Package org.springframework.vault.support

Class VaultTokenRequest.VaultTokenRequestBuilder

java.lang.Object
org.springframework.vault.support.VaultTokenRequest.VaultTokenRequestBuilder
Enclosing class:
VaultTokenRequest
public static class VaultTokenRequest.VaultTokenRequestBuilder extends Object
Builder to build a VaultTokenRequest.

  • Method Details

    • id

      public VaultTokenRequest.VaultTokenRequestBuilder id(String id)
      Configure the token identifier. Can only be specified by a root token. Otherwise, the token identifier is a randomly generated UUID.
      Parameters:
      id - the token identifier.
      Returns:
      this builder.

    • policies

      public VaultTokenRequest.VaultTokenRequestBuilder policies(Iterable<String> policies)
      Configure policies. Replaces previously configured policies.
      Parameters:
      policies - must not be null.
      Returns:
      this builder.

    • withPolicy

      public VaultTokenRequest.VaultTokenRequestBuilder withPolicy(String policy)
      Add a policy.
      Parameters:
      policy - must not be empty or null.
      Returns:
      this builder.

    • meta

      public VaultTokenRequest.VaultTokenRequestBuilder meta(Map<String,String> meta)
      Configure meta. Replaces previously meta.
      Parameters:
      meta - must not be null.
      Returns:
      this builder.

    • noParent

      public VaultTokenRequest.VaultTokenRequestBuilder noParent()
      Configure the token to not have the parent token of the caller. This creates a token with no parent. Requires a root caller.
      Returns:
      this builder.

    • noParent

      public VaultTokenRequest.VaultTokenRequestBuilder noParent(boolean noParent)
      Configure the token to not have the parent token of the caller. This creates a token with no parent. Requires a root caller.
      Parameters:
      noParent - true to not have the parent token of the caller.
      Returns:
      this builder.

    • noDefaultPolicy

      public VaultTokenRequest.VaultTokenRequestBuilder noDefaultPolicy()
      Omit the default policy in the token's policy set
      Returns:
      this builder.

    • noDefaultPolicy

      public VaultTokenRequest.VaultTokenRequestBuilder noDefaultPolicy(boolean noDefaultPolicy)
      Configure whether the default policy should be part of the token's policy set.
      Parameters:
      noDefaultPolicy - true to omit the default policy in the token's policy set.
      Returns:
      this builder.

    • renewable

      public VaultTokenRequest.VaultTokenRequestBuilder renewable()
      Enable TTL extension/renewal for the token.
      Returns:
      this builder.

    • renewable

      public VaultTokenRequest.VaultTokenRequestBuilder renewable(boolean renewable)
      Configure TTL extension/renewal for the token.
      Parameters:
      renewable - false to disable the ability of the token to be renewed past its initial TTL. true, or omitting this option, will allow the token to be renewable up to the system/mount maximum TTL.
      Returns:
      this builder.

    • ttl

      public VaultTokenRequest.VaultTokenRequestBuilder ttl(long ttl, TimeUnit timeUnit)
      Configure a TTL (seconds) for the token.
      Parameters:
      ttl - the time to live, must not be negative.
      timeUnit - the time to live time unit, must not be null.
      Returns:
      this builder.

    • ttl

      public VaultTokenRequest.VaultTokenRequestBuilder ttl(Duration ttl)
      Configure a TTL for the token using ChronoUnit.SECONDS resolution.
      Parameters:
      ttl - the time to live, must not be null or negative.
      Returns:
      this builder.
      Since:
      2.0

    • explicitMaxTtl

      public VaultTokenRequest.VaultTokenRequestBuilder explicitMaxTtl(long explicitMaxTtl, TimeUnit timeUnit)
      Configure the explicit maximum TTL for the token. This maximum token TTL cannot be changed later, and unlike with normal tokens, updates to the system/mount max TTL value will have no effect at renewal time - the token will never be able to be renewed or used past the value set at issue time.
      Parameters:
      explicitMaxTtl - the time to live, must not be negative.
      timeUnit - the time to live, must not be null.
      Returns:
      this builder.

    • explicitMaxTtl

      public VaultTokenRequest.VaultTokenRequestBuilder explicitMaxTtl(Duration explicitMaxTtl)
      Configure the explicit maximum TTL for the token. This maximum token TTL cannot be changed later, and unlike with normal tokens, updates to the system/mount max TTL value will have no effect at renewal time - the token will never be able to be renewed or used past the value set at issue time.
      Parameters:
      explicitMaxTtl - the time to live, must not be null or negative.
      Returns:
      this builder.
      Since:
      2.0

    • displayName

      public VaultTokenRequest.VaultTokenRequestBuilder displayName(String displayName)
      Configure a display name for the token, defaults to "token".
      Parameters:
      displayName - must not be empty or null.
      Returns:
      this builder.

    • entityAlias

      public VaultTokenRequest.VaultTokenRequestBuilder entityAlias(String entityAlias)
      Configure the entity alias for the token.
      Parameters:
      entityAlias - must not be empty or null.
      Returns:
      this builder.
      Since:
      3.1

    • numUses

      public VaultTokenRequest.VaultTokenRequestBuilder numUses(int numUses)
      Configure the maximum uses for the token. This can be used to create a one-time-token or limited use token. Defaults to 0, which has no limit to the number of uses.
      Parameters:
      numUses - number of uses, must not be negative.
      Returns:
      this builder.

    • build

      public VaultTokenRequest build()
      Build a new VaultTokenRequest instance.
      Returns:
      a new VaultCertificateRequest.