Package org.springframework.vault.core

Interface ReactiveVaultOperations

All Known Implementing Classes:

ReactiveVaultTemplate

public interface ReactiveVaultOperations

Interface that specifies a basic set of Vault operations executed on a reactive infrastructure, implemented by ReactiveVaultTemplate. This is the main entry point to interact with Vault in an authenticated and unauthenticated context.

ReactiveVaultOperations allows execution of callback methods. Callbacks can execute requests within a session context and the without a session.

Paths used in this interface (and interfaces accessible from here) are considered relative to the VaultEndpoint. Paths that are fully-qualified URI's can be used to access Vault cluster members in an authenticated context. To prevent unwanted full URI access, make sure to sanitize paths before passing them to this interface.

Since:

2.0

Author:

Mark Paluch, James Luke, Timothy R. Weiand

See Also:

• doWithSession(Function)
• doWithVault(Function)
• WebClient
• ReactiveVaultTemplate
• VaultTokenSupplier

Method Summary

Modifier and Type	Method	Description
Mono<Void>	delete(String path)	Delete a path.
<V, T extends org.reactivestreams.Publisher<V>> T	doWithSession(Function<WebClient,? extends T> sessionCallback)	Executes a Vault RestOperationsCallback.
<V, T extends org.reactivestreams.Publisher<V>> T	doWithVault(Function<WebClient,? extends T> clientCallback)	Executes a Vault RestOperationsCallback.
Flux<String>	list(String path)	Enumerate keys from a Vault path.
ReactiveVaultKeyValueOperations	opsForKeyValue(String path, VaultKeyValueOperationsSupport.KeyValueBackend apiVersion)	Return VaultKeyValueOperations.
ReactiveVaultSysOperations	opsForSys()
ReactiveVaultTransitOperations	opsForTransit()
ReactiveVaultTransitOperations	opsForTransit(String path)	Return ReactiveVaultTransitOperations if the transit engine is mounted on a different path than transit.
ReactiveVaultVersionedKeyValueOperations	opsForVersionedKeyValue(String path)	Return ReactiveVaultVersionedKeyValueOperations.
Mono<VaultResponse>	read(String path)	Read from a Vault path.
<T> Mono<VaultResponseSupport<T>>	read(String path, Class<T> responseType)	Read from a Vault path.
default Mono<VaultResponse>	write(String path)	Write to a Vault path.
Mono<VaultResponse>	write(String path, @Nullable Object body)	Write to a Vault path.

Method Details

opsForKeyValue

ReactiveVaultKeyValueOperations opsForKeyValue(String path,
 VaultKeyValueOperationsSupport.KeyValueBackend apiVersion)

Return VaultKeyValueOperations.

Parameters:

path - the mount path, must not be empty or null.

apiVersion - API version to use, must not be null.

Returns:

the operations interface to interact with the Vault Key/Value secrets engine.

Since:

3.1

opsForVersionedKeyValue

ReactiveVaultVersionedKeyValueOperations opsForVersionedKeyValue(String path)

Return ReactiveVaultVersionedKeyValueOperations.

Parameters:

path - the mount path

Returns:

the operations interface to interact with the versioned Vault Key/Value (version 2) secrets engine.

Since:

3.1

opsForTransit

ReactiveVaultTransitOperations opsForTransit()

Returns:

the operations interface to interact with the Vault transit engine.

Since:

3.1

opsForTransit

ReactiveVaultTransitOperations opsForTransit(String path)

Return ReactiveVaultTransitOperations if the transit engine is mounted on a different path than transit.

Parameters:

path - the mount path

Returns:

the operations interface to interact with the Vault transit engine.

Since:

3.1

opsForSys

ReactiveVaultSysOperations opsForSys()

Returns:

the operations interface administrative Vault access.

Since:

3.1

read

Mono<VaultResponse> read(String path)

Read from a Vault path. Reading data using this method is suitable for API calls/secrets engines that do not require a request body.

Parameters:

path - must not be null.

Returns:

the data. May be empty if the path does not exist.

read

<T> Mono<VaultResponseSupport<T>> read(String path,
 Class<T> responseType)

Read from a Vault path. Reading data using this method is suitable for API calls/secrets engines that do not require a request body.

Parameters:

path - must not be null.

responseType - must not be null.

Returns:

the data. May be empty if the path does not exist.

list

Flux<String> list(String path)

Enumerate keys from a Vault path.

Parameters:

path - must not be null.

Returns:

the data. May be empty if the path does not exist.

write

default Mono<VaultResponse> write(String path)

Write to a Vault path.

Parameters:

path - must not be null.

Returns:

the response. May be empty if the response has no body.

write

Mono<VaultResponse> write(String path,
 @Nullable Object body)

Write to a Vault path.

Parameters:

path - must not be null.

body - the body, may be null if absent.

Returns:

the response. May be empty if the response has no body.

delete

Mono<Void> delete(String path)

Delete a path.

Parameters:

path - must not be null.

doWithVault

<V,
T extends org.reactivestreams.Publisher<V>> T doWithVault(Function<WebClient,? extends T> clientCallback)
                                                      throws VaultException,
WebClientException

Executes a Vault RestOperationsCallback. Allows to interact with Vault using RestOperations without requiring a session.

Parameters:

clientCallback - the request.

Returns:

the RestOperationsCallback return value.

Throws:

VaultException - when a HttpStatusCodeException occurs.

WebClientException - exceptions from WebClient.

doWithSession

<V,
T extends org.reactivestreams.Publisher<V>> T doWithSession(Function<WebClient,? extends T> sessionCallback)
                                                        throws VaultException,
WebClientException

Executes a Vault RestOperationsCallback. Allows to interact with Vault in an authenticated session.

Parameters:

sessionCallback - the request.

Returns:

the RestOperationsCallback return value.

Throws:

VaultException - when a HttpStatusCodeException occurs.

WebClientException - exceptions from WebClient.