Package com.datapipe.jenkins.vault.credentials

Class AbstractAuthenticatingVaultTokenCredential

java.lang.Object
com.cloudbees.plugins.credentials.BaseCredentials
com.cloudbees.plugins.credentials.impl.BaseStandardCredentials
com.datapipe.jenkins.vault.credentials.AbstractVaultTokenCredential
com.datapipe.jenkins.vault.credentials.AbstractVaultTokenCredentialWithExpiration
com.datapipe.jenkins.vault.credentials.AbstractAuthenticatingVaultTokenCredential
All Implemented Interfaces:
com.cloudbees.plugins.credentials.common.IdCredentials, com.cloudbees.plugins.credentials.common.StandardCredentials, com.cloudbees.plugins.credentials.Credentials, VaultCredential, ExtensionPoint, Describable<com.cloudbees.plugins.credentials.Credentials>, Serializable
Direct Known Subclasses:
VaultAppRoleCredential, VaultAwsIamCredential, VaultGCPCredential, VaultGithubTokenCredential, VaultKubernetesCredential
public abstract class AbstractAuthenticatingVaultTokenCredential extends AbstractVaultTokenCredentialWithExpiration
Abstract Vault token credential that authenticates with the vault server to retrieve the authentication token. This credential type can explicitly configure the namespace which the authentication method is mounted.
See Also:

  • Nested Class Summary

    Nested classes/interfaces inherited from class com.cloudbees.plugins.credentials.impl.BaseStandardCredentials

    com.cloudbees.plugins.credentials.impl.BaseStandardCredentials.BaseStandardCredentialsDescriptor

    Nested classes/interfaces inherited from interface hudson.ExtensionPoint

    ExtensionPoint.LegacyInstancesAreScopedToHudson

    Nested classes/interfaces inherited from interface com.cloudbees.plugins.credentials.common.IdCredentials

    com.cloudbees.plugins.credentials.common.IdCredentials.Helpers

    Nested classes/interfaces inherited from interface com.cloudbees.plugins.credentials.common.StandardCredentials

    com.cloudbees.plugins.credentials.common.StandardCredentials.NameProvider

    Nested classes/interfaces inherited from interface com.datapipe.jenkins.vault.credentials.VaultCredential

    VaultCredential.NameProvider

  • Field Summary

    Fields inherited from class com.datapipe.jenkins.vault.credentials.AbstractVaultTokenCredentialWithExpiration

    LOGGER

  • Constructor Summary

    Constructors
    Modifier
    Constructor
    Description
    protected
    AbstractAuthenticatingVaultTokenCredential(com.cloudbees.plugins.credentials.CredentialsScope scope, String id, String description)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    String
    getNamespace()
    Get Vault namespace.
    protected abstract String
    getToken(com.bettercloud.vault.api.Auth auth)
    Authenticate with vault using this credential and return the token.
    protected final String
    getToken(com.bettercloud.vault.Vault vault)
     
    protected com.bettercloud.vault.api.Auth
    getVaultAuth(com.bettercloud.vault.Vault vault)
    Retrieve the Vault auth client.
    void
    setNamespace(String namespace)
    Set namespace where auth method is mounted.

    Methods inherited from class com.datapipe.jenkins.vault.credentials.AbstractVaultTokenCredentialWithExpiration

    authorizeWithVault, getChildToken, getUsePolicies, getVault, setUsePolicies

    Methods inherited from class com.cloudbees.plugins.credentials.impl.BaseStandardCredentials

    equals, getDescription, getId, hashCode

    Methods inherited from class com.cloudbees.plugins.credentials.BaseCredentials

    getDescriptor, getScope

    Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

    Methods inherited from interface com.cloudbees.plugins.credentials.Credentials

    getDescriptor, getScope

    Methods inherited from interface com.cloudbees.plugins.credentials.common.IdCredentials

    getId

    Methods inherited from interface com.cloudbees.plugins.credentials.common.StandardCredentials

    getDescription

  • Constructor Details

    • AbstractAuthenticatingVaultTokenCredential

      protected AbstractAuthenticatingVaultTokenCredential(com.cloudbees.plugins.credentials.CredentialsScope scope, String id, String description)

  • Method Details

    • getNamespace

      @CheckForNull public String getNamespace()
      Get Vault namespace.
      Returns:
      vault namespace or null

    • setNamespace

      @DataBoundSetter public void setNamespace(String namespace)
      Set namespace where auth method is mounted. If set to "/" the root namespace is explicitly forced, otherwise the namespace from the secret credential vault config is used.
      Parameters:
      namespace - vault namespace

    • getVaultAuth

      protected com.bettercloud.vault.api.Auth getVaultAuth(@NonNull com.bettercloud.vault.Vault vault)
      Description copied from class: AbstractVaultTokenCredentialWithExpiration
      Retrieve the Vault auth client. May be overridden in subclasses.
      Overrides:
      getVaultAuth in class AbstractVaultTokenCredentialWithExpiration
      Parameters:
      vault - the Vault instance
      Returns:
      the Vault auth client

    • getToken

      protected final String getToken(com.bettercloud.vault.Vault vault)
      Specified by:
      getToken in class AbstractVaultTokenCredentialWithExpiration

    • getToken

      protected abstract String getToken(@NonNull com.bettercloud.vault.api.Auth auth)
      Authenticate with vault using this credential and return the token. The auth client will be configured with this credentials namespace.
      Parameters:
      auth - vault auth client
      Returns:
      authentication token
      Throws:
      VaultPluginException - if failed to authenticate with vault