Skip to content

Commit

Permalink
Merge pull request #3 from ianferguson/ianferguson/add_x_vault_reques…
Browse files Browse the repository at this point in the history
…t_to_fork

Include X-Vault-Request header on all requests
  • Loading branch information
ianferguson authored Jan 31, 2021
2 parents 6d9b108 + 43f9b4e commit 9db893d
Show file tree
Hide file tree
Showing 10 changed files with 46 additions and 3 deletions.
6 changes: 3 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,6 @@ alike, without causing conflicts with any other dependency.
NOTE: Although the binary artifact produced by the project is backwards-compatible with Java 8, you do need
JDK 9 or higher to modify or build the source code of this library itself.

This Change
-----------

Table of Contents
-----------------
* [Installing the Driver](#installing-the-driver)
Expand Down Expand Up @@ -271,6 +268,9 @@ Note that changes to the major version (i.e. the first number) represent possibl
may require modifications in your code to migrate. Changes to the minor version (i.e. the second number)
should represent non-breaking changes. The third number represents any very minor bugfix patches.

* **6.1.0**: This release contains the following updates:
* Include `X-Vault-Request: true` header on all requests to work with Vault Agent's w/ `require_request_header` set to true. [(PR #3)](https://github.com/ianferguson/vault-java-driver/pull/3)

* **6.0.0**: This release contains the following updates:
* Inaugural release of ianferguson/vault-java-driver fork
* Move code packages and maven groupdId from com.bettercloud to io.ianferguson [(PR #1)](https://github.com/ianferguson/vault-java-driver/pull/1)
Expand Down
1 change: 1 addition & 0 deletions src/main/java/io/ianferguson/vault/Vault.java
Original file line number Diff line number Diff line change
Expand Up @@ -255,6 +255,7 @@ private Map<String, String> collectSecretEngineVersions() {
.url(vaultConfig.getAddress() + "/v1/sys/mounts")
.header("X-Vault-Token", vaultConfig.getToken())
.header("X-Vault-Namespace", this.vaultConfig.getNameSpace())
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(vaultConfig.getOpenTimeout())
.readTimeoutSeconds(vaultConfig.getReadTimeout())
.sslVerification(vaultConfig.getSslConfig().isVerify())
Expand Down
15 changes: 15 additions & 0 deletions src/main/java/io/ianferguson/vault/api/Auth.java
Original file line number Diff line number Diff line change
Expand Up @@ -345,6 +345,7 @@ public AuthResponse createToken(final TokenRequest tokenRequest, final String to
.url(url)
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.body(requestJson.getBytes(StandardCharsets.UTF_8))
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
Expand Down Expand Up @@ -413,6 +414,7 @@ public AuthResponse loginByAppID(final String path, final String appId, final St
final RestResponse restResponse = new Rest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + path)
.optionalHeader("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.body(requestJson.getBytes(StandardCharsets.UTF_8))
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
Expand Down Expand Up @@ -509,6 +511,7 @@ public AuthResponse loginByAppRole(final String path, final String roleId, final
final RestResponse restResponse = new Rest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + path + "/login")
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.body(requestJson.getBytes(StandardCharsets.UTF_8))
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
Expand Down Expand Up @@ -594,6 +597,7 @@ public AuthResponse loginByUserPass(final String username, final String password
final RestResponse restResponse = new Rest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + mount + "/login/" + username)
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.body(requestJson.getBytes(StandardCharsets.UTF_8))
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
Expand Down Expand Up @@ -719,6 +723,7 @@ public AuthResponse loginByAwsEc2(final String role, final String identity, fina
.url(config.getAddress() + "/v1/auth/" + mount + "/login")
.body(requestJson.getBytes(StandardCharsets.UTF_8))
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down Expand Up @@ -796,6 +801,7 @@ public AuthResponse loginByAwsEc2(final String role, final String pkcs7, final S
final RestResponse restResponse = new Rest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + mount + "/login")
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.body(requestJson.getBytes(StandardCharsets.UTF_8))
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
Expand Down Expand Up @@ -877,6 +883,7 @@ public AuthResponse loginByAwsIam(final String role, final String iamRequestUrl,
final RestResponse restResponse = new Rest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + mount + "/login")
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.body(requestJson.getBytes(StandardCharsets.UTF_8))
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
Expand Down Expand Up @@ -964,6 +971,7 @@ public AuthResponse loginByGithub(final String githubToken, final String githubA
final RestResponse restResponse = new Rest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + mount + "/login")
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.body(requestJson.getBytes(StandardCharsets.UTF_8))
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
Expand Down Expand Up @@ -1030,6 +1038,7 @@ public AuthResponse loginByJwt(final String provider, final String role, final S
final RestResponse restResponse = new Rest()
.url(config.getAddress() + "/v1/auth/" + provider + "/login")
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.body(requestJson.getBytes(StandardCharsets.UTF_8))
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
Expand Down Expand Up @@ -1172,6 +1181,7 @@ public AuthResponse loginByCert(final String certAuthMount) throws VaultExceptio
final RestResponse restResponse = new Rest()//NOPMD
.url(config.getAddress() + "/v1/auth/" + mount + "/login")
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down Expand Up @@ -1255,6 +1265,7 @@ public AuthResponse renewSelf(final long increment, final String tokenAuthMount)
.url(config.getAddress() + "/v1/auth/" + mount + "/renew-self")
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.body(increment < 0 ? null : requestJson.getBytes(StandardCharsets.UTF_8))
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
Expand Down Expand Up @@ -1320,6 +1331,7 @@ public LookupResponse lookupSelf(final String tokenAuthMount) throws VaultExcept
.url(config.getAddress() + "/v1/auth/" + mount + "/lookup-self")
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down Expand Up @@ -1384,6 +1396,7 @@ public LogicalResponse lookupWrap() throws VaultException {
.url(config.getAddress() + "/v1/sys/wrapping/lookup")
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down Expand Up @@ -1446,6 +1459,7 @@ public void revokeSelf(final String tokenAuthMount) throws VaultException {
.url(config.getAddress() + "/v1/auth/" + mount + "/revoke-self")
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down Expand Up @@ -1549,6 +1563,7 @@ public AuthResponse unwrap(final String wrappedToken) throws VaultException {
.url(url)
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.body(requestJson.getBytes(StandardCharsets.UTF_8))
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
Expand Down
1 change: 1 addition & 0 deletions src/main/java/io/ianferguson/vault/api/Debug.java
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,7 @@ public HealthResponse health(
.url(config.getAddress() + "/v1/" + path)
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down
4 changes: 4 additions & 0 deletions src/main/java/io/ianferguson/vault/api/Leases.java
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ public VaultResponse revoke(final String leaseId) throws VaultException {
.url(config.getAddress() + "/v1/sys/leases/revoke/" + leaseId)
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down Expand Up @@ -117,6 +118,7 @@ public VaultResponse revokePrefix(final String prefix) throws VaultException {
.url(config.getAddress() + "/v1/sys/revoke-prefix/" + prefix)
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down Expand Up @@ -175,6 +177,7 @@ public VaultResponse revokeForce(final String prefix) throws VaultException {
.url(config.getAddress() + "/v1/sys/revoke-force/" + prefix)
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down Expand Up @@ -238,6 +241,7 @@ public VaultResponse renew(final String leaseId, final long increment) throws Va
.url(config.getAddress() + "/v1/sys/renew/" + leaseId)
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.body(increment < 0 ? null : requestJson.getBytes(StandardCharsets.UTF_8))
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
Expand Down
8 changes: 8 additions & 0 deletions src/main/java/io/ianferguson/vault/api/Logical.java
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,7 @@ private LogicalResponse read(final String path, Boolean shouldRetry, final logic
.url(config.getAddress() + "/v1/" + adjustPathForReadOrWrite(path, config.getPrefixPathDepth(), operation))
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down Expand Up @@ -155,6 +156,7 @@ public LogicalResponse read(final String path, Boolean shouldRetry, final Intege
.url(config.getAddress() + "/v1/" + adjustPathForReadOrWrite(path, config.getPrefixPathDepth(), logicalOperations.readV2))
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.parameter("version", version.toString())
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
Expand Down Expand Up @@ -257,6 +259,7 @@ private LogicalResponse write(final String path, final Map<String, Object> nameV
.body(jsonObjectToWriteFromEngineVersion(operation, requestJson).toString().getBytes(StandardCharsets.UTF_8))
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down Expand Up @@ -348,6 +351,7 @@ private LogicalResponse delete(final String path, final Logical.logicalOperation
.url(config.getAddress() + "/v1/" + adjustPathForDelete(path, config.getPrefixPathDepth(), operation))
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down Expand Up @@ -408,6 +412,7 @@ public LogicalResponse delete(final String path, final int[] versions) throws Va
.url(config.getAddress() + "/v1/" + adjustPathForVersionDelete(path,config.getPrefixPathDepth()))
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down Expand Up @@ -479,6 +484,7 @@ public LogicalResponse unDelete(final String path, final int[] versions) throws
.url(config.getAddress() + "/v1/" + adjustPathForVersionUnDelete(path,config.getPrefixPathDepth()))
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down Expand Up @@ -538,6 +544,7 @@ public LogicalResponse destroy(final String path, final int[] versions) throws V
.url(config.getAddress() + "/v1/" + adjustPathForVersionDestroy(path,config.getPrefixPathDepth()))
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down Expand Up @@ -589,6 +596,7 @@ public LogicalResponse upgrade(final String kvPath) throws VaultException {
.url(config.getAddress() + "/v1/sys/mounts/" + (kvPath.replaceAll("/", "") + "/tune"))
.header("X-Vault-Token", config.getToken())
.header("X-Vault-Namespace", this.nameSpace)
.header("X-Vault-Request", "true")
.connectTimeoutSeconds(config.getOpenTimeout())
.readTimeoutSeconds(config.getReadTimeout())
.sslVerification(config.getSslConfig().isVerify())
Expand Down
Loading

0 comments on commit 9db893d

Please sign in to comment.