Commit Graph

134 Commits

Author SHA1 Message Date
Spring Operator
38775bec49 URL Cleanup.
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).

# Fixed URLs

## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.

* [ ] http://www.apache.org/licenses/ with 2 occurrences migrated to:
  https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/) result 200).
* [ ] http://www.apache.org/licenses/LICENSE-2.0 with 154 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0) result 200).
* [ ] http://www.apache.org/licenses/LICENSE-2.0.txt with 1 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0.txt ([https](https://www.apache.org/licenses/LICENSE-2.0.txt) result 200).

Original pull request: #395.
2019-03-25 10:13:51 +02:00
Spring Operator
e62cb65ef6 URL Cleanup
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).

Original pull request: gh-394.
2019-03-21 22:06:42 +02:00
Spring Operator
94f20f0ae5 URL Cleanup
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).

# Fixed URLs

## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.

* http://docs.spring.io/spring/docs/current/javadoc-api/ with 1 occurrences migrated to:
  https://docs.spring.io/spring/docs/current/javadoc-api/ ([https](https://docs.spring.io/spring/docs/current/javadoc-api/) result 200).
* http://maven.apache.org/xsd/maven-4.0.0.xsd with 2 occurrences migrated to:
  https://maven.apache.org/xsd/maven-4.0.0.xsd ([https](https://maven.apache.org/xsd/maven-4.0.0.xsd) result 200).
* http://projects.spring.io/spring-vault/ with 2 occurrences migrated to:
  https://projects.spring.io/spring-vault/ ([https](https://projects.spring.io/spring-vault/) result 200).
* http://www.apache.org/licenses/LICENSE-2.0 with 5 occurrences migrated to:
  https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0) result 200).
* http://maven.apache.org/maven-v4_0_0.xsd with 2 occurrences migrated to:
  https://maven.apache.org/maven-v4_0_0.xsd ([https](https://maven.apache.org/maven-v4_0_0.xsd) result 301).
* http://www.spring.io with 2 occurrences migrated to:
  https://www.spring.io ([https](https://www.spring.io) result 301).
* http://docs.oracle.com/javase/6/docs/api with 1 occurrences migrated to:
  https://docs.oracle.com/javase/6/docs/api ([https](https://docs.oracle.com/javase/6/docs/api) result 302).
* http://repo.spring.io/libs-milestone-local with 1 occurrences migrated to:
  https://repo.spring.io/libs-milestone-local ([https](https://repo.spring.io/libs-milestone-local) result 302).

# Ignored
These URLs were intentionally ignored.

* http://maven.apache.org/POM/4.0.0 with 8 occurrences
* http://www.w3.org/2001/XMLSchema-instance with 4 occurrences

Original pull request: gh-#389.
2019-03-18 08:12:36 +01:00
Mark Paluch
5332914d0d [maven-release-plugin] prepare for next development iteration 2017-06-16 09:54:15 +02:00
Mark Paluch
70f912c201 [maven-release-plugin] prepare release 1.0.2.RELEASE 2017-06-16 09:54:15 +02:00
Mark Paluch
fbd75a555e Update changelog.
See gh-106.
2017-06-16 09:45:09 +02:00
Mark Paluch
09e6e9229a Polishing.
Extend time range in assertion to prevent failures due to too fast test execution.
2017-06-12 16:07:46 +02:00
Mark Paluch
b19fb624cc Polishing.
Add author tag. Update LoginToken javadoc. Refactor numeric literals representing milliseconds to TimeUnit use. Add tests.

See gh-96.
Original pull request: gh-97.
2017-05-20 16:56:33 +02:00
Steve Swor
d0be6dc8df Convert login token duration to milliseconds when calculating renewal time.
Fixes gh-96.
Original pull request: gh-97.
2017-05-20 09:42:39 +02:00
Mark Paluch
4fbb6a51a8 Fallback to default port if Endpoint URI does not declare a port.
We now use the default port (scheme-specific) if a URI does not declare an explicit port number.

Fixes gh-99.
2017-05-18 17:26:46 +02:00
Mark Paluch
8d95b9c972 Add central profiles.
See gh-92.
2017-05-12 11:50:15 +02:00
Mark Paluch
e2f13692f0 [maven-release-plugin] prepare for next development iteration 2017-05-12 10:33:57 +02:00
Mark Paluch
b988673059 [maven-release-plugin] prepare release 1.0.1.RELEASE
See gh-92.
2017-05-12 10:33:49 +02:00
Mark Paluch
90d6557b79 Update changelog.
See gh-92.
2017-05-12 10:24:05 +02:00
Mark Paluch
494a10389e Include notice and license in jar files.
Closes gh-93.
2017-05-12 10:20:53 +02:00
Mark Paluch
d56df632e9 Fix links in reference docs. 2017-05-09 21:00:39 +02:00
Mark Paluch
9946f5ed79 Polishing.
Fix ordering of static final modifiers. Fix Cubbyhole lettercasing.

See gh-88.
2017-05-02 09:42:30 +02:00
Mark Paluch
a7d8cdb229 Lookup remaining TTL and renewability in CubbyholeAuthentication.
We now perform a self-lookup by default for tokens retrieved from CubbyholeAuthentication to determine the remaining TTL and renewability. Static tokens and wrapped tokens with a TTL associated qualify for self-lookup. Wrapped tokens without a TTL are not self-looked up because all details are already given at the time of reading the wrapped response.

TTL starts at the time of the token creation and this delay can impact the first renewal time so the token can expire and then a renewal happens which fails because of the offset delay.

Fixes gh-88.
2017-05-02 09:42:26 +02:00
Mark Paluch
7fbd790268 Calculate renewal schedule upfront.
We now calculate renewal schedule after obtaining the token/the last renewal before scheduling the next renewal. We also made LoginToken public and provide a RefreshTrigger API to implement custom renewal time calculation strategies. Custom strategies can be fine-tuned to specific requirements (rate limiting, fine-grained control). We provide with FixedTimeoutRefreshTrigger an implementation to calculate refresh time based on a fixed timeout.

Previously, the renewal time was calculated inside the Trigger callback that was invoked eventually which allowed a time to pass between login/last renewal and the actual time calculation. This difference can lead to token expiry before the actual renewal.

Fixes gh-87.
2017-05-02 09:40:05 +02:00
Mark Paluch
755039114e Improve unsupervised network interface lookup.
Spring Vault now attempts to lookup a network interface with a hardware address if localhost network address lookup fails. Network interfaces are sorted by their index, if available (since Java 1.7) before scanning interfaces for a hardware address. The index is a OS and platform-specific identifier that usually describes the order of services in which the underlying system orders the interfaces. The ordering of NetworkInterface.getNetworkInterfaces() does not necessarily reflect the system order.

Fixes gh-84.
2017-04-25 16:03:19 +02:00
Mark Paluch
78a3d07b48 Consider configured meta attributes in VaultTokenRequestBuilder.
Closes gh-80.
2017-04-25 16:03:19 +02:00
Mark Paluch
7dcaeaa100 Use Maven wrapper for build.
Use a well-defined Maven version to control the build environment.

See gh-83.
2017-04-25 08:53:15 +02:00
Mark Paluch
e2ba73fcc7 Remove settings.xml before starting TravisCI builds.
TravisCI's settings.xml is outdated and contains references to obsolete repositories.

See gh-83.
2017-04-25 08:53:15 +02:00
Mark Paluch
766b9709b5 Fix dependency import version.
See gh-72.
2017-04-19 16:09:04 +02:00
Mark Paluch
d662b691b5 Upgrade to Spring Framework 4.3.8.
Closes gh-81.
2017-04-19 15:53:39 +02:00
Mark Paluch
f4fe1173a8 Upgrade to Maven 3.5.0.
Closes gh-74.
2017-04-11 13:16:39 +02:00
Mark Paluch
af206ecbc4 Add developer, SCM location and project URL to dependency POM.
Closes gh-73.
2017-04-10 18:31:21 +02:00
Mark Paluch
e6817a4b0c Post-release cleanups.
See gh-72.
2017-04-10 10:38:29 +02:00
Spring Buildmaster
cc8fbadbe0 [artifactory-release] Release version 1.0.0.RELEASE
See gh-72.
2017-04-10 08:20:59 +00:00
Mark Paluch
bc766e7377 Prepare release.
See gh-72.
2017-04-10 10:14:26 +02:00
Mark Paluch
16f9994955 Fix AWS code sample in project sample. 2017-04-09 19:21:05 +02:00
Mark Paluch
c0150cf608 Explain current generic secret backend lease behavior in documentation.
See gh-68.
2017-04-07 17:38:51 +02:00
Mark Paluch
a9c2cf72f8 Provide session context to Vault sealing.
We now call /sys/seal with a token again. The session context got lost due to refactoring from VaultClient to RestTemplate use.

Closes gh-70.
2017-04-07 09:07:48 +02:00
Mark Paluch
9c14c4536a Exclude null-valued properties from Vault PropertySources.
We now remove null-valued properties when transforming properties to their PropertySource representation. Vault can reply with null-valued properties that causes NullPointerException with the ConcurrentHashMap implementations.

Closes gh-69.
2017-04-05 19:32:34 +02:00
Mark Paluch
b6d0b04b18 Polishing.
Replace static imports with qualified use. Add author tags. Add copyright header. Simplify code. Simplify JavaDoc documentation. Rename test class and methods to align with project style.

Original pull request: #64.
2017-03-31 12:22:30 +02:00
Pierre-Jean Vardanega
ba135817fa Allow to create RequestedSecret from mode and path.
Original pull request: #64.
2017-03-31 12:16:08 +02:00
Mark Paluch
8b929011d9 Upgrade to Vault 0.7.
Closes gh-66.
2017-03-31 12:08:50 +02:00
Mark Paluch
1989036d0c Polishing.
Remove Spring 5 buildprofile from TravisCI build because of incompatible breaking changes in optional module support.

See gh-65.
2017-03-30 11:09:12 +02:00
Mark Paluch
b9597c2751 Update to Spring-Next build profile to 4.3.8.
Closes gh-65.
2017-03-30 11:08:15 +02:00
Mark Paluch
1512558958 Add defensive check for empty repository key 2017-03-24 11:04:42 +01:00
Mark Paluch
af61d4de46 Improve discovery and error messages in create_certificates.sh.
Print error message if openssl/keytool cannot be found.

Fixes gh-62.
2017-03-18 17:40:50 +01:00
Mark Paluch
04eb02554e Update site.
* Update supported authentication mechanisms
* Add link to examples repo
* Add VaultPropertySource sample

See gh-60.
2017-03-16 13:58:41 +01:00
Mark Paluch
30ce9667c7 [maven-release-plugin] prepare for next development iteration 2017-03-16 13:09:31 +01:00
Mark Paluch
90250d466e [maven-release-plugin] prepare release 1.0.0.RC1 2017-03-16 13:09:31 +01:00
Mark Paluch
3ac06ad0c4 Prepare release.
Update changelog. Update repository to milestone repo in spring-vault-dependencies.

See gh-60.
2017-03-16 13:08:25 +01:00
Mark Paluch
b0d6350b31 Upgrade dependencies.
httpclient 4.5.2 -> 4.5.3
httpcore 4.4.5 -> 4.4.6
netty 4.1.6.Final -> 4.1.8.Final
OkHttp3 3.5.0 ->3.6.0
Jackson 2.8.2 -> 2.8.7

Closes gh-61.
2017-03-16 12:58:39 +01:00
Mark Paluch
d3d44601a9 Polishing.
Use org.mockito.junit.MockitoJUnitRunner instead of the deprecated org.mockito.runners.MockitoJUnitRunner.
2017-03-16 12:20:41 +01:00
Mark Paluch
6875da1a75 Polishing.
Reformar code.
2017-03-16 12:19:25 +01:00
Mark Paluch
20fda62937 Use TaskScheduler in LifecycleAwareSessionManager.
We now accept TaskScheduler in LifecycleAwareSessionManager to schedule session refresh tasks. Previously, LifecycleAwareSessionManager used AsyncTaskExecutor with Thread.sleep(…) to delay execution. Thread.sleep blocks a thread exclusively which is an inefficient resource usage.

Closes gh-59.
2017-03-16 12:17:27 +01:00
Mark Paluch
33c80aea74 Polishing.
Polish JavaDoc wording. Add tests. Prevent lease revocation for secrets without an associated lease.

See gh-50.
2017-03-09 14:56:04 +02:00