Assuming a server running at https://localhost:8200, that the token is a valid root token, and that a key exists at "my-key"
new Vault(
new VaultConfig()
.address("https://localhost:8200/")
.token("bbe5c8d0-a531-cb38-a0d5-aa23e54b6dea")
.sslConfig(new SslConfig().verify(false))
.build()
)
.logical()
.write("transit/encrypt/my-key", ImmutableMap.of("plaintext", "TG9yZW0gSXBzdW0="));
Exception in thread "main" com.bettercloud.vault.VaultException: Expecting HTTP status 204 or 200, but instead receiving 400
Response body: {"errors":["missing client token"]}
Removing the trailing slash from the address makes the error go away. The root cause is that the RestClient goes to https://localhost:8200//v1/transit/encrypt/my-key (note the extra slash) and that Vault 302's to the correct url without the extra slash, but the X-Vault-Token header doesn't propagate to the new request. The retry is automatic within java.net.HttpUURLConnection.
PR for the fix here, which just normalizes the URL when set in VaultConfig:
#132
Assuming a server running at https://localhost:8200, that the token is a valid root token, and that a key exists at "my-key"
new Vault(
new VaultConfig()
.address("https://localhost:8200/")
.token("bbe5c8d0-a531-cb38-a0d5-aa23e54b6dea")
.sslConfig(new SslConfig().verify(false))
.build()
)
.logical()
.write("transit/encrypt/my-key", ImmutableMap.of("plaintext", "TG9yZW0gSXBzdW0="));
Exception in thread "main" com.bettercloud.vault.VaultException: Expecting HTTP status 204 or 200, but instead receiving 400
Response body: {"errors":["missing client token"]}
Removing the trailing slash from the address makes the error go away. The root cause is that the RestClient goes to
https://localhost:8200//v1/transit/encrypt/my-key(note the extra slash) and that Vault 302's to the correct url without the extra slash, but the X-Vault-Token header doesn't propagate to the new request. The retry is automatic within java.net.HttpUURLConnection.PR for the fix here, which just normalizes the URL when set in VaultConfig:
#132