Class GcpIamAuthentication
java.lang.Object
org.springframework.vault.authentication.GcpJwtAuthenticationSupport
org.springframework.vault.authentication.GcpIamAuthentication
- All Implemented Interfaces:
ClientAuthentication
@Deprecated(since="2.3.2",
forRemoval=true)
public class GcpIamAuthentication
extends GcpJwtAuthenticationSupport
implements ClientAuthentication
Deprecated, for removal: This API element is subject to removal in a future version.
GCP IAM login implementation using GCP IAM service accounts to legitimate its
authenticity via JSON Web Token using the deprecated IAM
projects.serviceAccounts.signJwt method.
This authentication method uses Googles IAM API to obtain a signed token
for a specific GoogleCredential. Project
and service account details are obtained from a GoogleCredential that
can be retrieved either from a JSON file or the runtime environment (GAE,
GCE).
GcpIamAuthentication uses Google Java API that uses synchronous
API.
- Since:
- 2.1
- Author:
- Mark Paluch, Magnus Jungsbluth, Bruno Rodrigues
- See Also:
-
GcpIamAuthenticationOptionsHttpTransportGoogleCredentialGoogleCredentials.getApplicationDefault()RestOperations- Auth Backend: gcp (IAM)
- GCP: projects.serviceAccounts.signJwt
-
Constructor Summary
ConstructorsConstructorDescriptionGcpIamAuthentication(GcpIamAuthenticationOptions options, RestOperations restOperations) Deprecated, for removal: This API element is subject to removal in a future version.GcpIamAuthentication(GcpIamAuthenticationOptions options, RestOperations restOperations, com.google.api.client.http.HttpTransport httpTransport) Deprecated, for removal: This API element is subject to removal in a future version.Create a new instance ofGcpIamAuthenticationgivenGcpIamAuthenticationOptions,RestOperationsandHttpTransport. -
Method Summary
Modifier and TypeMethodDescriptionlogin()Deprecated, for removal: This API element is subject to removal in a future version.Obtain aVaultTokenfor authenticated Vault access.protected StringsignJwt()Deprecated, for removal: This API element is subject to removal in a future version.
-
Constructor Details
-
GcpIamAuthentication
Deprecated, for removal: This API element is subject to removal in a future version.Create a new instance ofGcpIamAuthenticationgivenGcpIamAuthenticationOptionsandRestOperations. This constructor initializesNetHttpTransportfor Google API usage.- Parameters:
options- must not be null.restOperations- HTTP client for Vault login, must not be null.
-
GcpIamAuthentication
public GcpIamAuthentication(GcpIamAuthenticationOptions options, RestOperations restOperations, com.google.api.client.http.HttpTransport httpTransport) Deprecated, for removal: This API element is subject to removal in a future version.Create a new instance ofGcpIamAuthenticationgivenGcpIamAuthenticationOptions,RestOperationsandHttpTransport.- Parameters:
options- must not be null.restOperations- HTTP client for Vault login, must not be null.httpTransport- HTTP client for Google API use, must not be null.
-
-
Method Details
-
login
Deprecated, for removal: This API element is subject to removal in a future version.Description copied from interface:ClientAuthenticationObtain aVaultTokenfor authenticated Vault access.This method may perform an authentication request to Vault or return a cached or pre-configured token.
- Specified by:
loginin interfaceClientAuthentication- Returns:
- the Vault token for subsequent authenticated requests
- Throws:
VaultLoginException- if authentication fails.VaultException- See Also:
-
signJwt
Deprecated, for removal: This API element is subject to removal in a future version.
-
GcpIamCredentialsAuthenticationinstead.