Class GcpIamAuthentication
java.lang.Object
org.springframework.vault.authentication.GcpJwtAuthenticationSupport
org.springframework.vault.authentication.GcpIamAuthentication
- All Implemented Interfaces:
ClientAuthentication
@Deprecated(since="2.3.2",
forRemoval=true)
public class GcpIamAuthentication
extends GcpJwtAuthenticationSupport
implements ClientAuthentication
Deprecated, for removal: This API element is subject to removal in a future version.
GCP IAM login implementation using GCP IAM service accounts to legitimate its
authenticity via JSON Web Token using the deprecated IAM
projects.serviceAccounts.signJwt method.
This authentication method uses Googles IAM API to obtain a signed token for a specific
Credential. Project and service account
details are obtained from a GoogleCredential that can be retrieved either from
a JSON file or the runtime environment (GAE, GCE).
GcpIamAuthentication uses Google Java API that uses synchronous API.- Since:
- 2.1
- Author:
- Mark Paluch, Magnus Jungsbluth, Bruno Rodrigues
- See Also:
-
GcpIamAuthenticationOptionsHttpTransportGoogleCredentialGoogleCredentials.getApplicationDefault()RestOperations- Auth Backend: gcp (IAM)
- GCP: projects.serviceAccounts.signJwt
-
Constructor Summary
ConstructorsConstructorDescriptionGcpIamAuthentication(GcpIamAuthenticationOptions options, RestOperations restOperations) Deprecated, for removal: This API element is subject to removal in a future version.GcpIamAuthentication(GcpIamAuthenticationOptions options, RestOperations restOperations, com.google.api.client.http.HttpTransport httpTransport) Deprecated, for removal: This API element is subject to removal in a future version.Create a new instance ofGcpIamAuthenticationgivenGcpIamAuthenticationOptions,RestOperationsandHttpTransport. -
Method Summary
Modifier and TypeMethodDescriptionlogin()Deprecated, for removal: This API element is subject to removal in a future version.Return aVaultToken.protected StringsignJwt()Deprecated, for removal: This API element is subject to removal in a future version.
-
Constructor Details
-
GcpIamAuthentication
Deprecated, for removal: This API element is subject to removal in a future version.Create a new instance ofGcpIamAuthenticationgivenGcpIamAuthenticationOptionsandRestOperations. This constructor initializesNetHttpTransportfor Google API usage.- Parameters:
options- must not be null.restOperations- HTTP client for Vault login, must not be null.
-
GcpIamAuthentication
public GcpIamAuthentication(GcpIamAuthenticationOptions options, RestOperations restOperations, com.google.api.client.http.HttpTransport httpTransport) Deprecated, for removal: This API element is subject to removal in a future version.Create a new instance ofGcpIamAuthenticationgivenGcpIamAuthenticationOptions,RestOperationsandHttpTransport.- Parameters:
options- must not be null.restOperations- HTTP client for Vault login, must not be null.httpTransport- HTTP client for Google API use, must not be null.
-
-
Method Details
-
login
Deprecated, for removal: This API element is subject to removal in a future version.Description copied from interface:ClientAuthenticationReturn aVaultToken. This method can optionally log into Vault to obtain atoken.- Specified by:
loginin interfaceClientAuthentication- Returns:
- a
VaultToken. - Throws:
VaultException
-
signJwt
Deprecated, for removal: This API element is subject to removal in a future version.
-
GcpIamCredentialsAuthenticationinstead.