From 0c0f5b1be8428ef933c2d513b9cc889e6021b51b Mon Sep 17 00:00:00 2001 From: Mark Paluch Date: Tue, 11 Oct 2016 17:36:57 +0200 Subject: [PATCH] Polishing. Improve documentation. Remove superfluous assertions in authentication options. --- .../AppIdAuthenticationOptions.java | 2 +- .../AwsEc2AuthenticationOptions.java | 1 - .../CubbyholeAuthenticationOptions.java | 1 - src/main/asciidoc/reference/authentication.adoc | 16 ++++++++++------ 4 files changed, 11 insertions(+), 9 deletions(-) diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdAuthenticationOptions.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdAuthenticationOptions.java index 4b6bc0c6..1024d9f3 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdAuthenticationOptions.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdAuthenticationOptions.java @@ -146,7 +146,7 @@ public class AppIdAuthenticationOptions { */ public AppIdAuthenticationOptions build() { - Assert.hasText(path, "AppId must not be empty"); + Assert.hasText(appId, "AppId must not be empty"); Assert.notNull(userIdMechanism, "AppIdUserIdMechanism must not be null"); return new AppIdAuthenticationOptions(path, appId, userIdMechanism); diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2AuthenticationOptions.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2AuthenticationOptions.java index 7bfd4d09..04e79cde 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2AuthenticationOptions.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2AuthenticationOptions.java @@ -155,7 +155,6 @@ public class AwsEc2AuthenticationOptions { */ public AwsEc2AuthenticationOptions build() { - Assert.hasText(path, "AppId must not be empty"); Assert.notNull(identityDocumentUri, "IdentityDocumentUri must not be null"); return new AwsEc2AuthenticationOptions(path, identityDocumentUri, role); diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/CubbyholeAuthenticationOptions.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/CubbyholeAuthenticationOptions.java index 646fd19b..f476ccd2 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/CubbyholeAuthenticationOptions.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/CubbyholeAuthenticationOptions.java @@ -143,7 +143,6 @@ public class CubbyholeAuthenticationOptions { public CubbyholeAuthenticationOptions build() { Assert.notNull(initialToken, "Initial Vault Token must not be null"); - Assert.hasText(path, "Path must not be empty"); return new CubbyholeAuthenticationOptions(initialToken, path, wrappedToken); } diff --git a/src/main/asciidoc/reference/authentication.adoc b/src/main/asciidoc/reference/authentication.adoc index 633e7bc6..c2be34a6 100644 --- a/src/main/asciidoc/reference/authentication.adoc +++ b/src/main/asciidoc/reference/authentication.adoc @@ -32,7 +32,10 @@ class AppConfig extends AbstractVaultConfiguration { ---- ==== -See also: https://www.vaultproject.io/docs/concepts/tokens.html[Vault Documentation: Tokens] +See also: + +* https://www.vaultproject.io/docs/concepts/tokens.html[Vault Documentation: Tokens] +* https://www.vaultproject.io/docs/auth/token.html[Vault Documentation: Using the Token auth backend] [[vault.authentication.appid]] == AppId authentication @@ -48,7 +51,6 @@ The IP and Mac address are represented as Hex-encoded SHA256 hash. IP address-based UserId's use the local host's IP address. - ==== [source,java] ---- @@ -96,6 +98,7 @@ class AppConfig extends AbstractVaultConfiguration { @Override public ClientAuthentication clientAuthentication() { + AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder().appId("myapp") // .userIdMechanism(new MacAddressUserId()) // .build(); @@ -108,7 +111,7 @@ class AppConfig extends AbstractVaultConfiguration { ---- ==== -The corresponding command to generate the IP address UserId from a command line is: +The corresponding command to generate the Mac address UserId from a command line is: ---- $ echo -n 0AFEDE1234AC | sha256sum @@ -135,6 +138,7 @@ public class MyUserIdMechanism implements AppIdUserIdMechanism { @Override public String createUserId() { + String userId = ... return userId; } @@ -229,7 +233,7 @@ AWS-EC2 authentication roles are optional and default to the AMI. You can configure the authentication role by setting it in `AwsEc2AuthenticationOptions`. -See also: https://www.vaultproject.io/docs/auth/aws-ec2.html[Vault Documentation: Using the aws-ec2 auth backend] +See also: https://www.vaultproject.io/docs/auth/aws-ec2.html[Vault Documentation: Using the AWS-EC2 auth backend] == TLS certificate authentication @@ -260,7 +264,7 @@ class AppConfig extends AbstractVaultConfiguration { ---- ==== -See also: https://www.vaultproject.io/docs/auth/cert.html[Vault Documentation: Using the cert auth backend] +See also: https://www.vaultproject.io/docs/auth/cert.html[Vault Documentation: Using the Cert auth backend] == Cubbyhole authentication @@ -373,5 +377,5 @@ class AppConfig extends AbstractVaultConfiguration { See also: * https://www.vaultproject.io/docs/concepts/tokens.html[Vault Documentation: Tokens] -* https://www.vaultproject.io/docs/secrets/cubbyhole/index.html[Vault Documentation:Cubbyhole Secret Backend] +* https://www.vaultproject.io/docs/secrets/cubbyhole/index.html[Vault Documentation: Cubbyhole Secret Backend] * https://www.vaultproject.io/docs/concepts/response-wrapping.html[Vault Documentation: Response Wrapping]