Package com.datapipe.jenkins.vault.credentials

Class AbstractAuthenticatingVaultTokenCredential

java.lang.Object

com.cloudbees.plugins.credentials.BaseCredentials

com.cloudbees.plugins.credentials.impl.BaseStandardCredentials

com.datapipe.jenkins.vault.credentials.AbstractVaultTokenCredential

com.datapipe.jenkins.vault.credentials.AbstractVaultTokenCredentialWithExpiration

com.datapipe.jenkins.vault.credentials.AbstractAuthenticatingVaultTokenCredential

All Implemented Interfaces:

com.cloudbees.plugins.credentials.common.IdCredentials, com.cloudbees.plugins.credentials.common.StandardCredentials, com.cloudbees.plugins.credentials.Credentials, VaultCredential, ExtensionPoint, Describable<com.cloudbees.plugins.credentials.Credentials>, Serializable

Direct Known Subclasses:

VaultAppRoleCredential, VaultAwsIamCredential, VaultGCPCredential, VaultGithubTokenCredential, VaultKubernetesCredential

public abstract class AbstractAuthenticatingVaultTokenCredential
extends AbstractVaultTokenCredentialWithExpiration

Abstract Vault token credential that authenticates with the vault server to retrieve the authentication token. This credential type can explicitly configure the namespace which the authentication method is mounted.

See Also:

Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from class com.cloudbees.plugins.credentials.impl.BaseStandardCredentials

com.cloudbees.plugins.credentials.impl.BaseStandardCredentials.BaseStandardCredentialsDescriptor

Nested classes/interfaces inherited from interface hudson.ExtensionPoint

ExtensionPoint.LegacyInstancesAreScopedToHudson

Nested classes/interfaces inherited from interface com.cloudbees.plugins.credentials.common.IdCredentials

com.cloudbees.plugins.credentials.common.IdCredentials.Helpers

Nested classes/interfaces inherited from interface com.cloudbees.plugins.credentials.common.StandardCredentials

com.cloudbees.plugins.credentials.common.StandardCredentials.NameProvider

Nested classes/interfaces inherited from interface com.datapipe.jenkins.vault.credentials.VaultCredential

VaultCredential.NameProvider

Field Summary

Fields inherited from class com.datapipe.jenkins.vault.credentials.AbstractVaultTokenCredentialWithExpiration

LOGGER

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	AbstractAuthenticatingVaultTokenCredential(com.cloudbees.plugins.credentials.CredentialsScope scope, String id, String description)

Method Summary

Modifier and Type	Method	Description
String	getNamespace()	Get Vault namespace.
protected abstract String	getToken(com.bettercloud.vault.api.Auth auth)	Authenticate with vault using this credential and return the token.
protected String	getToken(com.bettercloud.vault.Vault vault)
protected com.bettercloud.vault.api.Auth	getVaultAuth(com.bettercloud.vault.Vault vault)	Retrieve the Vault auth client.
void	setNamespace(String namespace)	Set namespace where auth method is mounted.

Methods inherited from class com.datapipe.jenkins.vault.credentials.AbstractVaultTokenCredentialWithExpiration

authorizeWithVault, getChildToken, getUsePolicies, getVault, setUsePolicies

Methods inherited from class com.cloudbees.plugins.credentials.impl.BaseStandardCredentials

equals, getDescription, getId, hashCode

Methods inherited from class com.cloudbees.plugins.credentials.BaseCredentials

getDescriptor, getScope

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.cloudbees.plugins.credentials.Credentials

getDescriptor, getScope

Methods inherited from interface com.cloudbees.plugins.credentials.common.IdCredentials

getId

Methods inherited from interface com.cloudbees.plugins.credentials.common.StandardCredentials

getDescription

Constructor Detail

AbstractAuthenticatingVaultTokenCredential

protected AbstractAuthenticatingVaultTokenCredential(com.cloudbees.plugins.credentials.CredentialsScope scope,
                                                     String id,
                                                     String description)

Method Detail

getNamespace

@CheckForNull
public String getNamespace()

Get Vault namespace.

Returns:

vault namespace or null

setNamespace

@DataBoundSetter
public void setNamespace(String namespace)

Set namespace where auth method is mounted. If set to "/" the root namespace is explicitly forced, otherwise the namespace from the secret credential vault config is used.

Parameters:

namespace - vault namespace

getVaultAuth

protected com.bettercloud.vault.api.Auth getVaultAuth(@NonNull
                                                      com.bettercloud.vault.Vault vault)

Description copied from class: AbstractVaultTokenCredentialWithExpiration

Retrieve the Vault auth client. May be overridden in subclasses.

Overrides:

getVaultAuth in class AbstractVaultTokenCredentialWithExpiration

Parameters:

vault - the Vault instance

Returns:

the Vault auth client

getToken

protected final String getToken(com.bettercloud.vault.Vault vault)

Specified by:

getToken in class AbstractVaultTokenCredentialWithExpiration

getToken

protected abstract String getToken(@NonNull
                                   com.bettercloud.vault.api.Auth auth)

Authenticate with vault using this credential and return the token. The auth client will be configured with this credentials namespace.

Parameters:

auth - vault auth client

Returns:

authentication token

Throws:

VaultPluginException - if failed to authenticate with vault