Polishing.
Remove GcpIam and AppId leftovers. See gh-904
This commit is contained in:
@@ -1,65 +0,0 @@
|
||||
/*
|
||||
* Copyright 2018-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.vault.authentication;
|
||||
|
||||
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
|
||||
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.ObjectUtils;
|
||||
|
||||
/**
|
||||
* Default implementation of{@link GcpProjectIdAccessor} and
|
||||
* {@link GcpServiceAccountIdAccessor}. Used by {@link GcpIamAuthentication}.
|
||||
*
|
||||
* @author Magnus Jungsbluth
|
||||
* @author Mark Paluch
|
||||
* @since 2.1
|
||||
* @see GcpIamAuthentication
|
||||
*/
|
||||
enum DefaultGcpCredentialAccessors implements GcpProjectIdAccessor, GcpServiceAccountIdAccessor {
|
||||
|
||||
INSTANCE;
|
||||
|
||||
/**
|
||||
* Get the service account id (email) to be placed in the signed JWT.
|
||||
* @param credential credential object to obtain the service account id from.
|
||||
* @return the service account id to use.
|
||||
*/
|
||||
@Override
|
||||
public String getServiceAccountId(GoogleCredential credential) {
|
||||
|
||||
Assert.notNull(credential, "GoogleCredential must not be null");
|
||||
Assert.notNull(credential.getServiceAccountId(),
|
||||
"The configured GoogleCredential does not represent a service account. Configure the service account id with GcpIamAuthenticationOptionsBuilder#serviceAccountId(String).");
|
||||
|
||||
return credential.getServiceAccountId();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the GCP project id to used in Google Cloud IAM API calls.
|
||||
* @param credential the credential object to obtain the project id from.
|
||||
* @return the service account id to use.
|
||||
*/
|
||||
@Override
|
||||
public String getProjectId(GoogleCredential credential) {
|
||||
|
||||
Assert.notNull(credential, "GoogleCredential must not be null");
|
||||
|
||||
return ObjectUtils.isEmpty(credential.getServiceAccountProjectId()) ? "-"
|
||||
: credential.getServiceAccountProjectId();
|
||||
}
|
||||
|
||||
}
|
||||
@@ -33,7 +33,7 @@ enum DefaultGoogleCredentialsAccessors implements GoogleCredentialsAccountIdAcce
|
||||
INSTANCE;
|
||||
|
||||
/**
|
||||
* Get a the service account id (email) to be placed in the signed JWT.
|
||||
* Get the service account id (email) to be placed in the signed JWT.
|
||||
* @param credentials credentials object to obtain the service account id from.
|
||||
* @return the service account id to use.
|
||||
*/
|
||||
|
||||
@@ -1,56 +0,0 @@
|
||||
/*
|
||||
* Copyright 2018-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.vault.authentication;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.function.Supplier;
|
||||
|
||||
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
|
||||
|
||||
/**
|
||||
* Interface to obtain a {@link GoogleCredential} for GCP IAM authentication.
|
||||
* Implementations are used by {@link GcpIamAuthentication}.
|
||||
*
|
||||
* @author Mark Paluch
|
||||
* @since 2.1
|
||||
* @see GcpIamAuthentication
|
||||
*/
|
||||
@FunctionalInterface
|
||||
public interface GcpCredentialSupplier extends Supplier<GoogleCredential> {
|
||||
|
||||
/**
|
||||
* Exception-safe helper to get {@link GoogleCredential} from {@link #getCredential}.
|
||||
* @return the GoogleCredential for JWT signing.
|
||||
*/
|
||||
@Override
|
||||
default GoogleCredential get() {
|
||||
|
||||
try {
|
||||
return getCredential();
|
||||
}
|
||||
catch (IOException e) {
|
||||
throw new IllegalStateException("Cannot obtain GoogleCredential", e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a {@link GoogleCredential} for GCP IAM authentication via JWT signing.
|
||||
* @return the {@link GoogleCredential}.
|
||||
* @throws IOException if the credential lookup fails.
|
||||
*/
|
||||
GoogleCredential getCredential() throws IOException;
|
||||
|
||||
}
|
||||
@@ -1,39 +0,0 @@
|
||||
/*
|
||||
* Copyright 2018-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.vault.authentication;
|
||||
|
||||
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
|
||||
|
||||
/**
|
||||
* Interface to obtain a GCP project id for GCP IAM authentication. Implementations are
|
||||
* used by {@link GcpIamAuthentication}.
|
||||
*
|
||||
* @author Magnus Jungsbluth
|
||||
* @author Mark Paluch
|
||||
* @since 2.1
|
||||
* @see GcpIamAuthentication
|
||||
*/
|
||||
@FunctionalInterface
|
||||
public interface GcpProjectIdAccessor {
|
||||
|
||||
/**
|
||||
* Get a the GCP project id to used in Google Cloud IAM API calls.
|
||||
* @param credential the credential object to obtain the project id from.
|
||||
* @return the service account id to use.
|
||||
*/
|
||||
String getProjectId(GoogleCredential credential);
|
||||
|
||||
}
|
||||
@@ -1,38 +0,0 @@
|
||||
/*
|
||||
* Copyright 2018-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.vault.authentication;
|
||||
|
||||
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
|
||||
|
||||
/**
|
||||
* Interface to obtain a service account id for GCP IAM authentication. Implementations
|
||||
* are used by {@link GcpIamAuthentication}.
|
||||
*
|
||||
* @author Magnus Jungsbluth
|
||||
* @since 2.1
|
||||
* @see GcpIamAuthentication
|
||||
*/
|
||||
@FunctionalInterface
|
||||
public interface GcpServiceAccountIdAccessor {
|
||||
|
||||
/**
|
||||
* Get a the service account id (email) to be placed in the signed JWT.
|
||||
* @param credential credential object to obtain the service account id from.
|
||||
* @return the service account id to use.
|
||||
*/
|
||||
String getServiceAccountId(GoogleCredential credential);
|
||||
|
||||
}
|
||||
@@ -102,15 +102,6 @@ import org.springframework.web.client.RestOperations;
|
||||
* <ul>
|
||||
* <li>Vault Token: {@code vault.token}</li>
|
||||
* </ul>
|
||||
* <li>AppId authentication
|
||||
* <ul>
|
||||
* <li>AppId path: {@code vault.app-id.app-id-path} (since 2.2.1, defaults to
|
||||
* {@link AppIdAuthenticationOptions#DEFAULT_APPID_AUTHENTICATION_PATH})</li>
|
||||
* <li>AppId: {@code vault.app-id.app-id}</li>
|
||||
* <li>UserId: {@code vault.app-id.user-id}. {@literal MAC_ADDRESS} and
|
||||
* {@literal IP_ADDRESS} use {@link MacAddressUserId}, respective {@link IpAddressUserId}.
|
||||
* Any other value is used with {@link StaticUserId}.</li>
|
||||
* </ul>
|
||||
* <li>AppRole authentication
|
||||
* <ul>
|
||||
* <li>AppRole path: {@code vault.app-role.app-role-path} (since 2.2.1, defaults to
|
||||
@@ -170,7 +161,6 @@ import org.springframework.web.client.RestOperations;
|
||||
* @see org.springframework.core.env.Environment
|
||||
* @see org.springframework.core.env.PropertySource
|
||||
* @see VaultEndpoint
|
||||
* @see AppIdAuthentication
|
||||
* @see AppRoleAuthentication
|
||||
* @see AwsEc2Authentication
|
||||
* @see AwsIamAuthentication
|
||||
|
||||
Reference in New Issue
Block a user