Package org.springframework.vault.core
Class ReactiveVaultTemplate
java.lang.Object
org.springframework.vault.core.ReactiveVaultTemplate
- All Implemented Interfaces:
ReactiveVaultOperations
This class encapsulates main Vault interaction.
ReactiveVaultTemplate will log
into Vault on initialization and use the token throughout the whole lifetime.- Since:
- 2.0
- Author:
- Mark Paluch, Raoof Mohammed, James Luke, Timothy R. Weiand
- See Also:
-
Constructor Summary
ConstructorsConstructorDescriptionReactiveVaultTemplate(VaultEndpointProvider endpointProvider, ClientHttpConnector connector) ReactiveVaultTemplate(VaultEndpointProvider endpointProvider, ClientHttpConnector connector, VaultTokenSupplier vaultTokenSupplier) Create a newReactiveVaultTemplatewith aVaultEndpointProvider,ClientHttpConnectorandVaultTokenSupplier.ReactiveVaultTemplate(VaultEndpoint vaultEndpoint, ClientHttpConnector connector) ReactiveVaultTemplate(VaultEndpoint vaultEndpoint, ClientHttpConnector connector, VaultTokenSupplier vaultTokenSupplier) Create a newReactiveVaultTemplatewith aVaultEndpoint,ClientHttpConnectorandVaultTokenSupplier.ReactiveVaultTemplate(WebClientBuilder webClientBuilder) Create a newReactiveVaultTemplatethrough aWebClientBuilder.ReactiveVaultTemplate(WebClientBuilder webClientBuilder, VaultTokenSupplier vaultTokenSupplier) -
Method Summary
Modifier and TypeMethodDescriptionDelete a path.protected WebClientdoCreateSessionWebClient(VaultEndpointProvider endpointProvider, ClientHttpConnector connector) Create a session-boundWebClientto be used byVaultTemplatefor Vault communication givenVaultEndpointProviderandClientHttpConnectorfor calls that require an authenticated context.protected WebClientdoCreateWebClient(VaultEndpointProvider endpointProvider, ClientHttpConnector connector) Create aWebClientto be used byReactiveVaultTemplatefor Vault communication givenVaultEndpointProviderandClientHttpConnector.<V,T extends org.reactivestreams.Publisher<V>>
TdoWithSession(Function<WebClient, ? extends T> sessionCallback) Executes a VaultRestOperationsCallback.<V,T extends org.reactivestreams.Publisher<V>>
TdoWithVault(Function<WebClient, ? extends T> clientCallback) Executes a VaultRestOperationsCallback.Enumerate keys from a Vault path.opsForKeyValue(String path, VaultKeyValueOperationsSupport.KeyValueBackend apiVersion) opsForTransit(String path) ReturnReactiveVaultTransitOperationsif the transit backend is mounted on a different path thantransit.Read from a Vault path.<T> Mono<VaultResponseSupport<T>>Read from a Vault path.Write to a Vault path.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.springframework.vault.core.ReactiveVaultOperations
write
-
Constructor Details
-
ReactiveVaultTemplate
Create a newReactiveVaultTemplatewith aVaultEndpoint,ClientHttpConnector. This constructor does not use aVaultTokenSupplier. It is intended for usage with Vault Agent to inherit Vault Agent's authentication without using theauthentication token header.- Parameters:
vaultEndpoint- must not be null.connector- must not be null.- Since:
- 2.2.1
-
ReactiveVaultTemplate
public ReactiveVaultTemplate(VaultEndpoint vaultEndpoint, ClientHttpConnector connector, VaultTokenSupplier vaultTokenSupplier) Create a newReactiveVaultTemplatewith aVaultEndpoint,ClientHttpConnectorandVaultTokenSupplier.- Parameters:
vaultEndpoint- must not be null.connector- must not be null.vaultTokenSupplier- must not be null.
-
ReactiveVaultTemplate
Create a newReactiveVaultTemplatewith aVaultEndpointProviderandClientHttpConnector. This constructor does not use aVaultTokenSupplier. It is intended for usage with Vault Agent to inherit Vault Agent's authentication without using theauthentication token header.- Parameters:
endpointProvider- must not be null.connector- must not be null.- Since:
- 2.2.1
-
ReactiveVaultTemplate
public ReactiveVaultTemplate(VaultEndpointProvider endpointProvider, ClientHttpConnector connector, VaultTokenSupplier vaultTokenSupplier) Create a newReactiveVaultTemplatewith aVaultEndpointProvider,ClientHttpConnectorandVaultTokenSupplier.- Parameters:
endpointProvider- must not be null.connector- must not be null.vaultTokenSupplier- must not be null.
-
ReactiveVaultTemplate
Create a newReactiveVaultTemplatethrough aWebClientBuilder. This constructor does not use aVaultTokenSupplier. It is intended for usage with Vault Agent to inherit Vault Agent's authentication without using theauthentication token header.- Parameters:
webClientBuilder- must not be null.- Since:
- 2.2.1
-
ReactiveVaultTemplate
public ReactiveVaultTemplate(WebClientBuilder webClientBuilder, VaultTokenSupplier vaultTokenSupplier) - Parameters:
webClientBuilder- must not be null.vaultTokenSupplier- must not be null- Since:
- 2.2
-
-
Method Details
-
doCreateWebClient
protected WebClient doCreateWebClient(VaultEndpointProvider endpointProvider, ClientHttpConnector connector) Create aWebClientto be used byReactiveVaultTemplatefor Vault communication givenVaultEndpointProviderandClientHttpConnector.VaultEndpointProvideris used to contribute host and port details for relative URLs typically used by the Template API. Subclasses may override this method to customize theWebClient.- Parameters:
endpointProvider- must not be null.connector- must not be null.- Returns:
- the
WebClientused for Vault communication. - Since:
- 2.1
-
doCreateSessionWebClient
protected WebClient doCreateSessionWebClient(VaultEndpointProvider endpointProvider, ClientHttpConnector connector) Create a session-boundWebClientto be used byVaultTemplatefor Vault communication givenVaultEndpointProviderandClientHttpConnectorfor calls that require an authenticated context.VaultEndpointProvideris used to contribute host and port details for relative URLs typically used by the Template API. Subclasses may override this method to customize theWebClient.- Parameters:
endpointProvider- must not be null.connector- must not be null.- Returns:
- the
WebClientused for Vault communication. - Since:
- 2.1
-
opsForSys
- Specified by:
opsForSysin interfaceReactiveVaultOperations- Returns:
- the operations interface administrative Vault access.
-
opsForTransit
- Specified by:
opsForTransitin interfaceReactiveVaultOperations- Returns:
- the operations interface to interact with the Vault transit backend.
-
opsForTransit
Description copied from interface:ReactiveVaultOperationsReturnReactiveVaultTransitOperationsif the transit backend is mounted on a different path thantransit.- Specified by:
opsForTransitin interfaceReactiveVaultOperations- Parameters:
path- the mount path- Returns:
- the operations interface to interact with the Vault transit backend.
-
opsForKeyValue
public ReactiveVaultKeyValueOperations opsForKeyValue(String path, VaultKeyValueOperationsSupport.KeyValueBackend apiVersion) - Specified by:
opsForKeyValuein interfaceReactiveVaultOperations
-
opsForVersionedKeyValue
Description copied from interface:ReactiveVaultOperations- Specified by:
opsForVersionedKeyValuein interfaceReactiveVaultOperations- Parameters:
path- the mount path- Returns:
- the operations interface to interact with the versioned Vault Key/Value (version 2) backend.
-
read
Description copied from interface:ReactiveVaultOperationsRead from a Vault path. Reading data using this method is suitable for API calls/secret backends that do not require a request body.- Specified by:
readin interfaceReactiveVaultOperations- Parameters:
path- must not be null.- Returns:
- the data. May be empty if the path does not exist.
-
read
Description copied from interface:ReactiveVaultOperationsRead from a Vault path. Reading data using this method is suitable for API calls/secret backends that do not require a request body.- Specified by:
readin interfaceReactiveVaultOperations- Parameters:
path- must not be null.responseType- must not be null.- Returns:
- the data. May be empty if the path does not exist.
-
list
Description copied from interface:ReactiveVaultOperationsEnumerate keys from a Vault path.- Specified by:
listin interfaceReactiveVaultOperations- Parameters:
path- must not be null.- Returns:
- the data. May be empty if the path does not exist.
-
write
Description copied from interface:ReactiveVaultOperationsWrite to a Vault path.- Specified by:
writein interfaceReactiveVaultOperations- Parameters:
path- must not be null.body- the body, may be null if absent.- Returns:
- the response. May be empty if the response has no body.
-
delete
Description copied from interface:ReactiveVaultOperationsDelete a path.- Specified by:
deletein interfaceReactiveVaultOperations- Parameters:
path- must not be null.
-
doWithVault
public <V,T extends org.reactivestreams.Publisher<V>> T doWithVault(Function<WebClient, ? extends T> clientCallback) throws VaultException, WebClientExceptionDescription copied from interface:ReactiveVaultOperationsExecutes a VaultRestOperationsCallback. Allows to interact with Vault usingRestOperationswithout requiring a session.- Specified by:
doWithVaultin interfaceReactiveVaultOperations- Parameters:
clientCallback- the request.- Returns:
- the
RestOperationsCallbackreturn value. - Throws:
VaultException- when aHttpStatusCodeExceptionoccurs.WebClientException- exceptions fromWebClient.
-
doWithSession
public <V,T extends org.reactivestreams.Publisher<V>> T doWithSession(Function<WebClient, ? extends T> sessionCallback) throws VaultException, WebClientExceptionDescription copied from interface:ReactiveVaultOperationsExecutes a VaultRestOperationsCallback. Allows to interact with Vault in an authenticated session.- Specified by:
doWithSessionin interfaceReactiveVaultOperations- Parameters:
sessionCallback- the request.- Returns:
- the
RestOperationsCallbackreturn value. - Throws:
VaultException- when aHttpStatusCodeExceptionoccurs.WebClientException- exceptions fromWebClient.
-