All Classes and Interfaces

Class
Description
Base class for Spring Vault configuration using JavaConfig for a reactive infrastructure.
Supporting class for computation results allowing introspection of the result value.
Base class for Spring Vault configuration using JavaConfig.
Wrapper for ClientHttpRequestFactory to not expose the bean globally.
Wrapper to keep ThreadPoolTaskScheduler local to Spring Vault and to not expose the bean globally.
Base class for VaultConverter implementations.
Event published after logging into Vault.
Event published after renewing a login token.
Event published after revoking a login token.
Event published after renewing a Lease for a RequestedSecret.
Event published after revoking a Lease for a RequestedSecret.
Deprecated, for removal: This API element is subject to removal in a future version.
since 2.2.
Deprecated, for removal: This API element is subject to removal in a future version.
since 2.2.
Deprecated, for removal: This API element is subject to removal in a future version.
since 2.2.
AppRole implementation of ClientAuthentication.
Authentication options for AppRoleAuthentication.
RoleId type encapsulating how the roleId is actually obtained.
SecretId type encapsulating how the secretId is actually obtained.
Generic event class for authentication error events.
Listener for Vault exceptional AuthenticationEvents.
Abstract base class for authentication events.
Publisher for AuthenticationEvents.
Listener for Vault AuthenticationEvents.
Authentication DSL allowing flow composition to create a VaultToken.
Value object representing a HTTP request.
Intermediate authentication step with authentication flow operators represented as node.
A tuple of two things.
Synchronous executor for AuthenticationSteps using RestOperations to login using authentication flows.
Factory interface for components that create AuthenticationSteps.
VaultTokenSupplier using AuthenticationSteps to create an authentication flow emitting VaultToken.
AWS-EC2 login implementation.
Authentication options for AwsEc2Authentication.
Value object for an authentication nonce.
AWS IAM authentication using signed HTTP requests to query the current identity.
Authentication options for AwsIamAuthentication.
Azure MSI (Managed Service Identity) authentication using Azure as trusted third party.
Authentication options for AzureMsiAuthentication.
Value object representing a VM environment consisting of the subscription Id, the resource group name and the VM name.
VaultPersistentEntity implementation.
Event published before renewing a login token.
Event published before revoking a login token.
Event published before revoking a Lease for a RequestedSecret.
Default implementation of VaultTokenSupplier caching the VaultToken from a delegate VaultTokenSupplier.
Value object representing a certificate consisting of the certificate and the issuer certificate.
Value object representing a certificate bundle consisting of a private key, the certificate and the issuer certificate.
Value object representing cipher text with an optional VaultTransitContext.
ClientAuthentication provides VaultToken to be used for authenticated Vault access.
TLS Client Certificate ClientAuthentication.
Authentication options for ClientCertificateAuthentication.
Utility methods to create ClientHttpRequestFactory using Apache Http Components.
ClientHttpRequestFactory using the JDK's HttpClient.
Utility methods to create ClientHttpRequestFactory using the Jetty Client.
ClientHttpConnector for Reactor Netty.
Factory for ClientHttpRequestFactory that supports Apache HTTP Components, OkHttp, Netty and the JDK HTTP client (in that order).
Utilities to create a ClientHttpRequestFactory for Apache Http Components.
Utilities to create a ClientHttpRequestFactory for the OkHttpClient.
Client options for Vault.
Interface to obtain an arbitrary credential that is uses in ClientAuthentication or AuthenticationSteps methods.
Cubbyhole ClientAuthentication implementation.
Authentication options for CubbyholeAuthentication.
Default implementation of VaultTypeMapper allowing configuration of the key to lookup and store type information in SecretDocument.
Utility to parse a Go format duration into Duration.
Annotation to activate Vault repositories.
Configuration using Spring's Environment to configure Spring Vault endpoint, SSL options and authentication options.
GCP GCE (Google Compute Engine)-based login implementation using GCE's metadata service to create signed JSON Web Token.
Authentication options for GcpComputeAuthentication.
Interface to obtain a GoogleCredential for GCP IAM authentication.
Deprecated, for removal: This API element is subject to removal in a future version.
since 2.3.2, use GcpIamCredentialsAuthentication instead.
Deprecated, for removal: This API element is subject to removal in a future version.
since 2.3.2
Support class for Google Cloud IAM-based Authentication options.
Google Cloud IAM credentials login implementation using GCP IAM service accounts to legitimate its authenticity via JSON Web Token using the IAM Credentials projects.serviceAccounts.signJwt method.
Authentication options for GcpIamCredentialsAuthentication.
Base class for GCP JWT-based authentication.
Interface to obtain a GCP project id for GCP IAM authentication.
Interface to obtain a service account id for GCP IAM authentication.
Interface to obtain a service account id for GCP IAM credentials authentication.
Interface to obtain a ServiceAccountCredentials for GCP IAM credentials authentication.
Value object representing Hmac digest.
Mechanism to generate a SHA-256 hashed and hex-encoded representation of the IP address.
Flattens a hierarchical Map of objects into a property Map.
Key-Value utility to retrieve secrets from a versioned key-value backend.
 
Kubernetes implementation of ClientAuthentication.
Authentication options for KubernetesAuthentication.
Interface to obtain a Kubernetes Service Account Token for Kubernetes authentication.
Mechanism to retrieve a Kubernetes service account token.
A lease abstracting the lease Id, duration and its renewability.
PropertySource that requests renewable secrets from SecretLeaseContainer.
Version-specific endpoint implementations that use either legacy or sys/leases endpoints.
Listener for Vault exceptional SecretLeaseEvents.
Listener for Vault SecretLeaseEvents.
Empty listener adapter implementing LeaseListener and LeaseErrorListener.
Strategy interface to control whether to retain or drop a Lease after a failure.
Lifecycle-aware Session Manager.
Wraps a VaultToken and specifies whether the token is revocable on factory shutdown.
Support class to build Lifecycle-aware Session Manager implementations, defining common properties such as the TaskScheduler and LifecycleAwareSessionManagerSupport.RefreshTrigger.
LifecycleAwareSessionManagerSupport.RefreshTrigger implementation using a fixed timeout to schedule renewal before a LoginToken expires.
This one-shot trigger creates only one execution time to trigger an execution only once.
Common interface for trigger objects that determine the next execution time of a refresh task.
Event published before renewing a login token.
Value object for a Vault token obtained by a login method.
Builder for LoginToken.
Adapts tokens created by a ClientAuthentication to a LoginToken.
Event published when dropping an expired login token.
Generic event class for authentication error events.
Generic event class for authentication error events.
Mechanism to generate a UserId based on the Mac address.
VaultConverter that uses a MappingContext to do sophisticated mapping of domain objects to SecretDocument.
VaultEntityInformation implementation using a VaultPersistentEntity instance to lookup the necessary information.
PCF implementation of ClientAuthentication.
Authentication options for PcfAuthentication.
Represents a PEM object that is internally decoded to a DER object.
Value object representing plain text with an optional VaultTransitContext.
Converts Plaintext to Base64 encoded string for use with ObjectMapper
Value object representing a Vault policy associated with Policy.Rules.
Built-in Vault capabilities.
Capability interface representing capability literals.
Value object representing a rule for a certain path.
Builder for a Policy.Rule.
Strategy interface to transform properties to a new key-value Map in a functional style.
Implementations of PropertyTransformer that provide various useful property transformation operations, prefixing, etc.
PropertyTransformer that adds a prefix to each key name.
PropertyTransformer that passes the given properties through without returning changed properties.
A exported raw key inside Vault's transit backend.
Reactive implementation of Lifecycle-aware session manager.
Wraps a VaultToken and specifies whether the token is revocable on factory shutdown.
Strategy interface that encapsulates the creation and management of Vault sessions based on VaultToken used by reactive components.
Vault Client factory to create WebClient configured to the needs of accessing Vault.
Component that provides reactively a VaultEndpoint.
Interface that specifies a basic set of Vault operations executed on a reactive infrastructure, implemented by ReactiveVaultTemplate.
Interface that specifies a basic set of administrative Vault operations using reactive infrastructure.
Default implementation of ReactiveVaultSysOperations.
This class encapsulates main Vault interaction.
* Interface that specifies operations using the transit backend.
Default implementation of ReactiveVaultTransitOperations.
Represents a requested secret from a specific Vault path associated with a lease RequestedSecret.Mode.
 
Mechanism to retrieve a credential from a Resource.
A callback for executing arbitrary operations on RestOperations.
Builder that can be used to configure and create a RestTemplate.
Callback interface that can be used to customize a RestTemplate.
Factory interface that produces a RestTemplate object.
Callback interface that can be used to customize the ClientHttpRequest sent from a RestTemplate.
Secret marks objects as aggregate roots to be stored in Vault.
Vault database exchange object containing data before/after it's exchanged with Vault.
Event-based container to request secrets from Vault and renew the associated Lease.
Event published after obtaining secrets potentially associated with a Lease.
Event published when caught an Exception during secret retrieval and lease interaction.
Abstract base class for Lease based events associated with RequestedSecret.
Publisher for SecretLeaseEvents.
Simple LeaseErrorListener implementation to log errors.
Event published after an expired Lease for a RequestedSecret was observed.
Event published after rotating secrets.
Event published after secrets could not be found for a RequestedSecret.
An exception which is used in case that no secret is found from Vault server.
Strategy interface that encapsulates the creation and management of Vault sessions based on VaultToken.
Value object representing a Signature.
Value object representing the result of a Signature validation.
Default implementation of SessionManager.
SSL configuration.
Configuration for a key in a keystore.
Configuration for a key store/trust store.
A static UserId.
Static Token-based ClientAuthentication method.
Value object representing cipher text with an optional VaultTransformContext.
Value object representing plain text with an optional VaultTransformContext.
Enumeration to specify the type of the transit key.
Version-specific endpoint implementations for response unwrapping.
Username and password implementation of ClientAuthentication.
Authentication options for UsernamePasswordAuthentication.
Vault-based BytesEncryptor using Vault's transit backend.
Random byte generator using Vault's transit backend to generate high-quality random bytes of the configured length.
Request for a Certificate.
 
Value object to bind Vault HTTP PKI issue certificate API responses.
Vault Client factory to create RestTemplate configured to the needs of accessing Vault.
 
Central Vault-specific converter interface.
Value object to capture custom conversion.
Holds the response from decryption operation and provides methods to access the result.
Holds the response from encryption operation and provides methods to access the result.
Value object that defines Vault connection coordinates.
Component that provides a VaultEndpoint.
Vault-specific EntityInformation.
The Spring Vault specific NestedRuntimeException implementation.
Vault health state.
Request for a HMAC Digest.
Builder to build a VaultHmacRequest.
Class providing utility methods to create Vault HTTP headers.
Value object to bind Vault HTTP Initialization API requests.
Vault initialization response.
Vault-specific KeyValueAdapter.
Interface that specifies kv metadata related operations.
Interface that specifies a basic set of Vault operations using Vault's Key/Value secret backend.
Interface that specifies a basic set of Vault operations using Vault's Key/Value secret backend.
Enumeration of supported Key/Value backend API versions.
Vault-specific KeyValueTemplate.
Exception thrown if Vault login fails.
Mapping context for Vault-specific entities.
Value object to bind Vault HTTP kv metadata update API requests.
 
Value object to bind Vault HTTP kv read metadata API responses.
 
Value object to bind Vault HTTP Mount API requests/responses.
Builder to build a VaultMount.
Interface that specifies a basic set of Vault operations, implemented by VaultTemplate.
Vault-specific KeyValuePartTreeQuery.
Vault specific PersistentEntity.
Interface that specifies PKI backend-related operations.
 
Default implementation of VaultPkiOperations.
Annotation providing a convenient and declarative mechanism for adding a VaultPropertySource to Spring's Environment.
PropertySource that reads keys and values from a VaultTemplate and path.
 
Exception throws when a VaultPropertySource could not load its properties.
Container annotation that aggregates several VaultPropertySource annotations.
Vault query consisting of a single Predicate.
Query creator for Vault queries.
RepositoryFactorySupport specific of handing Vault KeyValueRepository.
Adapter for Springs FactoryBean interface to allow easy setup of VaultRepositoryFactory via Spring configuration.
Value object to bind generic Vault HTTP API responses.
Utility methods to unwrap Vault responses and build VaultException.
Value object to bind generic Vault HTTP API responses.
 
Vault-based RevisionRepository providing revision metadata for versioned secrets.
Abstract superclass for all exceptions thrown in the session manager implementations
Request for a signature verification.
Value object to bind Vault HTTP PKI issue certificate API responses.
Request for a signature creation request.
Builder to build a VaultSignRequest.
Simple constant holder for a SimpleTypeHolder enriched with Vault-specific simple (JSON) types.
Interface that specifies a basic set of administrative Vault operations.
Default implementation of VaultSysOperations.
This class encapsulates main Vault interaction.
Value object for a Vault token.
Exception thrown if a token self-lookup fails via auth/token/lookup-self.
Interface that specifies token-related operations.
Exception thrown when a Vault token renewal fails.
Value object to bind Vault HTTP Token API requests.
Builder to build a VaultTokenRequest.
Value object to bind Vault HTTP Token API responses.
VaultTokenSupplier provides a VaultToken to be used for authenticated Vault access.
Default implementation of VaultTokenOperations.
Transform backend encode/decode context object.
Holds the response from decryption operation and provides methods to access the result.
Holds the response from encryption operation and provides methods to access the result.
Interface that specifies operations using the transform backend.
Default implementation of VaultTransformOperations.
Transit backend encryption/decryption/rewrapping context.
Builder for VaultTransitContext.
A key inside Vault's transit backend.
Value object to bind Vault HTTP Transit Key Config API requests.
Transit backend key creation request options.
Interface that specifies operations using the transit backend.
Default implementation of VaultTransitOperations.
Vault-specific TypeMapper exposing that SecretDocuments might contain a type key.
Vault unseal status.
Interface that specifies a basic set of Vault operations using Vault's versioned Key/Value (kv version 2) secret backend.
Default implementation of VaultVersionedKeyValueOperations.
Interface that specifies wrapping-related operations.
 
Value object representing versioned secrets along Versioned.Version metadata.
Value object representing version metadata such as creation/deletion time.
Builder for Versioned.Metadata objects.
Value object representing a Vault version.
Builder that can be used to configure and create a WebClient.
Callback interface that can be used to customize a WebClient.Builder.
Factory interface that produces a WebClient object.
Value object representing wrapped secret metadata.