public class VaultTemplate extends Object implements InitializingBean, VaultOperations, DisposableBean
VaultTemplate
will log into
Vault on initialization and use the token throughout the whole lifetime.SessionManager
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
write
public VaultTemplate(VaultEndpoint vaultEndpoint)
VaultTemplate
with a VaultEndpoint
. This constructor
does not use a ClientAuthentication
mechanism. It is intended for usage
with Vault Agent to inherit Vault Agent's authentication without using the
authentication token header
.vaultEndpoint
- must not be null.public VaultTemplate(VaultEndpoint vaultEndpoint, ClientAuthentication clientAuthentication)
vaultEndpoint
- must not be null.clientAuthentication
- must not be null.public VaultTemplate(VaultEndpoint vaultEndpoint, ClientHttpRequestFactory clientHttpRequestFactory)
VaultTemplate
with a VaultEndpoint
, and
ClientHttpRequestFactory
. This constructor does not use a
ClientAuthentication
mechanism. It is intended for usage with Vault Agent
to inherit Vault Agent's authentication without using the
authentication token header
.vaultEndpoint
- must not be null.clientHttpRequestFactory
- must not be null.public VaultTemplate(VaultEndpoint vaultEndpoint, ClientHttpRequestFactory clientHttpRequestFactory, SessionManager sessionManager)
vaultEndpoint
- must not be null.clientHttpRequestFactory
- must not be null.sessionManager
- must not be null.public VaultTemplate(VaultEndpointProvider endpointProvider, ClientHttpRequestFactory requestFactory)
VaultTemplate
with a VaultEndpointProvider
,
ClientHttpRequestFactory
and SessionManager
. This constructor does
not use a ClientAuthentication
mechanism. It is intended for usage with
Vault Agent to inherit Vault Agent's authentication without using the
authentication token header
.endpointProvider
- must not be null.requestFactory
- must not be null.public VaultTemplate(VaultEndpointProvider endpointProvider, ClientHttpRequestFactory requestFactory, SessionManager sessionManager)
VaultTemplate
with a VaultEndpointProvider
,
ClientHttpRequestFactory
and SessionManager
.endpointProvider
- must not be null.requestFactory
- must not be null.sessionManager
- must not be null.public VaultTemplate(RestTemplateBuilder restTemplateBuilder)
VaultTemplate
through a RestTemplateBuilder
and
SessionManager
. This constructor does not use a
ClientAuthentication
mechanism. It is intended for usage with Vault Agent
to inherit Vault Agent's authentication without using the
authentication token header
.restTemplateBuilder
- must not be null.public VaultTemplate(RestTemplateBuilder restTemplateBuilder, SessionManager sessionManager)
restTemplateBuilder
- must not be null.sessionManager
- must not be null.protected RestTemplate doCreateRestTemplate(VaultEndpointProvider endpointProvider, ClientHttpRequestFactory requestFactory)
RestTemplate
to be used by VaultTemplate
for Vault
communication given VaultEndpointProvider
and
ClientHttpRequestFactory
. VaultEndpointProvider
is used to
contribute host and port details for relative URLs typically used by the Template
API. Subclasses may override this method to customize the RestTemplate
.endpointProvider
- must not be null.requestFactory
- must not be null.RestTemplate
used for Vault communication.protected RestTemplate doCreateSessionTemplate(VaultEndpointProvider endpointProvider, ClientHttpRequestFactory requestFactory)
RestTemplate
to be used by VaultTemplate
for
Vault communication given VaultEndpointProvider
and
ClientHttpRequestFactory
for calls that require an authenticated context.
VaultEndpointProvider
is used to contribute host and port details for
relative URLs typically used by the Template API. Subclasses may override this
method to customize the RestTemplate
.endpointProvider
- must not be null.requestFactory
- must not be null.RestTemplate
used for Vault communication.public void setSessionManager(SessionManager sessionManager)
SessionManager
.sessionManager
- must not be null.public void afterPropertiesSet()
afterPropertiesSet
in interface InitializingBean
public void destroy() throws Exception
destroy
in interface DisposableBean
Exception
public VaultKeyValueOperations opsForKeyValue(String path, VaultKeyValueOperationsSupport.KeyValueBackend apiVersion)
VaultOperations
VaultKeyValueOperations
.opsForKeyValue
in interface VaultOperations
path
- the mount path, must not be empty or null.apiVersion
- API version to use, must not be null.public VaultVersionedKeyValueOperations opsForVersionedKeyValue(String path)
VaultOperations
VaultVersionedKeyValueOperations
.opsForVersionedKeyValue
in interface VaultOperations
path
- the mount pathpublic VaultPkiOperations opsForPki()
opsForPki
in interface VaultOperations
public VaultPkiOperations opsForPki(String path)
VaultOperations
VaultPkiOperations
if the PKI backend is mounted on a different path
than pki
.opsForPki
in interface VaultOperations
path
- the mount pathpublic VaultSysOperations opsForSys()
opsForSys
in interface VaultOperations
public VaultTokenOperations opsForToken()
opsForToken
in interface VaultOperations
public VaultTransformOperations opsForTransform()
opsForTransform
in interface VaultOperations
public VaultTransformOperations opsForTransform(String path)
VaultOperations
VaultTransformOperations
if the transit backend is mounted on a
different path than transform
.opsForTransform
in interface VaultOperations
path
- the mount pathpublic VaultTransitOperations opsForTransit()
opsForTransit
in interface VaultOperations
public VaultTransitOperations opsForTransit(String path)
VaultOperations
VaultTransitOperations
if the transit backend is mounted on a
different path than transit
.opsForTransit
in interface VaultOperations
path
- the mount pathpublic VaultWrappingOperations opsForWrapping()
opsForWrapping
in interface VaultOperations
public VaultResponse read(String path)
VaultOperations
read
in interface VaultOperations
path
- must not be null.@Nullable public <T> VaultResponseSupport<T> read(String path, Class<T> responseType)
VaultOperations
read
in interface VaultOperations
path
- must not be null.responseType
- must not be null.@Nullable public List<String> list(String path)
VaultOperations
list
in interface VaultOperations
path
- must not be null.@Nullable public VaultResponse write(String path, @Nullable Object body)
VaultOperations
write
in interface VaultOperations
path
- must not be null.body
- the body, may be null if absent.public void delete(String path)
VaultOperations
delete
in interface VaultOperations
path
- must not be null.public <T> T doWithVault(RestOperationsCallback<T> clientCallback)
VaultOperations
RestOperationsCallback
. Allows to interact with Vault
using RestOperations
without requiring a
session.doWithVault
in interface VaultOperations
clientCallback
- the request.RestOperationsCallback
return value.public <T> T doWithSession(RestOperationsCallback<T> sessionCallback)
VaultOperations
RestOperationsCallback
. Allows to interact with Vault in
an authenticated session.doWithSession
in interface VaultOperations
sessionCallback
- the request.RestOperationsCallback
return value.Copyright © 2016–2022 Pivotal Software, Inc.. All rights reserved.