All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.helidon.integrations.vault.auths.token.TokenAuth Maven / Gradle / Ivy

/*
 * Copyright (c) 2021, 2023 Oracle and/or its affiliates.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package io.helidon.integrations.vault.auths.token;

import io.helidon.integrations.vault.AuthMethod;

/**
 * Token authentication method API.
 */
public interface TokenAuth {

    /**
     * Token authentication method.
     * 

* Documentation: * https://www.vaultproject.io/api-docs/auth/token */ AuthMethod AUTH_METHOD = AuthMethod.create(TokenAuth.class, "token", "token"); /** * Service token type. */ String TYPE_SERVICE = "service"; /** * Batch token type. */ String TYPE_BATCH = "batch"; /** * Default token type. */ String TYPE_DEFAULT = "default"; /** * Create a new child token with default configuration. * @return a new token */ default CreateToken.Response createToken() { return createToken(CreateToken.Request.builder()); } /** * Create a new orphan token with default configuration. * @return a new token */ default CreateToken.Response createOrphan() { return createToken(CreateToken.Request.builder() .noParent(true)); } /** * Create a new token with customized configuration. * * @param request token request * @return a new token */ CreateToken.Response createToken(CreateToken.Request request); /** * Renews a lease associated with a token. This is used to prevent the expiration of a token, and the automatic revocation * of it. Token renewal is possible only if there is a lease associated with it. * * @param request with token to renew * @return a new token */ RenewToken.Response renew(RenewToken.Request request); /** * Revokes a token and all child tokens. When the token is revoked, all dynamic secrets generated with it are also revoked. * * @param request with token to revoke * @return when revocation finishes */ RevokeToken.Response revoke(RevokeToken.Request request); /** * Creates (or replaces) the named role. Roles enforce specific behavior when creating tokens that allow token * functionality that is otherwise not available or would require sudo/root privileges to access. Role parameters, when * set, override any provided options to the create endpoints. The role name is also included in the token path, allowing * all tokens created against a role to be revoked using the /sys/leases/revoke-prefix endpoint. * * @param request token role request * @return when creation finishes */ CreateTokenRole.Response createTokenRole(CreateTokenRole.Request request); /** * Delete a named token role. * * @param request with name of the role * @return when deleted */ DeleteTokenRole.Response deleteTokenRole(DeleteTokenRole.Request request); /** * Revokes a token and orphans all child tokens. When the token is revoked, all dynamic secrets generated with it are also * revoked. * * This is a root protected endpoint. * * @param request with token to revoke * @return when revocation finishes */ RevokeAndOrphanToken.Response revokeAndOrphan(RevokeAndOrphanToken.Request request); }





© 2015 - 2025 Weber Informatics LLC | Privacy Policy