Document relative and absolute Vault path behavior.
Closes gh-926
This commit is contained in:
@@ -23,6 +23,7 @@ import reactor.core.publisher.Flux;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
import org.springframework.vault.VaultException;
|
||||
import org.springframework.vault.client.VaultEndpoint;
|
||||
import org.springframework.vault.support.VaultResponse;
|
||||
import org.springframework.vault.support.VaultResponseSupport;
|
||||
import org.springframework.web.reactive.function.client.WebClient;
|
||||
@@ -39,6 +40,11 @@ import static org.springframework.vault.core.VaultKeyValueOperationsSupport.*;
|
||||
* {@link ReactiveVaultOperations} allows execution of callback methods. Callbacks can
|
||||
* execute requests within a {@link #doWithSession(Function) session context} and the
|
||||
* {@link #doWithVault(Function) without a session}.
|
||||
* <p>
|
||||
* Paths used in this interface (and interfaces accessible from here) are considered
|
||||
* relative to the {@link VaultEndpoint}. Paths that are fully-qualified URI's can be used
|
||||
* to access Vault cluster members in an authenticated context. To prevent unwanted full
|
||||
* URI access, make sure to sanitize paths before passing them to this interface.
|
||||
*
|
||||
* @author Mark Paluch
|
||||
* @author James Luke
|
||||
|
||||
@@ -54,7 +54,18 @@ import static org.springframework.web.reactive.function.client.ExchangeFilterFun
|
||||
|
||||
/**
|
||||
* This class encapsulates main Vault interaction. {@link ReactiveVaultTemplate} will log
|
||||
* into Vault on initialization and use the token throughout the whole lifetime.
|
||||
* into Vault on initialization and use the token throughout the whole lifetime. This is
|
||||
* the main entry point to interact with Vault in an authenticated and unauthenticated
|
||||
* context.
|
||||
* <p>
|
||||
* {@link ReactiveVaultTemplate} allows execution of callback methods. Callbacks can
|
||||
* execute requests within a {@link #doWithSession(Function) session context} and the
|
||||
* {@link #doWithVault(Function) without a session}.
|
||||
* <p>
|
||||
* Paths used in this interface (and interfaces accessible from here) are considered
|
||||
* relative to the {@link VaultEndpoint}. Paths that are fully-qualified URI's can be used
|
||||
* to access Vault cluster members in an authenticated context. To prevent unwanted full
|
||||
* URI access, make sure to sanitize paths before passing them to this interface.
|
||||
*
|
||||
* @author Mark Paluch
|
||||
* @author Raoof Mohammed
|
||||
|
||||
@@ -20,6 +20,7 @@ import java.util.List;
|
||||
import org.jspecify.annotations.Nullable;
|
||||
|
||||
import org.springframework.vault.VaultException;
|
||||
import org.springframework.vault.client.VaultEndpoint;
|
||||
import org.springframework.vault.core.VaultKeyValueOperationsSupport.KeyValueBackend;
|
||||
import org.springframework.vault.support.VaultResponse;
|
||||
import org.springframework.vault.support.VaultResponseSupport;
|
||||
@@ -33,6 +34,11 @@ import org.springframework.web.client.RestClientException;
|
||||
* {@link VaultOperations} allows execution of callback methods. Callbacks can execute
|
||||
* requests within a {@link #doWithSession(RestOperationsCallback) session context} and
|
||||
* the {@link #doWithVault(RestOperationsCallback) without a session}.
|
||||
* <p>
|
||||
* Paths used in this interface (and interfaces accessible from here) are considered
|
||||
* relative to the {@link VaultEndpoint}. Paths that are fully-qualified URI's can be used
|
||||
* to access Vault cluster members in an authenticated context. To prevent unwanted full
|
||||
* URI access, make sure to sanitize paths before passing them to this interface.
|
||||
*
|
||||
* @author Mark Paluch
|
||||
* @author Lauren Voswinkel
|
||||
|
||||
@@ -47,8 +47,19 @@ import org.springframework.web.client.RestOperations;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
/**
|
||||
* This class encapsulates main Vault interaction. {@link VaultTemplate} will log into
|
||||
* Vault on initialization and use the token throughout the whole lifetime.
|
||||
* This class encapsulates main Vault interaction. {@code VaultTemplate} will log into
|
||||
* Vault on initialization and use the token throughout the whole lifetime. This is the
|
||||
* main entry point to interact with Vault in an authenticated and unauthenticated
|
||||
* context.
|
||||
* <p>
|
||||
* {@code VaultTemplate} allows execution of callback methods. Callbacks can execute
|
||||
* requests within a {@link #doWithSession(RestOperationsCallback) session context} and
|
||||
* the {@link #doWithVault(RestOperationsCallback) without a session}.
|
||||
* <p>
|
||||
* Paths used in this interface (and interfaces accessible from here) are considered
|
||||
* relative to the {@link VaultEndpoint}. Paths that are fully-qualified URI's can be used
|
||||
* to access Vault cluster members in an authenticated context. To prevent unwanted full
|
||||
* URI access, make sure to sanitize paths before passing them to this interface.
|
||||
*
|
||||
* @author Mark Paluch
|
||||
* @see SessionManager
|
||||
|
||||
@@ -23,6 +23,11 @@ the use of the Vault API and `VaultOperations`. A major difference in between
|
||||
the two APIs is that `VaultOperations` can be passed domain objects instead of
|
||||
JSON Key-Value pairs.
|
||||
|
||||
Paths used in `VaultTemplate` (and interfaces accessible from there) are considered
|
||||
relative to the `VaultEndpoint`. Paths that are fully-qualified URI's can be used
|
||||
to access Vault cluster members in an authenticated context. To prevent unwanted
|
||||
full URI access, make sure to sanitize paths before passing them to `VaultTemplate`.
|
||||
|
||||
NOTE: The preferred way to reference the operations on javadoc:org.springframework.vault.core.VaultTemplate[] instance
|
||||
is via its interface javadoc:org.springframework.vault.core.VaultOperations[].
|
||||
|
||||
|
||||
@@ -47,6 +47,11 @@ the use of the Vault API and javadoc:org.springframework.vault.core.ReactiveVaul
|
||||
the two APIs is that javadoc:org.springframework.vault.core.ReactiveVaultOperations[] can be passed domain objects instead of
|
||||
JSON Key-Value pairs.
|
||||
|
||||
Paths used in `ReactiveVaultTemplate` (and interfaces accessible from there) are considered
|
||||
relative to the `VaultEndpoint`. Paths that are fully-qualified URI's can be used
|
||||
to access Vault cluster members in an authenticated context. To prevent unwanted
|
||||
full URI access, make sure to sanitize paths before passing them to `ReactiveVaultTemplate`.
|
||||
|
||||
NOTE: The preferred way to reference the operations on javadoc:org.springframework.vault.core.ReactiveVaultTemplate[] instance
|
||||
is via its interface javadoc:org.springframework.vault.core.ReactiveVaultOperations[].
|
||||
|
||||
|
||||
Reference in New Issue
Block a user