plaintext", plaintext "plaintext", plaintext
); );
return request.post(PATH_TRANSIT_ENCRYPT + keyName, payload, token, TransitResponse.class); return request.post(TRANSIT_ENCRYPT + encode(keyName), payload, token, TransitResponse.class);
} }
@Override @Override
@@ -673,7 +642,7 @@ public class HTTPVaultConnector implements VaultConnector {
"ciphertext", ciphertext "ciphertext", ciphertext
); );
return request.post(PATH_TRANSIT_DECRYPT + keyName, payload, token, TransitResponse.class); return request.post(TRANSIT_DECRYPT + encode(keyName), payload, token, TransitResponse.class);
} }
@Override @Override
@@ -690,7 +659,7 @@ public class HTTPVaultConnector implements VaultConnector {
"format", format "format", format
); );
return request.post(PATH_TRANSIT_HASH + algorithm, payload, token, TransitResponse.class); return request.post(TRANSIT_HASH + encode(algorithm), payload, token, TransitResponse.class);
} }
/** /**
@@ -732,7 +701,7 @@ public class HTTPVaultConnector implements VaultConnector {
*/ */
private static Map<String, Object> mapOf(Object... keyValues) { private static Map<String, Object> mapOf(Object... keyValues) {
Map<String, Object> map = new HashMap<>(keyValues.length / 2, 1); Map<String, Object> map = new HashMap<>(keyValues.length / 2, 1);
for (int i = 0; i < keyValues.length; i = i + 2) { for (int i = 0; i < keyValues.length - 1; i = i + 2) {
Object key = keyValues[i]; Object key = keyValues[i];
Object val = keyValues[i + 1]; Object val = keyValues[i + 1];
if (key instanceof String && val != null) { if (key instanceof String && val != null) {

3
src/main/java/de/stklcode/jvault/connector/exception/AuthorizationRequiredException.java
View File

@@ -16,6 +16,8 @@
package de.stklcode.jvault.connector.exception; package de.stklcode.jvault.connector.exception;
import java.io.Serial;
/** /**
* Exception thrown trying to do a request without any authorization handles. * Exception thrown trying to do a request without any authorization handles.
* *
@@ -23,5 +25,6 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1 * @since 0.1
*/ */
public class AuthorizationRequiredException extends VaultConnectorException { public class AuthorizationRequiredException extends VaultConnectorException {
@Serial
private static final long serialVersionUID = 2629577936657393880L; private static final long serialVersionUID = 2629577936657393880L;
} }

3
src/main/java/de/stklcode/jvault/connector/exception/ConnectionException.java
View File

@@ -16,6 +16,8 @@
package de.stklcode.jvault.connector.exception; package de.stklcode.jvault.connector.exception;
import java.io.Serial;
/** /**
* Exception thrown on problems with connection to Vault backend. * Exception thrown on problems with connection to Vault backend.
* *
@@ -23,6 +25,7 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1 * @since 0.1
*/ */
public class ConnectionException extends VaultConnectorException { public class ConnectionException extends VaultConnectorException {
@Serial
private static final long serialVersionUID = 3005430116002990418L; private static final long serialVersionUID = 3005430116002990418L;
/** /**

3
src/main/java/de/stklcode/jvault/connector/exception/InvalidRequestException.java
View File

@@ -16,6 +16,8 @@
package de.stklcode.jvault.connector.exception; package de.stklcode.jvault.connector.exception;
import java.io.Serial;
/** /**
* Exception thrown when trying to send malformed request. * Exception thrown when trying to send malformed request.
* *
@@ -23,6 +25,7 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1 * @since 0.1
*/ */
public class InvalidRequestException extends VaultConnectorException { public class InvalidRequestException extends VaultConnectorException {
@Serial
private static final long serialVersionUID = -6712239648281809159L; private static final long serialVersionUID = -6712239648281809159L;
/** /**

3
src/main/java/de/stklcode/jvault/connector/exception/InvalidResponseException.java
View File

@@ -16,6 +16,8 @@
package de.stklcode.jvault.connector.exception; package de.stklcode.jvault.connector.exception;
import java.io.Serial;
/** /**
* Exception thrown when response from vault returned with erroneous status code or payload could not be parsed * Exception thrown when response from vault returned with erroneous status code or payload could not be parsed
* to entity class. * to entity class.
@@ -24,6 +26,7 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1 * @since 0.1
*/ */
public final class InvalidResponseException extends VaultConnectorException { public final class InvalidResponseException extends VaultConnectorException {
@Serial
private static final long serialVersionUID = 2003151038614163479L; private static final long serialVersionUID = 2003151038614163479L;
private final Integer statusCode; private final Integer statusCode;

3
src/main/java/de/stklcode/jvault/connector/exception/PermissionDeniedException.java
View File

@@ -16,6 +16,8 @@
package de.stklcode.jvault.connector.exception; package de.stklcode.jvault.connector.exception;
import java.io.Serial;
/** /**
* Exception thrown when trying to access a path the current user/token does not have permission to access. * Exception thrown when trying to access a path the current user/token does not have permission to access.
* *
@@ -23,6 +25,7 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1 * @since 0.1
*/ */
public class PermissionDeniedException extends VaultConnectorException { public class PermissionDeniedException extends VaultConnectorException {
@Serial
private static final long serialVersionUID = -7149134015090750776L; private static final long serialVersionUID = -7149134015090750776L;
/** /**

3
src/main/java/de/stklcode/jvault/connector/exception/TlsException.java
View File

@@ -16,6 +16,8 @@
package de.stklcode.jvault.connector.exception; package de.stklcode.jvault.connector.exception;
import java.io.Serial;
/** /**
* Exception thrown on errors with TLS connection. * Exception thrown on errors with TLS connection.
* *
@@ -23,6 +25,7 @@ package de.stklcode.jvault.connector.exception;
* @since 0.4.0 * @since 0.4.0
*/ */
public class TlsException extends VaultConnectorException { public class TlsException extends VaultConnectorException {
@Serial
private static final long serialVersionUID = -5139276834988258086L; private static final long serialVersionUID = -5139276834988258086L;
/** /**

3
src/main/java/de/stklcode/jvault/connector/exception/VaultConnectorException.java
View File

@@ -16,6 +16,8 @@
package de.stklcode.jvault.connector.exception; package de.stklcode.jvault.connector.exception;
import java.io.Serial;
/** /**
* Abstract Exception class for Vault Connector internal exceptions. * Abstract Exception class for Vault Connector internal exceptions.
* *
@@ -23,6 +25,7 @@ package de.stklcode.jvault.connector.exception;
* @since 0.1 * @since 0.1
*/ */
public abstract class VaultConnectorException extends Exception { public abstract class VaultConnectorException extends Exception {
@Serial
private static final long serialVersionUID = -2612477894310906036L; private static final long serialVersionUID = -2612477894310906036L;
/** /**

44
src/main/java/de/stklcode/jvault/connector/internal/RequestHelper.java
View File

@@ -1,12 +1,11 @@
package de.stklcode.jvault.connector.internal; package de.stklcode.jvault.connector.internal;
import com.fasterxml.jackson.core.JsonProcessingException; import tools.jackson.core.JacksonException;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.databind.json.JsonMapper;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import de.stklcode.jvault.connector.exception.*; import de.stklcode.jvault.connector.exception.*;
import de.stklcode.jvault.connector.model.response.ErrorResponse; import de.stklcode.jvault.connector.model.response.ErrorResponse;
import tools.jackson.databind.cfg.DateTimeFeature;
import tools.jackson.databind.json.JsonMapper;
import javax.net.ssl.SSLContext; import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.TrustManagerFactory;
@@ -25,6 +24,7 @@ import java.security.cert.CertificateException;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.time.Duration; import java.time.Duration;
import java.util.Map; import java.util.Map;
import java.util.Objects;
import java.util.concurrent.CompletionException; import java.util.concurrent.CompletionException;
import java.util.stream.Collectors; import java.util.stream.Collectors;
@@ -66,9 +66,8 @@ public final class RequestHelper implements Serializable {
this.tlsVersion = tlsVersion; this.tlsVersion = tlsVersion;
this.trustedCaCert = trustedCaCert; this.trustedCaCert = trustedCaCert;
this.jsonMapper = JsonMapper.builder() this.jsonMapper = JsonMapper.builder()
.addModule(new JavaTimeModule()) .enable(DateTimeFeature.WRITE_DATES_AS_TIMESTAMPS)
.enable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS) .disable(DateTimeFeature.ADJUST_DATES_TO_CONTEXT_TIME_ZONE)
.disable(DeserializationFeature.ADJUST_DATES_TO_CONTEXT_TIME_ZONE)
.build(); .build();
} }
@@ -89,7 +88,7 @@ public final class RequestHelper implements Serializable {
// Generate JSON from payload. // Generate JSON from payload.
try { try {
req.POST(HttpRequest.BodyPublishers.ofString(jsonMapper.writeValueAsString(payload), UTF_8)); req.POST(HttpRequest.BodyPublishers.ofString(jsonMapper.writeValueAsString(payload), UTF_8));
} catch (JsonProcessingException e) { } catch (JacksonException e) {
throw new InvalidRequestException(Error.PARSE_RESPONSE, e); throw new InvalidRequestException(Error.PARSE_RESPONSE, e);
} }
@@ -120,7 +119,7 @@ public final class RequestHelper implements Serializable {
try { try {
String response = post(path, payload, token); String response = post(path, payload, token);
return jsonMapper.readValue(response, target); return jsonMapper.readValue(response, target);
} catch (IOException e) { } catch (JacksonException e) {
throw new InvalidResponseException(Error.PARSE_RESPONSE, e); throw new InvalidResponseException(Error.PARSE_RESPONSE, e);
} }
} }
@@ -159,7 +158,7 @@ public final class RequestHelper implements Serializable {
// Generate JSON from payload. // Generate JSON from payload.
try { try {
req.PUT(HttpRequest.BodyPublishers.ofString(jsonMapper.writeValueAsString(payload), UTF_8)); req.PUT(HttpRequest.BodyPublishers.ofString(jsonMapper.writeValueAsString(payload), UTF_8));
} catch (JsonProcessingException e) { } catch (JacksonException e) {
throw new InvalidRequestException("Payload serialization failed", e); throw new InvalidRequestException("Payload serialization failed", e);
} }
@@ -190,7 +189,7 @@ public final class RequestHelper implements Serializable {
try { try {
String response = put(path, payload, token); String response = put(path, payload, token);
return jsonMapper.readValue(response, target); return jsonMapper.readValue(response, target);
} catch (IOException e) { } catch (JacksonException e) {
throw new InvalidResponseException(Error.PARSE_RESPONSE, e); throw new InvalidResponseException(Error.PARSE_RESPONSE, e);
} }
} }
@@ -263,9 +262,9 @@ public final class RequestHelper implements Serializable {
if (!payload.isEmpty()) { if (!payload.isEmpty()) {
uriBuilder.append("?").append( uriBuilder.append("?").append(
payload.entrySet().stream().map(par -> payload.entrySet().stream()
URLEncoder.encode(par.getKey(), UTF_8) + "=" + URLEncoder.encode(par.getValue(), UTF_8) .map(par -> encode(par.getKey()) + "=" + encode(par.getValue()))
).collect(Collectors.joining("&")) .collect(Collectors.joining("&"))
); );
} }
@@ -302,11 +301,22 @@ public final class RequestHelper implements Serializable {
try { try {
String response = get(path, payload, token); String response = get(path, payload, token);
return jsonMapper.readValue(response, target); return jsonMapper.readValue(response, target);
} catch (IOException e) { } catch (JacksonException e) {
throw new InvalidResponseException(Error.PARSE_RESPONSE, e); throw new InvalidResponseException(Error.PARSE_RESPONSE, e);
} }
} }
/**
* Encode URL part.
*
* @param part Path part to URL-encode and insert into the template
* @return Encoded URL part
* @since 1.5.3
*/
public static String encode(final String part) {
return URLEncoder.encode(Objects.requireNonNullElse(part, ""), UTF_8);
}
/** /**
* Execute prepared HTTP request and return result. * Execute prepared HTTP request and return result.
* *
@@ -443,7 +453,7 @@ public final class RequestHelper implements Serializable {
throw new InvalidResponseException(Error.RESPONSE_CODE, response.statusCode(), er.toString()); throw new InvalidResponseException(Error.RESPONSE_CODE, response.statusCode(), er.toString());
} }
} }
} catch (IOException ignored) { } catch (IOException | JacksonException ignored) {
// Exception ignored. // Exception ignored.
} }
} }

71
src/main/java/de/stklcode/jvault/connector/internal/VaultApiPath.java Normal file
View File

@@ -0,0 +1,71 @@
/*
* Copyright 2016-2025 Stefan Kalscheuer
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package de.stklcode.jvault.connector.internal;
/**
* Vault API path constants.
*
* @author Stefan Kalscheuer
* @since 1.5.3
*/
public final class VaultApiPath {
// Base paths
private static final String SYS = "sys";
private static final String AUTH = "auth";
private static final String TRANSIT = "transit";
// System paths
public static final String SYS_AUTH = SYS + "/auth";
public static final String SYS_LEASES_RENEW = SYS + "/leases/renew";
public static final String SYS_LEASES_REVOKE = SYS + "/leases/revoke/";
public static final String SYS_HEALTH = SYS + "/health";
public static final String SYS_SEAL = SYS + "/seal";
public static final String SYS_SEAL_STATUS = SYS + "/seal-status";
public static final String SYS_UNSEAL = SYS + "/unseal";
// Auth paths
public static final String AUTH_TOKEN = AUTH + "/token";
public static final String AUTH_USERPASS_LOGIN = AUTH + "/userpass/login/";
public static final String AUTH_APPROLE = AUTH + "/approle/";
public static final String AUTH_APPROLE_ROLE = AUTH_APPROLE + "role/";
// Token operations
public static final String TOKEN_LOOKUP = "/lookup";
public static final String TOKEN_LOOKUP_SELF = "/lookup-self";
public static final String TOKEN_CREATE = "/create";
public static final String TOKEN_CREATE_ORPHAN = "/create-orphan";
public static final String TOKEN_ROLES = "/roles";
// Secret engine paths
public static final String SECRET_DATA = "/data/";
public static final String SECRET_METADATA = "/metadata/";
public static final String SECRET_DELETE = "/delete/";
public static final String SECRET_UNDELETE = "/undelete/";
public static final String SECRET_DESTROY = "/destroy/";
// Transit engine paths
public static final String TRANSIT_ENCRYPT = TRANSIT + "/encrypt/";
public static final String TRANSIT_DECRYPT = TRANSIT + "/decrypt/";
public static final String TRANSIT_HASH = TRANSIT + "/hash/";
/**
* Private constructor to prevent instantiation.
*/
private VaultApiPath() {
// Utility class
}
}

3
src/main/java/de/stklcode/jvault/connector/model/AppRole.java
View File

@@ -18,6 +18,8 @@ package de.stklcode.jvault.connector.model;
import com.fasterxml.jackson.annotation.*; import com.fasterxml.jackson.annotation.*;
import java.io.Serial;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
@@ -32,6 +34,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class AppRole implements Serializable { public final class AppRole implements Serializable {
@Serial
private static final long serialVersionUID = 1546673231280751679L; private static final long serialVersionUID = 1546673231280751679L;
@JsonProperty("role_name") @JsonProperty("role_name")

41
src/main/java/de/stklcode/jvault/connector/model/AppRoleSecret.java
View File

@@ -18,6 +18,7 @@ package de.stklcode.jvault.connector.model;
import com.fasterxml.jackson.annotation.*; import com.fasterxml.jackson.annotation.*;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
@@ -32,7 +33,8 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class AppRoleSecret implements Serializable { public final class AppRoleSecret implements Serializable {
private static final long serialVersionUID = -3401074170145792641L; @Serial
private static final long serialVersionUID = 3079272087137299819L;
@JsonProperty("secret_id") @JsonProperty("secret_id")
@JsonInclude(JsonInclude.Include.NON_NULL) @JsonInclude(JsonInclude.Include.NON_NULL)
@@ -47,6 +49,8 @@ public final class AppRoleSecret implements Serializable {
private List<String> cidrList; private List<String> cidrList;
private List<String> tokenBoundCidrs;
@JsonProperty(value = "creation_time", access = JsonProperty.Access.WRITE_ONLY) @JsonProperty(value = "creation_time", access = JsonProperty.Access.WRITE_ONLY)
private String creationTime; private String creationTime;
@@ -137,6 +141,36 @@ public final class AppRoleSecret implements Serializable {
return String.join(",", cidrList); return String.join(",", cidrList);
} }
/**
* @return list of bound CIDR subnets of associated tokens
* @since 1.5.3
*/
public List<String> getTokenBoundCidrs() {
return tokenBoundCidrs;
}
/**
* @param boundCidrList list of subnets in CIDR notation to bind role to
* @since 1.5.3
*/
@JsonSetter("token_bound_cidrs")
public void setTokenBoundCidrs(final List<String> boundCidrList) {
this.tokenBoundCidrs = boundCidrList;
}
/**
* @return list of subnets in CIDR notation as comma-separated {@link String}
* @since 1.5.3
*/
@JsonGetter("token_bound_cidrs")
@JsonInclude(JsonInclude.Include.NON_EMPTY)
public String getTokenBoundCidrsString() {
if (tokenBoundCidrs == null || tokenBoundCidrs.isEmpty()) {
return "";
}
return String.join(",", tokenBoundCidrs);
}
/** /**
* @return Creation time * @return Creation time
*/ */
@@ -184,6 +218,7 @@ public final class AppRoleSecret implements Serializable {
Objects.equals(accessor, that.accessor) && Objects.equals(accessor, that.accessor) &&
Objects.equals(metadata, that.metadata) && Objects.equals(metadata, that.metadata) &&
Objects.equals(cidrList, that.cidrList) && Objects.equals(cidrList, that.cidrList) &&
Objects.equals(tokenBoundCidrs, that.tokenBoundCidrs) &&
Objects.equals(creationTime, that.creationTime) && Objects.equals(creationTime, that.creationTime) &&
Objects.equals(expirationTime, that.expirationTime) && Objects.equals(expirationTime, that.expirationTime) &&
Objects.equals(lastUpdatedTime, that.lastUpdatedTime) && Objects.equals(lastUpdatedTime, that.lastUpdatedTime) &&
@@ -193,7 +228,7 @@ public final class AppRoleSecret implements Serializable {
@Override @Override
public int hashCode() { public int hashCode() {
return Objects.hash(id, accessor, metadata, cidrList, creationTime, expirationTime, lastUpdatedTime, numUses, return Objects.hash(id, accessor, metadata, cidrList, tokenBoundCidrs, creationTime, expirationTime,
ttl); lastUpdatedTime, numUses, ttl);
} }
} }

2
src/main/java/de/stklcode/jvault/connector/model/Token.java
View File

@@ -20,6 +20,7 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.*; import java.util.*;
@@ -32,6 +33,7 @@ import java.util.*;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class Token implements Serializable { public final class Token implements Serializable {
@Serial
private static final long serialVersionUID = 7003016071684507115L; private static final long serialVersionUID = 7003016071684507115L;
@JsonProperty("id") @JsonProperty("id")

2
src/main/java/de/stklcode/jvault/connector/model/TokenRole.java
View File

@@ -20,6 +20,7 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
@@ -34,6 +35,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class TokenRole implements Serializable { public final class TokenRole implements Serializable {
@Serial
private static final long serialVersionUID = -4856948364869438439L; private static final long serialVersionUID = -4856948364869438439L;
@JsonProperty("name") @JsonProperty("name")

2
src/main/java/de/stklcode/jvault/connector/model/response/AppRoleResponse.java
View File

@@ -20,6 +20,7 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.AppRole; import de.stklcode.jvault.connector.model.AppRole;
import java.io.Serial;
import java.util.Objects; import java.util.Objects;
/** /**
@@ -30,6 +31,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class AppRoleResponse extends VaultDataResponse { public final class AppRoleResponse extends VaultDataResponse {
@Serial
private static final long serialVersionUID = -6536422219633829177L; private static final long serialVersionUID = -6536422219633829177L;
@JsonProperty("data") @JsonProperty("data")

2
src/main/java/de/stklcode/jvault/connector/model/response/AppRoleSecretResponse.java
View File

@@ -20,6 +20,7 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.AppRoleSecret; import de.stklcode.jvault.connector.model.AppRoleSecret;
import java.io.Serial;
import java.util.Objects; import java.util.Objects;
/** /**
@@ -30,6 +31,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class AppRoleSecretResponse extends VaultDataResponse { public final class AppRoleSecretResponse extends VaultDataResponse {
@Serial
private static final long serialVersionUID = -2484103304072370585L; private static final long serialVersionUID = -2484103304072370585L;
@JsonProperty("data") @JsonProperty("data")

2
src/main/java/de/stklcode/jvault/connector/model/response/AuthMethodsResponse.java
View File

@@ -20,6 +20,7 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.response.embedded.AuthMethod; import de.stklcode.jvault.connector.model.response.embedded.AuthMethod;
import java.io.Serial;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
import java.util.Objects; import java.util.Objects;
@@ -32,6 +33,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class AuthMethodsResponse extends VaultDataResponse { public final class AuthMethodsResponse extends VaultDataResponse {
@Serial
private static final long serialVersionUID = -1802724129533405375L; private static final long serialVersionUID = -1802724129533405375L;
@JsonProperty("data") @JsonProperty("data")

3
src/main/java/de/stklcode/jvault/connector/model/response/AuthResponse.java
View File

@@ -19,6 +19,8 @@ package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import de.stklcode.jvault.connector.model.response.embedded.AuthData; import de.stklcode.jvault.connector.model.response.embedded.AuthData;
import java.io.Serial;
/** /**
* Vault response for authentication providing auth info in {@link AuthData} field. * Vault response for authentication providing auth info in {@link AuthData} field.
* *
@@ -27,5 +29,6 @@ import de.stklcode.jvault.connector.model.response.embedded.AuthData;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class AuthResponse extends VaultDataResponse { public final class AuthResponse extends VaultDataResponse {
@Serial
private static final long serialVersionUID = 1628851361067456715L; private static final long serialVersionUID = 1628851361067456715L;
} }

3
src/main/java/de/stklcode/jvault/connector/model/response/CredentialsResponse.java
View File

@@ -18,6 +18,8 @@ package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import java.io.Serial;
/** /**
* Vault response from credentials lookup. Simple wrapper for data objects containing username and password fields. * Vault response from credentials lookup. Simple wrapper for data objects containing username and password fields.
* *
@@ -26,6 +28,7 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class CredentialsResponse extends PlainSecretResponse { public final class CredentialsResponse extends PlainSecretResponse {
@Serial
private static final long serialVersionUID = -1439692963299045425L; private static final long serialVersionUID = -1439692963299045425L;
/** /**

2
src/main/java/de/stklcode/jvault/connector/model/response/ErrorResponse.java
View File

@@ -19,6 +19,7 @@ package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.util.List; import java.util.List;
import java.util.Objects; import java.util.Objects;
@@ -30,6 +31,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class ErrorResponse implements VaultResponse { public final class ErrorResponse implements VaultResponse {
@Serial
private static final long serialVersionUID = -6227368087842549149L; private static final long serialVersionUID = -6227368087842549149L;
@JsonProperty("errors") @JsonProperty("errors")

2
src/main/java/de/stklcode/jvault/connector/model/response/HealthResponse.java
View File

@@ -19,6 +19,7 @@ package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.util.Objects; import java.util.Objects;
/** /**
@@ -29,6 +30,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class HealthResponse implements VaultResponse { public final class HealthResponse implements VaultResponse {
@Serial
private static final long serialVersionUID = 8675155916902904516L; private static final long serialVersionUID = 8675155916902904516L;
@JsonProperty("cluster_id") @JsonProperty("cluster_id")

2
src/main/java/de/stklcode/jvault/connector/model/response/HelpResponse.java
View File

@@ -19,6 +19,7 @@ package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.util.Objects; import java.util.Objects;
/** /**
@@ -29,6 +30,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class HelpResponse implements VaultResponse { public final class HelpResponse implements VaultResponse {
@Serial
private static final long serialVersionUID = -1152070966642848490L; private static final long serialVersionUID = -1152070966642848490L;
@JsonProperty("help") @JsonProperty("help")

2
src/main/java/de/stklcode/jvault/connector/model/response/MetaSecretResponse.java
View File

@@ -21,6 +21,7 @@ import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.response.embedded.SecretWrapper; import de.stklcode.jvault.connector.model.response.embedded.SecretWrapper;
import de.stklcode.jvault.connector.model.response.embedded.VersionMetadata; import de.stklcode.jvault.connector.model.response.embedded.VersionMetadata;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.Collections; import java.util.Collections;
import java.util.Map; import java.util.Map;
@@ -34,6 +35,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public class MetaSecretResponse extends SecretResponse { public class MetaSecretResponse extends SecretResponse {
@Serial
private static final long serialVersionUID = -1076542846391240162L; private static final long serialVersionUID = -1076542846391240162L;
@JsonProperty("data") @JsonProperty("data")

2
src/main/java/de/stklcode/jvault/connector/model/response/MetadataResponse.java
View File

@@ -20,6 +20,7 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.response.embedded.SecretMetadata; import de.stklcode.jvault.connector.model.response.embedded.SecretMetadata;
import java.io.Serial;
import java.util.Objects; import java.util.Objects;
@@ -31,6 +32,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public class MetadataResponse extends VaultDataResponse { public class MetadataResponse extends VaultDataResponse {
@Serial
private static final long serialVersionUID = -3679762333630984679L; private static final long serialVersionUID = -3679762333630984679L;
@JsonProperty("data") @JsonProperty("data")

2
src/main/java/de/stklcode/jvault/connector/model/response/PlainSecretResponse.java
View File

@@ -20,6 +20,7 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.response.embedded.VersionMetadata; import de.stklcode.jvault.connector.model.response.embedded.VersionMetadata;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.Collections; import java.util.Collections;
import java.util.Map; import java.util.Map;
@@ -33,6 +34,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public class PlainSecretResponse extends SecretResponse { public class PlainSecretResponse extends SecretResponse {
@Serial
private static final long serialVersionUID = 3010138542437913023L; private static final long serialVersionUID = 3010138542437913023L;
@JsonProperty("data") @JsonProperty("data")

2
src/main/java/de/stklcode/jvault/connector/model/response/RawDataResponse.java
View File

@@ -19,6 +19,7 @@ package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.Map; import java.util.Map;
import java.util.Objects; import java.util.Objects;
@@ -31,6 +32,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class RawDataResponse extends VaultDataResponse { public final class RawDataResponse extends VaultDataResponse {
@Serial
private static final long serialVersionUID = -319727427792124071L; private static final long serialVersionUID = -319727427792124071L;
@JsonProperty("data") @JsonProperty("data")

2
src/main/java/de/stklcode/jvault/connector/model/response/SealResponse.java
View File

@@ -19,6 +19,7 @@ package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.time.ZonedDateTime; import java.time.ZonedDateTime;
import java.util.Objects; import java.util.Objects;
@@ -30,6 +31,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class SealResponse implements VaultResponse { public final class SealResponse implements VaultResponse {
@Serial
private static final long serialVersionUID = -6000309255473305787L; private static final long serialVersionUID = -6000309255473305787L;
@JsonProperty("type") @JsonProperty("type")

4
src/main/java/de/stklcode/jvault/connector/model/response/SecretListResponse.java
View File

@@ -20,6 +20,7 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.response.embedded.SecretListWrapper; import de.stklcode.jvault.connector.model.response.embedded.SecretListWrapper;
import java.io.Serial;
import java.util.Collections; import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.Objects; import java.util.Objects;
@@ -32,8 +33,9 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class SecretListResponse extends VaultDataResponse { public final class SecretListResponse extends VaultDataResponse {
@Serial
private static final long serialVersionUID = 8597121175002967213L; private static final long serialVersionUID = 8597121175002967213L;
@JsonProperty("data") @JsonProperty("data")
private SecretListWrapper data; private SecretListWrapper data;

17
src/main/java/de/stklcode/jvault/connector/model/response/SecretResponse.java
View File

@@ -17,14 +17,13 @@
package de.stklcode.jvault.connector.model.response; package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.databind.json.JsonMapper;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import de.stklcode.jvault.connector.exception.InvalidResponseException; import de.stklcode.jvault.connector.exception.InvalidResponseException;
import de.stklcode.jvault.connector.model.response.embedded.VersionMetadata; import de.stklcode.jvault.connector.model.response.embedded.VersionMetadata;
import tools.jackson.core.JacksonException;
import tools.jackson.databind.cfg.DateTimeFeature;
import tools.jackson.databind.json.JsonMapper;
import java.io.IOException; import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.Map; import java.util.Map;
@@ -37,6 +36,7 @@ import java.util.Map;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public abstract class SecretResponse extends VaultDataResponse { public abstract class SecretResponse extends VaultDataResponse {
@Serial
private static final long serialVersionUID = 5198088815871692951L; private static final long serialVersionUID = 5198088815871692951L;
/** /**
@@ -86,9 +86,8 @@ public abstract class SecretResponse extends VaultDataResponse {
return type.cast(rawValue); return type.cast(rawValue);
} else { } else {
var om = JsonMapper.builder() var om = JsonMapper.builder()
.addModule(new JavaTimeModule()) .enable(DateTimeFeature.WRITE_DATES_AS_TIMESTAMPS)
.enable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS) .disable(DateTimeFeature.ADJUST_DATES_TO_CONTEXT_TIME_ZONE)
.disable(DeserializationFeature.ADJUST_DATES_TO_CONTEXT_TIME_ZONE)
.build(); .build();
if (rawValue instanceof String) { if (rawValue instanceof String) {
@@ -97,7 +96,7 @@ public abstract class SecretResponse extends VaultDataResponse {
return om.readValue(om.writeValueAsString(rawValue), type); return om.readValue(om.writeValueAsString(rawValue), type);
} }
} }
} catch (IOException e) { } catch (JacksonException e) {
throw new InvalidResponseException("Unable to parse response payload: " + e.getMessage()); throw new InvalidResponseException("Unable to parse response payload: " + e.getMessage());
} }
} }

2
src/main/java/de/stklcode/jvault/connector/model/response/SecretVersionResponse.java
View File

@@ -20,6 +20,7 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.response.embedded.VersionMetadata; import de.stklcode.jvault.connector.model.response.embedded.VersionMetadata;
import java.io.Serial;
import java.util.Objects; import java.util.Objects;
/** /**
@@ -30,6 +31,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public class SecretVersionResponse extends VaultDataResponse { public class SecretVersionResponse extends VaultDataResponse {
@Serial
private static final long serialVersionUID = 2748635005258576174L; private static final long serialVersionUID = 2748635005258576174L;
@JsonProperty("data") @JsonProperty("data")

2
src/main/java/de/stklcode/jvault/connector/model/response/TokenResponse.java
View File

@@ -20,6 +20,7 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.response.embedded.TokenData; import de.stklcode.jvault.connector.model.response.embedded.TokenData;
import java.io.Serial;
import java.util.Objects; import java.util.Objects;
/** /**
@@ -30,6 +31,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class TokenResponse extends VaultDataResponse { public final class TokenResponse extends VaultDataResponse {
@Serial
private static final long serialVersionUID = -4341114947980033457L; private static final long serialVersionUID = -4341114947980033457L;
@JsonProperty("data") @JsonProperty("data")

2
src/main/java/de/stklcode/jvault/connector/model/response/TokenRoleResponse.java
View File

@@ -21,6 +21,7 @@ import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.TokenRole; import de.stklcode.jvault.connector.model.TokenRole;
import de.stklcode.jvault.connector.model.response.embedded.TokenData; import de.stklcode.jvault.connector.model.response.embedded.TokenData;
import java.io.Serial;
import java.util.Objects; import java.util.Objects;
/** /**
@@ -31,6 +32,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class TokenRoleResponse extends VaultDataResponse { public final class TokenRoleResponse extends VaultDataResponse {
@Serial
private static final long serialVersionUID = 5265363857731948626L; private static final long serialVersionUID = 5265363857731948626L;
@JsonProperty("data") @JsonProperty("data")

2
src/main/java/de/stklcode/jvault/connector/model/response/TransitResponse.java
View File

@@ -18,6 +18,7 @@ package de.stklcode.jvault.connector.model.response;
import com.fasterxml.jackson.annotation.JsonSetter; import com.fasterxml.jackson.annotation.JsonSetter;
import java.io.Serial;
import java.util.Map; import java.util.Map;
import java.util.Objects; import java.util.Objects;
@@ -29,6 +30,7 @@ import java.util.Objects;
*/ */
public class TransitResponse extends VaultDataResponse { public class TransitResponse extends VaultDataResponse {
@Serial
private static final long serialVersionUID = 6873804240772242771L; private static final long serialVersionUID = 6873804240772242771L;
private String ciphertext; private String ciphertext;

2
src/main/java/de/stklcode/jvault/connector/model/response/VaultDataResponse.java
View File

@@ -20,6 +20,7 @@ import com.fasterxml.jackson.annotation.JsonProperty;
import de.stklcode.jvault.connector.model.response.embedded.AuthData; import de.stklcode.jvault.connector.model.response.embedded.AuthData;
import de.stklcode.jvault.connector.model.response.embedded.WrapInfo; import de.stklcode.jvault.connector.model.response.embedded.WrapInfo;
import java.io.Serial;
import java.util.List; import java.util.List;
import java.util.Objects; import java.util.Objects;
@@ -30,6 +31,7 @@ import java.util.Objects;
* @since 0.1 * @since 0.1
*/ */
public abstract class VaultDataResponse implements VaultResponse { public abstract class VaultDataResponse implements VaultResponse {
@Serial
private static final long serialVersionUID = 4787715235558510045L; private static final long serialVersionUID = 4787715235558510045L;
@JsonProperty("request_id") @JsonProperty("request_id")

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthData.java
View File

@@ -19,6 +19,7 @@ package de.stklcode.jvault.connector.model.response.embedded;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
@@ -33,6 +34,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class AuthData implements Serializable { public final class AuthData implements Serializable {
@Serial
private static final long serialVersionUID = 5969334512309655317L; private static final long serialVersionUID = 5969334512309655317L;
@JsonProperty("client_token") @JsonProperty("client_token")

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthMethod.java
View File

@@ -21,6 +21,7 @@ import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.annotation.JsonSetter; import com.fasterxml.jackson.annotation.JsonSetter;
import de.stklcode.jvault.connector.model.AuthBackend; import de.stklcode.jvault.connector.model.AuthBackend;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.Map; import java.util.Map;
import java.util.Objects; import java.util.Objects;
@@ -34,6 +35,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class AuthMethod implements Serializable { public final class AuthMethod implements Serializable {
@Serial
private static final long serialVersionUID = -439987082190917691L; private static final long serialVersionUID = -439987082190917691L;
private AuthBackend type; private AuthBackend type;

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/MfaConstraintAny.java
View File

@@ -19,6 +19,7 @@ package de.stklcode.jvault.connector.model.response.embedded;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.List; import java.util.List;
import java.util.Objects; import java.util.Objects;
@@ -31,6 +32,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class MfaConstraintAny implements Serializable { public final class MfaConstraintAny implements Serializable {
@Serial
private static final long serialVersionUID = 1226126781813149627L; private static final long serialVersionUID = 1226126781813149627L;
@JsonProperty("any") @JsonProperty("any")

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/MfaMethodId.java
View File

@@ -19,6 +19,7 @@ package de.stklcode.jvault.connector.model.response.embedded;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.Objects; import java.util.Objects;
@@ -30,6 +31,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class MfaMethodId implements Serializable { public final class MfaMethodId implements Serializable {
@Serial
private static final long serialVersionUID = 691298070242998814L; private static final long serialVersionUID = 691298070242998814L;
@JsonProperty("type") @JsonProperty("type")

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/MfaRequirement.java
View File

@@ -19,6 +19,7 @@ package de.stklcode.jvault.connector.model.response.embedded;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.Map; import java.util.Map;
import java.util.Objects; import java.util.Objects;
@@ -31,6 +32,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class MfaRequirement implements Serializable { public final class MfaRequirement implements Serializable {
@Serial
private static final long serialVersionUID = -2516941512455319638L; private static final long serialVersionUID = -2516941512455319638L;
@JsonProperty("mfa_request_id") @JsonProperty("mfa_request_id")

3
src/main/java/de/stklcode/jvault/connector/model/response/embedded/MountConfig.java
View File

@@ -3,6 +3,8 @@ package de.stklcode.jvault.connector.model.response.embedded;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.List; import java.util.List;
import java.util.Objects; import java.util.Objects;
@@ -15,6 +17,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public class MountConfig implements Serializable { public class MountConfig implements Serializable {
@Serial
private static final long serialVersionUID = 7241631159224756605L; private static final long serialVersionUID = 7241631159224756605L;
@JsonProperty("default_lease_ttl") @JsonProperty("default_lease_ttl")

3
src/main/java/de/stklcode/jvault/connector/model/response/embedded/SecretListWrapper.java
View File

@@ -3,6 +3,7 @@ package de.stklcode.jvault.connector.model.response.embedded;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.List; import java.util.List;
import java.util.Objects; import java.util.Objects;
@@ -16,7 +17,9 @@ import java.util.Objects;
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public class SecretListWrapper implements Serializable { public class SecretListWrapper implements Serializable {
@Serial
private static final long serialVersionUID = -8777605197063766125L; private static final long serialVersionUID = -8777605197063766125L;
@JsonProperty("keys") @JsonProperty("keys")
private List<String> keys; private List<String> keys;

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/SecretMetadata.java
View File

@@ -19,6 +19,7 @@ package de.stklcode.jvault.connector.model.response.embedded;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.time.ZonedDateTime; import java.time.ZonedDateTime;
import java.util.HashMap; import java.util.HashMap;
@@ -34,6 +35,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class SecretMetadata implements Serializable { public final class SecretMetadata implements Serializable {
@Serial
private static final long serialVersionUID = -905059942871916214L; private static final long serialVersionUID = -905059942871916214L;
@JsonProperty("created_time") @JsonProperty("created_time")

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/SecretWrapper.java
View File

@@ -3,6 +3,7 @@ package de.stklcode.jvault.connector.model.response.embedded;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.Map; import java.util.Map;
import java.util.Objects; import java.util.Objects;
@@ -15,6 +16,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public class SecretWrapper implements Serializable { public class SecretWrapper implements Serializable {
@Serial
private static final long serialVersionUID = 8600413181758893378L; private static final long serialVersionUID = 8600413181758893378L;
@JsonProperty("data") @JsonProperty("data")

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/TokenData.java
View File

@@ -19,6 +19,7 @@ package de.stklcode.jvault.connector.model.response.embedded;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.time.ZonedDateTime; import java.time.ZonedDateTime;
import java.util.List; import java.util.List;
@@ -34,6 +35,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class TokenData implements Serializable { public final class TokenData implements Serializable {
@Serial
private static final long serialVersionUID = -4168046151053509784L; private static final long serialVersionUID = -4168046151053509784L;
@JsonProperty("accessor") @JsonProperty("accessor")

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/UserLockoutConfig.java
View File

@@ -3,6 +3,7 @@ package de.stklcode.jvault.connector.model.response.embedded;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.util.Objects; import java.util.Objects;
@@ -14,6 +15,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public class UserLockoutConfig implements Serializable { public class UserLockoutConfig implements Serializable {
@Serial
private static final long serialVersionUID = -8051060041593140550L; private static final long serialVersionUID = -8051060041593140550L;
@JsonProperty("lockout_threshold") @JsonProperty("lockout_threshold")

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/VersionMetadata.java
View File

@@ -19,6 +19,7 @@ package de.stklcode.jvault.connector.model.response.embedded;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.time.ZonedDateTime; import java.time.ZonedDateTime;
import java.util.HashMap; import java.util.HashMap;
@@ -34,6 +35,7 @@ import java.util.Objects;
*/ */
@JsonIgnoreProperties(ignoreUnknown = true) @JsonIgnoreProperties(ignoreUnknown = true)
public final class VersionMetadata implements Serializable { public final class VersionMetadata implements Serializable {
@Serial
private static final long serialVersionUID = 8495687554714216478L; private static final long serialVersionUID = 8495687554714216478L;
@JsonProperty("created_time") @JsonProperty("created_time")

2
src/main/java/de/stklcode/jvault/connector/model/response/embedded/WrapInfo.java
View File

@@ -18,6 +18,7 @@ package de.stklcode.jvault.connector.model.response.embedded;
import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.Serial;
import java.io.Serializable; import java.io.Serializable;
import java.time.ZonedDateTime; import java.time.ZonedDateTime;
import java.util.Objects; import java.util.Objects;
@@ -29,6 +30,7 @@ import java.util.Objects;
* @since 1.1 * @since 1.1
*/ */
public class WrapInfo implements Serializable { public class WrapInfo implements Serializable {
@Serial
private static final long serialVersionUID = 4864973237090355607L; private static final long serialVersionUID = 4864973237090355607L;
@JsonProperty("token") @JsonProperty("token")

9
src/main/java/module-info.java
View File

@@ -26,12 +26,11 @@ module de.stklcode.jvault.connector {
exports de.stklcode.jvault.connector.model.response; exports de.stklcode.jvault.connector.model.response;
exports de.stklcode.jvault.connector.model.response.embedded; exports de.stklcode.jvault.connector.model.response.embedded;
opens de.stklcode.jvault.connector.model to com.fasterxml.jackson.databind; opens de.stklcode.jvault.connector.model to tools.jackson.databind;
opens de.stklcode.jvault.connector.model.response to com.fasterxml.jackson.databind; opens de.stklcode.jvault.connector.model.response to tools.jackson.databind;
opens de.stklcode.jvault.connector.model.response.embedded to com.fasterxml.jackson.databind; opens de.stklcode.jvault.connector.model.response.embedded to tools.jackson.databind;
requires java.net.http; requires java.net.http;
requires com.fasterxml.jackson.annotation; requires com.fasterxml.jackson.annotation;
requires com.fasterxml.jackson.databind; requires tools.jackson.databind;
requires com.fasterxml.jackson.datatype.jsr310;
} }

2
src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorIT.java
View File

@@ -52,7 +52,7 @@ import static org.junit.jupiter.api.Assumptions.assumeTrue;
* @since 0.1 * @since 0.1
*/ */
class HTTPVaultConnectorIT { class HTTPVaultConnectorIT {
private static String VAULT_VERSION = "1.20.0"; // The vault version this test is supposed to run against. private static String VAULT_VERSION = "1.20.3"; // The vault version this test is supposed to run against.
private static final String KEY1 = "E38bkCm0VhUvpdCKGQpcohhD9XmcHJ/2hreOSY019Lho"; private static final String KEY1 = "E38bkCm0VhUvpdCKGQpcohhD9XmcHJ/2hreOSY019Lho";
private static final String KEY2 = "O5OHwDleY3IiPdgw61cgHlhsrEm6tVJkrxhF6QAnILd1"; private static final String KEY2 = "O5OHwDleY3IiPdgw61cgHlhsrEm6tVJkrxhF6QAnILd1";
private static final String KEY3 = "mw7Bm3nbt/UWa/juDjjL2EPQ04kiJ0saC5JEXwJvXYsB"; private static final String KEY3 = "mw7Bm3nbt/UWa/juDjjL2EPQ04kiJ0saC5JEXwJvXYsB";

20
src/test/java/de/stklcode/jvault/connector/model/AppRoleSecretTest.java
View File

@@ -39,6 +39,7 @@ class AppRoleSecretTest extends AbstractModelTest<AppRoleSecret> {
"number", 1337 "number", 1337
); );
private static final List<String> TEST_CIDR = List.of("203.0.113.0/24", "198.51.100.0/24"); private static final List<String> TEST_CIDR = List.of("203.0.113.0/24", "198.51.100.0/24");
private static final List<String> TEST_TOKEN_CIDR = List.of("192.0.2.0/24", "198.51.100.0/24");
AppRoleSecretTest() { AppRoleSecretTest() {
super(AppRoleSecret.class); super(AppRoleSecret.class);
@@ -61,6 +62,8 @@ class AppRoleSecretTest extends AbstractModelTest<AppRoleSecret> {
assertNull(secret.getMetadata()); assertNull(secret.getMetadata());
assertNull(secret.getCidrList()); assertNull(secret.getCidrList());
assertEquals("", secret.getCidrListString()); assertEquals("", secret.getCidrListString());
assertNull(secret.getTokenBoundCidrs());
assertEquals("", secret.getTokenBoundCidrsString());
assertNull(secret.getCreationTime()); assertNull(secret.getCreationTime());
assertNull(secret.getExpirationTime()); assertNull(secret.getExpirationTime());
assertNull(secret.getLastUpdatedTime()); assertNull(secret.getLastUpdatedTime());
@@ -74,6 +77,8 @@ class AppRoleSecretTest extends AbstractModelTest<AppRoleSecret> {
assertNull(secret.getMetadata()); assertNull(secret.getMetadata());
assertNull(secret.getCidrList()); assertNull(secret.getCidrList());
assertEquals("", secret.getCidrListString()); assertEquals("", secret.getCidrListString());
assertNull(secret.getTokenBoundCidrs());
assertEquals("", secret.getTokenBoundCidrsString());
assertNull(secret.getCreationTime()); assertNull(secret.getCreationTime());
assertNull(secret.getExpirationTime()); assertNull(secret.getExpirationTime());
assertNull(secret.getLastUpdatedTime()); assertNull(secret.getLastUpdatedTime());
@@ -87,6 +92,8 @@ class AppRoleSecretTest extends AbstractModelTest<AppRoleSecret> {
assertEquals(TEST_META, secret.getMetadata()); assertEquals(TEST_META, secret.getMetadata());
assertEquals(TEST_CIDR, secret.getCidrList()); assertEquals(TEST_CIDR, secret.getCidrList());
assertEquals(String.join(",", TEST_CIDR), secret.getCidrListString()); assertEquals(String.join(",", TEST_CIDR), secret.getCidrListString());
assertNull(secret.getTokenBoundCidrs());
assertEquals("", secret.getTokenBoundCidrsString());
assertNull(secret.getCreationTime()); assertNull(secret.getCreationTime());
assertNull(secret.getExpirationTime()); assertNull(secret.getExpirationTime());
assertNull(secret.getLastUpdatedTime()); assertNull(secret.getLastUpdatedTime());
@@ -108,6 +115,15 @@ class AppRoleSecretTest extends AbstractModelTest<AppRoleSecret> {
secret.setCidrList(null); secret.setCidrList(null);
assertNull(secret.getCidrList()); assertNull(secret.getCidrList());
assertEquals("", secret.getCidrListString()); assertEquals("", secret.getCidrListString());
assertNull(secret.getTokenBoundCidrs());
assertEquals("", secret.getTokenBoundCidrsString());
secret.setTokenBoundCidrs(TEST_TOKEN_CIDR);
assertEquals(TEST_TOKEN_CIDR, secret.getTokenBoundCidrs());
assertEquals(String.join(",", TEST_TOKEN_CIDR), secret.getTokenBoundCidrsString());
secret.setTokenBoundCidrs(null);
assertNull(secret.getTokenBoundCidrs());
assertEquals("", secret.getTokenBoundCidrsString());
} }
/** /**
@@ -159,7 +175,8 @@ class AppRoleSecretTest extends AbstractModelTest<AppRoleSecret> {
// Those fields should be deserialized from JSON though. // Those fields should be deserialized from JSON though.
String secretJson4 = "{\"secret_id\":\"abc123\",\"metadata\":{\"number\":1337,\"foo\":\"bar\"}," + String secretJson4 = "{\"secret_id\":\"abc123\",\"metadata\":{\"number\":1337,\"foo\":\"bar\"}," +
"\"cidr_list\":[\"203.0.113.0/24\",\"198.51.100.0/24\"],\"secret_id_accessor\":\"TEST_ACCESSOR\"," + "\"cidr_list\":[\"203.0.113.0/24\",\"198.51.100.0/24\"],\"cidr_list\":[\"192.0.2.0/24\",\"198.51.100.0/24\"]," +
"\"secret_id_accessor\":\"TEST_ACCESSOR\"," +
"\"creation_time\":\"TEST_CREATION\",\"expiration_time\":\"TEST_EXPIRATION\"," + "\"creation_time\":\"TEST_CREATION\",\"expiration_time\":\"TEST_EXPIRATION\"," +
"\"last_updated_time\":\"TEST_LASTUPDATE\",\"secret_id_num_uses\":678,\"secret_id_ttl\":12345}"; "\"last_updated_time\":\"TEST_LASTUPDATE\",\"secret_id_num_uses\":678,\"secret_id_ttl\":12345}";
secret2 = assertDoesNotThrow(() -> objectMapper.readValue(secretJson4, AppRoleSecret.class), "Deserialization failed"); secret2 = assertDoesNotThrow(() -> objectMapper.readValue(secretJson4, AppRoleSecret.class), "Deserialization failed");
@@ -181,6 +198,7 @@ class AppRoleSecretTest extends AbstractModelTest<AppRoleSecret> {
private static String commaSeparatedToList(String json) { private static String commaSeparatedToList(String json) {
return json.replaceAll("\"cidr_list\":\"([^\"]*)\"", "\"cidr_list\":[$1]") return json.replaceAll("\"cidr_list\":\"([^\"]*)\"", "\"cidr_list\":[$1]")
.replaceAll("\"token_bound_cidrs\":\"([^\"]*)\"", "\"token_bound_cidrs\":[$1]")
.replaceAll("(\\d+\\.\\d+\\.\\d+\\.\\d+/\\d+)", "\"$1\""); .replaceAll("(\\d+\\.\\d+\\.\\d+\\.\\d+/\\d+)", "\"$1\"");
} }
} }