Package org.springframework.vault.core
Interface ReactiveVaultOperations
- All Known Implementing Classes:
ReactiveVaultTemplate
public interface ReactiveVaultOperations
Central entrypoint for performing Vault operations on a reactive runtime.
Implemented by
ReactiveVaultTemplate, this interface
exposes reactive APIs for interacting with Vault backends such as Key/Value,
Transit and sys. It supports callback-style execution for both
authenticated doWithSession and
unauthenticated doWithVault access, returning
Reactor Mono and Flux types for composition in reactive
applications.
Paths used with this and other
Template API interfaces are typically relative to the VaultEndpoint
of the underlying ReactiveVaultClient. If the client is configured
without an endpoint, fully-qualified URIs can be used.
Note that operations apply authentication and other headers regardless of using relative or absolute URIs. To prevent unwanted access to external endpoints using authentication headers, applications should sanitize paths to avoid unwanted access to external endpoints.
- Since:
- 2.0
- Author:
- Mark Paluch, James Luke, Timothy R. Weiand
- See Also:
-
Method Summary
Modifier and TypeMethodDescriptionDelete a path.<V,T extends org.reactivestreams.Publisher<V>>
TdoWithSession(Function<WebClient, ? extends T> sessionCallback) Executes a VaultRestOperationsCallback.<V,T extends org.reactivestreams.Publisher<V>>
TdoWithVault(Function<WebClient, ? extends T> clientCallback) Executes a VaultRestOperationsCallback.Enumerate keys from a Vault path.opsForKeyValue(String path, VaultKeyValueOperationsSupport.KeyValueBackend apiVersion) ReturnVaultKeyValueOperations.opsForTransit(String path) ReturnReactiveVaultTransitOperationsif the transit engine is mounted on a different path thantransit.Read from a Vault path.<T> Mono<VaultResponseSupport<T>>Read from a Vault path.default Mono<VaultResponse>Write to a Vault path.Write to a Vault path.
-
Method Details
-
opsForKeyValue
ReactiveVaultKeyValueOperations opsForKeyValue(String path, VaultKeyValueOperationsSupport.KeyValueBackend apiVersion) ReturnVaultKeyValueOperations.- Parameters:
path- the mount path, must not be empty or null.apiVersion- API version to use, must not be null.- Returns:
- the operations interface to interact with the Vault Key/Value secrets engine.
- Since:
- 3.1
-
opsForVersionedKeyValue
- Parameters:
path- the mount path- Returns:
- the operations interface to interact with the versioned Vault Key/Value (version 2) secrets engine.
- Since:
- 3.1
-
opsForTransit
ReactiveVaultTransitOperations opsForTransit()- Returns:
- the operations interface to interact with the Vault transit engine.
- Since:
- 3.1
-
opsForTransit
ReturnReactiveVaultTransitOperationsif the transit engine is mounted on a different path thantransit.- Parameters:
path- the mount path- Returns:
- the operations interface to interact with the Vault transit engine.
- Since:
- 3.1
-
opsForSys
ReactiveVaultSysOperations opsForSys()- Returns:
- the operations interface administrative Vault access.
- Since:
- 3.1
-
read
Read from a Vault path. Reading data using this method is suitable for API calls/secrets engines that do not require a request body.- Parameters:
path- must not be null.- Returns:
- the data. May be empty if the path does not exist.
-
read
Read from a Vault path. Reading data using this method is suitable for API calls/secrets engines that do not require a request body.- Parameters:
path- must not be null.responseType- must not be null.- Returns:
- the data. May be empty if the path does not exist.
-
list
Enumerate keys from a Vault path.- Parameters:
path- must not be null.- Returns:
- the data. May be empty if the path does not exist.
-
write
Write to a Vault path.- Parameters:
path- must not be null.- Returns:
- the response. May be empty if the response has no body.
-
write
Write to a Vault path.- Parameters:
path- must not be null.body- the body, may be null if absent.- Returns:
- the response. May be empty if the response has no body.
-
delete
Delete a path.- Parameters:
path- must not be null.
-
doWithVault
<V,T extends org.reactivestreams.Publisher<V>> T doWithVault(Function<WebClient, ? extends T> clientCallback) throws VaultException, WebClientExceptionExecutes a VaultRestOperationsCallback. Allows to interact with Vault usingRestOperationswithout requiring a session.- Parameters:
clientCallback- the request.- Returns:
- the
RestOperationsCallbackreturn value. - Throws:
VaultException- when aHttpStatusCodeExceptionoccurs.WebClientException- exceptions fromWebClient.
-
doWithSession
<V,T extends org.reactivestreams.Publisher<V>> T doWithSession(Function<WebClient, ? extends T> sessionCallback) throws VaultException, WebClientExceptionExecutes a VaultRestOperationsCallback. Allows to interact with Vault in an authenticated session.- Parameters:
sessionCallback- the request.- Returns:
- the
RestOperationsCallbackreturn value. - Throws:
VaultException- when aHttpStatusCodeExceptionoccurs.WebClientException- exceptions fromWebClient.
-