LifecycleAwareSessionManager (Spring Vault 2.4.0-M1 API)

java.lang.Object
- org.springframework.vault.authentication.AuthenticationEventPublisher
- - org.springframework.vault.authentication.LifecycleAwareSessionManagerSupport
  - - org.springframework.vault.authentication.LifecycleAwareSessionManager

All Implemented Interfaces:

DisposableBean, SessionManager
```
public class LifecycleAwareSessionManager
extends LifecycleAwareSessionManagerSupport
implements SessionManager, DisposableBean
```
Lifecycle-aware Session Manager. This SessionManager obtains tokens from a ClientAuthentication upon request synchronizing multiple threads attempting to obtain a token concurrently.
Tokens are renewed asynchronously if a token has a lease duration. This happens 5 seconds before the token expires, see LifecycleAwareSessionManagerSupport.REFRESH_PERIOD_BEFORE_EXPIRY.
This SessionManager also implements DisposableBean to revoke the LoginToken once it's not required anymore. Token revocation will stop regular token refresh. Tokens are only revoked only if the associated ClientAuthentication returns a LoginToken.
If Token renewal runs into a client-side error, it assumes the token was revoked/expired. It discards the token state so the next attempt will lead to another login attempt.
By default, VaultToken are looked up in Vault to determine renewability and the remaining TTL, see LifecycleAwareSessionManagerSupport.setTokenSelfLookupEnabled(boolean).
The session manager dispatches authentication events to AuthenticationListener and AuthenticationErrorListener. Event notifications are dispatched either on the calling Thread or worker threads used for background renewal.
This class is thread-safe.

Author:

Mark Paluch, Steven Swor, Iouri Goussev

See Also:

LoginToken, SessionManager, TaskScheduler, AuthenticationEventPublisher

Nested Class Summary

Nested Classes
Modifier and Type	Class and Description
`protected static class`	`LifecycleAwareSessionManager.TokenWrapper` Wraps a `VaultToken` and specifies whether the token is revocable on factory shutdown.

Nested classes/interfaces inherited from class org.springframework.vault.authentication.LifecycleAwareSessionManagerSupport
LifecycleAwareSessionManagerSupport.FixedTimeoutRefreshTrigger, LifecycleAwareSessionManagerSupport.OneShotTrigger, LifecycleAwareSessionManagerSupport.RefreshTrigger

Field Summary
- Fields inherited from class org.springframework.vault.authentication.LifecycleAwareSessionManagerSupport
  logger, REFRESH_PERIOD_BEFORE_EXPIRY

Constructor Summary

Constructors
Constructor and Description
`LifecycleAwareSessionManager(ClientAuthentication clientAuthentication, TaskScheduler taskScheduler, RestOperations restOperations)` Create a `LifecycleAwareSessionManager` given `ClientAuthentication`, `TaskScheduler` and `RestOperations`.
`LifecycleAwareSessionManager(ClientAuthentication clientAuthentication, TaskScheduler taskScheduler, RestOperations restOperations, LifecycleAwareSessionManagerSupport.RefreshTrigger refreshTrigger)` Create a `LifecycleAwareSessionManager` given `ClientAuthentication`, `TaskScheduler` and `RestOperations`.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`destroy()`
`VaultToken`	`getSessionToken()` Obtain a session token.
`protected Optional<LifecycleAwareSessionManager.TokenWrapper>`	`getToken()` The token state: Contains the currently valid token that identifies the Vault session.
`protected boolean`	`isTokenRenewable()`
`protected VaultToken`	`login()`
`boolean`	`renewToken()` Performs a token refresh.
`protected void`	`revoke(VaultToken token)` Revoke a `VaultToken`.
`protected void`	`setToken(Optional<LifecycleAwareSessionManager.TokenWrapper> token)`

Methods inherited from class org.springframework.vault.authentication.LifecycleAwareSessionManagerSupport
getRefreshTrigger, getTaskScheduler, isExpired, isTokenSelfLookupEnabled, setLeaseStrategy, setTokenSelfLookupEnabled

Methods inherited from class org.springframework.vault.authentication.AuthenticationEventPublisher
addAuthenticationListener, addErrorListener, removeAuthenticationListener, removeErrorListener

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - LifecycleAwareSessionManager
```
public LifecycleAwareSessionManager(ClientAuthentication clientAuthentication,
                                    TaskScheduler taskScheduler,
                                    RestOperations restOperations)
```
    Create a LifecycleAwareSessionManager given ClientAuthentication, TaskScheduler and RestOperations.
    
    Parameters:
    
    clientAuthentication - must not be null.
    
    taskScheduler - must not be null.
    
    restOperations - must not be null.
    
    Since:
    
    1.0.1
  - LifecycleAwareSessionManager
```
public LifecycleAwareSessionManager(ClientAuthentication clientAuthentication,
                                    TaskScheduler taskScheduler,
                                    RestOperations restOperations,
                                    LifecycleAwareSessionManagerSupport.RefreshTrigger refreshTrigger)
```
    Create a LifecycleAwareSessionManager given ClientAuthentication, TaskScheduler and RestOperations.
    
    Parameters:
    
    clientAuthentication - must not be null.
    
    taskScheduler - must not be null.
    
    restOperations - must not be null.
    
    refreshTrigger - must not be null.
    
    Since:
    
    1.0.1
- Method Detail
  - getToken
```
protected Optional<LifecycleAwareSessionManager.TokenWrapper> getToken()
```
    The token state: Contains the currently valid token that identifies the Vault session.
  - setToken
```
protected void setToken(Optional<LifecycleAwareSessionManager.TokenWrapper> token)
```
  - destroy
```
public void destroy()
```
    Specified by:
    
    destroy in interface DisposableBean
  - revoke
```
protected void revoke(VaultToken token)
```
    Revoke a VaultToken.
    
    Parameters:
    
    token - the token to revoke, must not be null.
  - renewToken
```
public boolean renewToken()
```
    Performs a token refresh. Create a new token if no token was obtained before. If a token was obtained before, it uses self-renewal to renew the current token. Client-side errors (like permission denied) indicate the token cannot be renewed because it's expired or simply not found.
    
    Returns:
    
    true if the refresh was successful. false if a new token was obtained or refresh failed.
  - getSessionToken
```
public VaultToken getSessionToken()
```
    Description copied from interface: SessionManager
    
    Obtain a session token.
    
    Specified by:
    
    getSessionToken in interface SessionManager
    
    Returns:
    
    a session token.
  - login
```
protected VaultToken login()
```
  - isTokenRenewable
```
protected boolean isTokenRenewable()
```
    Returns:
    
    true if the token is renewable.

Class LifecycleAwareSessionManager

Nested Class Summary

Nested classes/interfaces inherited from class org.springframework.vault.authentication.LifecycleAwareSessionManagerSupport

Field Summary

Fields inherited from class org.springframework.vault.authentication.LifecycleAwareSessionManagerSupport

Constructor Summary

Method Summary

Methods inherited from class org.springframework.vault.authentication.LifecycleAwareSessionManagerSupport

Methods inherited from class org.springframework.vault.authentication.AuthenticationEventPublisher

Methods inherited from class java.lang.Object

Constructor Detail

LifecycleAwareSessionManager

LifecycleAwareSessionManager

Method Detail

getToken

setToken

destroy

revoke

renewToken

getSessionToken

login

isTokenRenewable