Class AbstractAuthenticatingVaultTokenCredential
- java.lang.Object
-
- com.cloudbees.plugins.credentials.BaseCredentials
-
- com.cloudbees.plugins.credentials.impl.BaseStandardCredentials
-
- com.datapipe.jenkins.vault.credentials.AbstractVaultTokenCredential
-
- com.datapipe.jenkins.vault.credentials.AbstractVaultTokenCredentialWithExpiration
-
- com.datapipe.jenkins.vault.credentials.AbstractAuthenticatingVaultTokenCredential
-
- All Implemented Interfaces:
com.cloudbees.plugins.credentials.common.IdCredentials
,com.cloudbees.plugins.credentials.common.StandardCredentials
,com.cloudbees.plugins.credentials.Credentials
,VaultCredential
,ExtensionPoint
,Describable<com.cloudbees.plugins.credentials.Credentials>
,Serializable
- Direct Known Subclasses:
VaultAppRoleCredential
,VaultAwsIamCredential
,VaultGCPCredential
,VaultGithubTokenCredential
,VaultKubernetesCredential
public abstract class AbstractAuthenticatingVaultTokenCredential extends AbstractVaultTokenCredentialWithExpiration
Abstract Vault token credential that authenticates with the vault server to retrieve the authentication token. This credential type can explicitly configure the namespace which the authentication method is mounted.- See Also:
- Serialized Form
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class com.cloudbees.plugins.credentials.impl.BaseStandardCredentials
com.cloudbees.plugins.credentials.impl.BaseStandardCredentials.BaseStandardCredentialsDescriptor
-
Nested classes/interfaces inherited from interface hudson.ExtensionPoint
ExtensionPoint.LegacyInstancesAreScopedToHudson
-
Nested classes/interfaces inherited from interface com.cloudbees.plugins.credentials.common.IdCredentials
com.cloudbees.plugins.credentials.common.IdCredentials.Helpers
-
Nested classes/interfaces inherited from interface com.cloudbees.plugins.credentials.common.StandardCredentials
com.cloudbees.plugins.credentials.common.StandardCredentials.NameProvider
-
Nested classes/interfaces inherited from interface com.datapipe.jenkins.vault.credentials.VaultCredential
VaultCredential.NameProvider
-
-
Field Summary
-
Fields inherited from class com.datapipe.jenkins.vault.credentials.AbstractVaultTokenCredentialWithExpiration
LOGGER
-
-
Constructor Summary
Constructors Modifier Constructor Description protected
AbstractAuthenticatingVaultTokenCredential(com.cloudbees.plugins.credentials.CredentialsScope scope, String id, String description)
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description String
getNamespace()
Get Vault namespace.protected abstract String
getToken(com.bettercloud.vault.api.Auth auth)
Authenticate with vault using this credential and return the token.protected String
getToken(com.bettercloud.vault.Vault vault)
protected com.bettercloud.vault.api.Auth
getVaultAuth(com.bettercloud.vault.Vault vault)
Retrieve the Vault auth client.void
setNamespace(String namespace)
Set namespace where auth method is mounted.-
Methods inherited from class com.datapipe.jenkins.vault.credentials.AbstractVaultTokenCredentialWithExpiration
authorizeWithVault, getChildToken, getUsePolicies, getVault, setUsePolicies
-
Methods inherited from class com.cloudbees.plugins.credentials.impl.BaseStandardCredentials
equals, getDescription, getId, hashCode
-
Methods inherited from class com.cloudbees.plugins.credentials.BaseCredentials
getDescriptor, getScope
-
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait
-
-
-
-
Method Detail
-
getNamespace
@CheckForNull public String getNamespace()
Get Vault namespace.- Returns:
- vault namespace or null
-
setNamespace
@DataBoundSetter public void setNamespace(String namespace)
Set namespace where auth method is mounted. If set to "/" the root namespace is explicitly forced, otherwise the namespace from the secret credential vault config is used.- Parameters:
namespace
- vault namespace
-
getVaultAuth
protected com.bettercloud.vault.api.Auth getVaultAuth(@NonNull com.bettercloud.vault.Vault vault)
Description copied from class:AbstractVaultTokenCredentialWithExpiration
Retrieve the Vault auth client. May be overridden in subclasses.- Overrides:
getVaultAuth
in classAbstractVaultTokenCredentialWithExpiration
- Parameters:
vault
- the Vault instance- Returns:
- the Vault auth client
-
getToken
protected final String getToken(com.bettercloud.vault.Vault vault)
- Specified by:
getToken
in classAbstractVaultTokenCredentialWithExpiration
-
getToken
protected abstract String getToken(@NonNull com.bettercloud.vault.api.Auth auth)
Authenticate with vault using this credential and return the token. Theauth
client will be configured with this credentials namespace.- Parameters:
auth
- vault auth client- Returns:
- authentication token
- Throws:
VaultPluginException
- if failed to authenticate with vault
-
-