diff --git a/spring-vault-core/src/main/java/org/springframework/vault/VaultException.java b/spring-vault-core/src/main/java/org/springframework/vault/VaultException.java index fd64251f..1fdf95bf 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/VaultException.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/VaultException.java @@ -26,8 +26,8 @@ import org.springframework.core.NestedRuntimeException; public class VaultException extends NestedRuntimeException { /** - * Creates a {@code VaultException} with the specified detail message. - * + * Create a {@code VaultException} with the specified detail message. + * * @param msg the detail message */ public VaultException(String msg) { @@ -35,9 +35,9 @@ public class VaultException extends NestedRuntimeException { } /** - * Creates a {@code NestedRuntimeException} with the specified detail message and + * Create a {@code NestedRuntimeException} with the specified detail message and * nested exception. - * + * * @param msg the detail message * @param cause the nested exception */ diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdAuthentication.java index 48c52302..c952fcf7 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdAuthentication.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdAuthentication.java @@ -49,7 +49,7 @@ public class AppIdAuthentication implements ClientAuthentication { private final RestOperations restOperations; /** - * Creates a {@link AppIdAuthentication} using {@link AppIdAuthenticationOptions} and + * Create a {@link AppIdAuthentication} using {@link AppIdAuthenticationOptions} and * {@link RestOperations}. * * @param options must not be {@literal null}. diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdUserIdMechanism.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdUserIdMechanism.java index 13a75b4d..47dd8105 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdUserIdMechanism.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdUserIdMechanism.java @@ -26,7 +26,7 @@ package org.springframework.vault.authentication; public interface AppIdUserIdMechanism { /** - * Creates a UserId for AppId authentication. + * Create a UserId for AppId authentication. * * @return the UserId. */ diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppRoleAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppRoleAuthentication.java index b1e3fdc2..1829d604 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppRoleAuthentication.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppRoleAuthentication.java @@ -51,7 +51,7 @@ public class AppRoleAuthentication implements ClientAuthentication { private final RestOperations restOperations; /** - * Creates a {@link AppRoleAuthentication} using {@link AppRoleAuthenticationOptions} + * Create a {@link AppRoleAuthentication} using {@link AppRoleAuthenticationOptions} * and {@link RestOperations}. * * @param options must not be {@literal null}. diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2Authentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2Authentication.java index a1a18e15..4103b2a5 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2Authentication.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2Authentication.java @@ -59,7 +59,7 @@ public class AwsEc2Authentication implements ClientAuthentication { private final AtomicReference nonce = new AtomicReference(); /** - * Creates a new {@link AwsEc2Authentication}. + * Create a new {@link AwsEc2Authentication}. * * @param vaultRestOperations must not be {@literal null}. */ @@ -69,7 +69,7 @@ public class AwsEc2Authentication implements ClientAuthentication { } /** - * Creates a new {@link AwsEc2Authentication} specifying + * Create a new {@link AwsEc2Authentication} specifying * {@link AwsEc2AuthenticationOptions}, a Vault and an AWS-Metadata-specific * {@link RestOperations} . * diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/ClientCertificateAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/ClientCertificateAuthentication.java index bfe25b72..bef84d19 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/ClientCertificateAuthentication.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/ClientCertificateAuthentication.java @@ -41,7 +41,7 @@ public class ClientCertificateAuthentication implements ClientAuthentication { private final RestOperations restOperations; /** - * Creates a {@link ClientCertificateAuthentication} using {@link RestOperations}. + * Create a {@link ClientCertificateAuthentication} using {@link RestOperations}. * * @param restOperations must not be {@literal null}. */ diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/LifecycleAwareSessionManager.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/LifecycleAwareSessionManager.java index 93b3ba3b..29152d5b 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/LifecycleAwareSessionManager.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/LifecycleAwareSessionManager.java @@ -115,7 +115,7 @@ public class LifecycleAwareSessionManager implements SessionManager, DisposableB } /** - * Performs a token refresh. Creates a new token if no token was obtained before. If a + * Performs a token refresh. Create a new token if no token was obtained before. If a * token was obtained before, it uses self-renewal to renew the current token. * Client-side errors (like permission denied) indicate the token cannot be renewed * because it's expired or simply not found. diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/LoginToken.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/LoginToken.java index cdfad194..92f36e85 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/LoginToken.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/LoginToken.java @@ -41,7 +41,7 @@ class LoginToken extends VaultToken { } /** - * Creates a new {@link LoginToken}. + * Create a new {@link LoginToken}. * * @param token must not be {@literal null}. * @return the created {@link VaultToken} @@ -51,7 +51,7 @@ class LoginToken extends VaultToken { } /** - * Creates a new {@link LoginToken} with a {@code leaseDuration}. + * Create a new {@link LoginToken} with a {@code leaseDuration}. * * @param token must not be {@literal null}. * @param leaseDuration the lease duration. @@ -65,7 +65,7 @@ class LoginToken extends VaultToken { } /** - * Creates a new renewable {@link LoginToken} with a {@code leaseDuration}. + * Create a new renewable {@link LoginToken} with a {@code leaseDuration}. * * @param token must not be {@literal null}. * @param leaseDuration the lease duration. diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/MacAddressUserId.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/MacAddressUserId.java index 50c82cea..760a4b80 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/MacAddressUserId.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/MacAddressUserId.java @@ -44,7 +44,7 @@ public class MacAddressUserId implements AppIdUserIdMechanism { private final String networkInterfaceHint; /** - * Creates a new {@link MacAddressUserId} using the {@link NetworkInterface} from the + * Create a new {@link MacAddressUserId} using the {@link NetworkInterface} from the * {@link InetAddress#getLocalHost()}. */ public MacAddressUserId() { @@ -52,10 +52,10 @@ public class MacAddressUserId implements AppIdUserIdMechanism { } /** - * Creates a new {@link MacAddressUserId} using a {@code networkInterfaceIndex}. The + * Create a new {@link MacAddressUserId} using a {@code networkInterfaceIndex}. The * index is applied to {@link NetworkInterface#getNetworkInterfaces()} to obtain the * desired network interface. - * + * * @param networkInterfaceIndex must be greater or equal to zero. */ public MacAddressUserId(int networkInterfaceIndex) { @@ -67,7 +67,7 @@ public class MacAddressUserId implements AppIdUserIdMechanism { } /** - * Creates a new {@link MacAddressUserId} using a {@code networkInterfaceName}. This + * Create a new {@link MacAddressUserId} using a {@code networkInterfaceName}. This * name is compared with {@link NetworkInterface#getName()} and * {@link NetworkInterface#getDisplayName()} to obtain the desired network interface. * diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/SimpleSessionManager.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/SimpleSessionManager.java index c4b2a8db..4f357e10 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/SimpleSessionManager.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/SimpleSessionManager.java @@ -37,8 +37,8 @@ public class SimpleSessionManager implements SessionManager { private volatile VaultToken token; /** - * Creates a new {@link SimpleSessionManager} using a {@link ClientAuthentication}. - * + * Create a new {@link SimpleSessionManager} using a {@link ClientAuthentication}. + * * @param clientAuthentication must not be {@literal null}. */ public SimpleSessionManager(ClientAuthentication clientAuthentication) { diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/StaticUserId.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/StaticUserId.java index 5f3c35ca..8bb0366b 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/StaticUserId.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/StaticUserId.java @@ -20,7 +20,7 @@ import org.springframework.util.Assert; /** * A static UserId. - * + * * @author Mark Paluch * @see AppIdUserIdMechanism */ @@ -29,7 +29,7 @@ public class StaticUserId implements AppIdUserIdMechanism { private final String userId; /** - * Creates a new {@link StaticUserId} for a given {@code userId}. + * Create a new {@link StaticUserId} for a given {@code userId}. * * @param userId must not be empty or {@literal null}. */ diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/TokenAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/TokenAuthentication.java index c44bb71e..cf81005a 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/TokenAuthentication.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/TokenAuthentication.java @@ -30,8 +30,8 @@ public class TokenAuthentication implements ClientAuthentication { private final VaultToken token; /** - * Creates a new {@link TokenAuthentication} with a static {@code token}. - * + * Create a new {@link TokenAuthentication} with a static {@code token}. + * * @param token the Vault token, must not be empty or {@literal null}. */ public TokenAuthentication(String token) { @@ -41,7 +41,7 @@ public class TokenAuthentication implements ClientAuthentication { } /** - * Creates a new {@link TokenAuthentication} with a static {@code token}. + * Create a new {@link TokenAuthentication} with a static {@code token}. * * @param token the Vault token, must not be {@literal null}. */ diff --git a/spring-vault-core/src/main/java/org/springframework/vault/config/ClientHttpRequestFactoryFactory.java b/spring-vault-core/src/main/java/org/springframework/vault/config/ClientHttpRequestFactoryFactory.java index 0cf8e22b..ff7afc67 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/config/ClientHttpRequestFactoryFactory.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/config/ClientHttpRequestFactoryFactory.java @@ -85,7 +85,7 @@ public class ClientHttpRequestFactoryFactory { ClientHttpRequestFactoryFactory.class.getClassLoader()); /** - * Creates a {@link ClientHttpRequestFactory} for the given {@link ClientOptions} and + * Create a {@link ClientHttpRequestFactory} for the given {@link ClientOptions} and * {@link SslConfiguration}. * * @param options must not be {@literal null} diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultOperations.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultOperations.java index e3648b7f..21dd9c1e 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultOperations.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultOperations.java @@ -58,7 +58,7 @@ public interface VaultOperations { VaultTransitOperations opsForTransit(); /** - * Returns {@link VaultTransitOperations} if the transit backend is mounted on a + * Return {@link VaultTransitOperations} if the transit backend is mounted on a * different path than {@code transit}. * * @param path the mount path @@ -72,8 +72,8 @@ public interface VaultOperations { VaultPkiOperations opsForPki(); /** - * Returns {@link VaultPkiOperations} if the PKI backend is mounted on a different - * path than {@code pki}. + * Return {@link VaultPkiOperations} if the PKI backend is mounted on a different path + * than {@code pki}. * * @param path the mount path * @return the operations interface to interact with the Vault PKI backend. diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultSysOperations.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultSysOperations.java index 769be091..553f4154 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultSysOperations.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultSysOperations.java @@ -127,7 +127,7 @@ public interface VaultSysOperations { void authUnmount(String path) throws VaultException; /** - * Returns the health status of Vault. + * Return the health status of Vault. * * @return the {@link VaultHealth}. * @see GET diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultSysTemplate.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultSysTemplate.java index b631aec1..f1abaa8e 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultSysTemplate.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultSysTemplate.java @@ -65,7 +65,7 @@ public class VaultSysTemplate implements VaultSysOperations { private final VaultOperations vaultOperations; /** - * Creates a new {@link VaultSysTemplate} with the given {@link VaultOperations}. + * Create a new {@link VaultSysTemplate} with the given {@link VaultOperations}. * * @param vaultOperations must not be {@literal null}. */ diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTemplate.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTemplate.java index ec30af16..2fffddd1 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTemplate.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTemplate.java @@ -64,7 +64,7 @@ public class VaultTemplate implements InitializingBean, VaultOperations, Disposa private final boolean dedicatedSessionManager; /** - * Creates a new {@link VaultTemplate} without setting {@link RestOperations} and + * Create a new {@link VaultTemplate} without setting {@link RestOperations} and * {@link SessionManager}. */ public VaultTemplate() { @@ -72,7 +72,7 @@ public class VaultTemplate implements InitializingBean, VaultOperations, Disposa } /** - * Creates a new {@link VaultTemplate} with a {@link VaultEndpoint} and + * Create a new {@link VaultTemplate} with a {@link VaultEndpoint} and * {@link ClientAuthentication}. * * @param vaultEndpoint must not be {@literal null}. @@ -95,7 +95,7 @@ public class VaultTemplate implements InitializingBean, VaultOperations, Disposa } /** - * Creates a new {@link VaultTemplate} with a {@link VaultEndpoint}, + * Create a new {@link VaultTemplate} with a {@link VaultEndpoint}, * {@link ClientHttpRequestFactory} and {@link SessionManager}. * * @param vaultEndpoint must not be {@literal null}. diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTokenTemplate.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTokenTemplate.java index 7b60d1db..b27b3923 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTokenTemplate.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTokenTemplate.java @@ -37,7 +37,7 @@ public class VaultTokenTemplate implements VaultTokenOperations { private final VaultOperations vaultOperations; /** - * Creates a new {@link VaultTokenTemplate} with the given {@link VaultOperations}. + * Create a new {@link VaultTokenTemplate} with the given {@link VaultOperations}. * * @param vaultOperations must not be {@literal null}. */ diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTransitOperations.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTransitOperations.java index 55965808..134a53da 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTransitOperations.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTransitOperations.java @@ -32,14 +32,14 @@ import org.springframework.vault.support.VaultTransitKeyCreationRequest; public interface VaultTransitOperations { /** - * Creates a new named encryption key given a {@code name}. + * Create a new named encryption key given a {@code name}. * * @param keyName must not be empty or {@literal null}. */ void createKey(String keyName); /** - * Creates a new named encryption key given a {@code name} and + * Create a new named encryption key given a {@code name} and * {@link VaultTransitKeyCreationRequest}. The key options set here cannot be changed * after key creation. * @@ -56,7 +56,7 @@ public interface VaultTransitOperations { List getKeys(); /** - * Creates a new named encryption key given a {@code name}. + * Create a new named encryption key given a {@code name}. * * @param keyName must not be empty or {@literal null}. * @param keyConfiguration must not be {@literal null}. @@ -64,7 +64,7 @@ public interface VaultTransitOperations { void configureKey(String keyName, VaultTransitKeyConfiguration keyConfiguration); /** - * Returns information about a named encryption key. + * Return information about a named encryption key. * * @param keyName must not be empty or {@literal null}. * @return the {@link VaultTransitKey}. diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/env/VaultPropertySource.java b/spring-vault-core/src/main/java/org/springframework/vault/core/env/VaultPropertySource.java index 2512eb66..453d124a 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/env/VaultPropertySource.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/env/VaultPropertySource.java @@ -186,5 +186,4 @@ public class VaultPropertySource extends EnumerablePropertySource toStringMap(Map data) { return JsonMapFlattener.flatten(data); } - } diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/SecretLeaseContainer.java b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/SecretLeaseContainer.java index f81663b8..23e1646f 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/SecretLeaseContainer.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/SecretLeaseContainer.java @@ -97,17 +97,17 @@ container.start(); // events are triggered after starting the container * by this container applying {@code minRenewalSeconds}/{@code expiryThresholdSeconds} on * a {@link TaskScheduler background thread}. *

- * Requests for secrets can define either renewal or rotation. Renewable leases are - * renewed until expiry. Rotating secrets renew their associated lease until expiry and - * request new secrets after expiry. Vault requires active interaction from a caller side - * to determine a secret is expired. Vault does not send any events. Expired secrets - * events can dispatch later than the actual expiry. + * Requests for secrets can define either renewal or rotation. The container renews leases + * until expiry. Rotating secrets renew their associated lease until expiry and request + * new secrets after expiry. Vault requires active interaction from a caller side to + * determine a secret is expired. Vault does not send any events. Expired secrets events + * can dispatch later than the actual expiry. *

* The container dispatches lease events to {@link LeaseListener} and * {@link LeaseErrorListener}. Event notifications are dispatched either on the - * {@link #start() stating} {@link Thread} or worker threads used for background renewal. - * - * Instances are thread-safe once {@link #afterPropertiesSet() initialized.} + * {@link #start() starting} {@link Thread} or worker threads used for background renewal. + *

+ * Instances are thread-safe once {@link #afterPropertiesSet() initialized}. * * @author Mark Paluch * @see RequestedSecret @@ -146,7 +146,7 @@ public class SecretLeaseContainer extends SecretLeaseEventPublisher private volatile int status = STATUS_INITIAL; /** - * Creates a new {@link SecretLeaseContainer} given {@link VaultOperations}. + * Create a new {@link SecretLeaseContainer} given {@link VaultOperations}. * * @param operations must not be {@literal null}. */ @@ -158,7 +158,7 @@ public class SecretLeaseContainer extends SecretLeaseEventPublisher } /** - * Creates a new {@link SecretLeaseContainer} given {@link VaultOperations} and + * Create a new {@link SecretLeaseContainer} given {@link VaultOperations} and * {@link TaskScheduler}. * * @param operations must not be {@literal null}. @@ -170,7 +170,7 @@ public class SecretLeaseContainer extends SecretLeaseEventPublisher Assert.notNull(taskScheduler, "TaskScheduler must not be null"); this.operations = operations; - this.taskScheduler = taskScheduler; + setTaskScheduler(taskScheduler); } /** @@ -221,10 +221,7 @@ public class SecretLeaseContainer extends SecretLeaseEventPublisher * @return the {@link RequestedSecret}. */ public RequestedSecret requestRenewableSecret(String path) { - - RequestedSecret requestedSecret = RequestedSecret.renewable(path); - addRequestedSecret(requestedSecret); - return requestedSecret; + return addRequestedSecret(RequestedSecret.renewable(path)); } /** @@ -234,10 +231,7 @@ public class SecretLeaseContainer extends SecretLeaseEventPublisher * @return the {@link RequestedSecret}. */ public RequestedSecret requestRotatingSecret(String path) { - - RequestedSecret requestedSecret = RequestedSecret.rotating(path); - addRequestedSecret(requestedSecret); - return requestedSecret; + return addRequestedSecret(RequestedSecret.rotating(path)); } /** @@ -245,7 +239,7 @@ public class SecretLeaseContainer extends SecretLeaseEventPublisher * * @param requestedSecret must not be {@literal null}. */ - public void addRequestedSecret(RequestedSecret requestedSecret) { + public RequestedSecret addRequestedSecret(RequestedSecret requestedSecret) { Assert.notNull(requestedSecret, "RequestedSecret must not be null"); @@ -261,6 +255,8 @@ public class SecretLeaseContainer extends SecretLeaseEventPublisher start(requestedSecret, leaseRenewalScheduler); } } + + return requestedSecret; } /** @@ -269,9 +265,9 @@ public class SecretLeaseContainer extends SecretLeaseEventPublisher * events through {@link LeaseListener}. Additional secrets can be requested at any * time. *

- * Multiple {@link #start()} calls are synchronized to start the container only once. - * Container start requires {@link #afterPropertiesSet() initialization} and cannot be - * started once the container was {@link #destroy() destroyed}. + * Multiple calls are synchronized to start the container only once. Container start + * requires {@link #afterPropertiesSet() initialization} and cannot be started once + * the container was {@link #destroy() destroyed}. * * @see #afterPropertiesSet() * @see #stop() @@ -314,7 +310,7 @@ public class SecretLeaseContainer extends SecretLeaseEventPublisher * Stop the {@link SecretLeaseContainer}. Stopping the container will stop lease * renewal, secrets rotation and event publishing. Active leases are not expired. *

- * Multiple {@link #stop()} calls are synchronized to stop the container only once. + * Multiple calls are synchronized to stop the container only once. * * @see #start() */ @@ -359,6 +355,10 @@ public class SecretLeaseContainer extends SecretLeaseEventPublisher /** * Shutdown this {@link SecretLeaseContainer}, disable lease renewal and revoke * leases. + * + * @see #afterPropertiesSet() + * @see #start() + * @see #stop() */ @Override public void destroy() throws Exception { @@ -497,7 +497,7 @@ public class SecretLeaseContainer extends SecretLeaseEventPublisher } /** - * Hook method called when a {@link Lease} expired. The default implementation is to + * Hook method called when a {@link Lease} expires. The default implementation is to * notify {@link LeaseListener}. Implementations can override this method in * subclasses. * @@ -651,7 +651,7 @@ public class SecretLeaseContainer extends SecretLeaseEventPublisher /** * Disables schedule for already scheduled renewals. */ - public void disableScheduleRenewal() { + void disableScheduleRenewal() { currentLeaseRef.set(null); Set leases = new HashSet(schedules.keySet()); diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/domain/Lease.java b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/domain/Lease.java index 9d77688f..ecb302e8 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/domain/Lease.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/domain/Lease.java @@ -18,7 +18,7 @@ package org.springframework.vault.core.lease.domain; import org.springframework.util.Assert; /** - * A lease abstracting the lease Id, duration and renewability. + * A lease abstracting the lease Id, duration and its renewability. * * @author Mark Paluch */ @@ -33,6 +33,7 @@ public class Lease { private final boolean renewable; private Lease(String leaseId, long leaseDuration, boolean renewable) { + this.leaseId = leaseId; this.leaseDuration = leaseDuration; this.renewable = renewable; diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/domain/RequestedSecret.java b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/domain/RequestedSecret.java index 60f95571..56618efc 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/domain/RequestedSecret.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/domain/RequestedSecret.java @@ -46,7 +46,7 @@ public class RequestedSecret { * this secret will be renewed if the lease is qualified for renewal. The lease is no * longer valid after expiry. * - * @param path must not be {@literal null} or empty. + * @param path must not be {@literal null} or empty, must not start with a slash. * @return the renewable {@link RequestedSecret}. */ public static RequestedSecret renewable(String path) { @@ -58,7 +58,7 @@ public class RequestedSecret { * this secret will be renewed if the lease is qualified for renewal. Once the lease * expires, a new secret with a new lease is obtained. * - * @param path must not be {@literal null} or empty. + * @param path must not be {@literal null} or empty, must not start with a slash. * @return the rotating {@link RequestedSecret}. */ public static RequestedSecret rotating(String path) { diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/domain/package-info.java b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/domain/package-info.java new file mode 100644 index 00000000..0cbd6d8e --- /dev/null +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/domain/package-info.java @@ -0,0 +1,4 @@ +/** + * Lease domain classes. + */ +package org.springframework.vault.core.lease.domain; diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/AfterSecretLeaseRenewedEvent.java b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/AfterSecretLeaseRenewedEvent.java index 9d656e96..3adce258 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/AfterSecretLeaseRenewedEvent.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/AfterSecretLeaseRenewedEvent.java @@ -21,7 +21,7 @@ import org.springframework.vault.core.lease.domain.RequestedSecret; /** * Event published after renewing a {@link Lease} for a {@link RequestedSecret}. The * secrets associated with {@link Lease} should be considered valid and the lease extended - * when this event is received. + * at the time this event is received. * * @author Mark Paluch */ diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/AfterSecretLeaseRevocationEvent.java b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/AfterSecretLeaseRevocationEvent.java index cfdc5ee2..85aa4a46 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/AfterSecretLeaseRevocationEvent.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/AfterSecretLeaseRevocationEvent.java @@ -20,8 +20,8 @@ import org.springframework.vault.core.lease.domain.RequestedSecret; /** * Event published after revoking a {@link Lease} for a {@link RequestedSecret}. The - * secrets associated with {@link Lease} should be considered invalid when this event is - * received. + * secrets associated with {@link Lease} should be considered invalid at the time this + * event is received. * * @author Mark Paluch */ diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/BeforeSecretLeaseRevocationEvent.java b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/BeforeSecretLeaseRevocationEvent.java index 07905632..25d73097 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/BeforeSecretLeaseRevocationEvent.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/BeforeSecretLeaseRevocationEvent.java @@ -20,8 +20,7 @@ import org.springframework.vault.core.lease.domain.RequestedSecret; /** * Event published before revoking a {@link Lease} for a {@link RequestedSecret}. The - * secrets associated with {@link Lease} should be considered still valid when this event - * is received. + * secrets associated with {@link Lease} can be valid at the time this event is received. * * @author Mark Paluch * @see AfterSecretLeaseRevocationEvent diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/LeaseErrorListener.java b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/LeaseErrorListener.java index 46c54cf1..f8bc1c04 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/LeaseErrorListener.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/LeaseErrorListener.java @@ -17,6 +17,9 @@ package org.springframework.vault.core.lease.event; /** * Listener for Vault exceptional {@link SecretLeaseEvent}s. + *

+ * Error events can occur during secret retrieval, lease renewal, lease revocation and + * secret rotation. * * @author Mark Paluch */ diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/SecretLeaseEvent.java b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/SecretLeaseEvent.java index 54037414..9c59a9d2 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/SecretLeaseEvent.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/SecretLeaseEvent.java @@ -20,12 +20,18 @@ import org.springframework.vault.core.lease.domain.Lease; import org.springframework.vault.core.lease.domain.RequestedSecret; /** - * Abstract base class for {@link Lease} based events. + * Abstract base class for {@link Lease} based events associated with + * {@link RequestedSecret}. * * @author Mark Paluch + * @see ApplicationEvent + * @see Lease + * @see RequestedSecret */ public abstract class SecretLeaseEvent extends ApplicationEvent { + private static final long serialVersionUID = 1L; + private final Lease lease; /** @@ -37,6 +43,7 @@ public abstract class SecretLeaseEvent extends ApplicationEvent { */ protected SecretLeaseEvent(RequestedSecret requestedSecret, Lease lease) { super(requestedSecret); + this.lease = lease; } diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/SecretLeaseExpiredEvent.java b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/SecretLeaseExpiredEvent.java index 834eb38b..37f7a121 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/SecretLeaseExpiredEvent.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/SecretLeaseExpiredEvent.java @@ -20,7 +20,8 @@ import org.springframework.vault.core.lease.domain.RequestedSecret; /** * Event published after an expired {@link Lease} for a {@link RequestedSecret} was - * observed. + * observed. Secrets associated with the lease are about to expire or already expired at + * the time this event is received. * * @author Mark Paluch */ diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/package-info.java b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/package-info.java new file mode 100644 index 00000000..c7d04fbb --- /dev/null +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/event/package-info.java @@ -0,0 +1,4 @@ +/** + * Support classes for lease application events. + */ +package org.springframework.vault.core.lease.event; diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/package-info.java b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/package-info.java new file mode 100644 index 00000000..d049f1ed --- /dev/null +++ b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/package-info.java @@ -0,0 +1,4 @@ +/** + * The core package implementing lease renewal and secret rotation. + */ +package org.springframework.vault.core.lease; diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/ClientOptions.java b/spring-vault-core/src/main/java/org/springframework/vault/support/ClientOptions.java index 286c7b40..a75b26ec 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/support/ClientOptions.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/support/ClientOptions.java @@ -19,7 +19,7 @@ import java.util.concurrent.TimeUnit; /** * Client options for Vault. - * + * * @author Mark Paluch */ public class ClientOptions { @@ -35,7 +35,7 @@ public class ClientOptions { private final int readTimeout; /** - * Creates new {@link ClientOptions} with default timeouts of {@literal 5} + * Create new {@link ClientOptions} with default timeouts of {@literal 5} * {@link TimeUnit#SECONDS} connection timeout and {@literal 15} * {@link TimeUnit#SECONDS} read timeout. */ @@ -44,8 +44,8 @@ public class ClientOptions { } /** - * Creates new {@link ClientOptions}. - * + * Create new {@link ClientOptions}. + * * @param connectionTimeout connection timeout in {@link TimeUnit#MILLISECONDS}, must * be greater {@literal 0}. * @param readTimeout read timeout in {@link TimeUnit#MILLISECONDS}, must be greater diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/KeystoreUtil.java b/spring-vault-core/src/main/java/org/springframework/vault/support/KeystoreUtil.java index 2ba38d17..8cea1640 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/support/KeystoreUtil.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/support/KeystoreUtil.java @@ -41,8 +41,8 @@ import java.util.List; class KeystoreUtil { /** - * Creates a {@link KeyStore} containing the {@link KeySpec} and - * {@link X509Certificate certificates} using the given {@code keyAlias}. + * Create a {@link KeyStore} containing the {@link KeySpec} and {@link X509Certificate + * certificates} using the given {@code keyAlias}. * * @param keyAlias * @param certificates @@ -82,7 +82,7 @@ class KeystoreUtil { } /** - * Creates an empty {@link KeyStore}. + * Create an empty {@link KeyStore}. * * @return * @throws GeneralSecurityException @@ -337,7 +337,7 @@ class KeystoreUtil { * | Class | CF | + Type | * ------------------------------------------------- * - * + * *

    *
  • Class: Universal, Application, Context or Private *
  • CF: Constructed flag. If 1, the field is constructed. diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/SslConfiguration.java b/spring-vault-core/src/main/java/org/springframework/vault/support/SslConfiguration.java index 5cd4f89e..8f05fe41 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/support/SslConfiguration.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/support/SslConfiguration.java @@ -60,7 +60,7 @@ public class SslConfiguration { private final String trustStorePassword; /** - * Creates a new {@link SslConfiguration}. + * Create a new {@link SslConfiguration}. * * @param keyStore the keystore resource. * @param keyStorePassword the keystore password. @@ -77,7 +77,7 @@ public class SslConfiguration { } /** - * Creates a new {@link SslConfiguration} for the given trust store. + * Create a new {@link SslConfiguration} for the given trust store. * * @param trustStore resource pointing to an existing trust store, must not be * {@literal null}. @@ -96,7 +96,7 @@ public class SslConfiguration { } /** - * Creates a new {@link SslConfiguration} for the given key store. + * Create a new {@link SslConfiguration} for the given key store. * * @param keyStore resource pointing to an existing key store, must not be * {@literal null}. @@ -114,7 +114,7 @@ public class SslConfiguration { } /** - * Creates a new {@link SslConfiguration} for the given truststore. + * Create a new {@link SslConfiguration} for the given truststore. * * @param keyStore resource pointing to an existing keystore, must not be * {@literal null}. diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/VaultCertificateRequest.java b/spring-vault-core/src/main/java/org/springframework/vault/support/VaultCertificateRequest.java index b31ca3df..bfc6ad1f 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/support/VaultCertificateRequest.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/support/VaultCertificateRequest.java @@ -75,7 +75,7 @@ public class VaultCertificateRequest { } /** - * Creates a new {@link VaultCertificateRequest} given a {@code commonName}. + * Create a new {@link VaultCertificateRequest} given a {@code commonName}. * * @param commonName must not be empty or {@literal null}. * @return the created {@link VaultCertificateRequest}. @@ -189,7 +189,7 @@ public class VaultCertificateRequest { /** * Configure a TTL. - * + * * @param ttl the TTL, must be a positive number. * @return {@code this} {@link VaultCertificateRequestBuilder}. */ @@ -221,7 +221,7 @@ public class VaultCertificateRequest { * Exclude the given common name from DNS or Email Subject Alternate Names (as * appropriate). Useful if the CN is not a hostname or email address, but is * instead some human-readable identifier. - * + * * @return {@code this} {@link VaultCertificateRequestBuilder}. */ public VaultCertificateRequestBuilder excludeCommonNameFromSubjectAltNames() { diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/VaultMount.java b/spring-vault-core/src/main/java/org/springframework/vault/support/VaultMount.java index 1a1485f5..b2028342 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/support/VaultMount.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/support/VaultMount.java @@ -56,7 +56,7 @@ public class VaultMount { } /** - * Creates a new {@link VaultMount} given a {@code type}. + * Create a new {@link VaultMount} given a {@code type}. * * @param type backend type, must not be empty or {@literal null}. * @return the created {@link VaultMount}. @@ -109,7 +109,7 @@ public class VaultMount { /** * Configure the backend type. - * + * * @param type the backend type, must not be empty or {@literal null}. * @return {@literal this} {@link VaultMountBuilder}. */ @@ -123,7 +123,7 @@ public class VaultMount { /** * Configure a human readable description of this mount. - * + * * @param description a human readable description of this mount. * @return {@literal this} {@link VaultMountBuilder}. */ @@ -134,7 +134,7 @@ public class VaultMount { /** * Set additional configuration details for this mount. - * + * * @param config additional configuration details for this mount. * @return {@literal this} {@link VaultMountBuilder}. */ diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/VaultToken.java b/spring-vault-core/src/main/java/org/springframework/vault/support/VaultToken.java index 92d59098..1906d515 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/support/VaultToken.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/support/VaultToken.java @@ -40,8 +40,8 @@ public class VaultToken { } /** - * Creates a new {@link VaultToken}. - * + * Create a new {@link VaultToken}. + * * @param token must not be empty or {@literal null}. * @return the created {@link VaultToken} */ diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/VaultTokenResponse.java b/spring-vault-core/src/main/java/org/springframework/vault/support/VaultTokenResponse.java index 21ba366d..a6e5e534 100644 --- a/spring-vault-core/src/main/java/org/springframework/vault/support/VaultTokenResponse.java +++ b/spring-vault-core/src/main/java/org/springframework/vault/support/VaultTokenResponse.java @@ -17,14 +17,14 @@ package org.springframework.vault.support; /** * Value object to bind Vault HTTP Token API responses. - * + * * @author Mark Paluch */ public class VaultTokenResponse extends VaultResponse { /** - * Returns a {@link VaultToken} from the {@link VaultResponse}. - * + * Return a {@link VaultToken} from the {@link VaultResponse}. + * * @return the {@link VaultToken}. */ public VaultToken getToken() {