io.quarkus.vault.runtime.VaultCredentialsProvider Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of quarkus-vault Show documentation
Show all versions of quarkus-vault Show documentation
Store your credentials securely in HashiCorp Vault
package io.quarkus.vault.runtime;
import java.util.Properties;
import io.quarkus.vault.CredentialsProvider;
import io.quarkus.vault.VaultException;
import io.quarkus.vault.runtime.config.CredentialsProviderConfig;
import io.quarkus.vault.runtime.config.VaultRuntimeConfig;
public class VaultCredentialsProvider implements CredentialsProvider {
private VaultKvManager vaultKvManager;
private VaultDbManager vaultDbManager;
private VaultRuntimeConfig serverConfig;
public VaultCredentialsProvider(VaultRuntimeConfig serverConfig, VaultKvManager vaultKvManager,
VaultDbManager vaultDbManager) {
this.serverConfig = serverConfig;
this.vaultKvManager = vaultKvManager;
this.vaultDbManager = vaultDbManager;
}
@Override
public Properties getCredentials(String credentialsProviderName) {
CredentialsProviderConfig config = serverConfig.credentialsProvider.get(credentialsProviderName);
if (config == null) {
throw new VaultException("unknown credentials provider with name " + credentialsProviderName);
}
if (config.databaseCredentialsRole.isPresent()) {
return vaultDbManager.getDynamicDbCredentials(config.databaseCredentialsRole.get());
}
if (config.kvPath.isPresent()) {
String password = vaultKvManager.readSecret(config.kvPath.get()).get(config.kvKey);
Properties result = new Properties();
result.setProperty(PASSWORD_PROPERTY_NAME, password);
return result;
}
throw new VaultException(
"one of database-credentials-role or kv-path is required on credentials provider " + credentialsProviderName);
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy