• Home
• io.quarkus
• quarkus-vault
• 1.13.0.Final
• source code
• VaultAuthenticationConfig.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.quarkus.vault.runtime.config.VaultAuthenticationConfig Maven / Gradle / Ivy

package io.quarkus.vault.runtime.config;

import java.util.Optional;

import io.quarkus.runtime.annotations.ConfigGroup;
import io.quarkus.runtime.annotations.ConfigItem;

@ConfigGroup
public class VaultAuthenticationConfig {

    /**
     * Vault token, bypassing Vault authentication (kubernetes, userpass or approle). This is useful in development
     * where an authentication mode might not have been set up. In production we will usually prefer some
     * authentication such as userpass, or preferably kubernetes, where Vault tokens get generated with a TTL
     * and some ability to revoke them. Lease renewal does not apply.
     */
    @ConfigItem
    public Optional clientToken;

    /**
     * Client token wrapped in a wrapping token, such as what is returned by:
     * 

     * vault token create -wrap-ttl=60s -policy=myapp
     * 

     * client-token and client-token-wrapping-token are exclusive. Lease renewal does not apply.
     */
    @ConfigItem
    public Optional clientTokenWrappingToken;

    /**
     * AppRole authentication method
     * 

     * See https://www.vaultproject.io/api/auth/approle/index.html
     */
    @ConfigItem
    public VaultAppRoleAuthenticationConfig appRole;

    /**
     * Userpass authentication method
     * 

     * See https://www.vaultproject.io/api/auth/userpass/index.html
     */
    @ConfigItem
    public VaultUserpassAuthenticationConfig userpass;

    /**
     * Kubernetes authentication method
     * 

     * See https://www.vaultproject.io/docs/auth/kubernetes.html
     */
    @ConfigItem
    public VaultKubernetesAuthenticationConfig kubernetes;

    public boolean isDirectClientToken() {
        return clientToken.isPresent() || clientTokenWrappingToken.isPresent();
    }

    public boolean isAppRole() {
        return appRole.roleId.isPresent() && (appRole.secretId.isPresent() || appRole.secretIdWrappingToken.isPresent());
    }

    public boolean isUserpass() {
        return userpass.username.isPresent() && (userpass.password.isPresent() || userpass.passwordWrappingToken.isPresent());
    }

}