Skip to content

Commit

Permalink
add possibility to pass preconfigured http client to reuse http/tls r…
Browse files Browse the repository at this point in the history 
…esources for consequent requests (#44)
  • Loading branch information
@samfrown
samfrown authored Jul 25, 2023
1 parent b1a53b7 commit e62bd9d
Show file tree
Hide file tree
Showing 9 changed files with 214 additions and 48 deletions.
20 changes: 19 additions & 1 deletion src/main/java/io/github/jopenlibs/vault/VaultConfig.java
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package io.github.jopenlibs.vault;

import java.io.Serializable;
import java.net.http.HttpClient;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;

Expand Down Expand Up @@ -43,6 +44,7 @@ public class VaultConfig implements Serializable {
private Integer globalEngineVersion;
private String nameSpace;
private EnvironmentLoader environmentLoader;
private HttpClient httpClient;

/**
* <p>The code used to load environment variables is encapsulated here, so that a mock version
Expand Down Expand Up @@ -278,6 +280,19 @@ public VaultConfig prefixPath(String prefixPath) {
return prefixPathDepth(countElements + 1);
}

/**
* <p>Set a preconfigured HttpClient instance to use by REST API calls. This allows to reuse
* http resources (connections, worker threads) between calls. If a preconfigured HttpClient is specified, then
* sslConfig and openTimeout values passed to VaultConfig are ignored.
*
* @param httpClient preconfigured http client instance
* @return VaultConfig
*/
public VaultConfig httpClient(HttpClient httpClient) {
this.httpClient = httpClient;
return this;
}

/**
* <p>Sets the maximum number of times that an API operation will retry upon failure.</p>
*
Expand Down Expand Up @@ -318,7 +333,6 @@ void setEngineVersion(final Integer engineVersion) {
this.globalEngineVersion = engineVersion;
}


/**
* <p>This is the terminating method in the builder pattern. The method that validates all of
* the fields that has been set already, uses environment variables when available to populate
Expand Down Expand Up @@ -414,4 +428,8 @@ public String getNameSpace() {
public int getPrefixPathDepth() {
return prefixPathDepth;
}

public HttpClient getHttpClient() {
return httpClient;
}
}
27 changes: 13 additions & 14 deletions src/main/java/io/github/jopenlibs/vault/api/Auth.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@
import io.github.jopenlibs.vault.response.LookupResponse;
import io.github.jopenlibs.vault.response.UnwrapResponse;
import io.github.jopenlibs.vault.response.WrapResponse;
import io.github.jopenlibs.vault.rest.Rest;
import io.github.jopenlibs.vault.rest.RestResponse;
import java.io.Serializable;
import java.nio.charset.StandardCharsets;
Expand Down Expand Up @@ -376,7 +375,7 @@ public AuthResponse createToken(final TokenRequest tokenRequest, final String to
final String url = urlBuilder.toString();

// HTTP request to Vault
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(url)
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
Expand Down Expand Up @@ -437,7 +436,7 @@ public AuthResponse loginByAppID(final String path, final String appId, final St
// HTTP request to Vault
final String requestJson = Json.object().add("app_id", appId).add("user_id", userId)
.toString();
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + path)
.header("X-Vault-Namespace", this.nameSpace)
.body(requestJson.getBytes(StandardCharsets.UTF_8))
Expand Down Expand Up @@ -525,7 +524,7 @@ public AuthResponse loginByAppRole(final String path, final String roleId,
// HTTP request to Vault
final String requestJson = Json.object().add("role_id", roleId)
.add("secret_id", secretId).toString();
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + path + "/login")
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
Expand Down Expand Up @@ -602,7 +601,7 @@ public AuthResponse loginByUserPass(final String username, final String password
return retry(attempt -> {
// HTTP request to Vault
final String requestJson = Json.object().add("password", password).toString();
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + mount + "/login/" + username)
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
Expand Down Expand Up @@ -721,7 +720,7 @@ public AuthResponse loginByAwsEc2(final String role, final String identity,
}
final String requestJson = request.toString();

final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + mount + "/login")
.body(requestJson.getBytes(StandardCharsets.UTF_8))
.header("X-Vault-Namespace", this.nameSpace)
Expand Down Expand Up @@ -789,7 +788,7 @@ public AuthResponse loginByAwsEc2(final String role, final String pkcs7, final S
request.add("nonce", nonce);
}
final String requestJson = request.toString();
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + mount + "/login")
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
Expand Down Expand Up @@ -866,7 +865,7 @@ public AuthResponse loginByAwsIam(final String role, final String iamRequestUrl,
request.add("role", role);
}
final String requestJson = request.toString();
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + mount + "/login")
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
Expand Down Expand Up @@ -939,7 +938,7 @@ public AuthResponse loginByGithub(final String githubToken, final String githubA
return retry(attempt -> {
// HTTP request to Vault
final String requestJson = Json.object().add("token", githubToken).toString();
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + mount + "/login")
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
Expand Down Expand Up @@ -1020,7 +1019,7 @@ public AuthResponse loginByJwt(final String provider, final String role, final S
// HTTP request to Vault
final String requestJson = Json.object().add("role", role).add("jwt", jwt)
.toString();
final RestResponse restResponse = new Rest()
final RestResponse restResponse = getRest()
.url(config.getAddress() + "/v1/" + authPath + "/login")
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
Expand Down Expand Up @@ -1179,7 +1178,7 @@ public AuthResponse loginByCert(final String certAuthMount) throws VaultExceptio
final String mount = certAuthMount != null ? certAuthMount : "cert";

return retry(attempt -> {
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + mount + "/login")
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
Expand Down Expand Up @@ -1251,7 +1250,7 @@ public AuthResponse renewSelf(final long increment, final String tokenAuthMount)
return retry(attempt -> {
// HTTP request to Vault
final String requestJson = Json.object().add("increment", increment).toString();
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + mount + "/renew-self")
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
Expand Down Expand Up @@ -1307,7 +1306,7 @@ public LookupResponse lookupSelf(final String tokenAuthMount) throws VaultExcept

return retry(attempt -> {
// HTTP request to Vault
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + mount + "/lookup-self")
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
Expand Down Expand Up @@ -1384,7 +1383,7 @@ public void revokeSelf(final String tokenAuthMount) throws VaultException {

retry(attempt -> {
// HTTP request to Vault
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + mount + "/revoke-self")
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/io/github/jopenlibs/vault/api/Debug.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ public HealthResponse health(

return retry(attempt -> {
// Build an HTTP request for Vault
final Rest rest = new Rest()//NOPMD
final Rest rest = getRest()//NOPMD
.url(config.getAddress() + "/v1/" + path)
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
Expand Down
17 changes: 8 additions & 9 deletions src/main/java/io/github/jopenlibs/vault/api/Logical.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@
import io.github.jopenlibs.vault.json.JsonObject;
import io.github.jopenlibs.vault.json.JsonValue;
import io.github.jopenlibs.vault.response.LogicalResponse;
import io.github.jopenlibs.vault.rest.Rest;
import io.github.jopenlibs.vault.rest.RestResponse;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
Expand Down Expand Up @@ -85,7 +84,7 @@ private LogicalResponse read(final String path, final logicalOperations operatio
throws VaultException {
return retry(attempt -> {
// Make an HTTP request to Vault
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/" + adjustPathForReadOrWrite(path,
config.getPrefixPathDepth(), operation))
.header("X-Vault-Token", config.getToken())
Expand Down Expand Up @@ -142,7 +141,7 @@ public LogicalResponse read(final String path, Boolean shouldRetry, final Intege
attempt -> {
// Make an HTTP request to Vault
final RestResponse restResponse =
new Rest() //NOPMD
getRest() //NOPMD
.url(config.getAddress() + "/v1/" + adjustPathForReadOrWrite(
path,
config.getPrefixPathDepth(), logicalOperations.readV2))
Expand Down Expand Up @@ -275,7 +274,7 @@ private LogicalResponse write(final String path, final Map<String, Object> nameV
}
}
// Make an HTTP request to Vault
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/" + adjustPathForReadOrWrite(path,
config.getPrefixPathDepth(), operation))
.body(jsonObjectToWriteFromEngineVersion(operation, requestJson).toString()
Expand Down Expand Up @@ -368,7 +367,7 @@ private LogicalResponse delete(final String path, final Logical.logicalOperation
throws VaultException {
return retry(attempt -> {
// Make an HTTP request to Vault
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/" + adjustPathForDelete(path,
config.getPrefixPathDepth(), operation))
.header("X-Vault-Token", config.getToken())
Expand Down Expand Up @@ -418,7 +417,7 @@ public LogicalResponse delete(final String path, final int[] versions) throws Va
return retry(attempt -> {
// Make an HTTP request to Vault
JsonObject versionsToDelete = new JsonObject().add("versions", versions);
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/" + adjustPathForVersionDelete(path,
config.getPrefixPathDepth()))
.header("X-Vault-Token", config.getToken())
Expand Down Expand Up @@ -478,7 +477,7 @@ public LogicalResponse unDelete(final String path, final int[] versions) throws
return retry(attempt -> {
// Make an HTTP request to Vault
JsonObject versionsToUnDelete = new JsonObject().add("versions", versions);
final RestResponse restResponse = new Rest() //NOPMD
final RestResponse restResponse = getRest() //NOPMD
.url(config.getAddress() + "/v1/" + adjustPathForVersionUnDelete(path,
config.getPrefixPathDepth()))
.header("X-Vault-Token", config.getToken())
Expand Down Expand Up @@ -525,7 +524,7 @@ public LogicalResponse destroy(final String path, final int[] versions) throws V
return retry(attempt -> {
// Make an HTTP request to Vault
JsonObject versionsToDestroy = new JsonObject().add("versions", versions);
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/" + adjustPathForVersionDestroy(path,
config.getPrefixPathDepth()))
.header("X-Vault-Token", config.getToken())
Expand Down Expand Up @@ -562,7 +561,7 @@ public LogicalResponse upgrade(final String kvPath) throws VaultException {
// Make an HTTP request to Vault
JsonObject kvToUpgrade = new JsonObject().add("options",
new JsonObject().add("version", 2));
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(config.getAddress() + "/v1/sys/mounts/" + (kvPath.replaceAll("/", "")
+ "/tune"))
.header("X-Vault-Token", config.getToken())
Expand Down
6 changes: 6 additions & 0 deletions src/main/java/io/github/jopenlibs/vault/api/OperationsBase.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

import io.github.jopenlibs.vault.VaultConfig;
import io.github.jopenlibs.vault.VaultException;
import io.github.jopenlibs.vault.rest.Rest;


/**
Expand Down Expand Up @@ -45,6 +46,10 @@ static <T> T retry(final EndpointOperation<T> op, int retryCount, long retryInte
}
}

protected Rest getRest() {
return new Rest(config.getHttpClient());
}

public interface EndpointOperation<T> {

/**
Expand All @@ -64,4 +69,5 @@ private static void sleep(long delay) {
e.printStackTrace();
}
}

}
11 changes: 5 additions & 6 deletions src/main/java/io/github/jopenlibs/vault/api/database/Database.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@
import io.github.jopenlibs.vault.json.Json;
import io.github.jopenlibs.vault.json.JsonObject;
import io.github.jopenlibs.vault.response.DatabaseResponse;
import io.github.jopenlibs.vault.rest.Rest;
import io.github.jopenlibs.vault.rest.RestResponse;
import java.nio.charset.StandardCharsets;
import java.util.List;
Expand Down Expand Up @@ -91,7 +90,7 @@ public DatabaseResponse createOrUpdateRole(final String roleName,
return retry(attempt -> {
final String requestJson = roleOptionsToJson(options);

final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(String.format("%s/v1/%s/roles/%s", config.getAddress(), this.mountPath,
roleName))
.header("X-Vault-Token", config.getToken())
Expand Down Expand Up @@ -137,7 +136,7 @@ public DatabaseResponse createOrUpdateRole(final String roleName,
*/
public DatabaseResponse getRole(final String roleName) throws VaultException {
return retry(attempt -> {
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(String.format("%s/v1/%s/roles/%s", config.getAddress(), this.mountPath,
roleName))
.header("X-Vault-Token", config.getToken())
Expand Down Expand Up @@ -190,7 +189,7 @@ public DatabaseResponse revoke(final String serialNumber) throws VaultException
}
final String requestJson = jsonObject.toString();

final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(String.format("%s/v1/%s/revoke", config.getAddress(), this.mountPath))
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
Expand Down Expand Up @@ -235,7 +234,7 @@ public DatabaseResponse revoke(final String serialNumber) throws VaultException
*/
public DatabaseResponse deleteRole(final String roleName) throws VaultException {
return retry(attempt -> {
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(String.format("%s/v1/%s/roles/%s", config.getAddress(), this.mountPath,
roleName))
.header("X-Vault-Token", config.getToken())
Expand Down Expand Up @@ -282,7 +281,7 @@ public DatabaseResponse deleteRole(final String roleName) throws VaultException
*/
public DatabaseResponse creds(final String roleName) throws VaultException {
return retry(attempt -> {
final RestResponse restResponse = new Rest()//NOPMD
final RestResponse restResponse = getRest()//NOPMD
.url(String.format("%s/v1/%s/creds/%s", config.getAddress(), this.mountPath,
roleName))
.header("X-Vault-Token", config.getToken())
Expand Down
Loading

0 comments on commit e62bd9d

Please sign in to comment.