List of usage examples for org.springframework.vault.authentication LoginTokenUtil from
static LoginToken from(Map<String, Object> auth)
From source file:org.springframework.vault.authentication.AppIdAuthentication.java
private VaultToken createTokenUsingAppId() { Map<String, String> login = getAppIdLogin(options.getAppId(), options.getUserIdMechanism().createUserId()); VaultResponseEntity<VaultResponse> entity = vaultClient .postForEntity(String.format("auth/%s/login", options.getPath()), login, VaultResponse.class); if (!entity.isSuccessful()) { throw new VaultException(String.format("Cannot login using app-id: %s", entity.getMessage())); }//from w ww . ja v a 2 s .c o m logger.debug("Login successful using AppId authentication"); return LoginTokenUtil.from(entity.getBody().getAuth()); }
From source file:org.springframework.vault.authentication.AppRoleAuthentication.java
private VaultToken createTokenUsingAppRole() { Map<String, String> login = getAppRoleLogin(options.getRoleId(), options.getSecretId()); VaultResponseEntity<VaultResponse> entity = vaultClient .postForEntity(String.format("auth/%s/login", options.getPath()), login, VaultResponse.class); if (!entity.isSuccessful()) { throw new VaultException(String.format("Cannot login using AppRole: %s", entity.getMessage())); }// w w w. j a v a 2 s . c om logger.debug("Login successful using AppRole authentication"); return LoginTokenUtil.from(entity.getBody().getAuth()); }
From source file:org.springframework.vault.authentication.AuthenticationStepsExecutor.java
@Override @SuppressWarnings("unchecked") public VaultToken login() throws VaultException { Object state = null;// w ww.j a va2 s .c o m for (Node<?> o : chain.steps) { if (logger.isDebugEnabled()) { logger.debug(String.format("Executing %s with current state %s", o, state)); } try { if (o instanceof HttpRequestNode) { state = doHttpRequest((HttpRequestNode<Object>) o, state); } if (o instanceof AuthenticationSteps.MapStep) { state = doMapStep((MapStep<Object, Object>) o, state); } if (o instanceof OnNextStep) { state = doOnNext((OnNextStep<Object>) o, state); } if (o instanceof AuthenticationSteps.SupplierStep<?>) { state = doSupplierStep((SupplierStep<Object>) o); } if (logger.isDebugEnabled()) { logger.debug(String.format("Executed %s with current state %s", o, state)); } } catch (HttpStatusCodeException e) { throw new VaultException( String.format("HTTP request %s in state %s failed with Status %s and body %s", o, state, e.getStatusCode(), VaultResponses.getError(e.getResponseBodyAsString()))); } catch (RuntimeException e) { throw new VaultException(String.format("Authentication execution failed in %s", o), e); } } if (state instanceof VaultToken) { return (VaultToken) state; } if (state instanceof VaultResponse) { VaultResponse response = (VaultResponse) state; Assert.state(response.getAuth() != null, "Auth field must not be null"); return LoginTokenUtil.from(response.getAuth()); } throw new IllegalStateException( String.format("Cannot retrieve VaultToken from authentication chain. Got instead %s", state)); }
From source file:org.springframework.vault.authentication.AuthenticationStepsOperator.java
@Override @SuppressWarnings("unchecked") public Mono<VaultToken> getVaultToken() throws VaultException { Mono<Object> state = Mono.just(Undefinded.INSTANCE); for (Node<?> o : chain.steps) { if (logger.isDebugEnabled()) { logger.debug(String.format("Executing %s with current state %s", o, state)); }//from www. j ava2 s .c o m if (o instanceof HttpRequestNode) { state = state.flatMap(stateObject -> doHttpRequest((HttpRequestNode<Object>) o, stateObject)); } if (o instanceof AuthenticationSteps.MapStep) { state = state.map(stateObject -> doMapStep((MapStep<Object, Object>) o, stateObject)); } if (o instanceof OnNextStep) { state = state.doOnNext(stateObject -> doOnNext((OnNextStep<Object>) o, stateObject)); } if (o instanceof AuthenticationSteps.SupplierStep<?>) { state = state.map(stateObject -> doSupplierStep((SupplierStep<Object>) o)); } if (logger.isDebugEnabled()) { logger.debug(String.format("Executed %s with current state %s", o, state)); } } return state.map(stateObject -> { if (stateObject instanceof VaultToken) { return (VaultToken) stateObject; } if (stateObject instanceof VaultResponse) { VaultResponse response = (VaultResponse) stateObject; Assert.state(response.getAuth() != null, "Auth field must not be null"); return LoginTokenUtil.from(response.getAuth()); } throw new IllegalStateException(String .format("Cannot retrieve VaultToken from authentication chain. Got instead %s", stateObject)); }); }
From source file:org.springframework.vault.authentication.AwsEc2Authentication.java
@SuppressWarnings("unchecked") private VaultToken createTokenUsingAwsEc2() { String path = String.format("auth/%s/login", options.getPath()); Map<String, String> login = getEc2Login(); VaultResponseEntity<VaultResponse> entity = this.vaultClient.postForEntity(path, login, VaultResponse.class); if (!entity.isSuccessful()) { throw new VaultException(String.format("Cannot login using AWS-EC2: %s", entity.getMessage())); }//from w w w . j a v a2 s . co m VaultResponse body = entity.getBody(); if (logger.isDebugEnabled()) { if (body.getAuth().get("metadata") instanceof Map) { Map<Object, Object> metadata = (Map<Object, Object>) body.getAuth().get("metadata"); logger.debug(String.format("Login successful using AWS-EC2 authentication for instance %s, AMI %s", metadata.get("instance_id"), metadata.get("instance_id"))); } else { logger.debug("Login successful using AWS-EC2 authentication"); } } return LoginTokenUtil.from(entity.getBody().getAuth()); }
From source file:org.springframework.vault.authentication.AwsIamAuthentication.java
@SuppressWarnings("unchecked") private VaultToken createTokenUsingAwsIam() { Map<String, String> login = new HashMap<>(); login.put("iam_http_request_method", "POST"); login.put("iam_request_url", Base64Utils.encodeToString(options.getEndpointUri().toString().getBytes())); login.put("iam_request_body", REQUEST_BODY_BASE64_ENCODED); String headerJson = getSignedHeaders(options); login.put("iam_request_headers", Base64Utils.encodeToString(headerJson.getBytes())); if (!StringUtils.isEmpty(options.getRole())) { login.put("role", options.getRole()); }//from ww w. ja v a2s .com try { VaultResponse response = this.vaultRestOperations.postForObject("auth/{mount}/login", login, VaultResponse.class, options.getPath()); Assert.state(response != null && response.getAuth() != null, "Auth field must not be null"); if (logger.isDebugEnabled()) { if (response.getAuth().get("metadata") instanceof Map) { Map<Object, Object> metadata = (Map<Object, Object>) response.getAuth().get("metadata"); logger.debug( String.format("Login successful using AWS-IAM authentication for user id %s, ARN %s", metadata.get("client_user_id"), metadata.get("canonical_arn"))); } else { logger.debug("Login successful using AWS-IAM authentication"); } } return LoginTokenUtil.from(response.getAuth()); } catch (HttpStatusCodeException e) { throw new VaultException(String.format("Cannot login using AWS-IAM: %s", VaultResponses.getError(e.getResponseBodyAsString()))); } }
From source file:org.springframework.vault.authentication.ClientCertificateAuthentication.java
private VaultToken createTokenUsingTlsCertAuthentication(String path) { VaultResponseEntity<VaultResponse> entity = vaultClient.postForEntity(String.format("auth/%s/login", path), Collections.emptyMap(), VaultResponse.class); if (!entity.isSuccessful()) { throw new VaultException(String.format("Cannot login using TLS certificates: %s", entity.getMessage())); }/* ww w . jav a2s .c om*/ logger.debug("Login successful using TLS certificates"); return LoginTokenUtil.from(entity.getBody().getAuth()); }
From source file:org.springframework.vault.authentication.CubbyholeAuthentication.java
private VaultToken getToken(VaultResponseEntity<VaultResponse> entity, Map<String, Object> data) { if (options.isWrappedToken()) { VaultResponse response = vaultClient.unwrap((String) data.get("response"), VaultResponse.class); return LoginTokenUtil.from(response.getAuth()); }/*from w ww . j ava 2s . c o m*/ if (data == null || data.isEmpty()) { throw new VaultException( String.format("Cannot retrieve Token from cubbyhole: Response at %s does not contain a token", entity.getUri())); } if (data.size() == 1) { String token = (String) data.get(data.keySet().iterator().next()); return VaultToken.of(token); } throw new VaultException(String.format( "Cannot retrieve Token from cubbyhole: Response at %s does not contain an unique token", entity.getUri())); }