Skip to content

Commit bae3044

Browse files
jarrodcodesjarrodcodes
authored
Merge pull request #2 from jarrodcodes/vault-1+
Add namespace support globally
2 parents abd6acf + 799b9fc commit bae3044

12 files changed

Lines changed: 848 additions & 174 deletions

File tree

src/main/java/com/bettercloud/vault/VaultConfig.java

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -60,10 +60,10 @@ public class VaultConfig implements Serializable {
6060
* constructing a <code>VaultConfig</code> instance using the builder pattern approach rather than the convenience
6161
* constructor. This method's access level was therefore originally set to <code>protected</code>, but was bumped
6262
* up to <code>public</code> due to community request for the ability to disable environment loading altogether
63-
* (see https://github.com/BetterCloud/vault-java-driver/issues/77).
64-
* <p>
65-
* Note that if you do override this, however, then obviously all of the environment checking discussed in the
66-
* documentation becomes disabled.
63+
* (see https://github.com/BetterCloud/vault-java-driver/issues/77).</p>
64+
*
65+
* <p>Note that if you do override this, however, then obviously all of the environment checking discussed in the
66+
* documentation becomes disabled.</p>
6767
*
6868
* @param environmentLoader An environment variable loader implementation (presumably a mock)
6969
* @return This object, with environmentLoader populated, ready for additional builder-pattern method calls or else finalization with the build() method

src/main/java/com/bettercloud/vault/api/Auth.java

Lines changed: 387 additions & 61 deletions
Large diffs are not rendered by default.

src/main/java/com/bettercloud/vault/api/Debug.java

Lines changed: 25 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,6 @@
1010
import java.util.HashSet;
1111
import java.util.Set;
1212

13-
import static com.bettercloud.vault.api.LogicalUtilities.retry;
1413

1514
/**
1615
* <p>The implementing class for operations on REST endpoints, under the "Debug" section of the Vault HTTP API
@@ -24,10 +23,18 @@ public class Debug {
2423

2524
private final VaultConfig config;
2625

26+
private String nameSpace;
27+
2728
public Debug(final VaultConfig config) {
2829
this.config = config;
2930
}
3031

32+
public Debug withNameSpace(final String nameSpace) {
33+
this.nameSpace = nameSpace;
34+
return this;
35+
}
36+
37+
3138
/**
3239
* <p>Returns the health status of Vault. This matches the semantics of a Consul HTTP
3340
* health check and provides a simple way to monitor the health of a Vault instance.</p>
@@ -89,6 +96,9 @@ public HealthResponse health(
8996
if (config.getToken() != null) {
9097
rest.header("X-Vault-Token", config.getToken());
9198
}
99+
if (this.nameSpace != null && !this.nameSpace.isEmpty()) {
100+
rest.header("X-Vault-Namespace", this.nameSpace);
101+
}
92102
// Add params if present
93103
if (standbyOk != null) rest.parameter("standbyok", standbyOk.toString());
94104
if (activeCode != null) rest.parameter("activecode", activeCode.toString());
@@ -111,7 +121,20 @@ public HealthResponse health(
111121
return new HealthResponse(restResponse, retryCount);
112122
} catch (RuntimeException | VaultException | RestException e) {
113123
// If there are retries to perform, then pause for the configured interval and then execute the loop again...
114-
retry(retryCount, e, this.config);
124+
if (retryCount < config.getMaxRetries()) {
125+
retryCount++;
126+
try {
127+
final int retryIntervalMilliseconds = config.getRetryIntervalMilliseconds();
128+
Thread.sleep(retryIntervalMilliseconds);
129+
} catch (InterruptedException e1) {
130+
e1.printStackTrace();
131+
}
132+
} else if (e instanceof VaultException) {
133+
// ... otherwise, give up.
134+
throw (VaultException) e;
135+
} else {
136+
throw new VaultException(e);
137+
}
115138
}
116139
}
117140
}

src/main/java/com/bettercloud/vault/api/Leases.java

Lines changed: 108 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,6 @@
99

1010
import java.nio.charset.StandardCharsets;
1111

12-
import static com.bettercloud.vault.api.LogicalUtilities.retry;
1312

1413
/**
1514
* <p>The implementing class for operations on REST endpoints, under the "Leases" section of the Vault HTTP API
@@ -23,10 +22,17 @@ public class Leases {
2322

2423
private final VaultConfig config;
2524

25+
private String nameSpace;
26+
2627
public Leases(final VaultConfig config) {
2728
this.config = config;
2829
}
2930

31+
public Leases withNameSpace(final String nameSpace) {
32+
this.nameSpace = nameSpace;
33+
return this;
34+
}
35+
3036
/**
3137
* <p>Immediately revokes a secret associated with a given lease. E.g.:</p>
3238
*
@@ -45,14 +51,22 @@ public VaultResponse revoke(final String leaseId) throws VaultException {
4551
int retryCount = 0;
4652
while (true) {
4753
try {
48-
final RestResponse restResponse = new Rest()//NOPMD
54+
final RestResponse restResponse;
55+
final Rest rest = new Rest()//NOPMD
4956
.url(config.getAddress() + "/v1/sys/revoke/" + leaseId)
5057
.header("X-Vault-Token", config.getToken())
5158
.connectTimeoutSeconds(config.getOpenTimeout())
5259
.readTimeoutSeconds(config.getReadTimeout())
5360
.sslVerification(config.getSslConfig().isVerify())
54-
.sslContext(config.getSslConfig().getSslContext())
55-
.put();
61+
.sslContext(config.getSslConfig().getSslContext());
62+
63+
if (this.nameSpace != null && !this.nameSpace.isEmpty()) {
64+
restResponse = rest
65+
.header("X-Vault-Namespace", this.nameSpace)
66+
.put();
67+
} else {
68+
restResponse = rest.put();
69+
}
5670

5771
// Validate response
5872
if (restResponse.getStatus() != 204) {
@@ -61,7 +75,20 @@ public VaultResponse revoke(final String leaseId) throws VaultException {
6175
return new VaultResponse(restResponse, retryCount);
6276
} catch (Exception e) {
6377
// If there are retries to perform, then pause for the configured interval and then execute the loop again...
64-
retry(retryCount, e, this.config);
78+
if (retryCount < config.getMaxRetries()) {
79+
retryCount++;
80+
try {
81+
final int retryIntervalMilliseconds = config.getRetryIntervalMilliseconds();
82+
Thread.sleep(retryIntervalMilliseconds);
83+
} catch (InterruptedException e1) {
84+
e1.printStackTrace();
85+
}
86+
} else if (e instanceof VaultException) {
87+
// ... otherwise, give up.
88+
throw (VaultException) e;
89+
} else {
90+
throw new VaultException(e);
91+
}
6592
}
6693
}
6794
}
@@ -86,14 +113,22 @@ public VaultResponse revokePrefix(final String prefix) throws VaultException {
86113
int retryCount = 0;
87114
while (true) {
88115
try {
89-
final RestResponse restResponse = new Rest()//NOPMD
116+
final RestResponse restResponse;
117+
final Rest rest = new Rest()//NOPMD
90118
.url(config.getAddress() + "/v1/sys/revoke-prefix/" + prefix)
91119
.header("X-Vault-Token", config.getToken())
92120
.connectTimeoutSeconds(config.getOpenTimeout())
93121
.readTimeoutSeconds(config.getReadTimeout())
94122
.sslVerification(config.getSslConfig().isVerify())
95-
.sslContext(config.getSslConfig().getSslContext())
96-
.put();
123+
.sslContext(config.getSslConfig().getSslContext());
124+
125+
if (this.nameSpace != null && !this.nameSpace.isEmpty()) {
126+
restResponse = rest
127+
.header("X-Vault-Namespace", this.nameSpace)
128+
.put();
129+
} else {
130+
restResponse = rest.put();
131+
}
97132

98133
// Validate response
99134
if (restResponse.getStatus() != 204) {
@@ -102,7 +137,20 @@ public VaultResponse revokePrefix(final String prefix) throws VaultException {
102137
return new VaultResponse(restResponse, retryCount);
103138
} catch (Exception e) {
104139
// If there are retries to perform, then pause for the configured interval and then execute the loop again...
105-
retry(retryCount, e, this.config);
140+
if (retryCount < config.getMaxRetries()) {
141+
retryCount++;
142+
try {
143+
final int retryIntervalMilliseconds = config.getRetryIntervalMilliseconds();
144+
Thread.sleep(retryIntervalMilliseconds);
145+
} catch (InterruptedException e1) {
146+
e1.printStackTrace();
147+
}
148+
} else if (e instanceof VaultException) {
149+
// ... otherwise, give up.
150+
throw (VaultException) e;
151+
} else {
152+
throw new VaultException(e);
153+
}
106154
}
107155
}
108156
}
@@ -130,14 +178,22 @@ public VaultResponse revokeForce(final String prefix) throws VaultException {
130178
int retryCount = 0;
131179
while (true) {
132180
try {
133-
final RestResponse restResponse = new Rest()//NOPMD
181+
final RestResponse restResponse;
182+
final Rest rest = new Rest()//NOPMD
134183
.url(config.getAddress() + "/v1/sys/revoke-force/" + prefix)
135184
.header("X-Vault-Token", config.getToken())
136185
.connectTimeoutSeconds(config.getOpenTimeout())
137186
.readTimeoutSeconds(config.getReadTimeout())
138187
.sslVerification(config.getSslConfig().isVerify())
139-
.sslContext(config.getSslConfig().getSslContext())
140-
.put();
188+
.sslContext(config.getSslConfig().getSslContext());
189+
190+
if (this.nameSpace != null && !this.nameSpace.isEmpty()) {
191+
restResponse = rest
192+
.header("X-Vault-Namespace", this.nameSpace)
193+
.put();
194+
} else {
195+
restResponse = rest.put();
196+
}
141197

142198
// Validate response
143199
if (restResponse.getStatus() != 204) {
@@ -146,7 +202,20 @@ public VaultResponse revokeForce(final String prefix) throws VaultException {
146202
return new VaultResponse(restResponse, retryCount);
147203
} catch (Exception e) {
148204
// If there are retries to perform, then pause for the configured interval and then execute the loop again...
149-
retry(retryCount, e, this.config);
205+
if (retryCount < config.getMaxRetries()) {
206+
retryCount++;
207+
try {
208+
final int retryIntervalMilliseconds = config.getRetryIntervalMilliseconds();
209+
Thread.sleep(retryIntervalMilliseconds);
210+
} catch (InterruptedException e1) {
211+
e1.printStackTrace();
212+
}
213+
} else if (e instanceof VaultException) {
214+
// ... otherwise, give up.
215+
throw (VaultException) e;
216+
} else {
217+
throw new VaultException(e);
218+
}
150219
}
151220
}
152221
}
@@ -179,22 +248,44 @@ public VaultResponse renew(final String leaseId, final long increment) throws Va
179248
while (true) {
180249
try {
181250
final String requestJson = Json.object().add("increment", increment).toString();
182-
final RestResponse restResponse = new Rest()//NOPMD
251+
final RestResponse restResponse;
252+
final Rest rest = new Rest()//NOPMD
183253
.url(config.getAddress() + "/v1/sys/renew/" + leaseId)
184254
.header("X-Vault-Token", config.getToken())
185255
.body(increment < 0 ? null : requestJson.getBytes(StandardCharsets.UTF_8))
186256
.connectTimeoutSeconds(config.getOpenTimeout())
187257
.readTimeoutSeconds(config.getReadTimeout())
188258
.sslVerification(config.getSslConfig().isVerify())
189-
.sslContext(config.getSslConfig().getSslContext())
190-
.put();
259+
.sslContext(config.getSslConfig().getSslContext());
260+
261+
if (this.nameSpace != null && !this.nameSpace.isEmpty()) {
262+
restResponse = rest
263+
.header("X-Vault-Namespace", this.nameSpace)
264+
.post();
265+
} else {
266+
restResponse = rest.post();
267+
}
268+
191269
// Validate response
192270
if (restResponse.getStatus() != 200) {
193271
throw new VaultException("Expecting HTTP status 200, but instead receiving " + restResponse.getStatus(), restResponse.getStatus());
194272
}
195273
return new VaultResponse(restResponse, retryCount);
196274
} catch (Exception e) {
197-
retry(retryCount, e, this.config);
275+
if (retryCount < config.getMaxRetries()) {
276+
retryCount++;
277+
try {
278+
final int retryIntervalMilliseconds = config.getRetryIntervalMilliseconds();
279+
Thread.sleep(retryIntervalMilliseconds);
280+
} catch (InterruptedException e1) {
281+
e1.printStackTrace();
282+
}
283+
} else if (e instanceof VaultException) {
284+
// ... otherwise, give up.
285+
throw (VaultException) e;
286+
} else {
287+
throw new VaultException(e);
288+
}
198289
}
199290
}
200291
}

0 commit comments

Comments
 (0)