Skip to content
Permalink
Browse files

[JENKINS-38939] add VaultGithubTokenCredential to authenticate to vau…

…lt with a Github personal access token
  • Loading branch information
Peter Tierno
Peter Tierno committed May 22, 2017
1 parent 3bc9180 commit b93ac10a683d8b5fb33d6788388311198a8b8373
@@ -0,0 +1,54 @@
package com.datapipe.jenkins.vault.credentials;

import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;

import org.kohsuke.stapler.DataBoundConstructor;

import com.bettercloud.vault.Vault;
import com.bettercloud.vault.VaultConfig;
import com.bettercloud.vault.VaultException;
import com.cloudbees.plugins.credentials.CredentialsScope;
import com.cloudbees.plugins.credentials.impl.BaseStandardCredentials;
import com.datapipe.jenkins.vault.exception.VaultPluginException;

import hudson.Extension;
import hudson.util.Secret;

public class VaultGithubTokenCredential extends BaseStandardCredentials implements VaultCredential {

// https://www.vaultproject.io/docs/auth/github.html#generate-a-github-personal-access-token
private final @Nonnull Secret accessToken;

@DataBoundConstructor
public VaultGithubTokenCredential(@CheckForNull CredentialsScope scope,
@CheckForNull String id,
@CheckForNull String description,
@Nonnull Secret accessToken) {
super(scope, id, description);
this.accessToken = accessToken;
}

public Secret getAccessToken() {
return accessToken;
}

@Override
public Vault authorizeWithVault(Vault vault, VaultConfig config) {
String token = null;
try {
token = vault.auth().loginByGithub(Secret.toString(accessToken)).getAuthClientToken();
} catch (VaultException e) {
throw new VaultPluginException("could not log in into vault", e);
}
return new Vault(config.token(token));
}

@Extension
public static class DescriptorImpl extends BaseStandardCredentialsDescriptor {
@Override
public String getDisplayName() {
return "Vault Github Token Credential";
}
}
}
@@ -0,0 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<?jelly escape-by-default='true'?>
<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form" xmlns:st="jelly:stapler">
<f:entry title="Personal Access Token">
<f:textbox field="accessToken" name="accessToken" />
</f:entry>
<st:include page="id-and-description" class="${descriptor.clazz}"/>
</j:jelly>

0 comments on commit b93ac10

Please sign in to comment.
You can’t perform that action at this time.