136 Commits

Author SHA1 Message Date
Mark Paluch
67f7119d22 Document how to externalize login credentials.
Fixes gh-26.
2016-10-27 16:02:44 +02:00
Mark Paluch
799ab8f8dd Fix String format in VaultEndpoint.toString.
Fixes gh-27.
2016-10-27 14:26:03 +02:00
Mark Paluch
aa4661bdc3 Extend reference documentation.
Refine Spring Vault with Spring Context use. Add line breaks at about 80 chars.

See gh-22.
2016-10-27 14:25:39 +02:00
Mark Paluch
c586583b1e Use commons-logging to log messages.
Switch from SLF4J to commons-logging to align with Spring Framework.

Fixes #24.
2016-10-27 13:24:26 +02:00
Mark Paluch
359cebabca Expand {version} variable in reference documentation.
Fixes gh-19.
2016-10-26 22:57:52 +02:00
Rob Winch
d52c238f87 Add / to close dependencies tag 2016-10-26 15:29:31 -05:00
Mark Paluch
1ab786db8f Improvements to documentation.
See gh-12.
2016-10-19 17:53:36 +02:00
Mark Paluch
d70eadeb22 Replace Codehaus Nexus with OSS Sonatype in TravisCI build.
Fixes gh-17.
2016-10-13 19:21:17 +02:00
Mark Paluch
6d17f3f2a1 Polishing.
Add builder for VaultTokenRequest. Add missing linebreaks. Improve documentation.
2016-10-13 18:13:20 +02:00
Mark Paluch
9f272e83ec Apply Spring Boot code formatting.
Reformat all code with Spring Boot formatting rules to stay in sync with Spring Cloud Vault.

Fixes gh-16.
2016-10-13 18:13:12 +02:00
Mark Paluch
0c0f5b1be8 Polishing.
Improve documentation. Remove superfluous assertions in authentication options.
2016-10-11 17:52:07 +02:00
Mark Paluch
d67e4d40fb Support AppRole authentication.
We now support AppRole authentication. This authentication method uses a provided RoleId and optionally SecretId to authenticate against Vault.

Fixes gh-7.
2016-10-11 17:51:55 +02:00
Mark Paluch
76e52bb757 Polishing.
Document scheduler using blocked threads if AsyncTaskExecutor is not a scheduler. Improve scheduling with a one-shot-trigger.

See gh-13, gh-15.
2016-10-06 20:46:33 +02:00
Mark Paluch
4100d9f886 Consider delay for token renewal.
Adopt TaskExecutor capabilities. Use scheduler API if executor is a `TaskScheduler`, delay task execution otherwise.

Fixes gh-15.
2016-10-06 17:27:51 +02:00
Mark Paluch
2f38bf3ceb Add Vault version to health response.
See gh-14.
2016-10-06 10:09:39 +02:00
Mark Paluch
c39da5e567 Polishing.
Align JavaDoc wording. Provide builders for Transit operation value objects. Refactor objects to interfaces for pure response data structures.
2016-10-06 10:03:11 +02:00
Mark Paluch
76a4ada567 Upgrade to Vault 0.6.2.
Fixes gh-14
2016-10-06 00:00:19 +02:00
Mark Paluch
50f90122af Adopt tests to Vault 0.5 and 0.6.0.
Earlier Vault versions run into issues with renewal of orphan tokens.

See gh-13.
2016-10-06 00:00:16 +02:00
Mark Paluch
94c0d0bdc3 Maintain login token lifecycle.
We now maintain the login token lifecycle throughout the whole application lifetime. A token is obtain from a login method on its first VaultTemplate access. Renewable tokens are refreshed if using LifecycleAwareSessionManager (configured by default) until max-ttl is reached and the token is disposed.

Fixes gh-13.
2016-10-05 23:31:14 +02:00
Mark Paluch
f22c8a669c Polishing
Use VaultOperations in PropertySource. Create VaultEndpoint from URI.
2016-10-05 23:30:51 +02:00
Mark Paluch
7af121f237 Add support to generate certificates using the PKI backend.
Fixes gh-11.
2016-09-26 21:15:05 +02:00
Mark Paluch
a929a08d16 Polishing.
Enhance JavaDoc.
2016-09-24 22:09:22 +02:00
Mark Paluch
19ea723649 Add VaultPropertySource support.
Spring Vault now supports VaultPropertySource. Property sources can be registered programatically to be used with Spring's Property source abstraction. @VaultPropertySource can be declared on @Configuration classes to obtain properties from Vault and expose these properties inside Spring's Environment.

@Configuration
@VaultPropertySource("secret/my-application")
public class AppConfig {

    @Autowired Environment env;

    @Bean
    public TestBean testBean() {
        TestBean testBean = new TestBean();
        testBean.setPassword(env.getProperty("database.password"));
        return testBean;
    }
}

Fixes gh-9.
2016-09-24 22:09:11 +02:00
Mark Paluch
22aa877f2f Fix Content-Length handling using Netty
VaultClient now uses a ClientHttpRequestInterceptor to force marshaling. Outgoing data is buffered and available as byte array. This allows setting a Content-Length header using netty. Previously, requests were streamed to the TCP channel without knowing the request body size in advance. Vault expects a Content-Length header and rejected requests with a body but without a Content-Length header.

Fixes gh-8
2016-09-24 10:33:55 +02:00
Mark Paluch
d8e2c22ae1 Provide documenation as zip file.
Fixes gh-5.
2016-09-19 22:56:19 +02:00
Mark Paluch
798d6ed99e Enhance documentation about client support.
Fixes gh-4.
2016-09-19 22:05:39 +02:00
Mark Paluch
9ac40d2695 Polishing.
Add CI profile. Move spring-test dependency management from bom to main pom.
2016-09-19 20:35:48 +02:00
Mark Paluch
21828466a8 Add script to bootstrap test environment. 2016-09-19 20:24:42 +02:00
Mark Paluch
51db8a8593 Polishing.
Reformat code. Enhance JavaDoc.
2016-09-18 22:56:48 +02:00
Mark Paluch
bca07a916c Support Cubbyhole authentication.
Cubbyhole authentication uses Vault primitives to provide a secured authentication workflow. Cubbyhole authentication uses tokens as primary login method. An ephemeral token is used to obtain a second, login VaultToken from Vault’s Cubbyhole secret backend. The login token is usually longer-lived and used to interact with Vault. The login token can be retrieved either from a wrapped response or from the data section.

Fixes gh-3
2016-09-18 22:56:44 +02:00
Mark Paluch
5637f440f3 Polishing.
Update documentation. Provide builder for VaultMount. Rename VaultHealthResponse to VaultHealth. Make VaultMount and VaultHealth immutable.
2016-09-17 22:08:37 +02:00
Mark Paluch
a3ff656c4d Assert compatibility with Vault 0.5.2, 0.6.0 and 0.6.1
Support top level auth mount response and nested (within `data`) mount responses. Add build matrix to TravisCI. Adopt tests to earlier Vault responses.

Fixes gh-2
2016-09-17 20:52:20 +02:00
Mark Paluch
eafcecd11e Polishing.
Reuse existing write and delete methods from VaultSysTemplate.
2016-09-17 20:29:59 +02:00
Mark Paluch
fa9c21f6bb Provide transit backend support #1 2016-09-17 00:43:09 +02:00
Mark Paluch
4d870ed4ff Import documentation 2016-09-14 09:12:20 +02:00
Mark Paluch
b5e09f2d53 Initial import. 2016-09-14 08:51:14 +02:00