org.springframework.vault.authentication.AppRoleAuthentication Java Examples

The following examples show how to use org.springframework.vault.authentication.AppRoleAuthentication. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: HashicorpKeyVaultServiceFactoryUtilTest.java    From tessera with Apache License 2.0 6 votes vote down vote up 
@Test
public void configureClientAuthenticationIfAllEnvVarsSetThenAppRoleMethod() {
    KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
    EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);
    ClientHttpRequestFactory clientHttpRequestFactory = mock(ClientHttpRequestFactory.class);
    VaultEndpoint vaultEndpoint = mock(VaultEndpoint.class);

    when(envProvider.getEnv(HASHICORP_ROLE_ID)).thenReturn("role-id");
    when(envProvider.getEnv(HASHICORP_SECRET_ID)).thenReturn("secret-id");
    when(envProvider.getEnv(HASHICORP_TOKEN)).thenReturn("token");

    when(keyVaultConfig.getProperty("approlePath")).thenReturn(Optional.of("approle"));

    ClientAuthentication result = util.configureClientAuthentication(keyVaultConfig, envProvider, clientHttpRequestFactory, vaultEndpoint);

    assertThat(result).isInstanceOf(AppRoleAuthentication.class);
}
Example #2
Source File: HashicorpKeyVaultServiceFactoryUtilTest.java    From tessera with Apache License 2.0 6 votes vote down vote up 
@Test
public void configureClientAuthenticationIfOnlyRoleIdAndSecretIdSetThenAppRoleMethod() {
    KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
    EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);
    ClientHttpRequestFactory clientHttpRequestFactory = mock(ClientHttpRequestFactory.class);
    VaultEndpoint vaultEndpoint = mock(VaultEndpoint.class);

    when(envProvider.getEnv(HASHICORP_ROLE_ID)).thenReturn("role-id");
    when(envProvider.getEnv(HASHICORP_SECRET_ID)).thenReturn("secret-id");
    when(envProvider.getEnv(HASHICORP_TOKEN)).thenReturn(null);

    when(keyVaultConfig.getProperty("approlePath")).thenReturn(Optional.of("somepath"));

    ClientAuthentication result = util.configureClientAuthentication(keyVaultConfig, envProvider, clientHttpRequestFactory, vaultEndpoint);

    assertThat(result).isInstanceOf(AppRoleAuthentication.class);
}
Example #3
Source File: EnvironmentVaultConfiguration.java    From spring-vault with Apache License 2.0 6 votes vote down vote up 
protected ClientAuthentication appRoleAuthentication() {

		String roleId = getProperty("vault.app-role.role-id");
		String secretId = getProperty("vault.app-role.secret-id");
		String path = getProperty("vault.app-role.app-role-path",
				AppRoleAuthenticationOptions.DEFAULT_APPROLE_AUTHENTICATION_PATH);

		Assert.hasText(roleId, "Vault AppRole authentication: RoleId (vault.app-role.role-id) must not be empty");

		AppRoleAuthenticationOptionsBuilder builder = AppRoleAuthenticationOptions.builder()
				.roleId(RoleId.provided(roleId)).path(path);

		if (StringUtils.hasText(secretId)) {
			builder = builder.secretId(SecretId.provided(secretId));
		}

		return new AppRoleAuthentication(builder.build(), restOperations());
	}
Example #4
Source File: AppRoleClientAuthenticationProvider.java    From spring-cloud-config with Apache License 2.0 5 votes vote down vote up 
@Override
public ClientAuthentication getClientAuthentication(
		VaultEnvironmentProperties vaultProperties,
		RestOperations vaultRestOperations, RestOperations externalRestOperations) {

	AppRoleAuthenticationOptions options = getAppRoleAuthenticationOptions(
			vaultProperties);

	return new AppRoleAuthentication(options, vaultRestOperations);
}
Example #5
Source File: SpringVaultClientConfigurationTests.java    From spring-cloud-config with Apache License 2.0 5 votes vote down vote up 
@Test
public void appRoleAuthentication() {
	properties.setAuthentication(APPROLE);
	properties.getAppRole().setRoleId("role-id");

	assertClientAuthenticationOfType(properties, AppRoleAuthentication.class);
}
Example #6
Source File: HashicorpKeyVaultServiceFactoryUtil.java    From tessera with Apache License 2.0 3 votes vote down vote up 
ClientAuthentication configureClientAuthentication(KeyVaultConfig keyVaultConfig, EnvironmentVariableProvider envProvider, ClientHttpRequestFactory clientHttpRequestFactory, VaultEndpoint vaultEndpoint) {

        final String roleId = envProvider.getEnv(HASHICORP_ROLE_ID);
        final String secretId = envProvider.getEnv(HASHICORP_SECRET_ID);
        final String authToken = envProvider.getEnv(HASHICORP_TOKEN);

        if(roleId != null && secretId != null) {

            AppRoleAuthenticationOptions appRoleAuthenticationOptions = AppRoleAuthenticationOptions.builder()
                .path(keyVaultConfig.getProperty("approlePath").get())
                .roleId(AppRoleAuthenticationOptions.RoleId.provided(roleId))
                .secretId(AppRoleAuthenticationOptions.SecretId.provided(secretId))
                .build();

            RestOperations restOperations = VaultClients.createRestTemplate(vaultEndpoint, clientHttpRequestFactory);

            return new AppRoleAuthentication(appRoleAuthenticationOptions, restOperations);

        } else if (Objects.isNull(roleId) != Objects.isNull(secretId)) {

            throw new HashicorpCredentialNotSetException("Both " + HASHICORP_ROLE_ID + " and " + HASHICORP_SECRET_ID + " environment variables must be set to use the AppRole authentication method");

        } else if (authToken == null){

            throw new HashicorpCredentialNotSetException("Both " + HASHICORP_ROLE_ID + " and " + HASHICORP_SECRET_ID + " environment variables must be set to use the AppRole authentication method.  Alternatively set " + HASHICORP_TOKEN + " to authenticate using the Token method");
        }

        return new TokenAuthentication(authToken);
    }
Example #7
Source File: EnvironmentVaultConfigurationAppRoleAuthenticationUnitTests.java    From spring-vault with Apache License 2.0 3 votes vote down vote up 
@Test
void shouldConfigureAuthentication() {

	ClientAuthentication clientAuthentication = this.configuration.clientAuthentication();

	assertThat(clientAuthentication).isInstanceOf(AppRoleAuthentication.class);
}
Example #8
Source File: ClientAuthenticationFactory.java    From spring-cloud-vault with Apache License 2.0 3 votes vote down vote up 
private ClientAuthentication appRoleAuthentication(VaultProperties vaultProperties) {

		AppRoleAuthenticationOptions options = getAppRoleAuthenticationOptions(
				vaultProperties);

		return new AppRoleAuthentication(options, this.restOperations);
	}