Skip to content

Commit 4218f58

Browse files
henryxhenryx
authored
Added patch to manage token as char array instead of String (#73)
1 parent d2524f9 commit 4218f58

File tree

17 files changed

+104
-79
lines changed

17 files changed

+104
-79
lines changed

src/main/java/io/github/jopenlibs/vault/VaultConfig.java

Lines changed: 15 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ public class VaultConfig implements Serializable {
3434

3535
private Map<String, String> secretsEnginePathMap = new ConcurrentHashMap<>();
3636
private String address;
37-
private String token;
37+
private char[] token;
3838
private SslConfig sslConfig;
3939
private Integer openTimeout;
4040
private Integer readTimeout;
@@ -143,8 +143,16 @@ public VaultConfig address(final String address) {
143143
* @return This object, with token populated, ready for additional builder-pattern method calls
144144
* or else finalization with the build() method
145145
*/
146-
public VaultConfig token(final String token) {
147-
this.token = token;
146+
public VaultConfig token(final CharSequence token) {
147+
if (token != null) {
148+
char[] arr = new char[token.length()];
149+
for (int i = 0; i < arr.length; i++) {
150+
arr[i] = token.charAt(i);
151+
}
152+
this.token = arr;
153+
} else {
154+
this.token = null;
155+
}
148156
return this;
149157
}
150158

@@ -354,8 +362,9 @@ public VaultConfig build() throws VaultException {
354362
throw new VaultException("No address is set");
355363
}
356364
}
357-
if (this.token == null && environmentLoader.loadVariable(VAULT_TOKEN) != null) {
358-
this.token = environmentLoader.loadVariable(VAULT_TOKEN);
365+
String envVaultToken = environmentLoader.loadVariable(VAULT_TOKEN);
366+
if (this.token == null && envVaultToken != null) {
367+
this.token = envVaultToken.toCharArray();
359368
}
360369
if (this.openTimeout == null
361370
&& environmentLoader.loadVariable(VAULT_OPEN_TIMEOUT) != null) {
@@ -393,7 +402,7 @@ public String getAddress() {
393402
return address;
394403
}
395404

396-
public String getToken() {
405+
public char[] getToken() {
397406
return token;
398407
}
399408

src/main/java/io/github/jopenlibs/vault/VaultImpl.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -309,7 +309,7 @@ private Map<String, String> collectSecretEngineVersions() {
309309
try {
310310
final RestResponse restResponse = new Rest()//NOPMD
311311
.url(vaultConfig.getAddress() + "/v1/sys/mounts")
312-
.header("X-Vault-Token", vaultConfig.getToken())
312+
.token(vaultConfig.getToken())
313313
.header("X-Vault-Namespace", this.vaultConfig.getNameSpace())
314314
.header("X-Vault-Request", "true")
315315
.connectTimeoutSeconds(vaultConfig.getOpenTimeout())

src/main/java/io/github/jopenlibs/vault/api/Auth.java

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -377,7 +377,7 @@ public AuthResponse createToken(final TokenRequest tokenRequest, final String to
377377
// HTTP request to Vault
378378
final RestResponse restResponse = getRest()//NOPMD
379379
.url(url)
380-
.header("X-Vault-Token", config.getToken())
380+
.token(config.getToken())
381381
.header("X-Vault-Namespace", this.nameSpace)
382382
.header("X-Vault-Request", "true")
383383
.body(requestJson.getBytes(StandardCharsets.UTF_8))
@@ -1252,7 +1252,7 @@ public AuthResponse renewSelf(final long increment, final String tokenAuthMount)
12521252
final String requestJson = Json.object().add("increment", increment).toString();
12531253
final RestResponse restResponse = getRest()//NOPMD
12541254
.url(config.getAddress() + "/v1/auth/" + mount + "/renew-self")
1255-
.header("X-Vault-Token", config.getToken())
1255+
.token(config.getToken())
12561256
.header("X-Vault-Namespace", this.nameSpace)
12571257
.header("X-Vault-Request", "true")
12581258
.body(increment < 0 ? null : requestJson.getBytes(StandardCharsets.UTF_8))
@@ -1308,7 +1308,7 @@ public LookupResponse lookupSelf(final String tokenAuthMount) throws VaultExcept
13081308
// HTTP request to Vault
13091309
final RestResponse restResponse = getRest()//NOPMD
13101310
.url(config.getAddress() + "/v1/auth/" + mount + "/lookup-self")
1311-
.header("X-Vault-Token", config.getToken())
1311+
.token(config.getToken())
13121312
.header("X-Vault-Namespace", this.nameSpace)
13131313
.header("X-Vault-Request", "true")
13141314
.connectTimeoutSeconds(config.getOpenTimeout())
@@ -1344,19 +1344,19 @@ public LogicalResponse lookupWrap() throws VaultException {
13441344
}
13451345

13461346
/**
1347-
* @see io.github.jopenlibs.vault.api.sys.Wrapping#lookupWrap(String)
1347+
* @see io.github.jopenlibs.vault.api.sys.Wrapping#lookupWrap(char[])
13481348
* @deprecated This method is deprecated and in future it will be removed
13491349
*/
1350-
public LogicalResponse lookupWrap(final String wrappedToken) throws VaultException {
1350+
public LogicalResponse lookupWrap(final char[] wrappedToken) throws VaultException {
13511351
Sys sys = new Sys(this.config);
13521352
return sys.wrapping().lookupWrap(wrappedToken, true);
13531353
}
13541354

13551355
/**
1356-
* @see io.github.jopenlibs.vault.api.sys.Wrapping#lookupWrap(String, boolean)
1356+
* @see io.github.jopenlibs.vault.api.sys.Wrapping#lookupWrap(char[], boolean)
13571357
* @deprecated This method is deprecated and in future it will be removed
13581358
*/
1359-
public LogicalResponse lookupWrap(final String wrappedToken, boolean inBody)
1359+
public LogicalResponse lookupWrap(final char[] wrappedToken, boolean inBody)
13601360
throws VaultException {
13611361
Sys sys = new Sys(this.config);
13621362
return sys.wrapping().lookupWrap(wrappedToken, inBody);
@@ -1385,7 +1385,7 @@ public void revokeSelf(final String tokenAuthMount) throws VaultException {
13851385
// HTTP request to Vault
13861386
final RestResponse restResponse = getRest()//NOPMD
13871387
.url(config.getAddress() + "/v1/auth/" + mount + "/revoke-self")
1388-
.header("X-Vault-Token", config.getToken())
1388+
.token(config.getToken())
13891389
.header("X-Vault-Namespace", this.nameSpace)
13901390
.header("X-Vault-Request", "true")
13911391
.connectTimeoutSeconds(config.getOpenTimeout())
@@ -1417,19 +1417,19 @@ public UnwrapResponse unwrap() throws VaultException {
14171417
}
14181418

14191419
/**
1420-
* @see io.github.jopenlibs.vault.api.sys.Wrapping#unwrap(String)
1420+
* @see io.github.jopenlibs.vault.api.sys.Wrapping#unwrap(char[])
14211421
* @deprecated This method is deprecated and in future it will be removed
14221422
*/
1423-
public UnwrapResponse unwrap(final String wrappedToken) throws VaultException {
1423+
public UnwrapResponse unwrap(final char[] wrappedToken) throws VaultException {
14241424
Sys sys = new Sys(this.config);
14251425
return sys.wrapping().unwrap(wrappedToken, true);
14261426
}
14271427

14281428
/**
1429-
* @see io.github.jopenlibs.vault.api.sys.Wrapping#unwrap(String, boolean)
1429+
* @see io.github.jopenlibs.vault.api.sys.Wrapping#unwrap(char[], boolean)
14301430
* @deprecated This method is deprecated and in future it will be removed
14311431
*/
1432-
public UnwrapResponse unwrap(final String wrappedToken, boolean inBody) throws VaultException {
1432+
public UnwrapResponse unwrap(final char[] wrappedToken, boolean inBody) throws VaultException {
14331433
Sys sys = new Sys(this.config);
14341434
return sys.wrapping().unwrap(wrappedToken, inBody);
14351435
}
@@ -1444,10 +1444,10 @@ public WrapResponse wrap(final JsonObject jsonObject, int ttlInSec) throws Vault
14441444
}
14451445

14461446
/**
1447-
* @see io.github.jopenlibs.vault.api.sys.Wrapping#rewrap(String)
1447+
* @see io.github.jopenlibs.vault.api.sys.Wrapping#rewrap(char[])
14481448
* @deprecated This method is deprecated and in future it will be removed
14491449
*/
1450-
public WrapResponse rewrap(final String wrappedToken) throws VaultException {
1450+
public WrapResponse rewrap(final char[] wrappedToken) throws VaultException {
14511451
Sys sys = new Sys(this.config);
14521452
return sys.wrapping().rewrap(wrappedToken);
14531453
}

src/main/java/io/github/jopenlibs/vault/api/Debug.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -108,7 +108,7 @@ public HealthResponse health(
108108
// Build an HTTP request for Vault
109109
final Rest rest = getRest()//NOPMD
110110
.url(config.getAddress() + "/v1/" + path)
111-
.header("X-Vault-Token", config.getToken())
111+
.token(config.getToken())
112112
.header("X-Vault-Namespace", this.nameSpace)
113113
.header("X-Vault-Request", "true")
114114
.connectTimeoutSeconds(config.getOpenTimeout())

src/main/java/io/github/jopenlibs/vault/api/Logical.java

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -89,7 +89,7 @@ private LogicalResponse read(final String path, final logicalOperations operatio
8989
final RestResponse restResponse = getRest()//NOPMD
9090
.url(config.getAddress() + "/v1/" + adjustPathForReadOrWrite(path,
9191
config.getPrefixPathDepth(), operation))
92-
.header("X-Vault-Token", config.getToken())
92+
.token(config.getToken())
9393
.header("X-Vault-Namespace", this.nameSpace)
9494
.header("X-Vault-Request", "true")
9595
.connectTimeoutSeconds(config.getOpenTimeout())
@@ -148,7 +148,7 @@ public LogicalResponse read(final String path, Boolean shouldRetry, final Intege
148148
.url(config.getAddress() + "/v1/" + adjustPathForReadOrWrite(
149149
path,
150150
config.getPrefixPathDepth(), logicalOperations.readV2))
151-
.header("X-Vault-Token", config.getToken())
151+
.token(config.getToken())
152152
.header("X-Vault-Namespace", this.nameSpace)
153153
.header("X-Vault-Request", "true")
154154
.parameter("version", version.toString())
@@ -288,7 +288,7 @@ private LogicalResponse write(final String path, final Map<String, Object> nameV
288288
config.getPrefixPathDepth(), operation))
289289
.body(jsonObjectToWriteFromEngineVersion(operation, dataJson, optionsJson)
290290
.toString().getBytes(StandardCharsets.UTF_8))
291-
.header("X-Vault-Token", config.getToken())
291+
.token(config.getToken())
292292
.header("X-Vault-Namespace", this.nameSpace)
293293
.header("X-Vault-Request", "true")
294294
.header("X-Vault-Wrap-TTL", wrapTTL != null ? wrapTTL.toString() : null)
@@ -380,7 +380,7 @@ private LogicalResponse delete(final String path, final Logical.logicalOperation
380380
final RestResponse restResponse = getRest()//NOPMD
381381
.url(config.getAddress() + "/v1/" + adjustPathForDelete(path,
382382
config.getPrefixPathDepth(), operation))
383-
.header("X-Vault-Token", config.getToken())
383+
.token(config.getToken())
384384
.header("X-Vault-Namespace", this.nameSpace)
385385
.header("X-Vault-Request", "true")
386386
.connectTimeoutSeconds(config.getOpenTimeout())
@@ -430,7 +430,7 @@ public LogicalResponse delete(final String path, final int[] versions) throws Va
430430
final RestResponse restResponse = getRest()//NOPMD
431431
.url(config.getAddress() + "/v1/" + adjustPathForVersionDelete(path,
432432
config.getPrefixPathDepth()))
433-
.header("X-Vault-Token", config.getToken())
433+
.token(config.getToken())
434434
.header("X-Vault-Namespace", this.nameSpace)
435435
.header("X-Vault-Request", "true")
436436
.connectTimeoutSeconds(config.getOpenTimeout())
@@ -490,7 +490,7 @@ public LogicalResponse unDelete(final String path, final int[] versions) throws
490490
final RestResponse restResponse = getRest() //NOPMD
491491
.url(config.getAddress() + "/v1/" + adjustPathForVersionUnDelete(path,
492492
config.getPrefixPathDepth()))
493-
.header("X-Vault-Token", config.getToken())
493+
.token(config.getToken())
494494
.header("X-Vault-Namespace", this.nameSpace)
495495
.header("X-Vault-Request", "true")
496496
.connectTimeoutSeconds(config.getOpenTimeout())
@@ -537,7 +537,7 @@ public LogicalResponse destroy(final String path, final int[] versions) throws V
537537
final RestResponse restResponse = getRest()//NOPMD
538538
.url(config.getAddress() + "/v1/" + adjustPathForVersionDestroy(path,
539539
config.getPrefixPathDepth()))
540-
.header("X-Vault-Token", config.getToken())
540+
.token(config.getToken())
541541
.header("X-Vault-Namespace", this.nameSpace)
542542
.header("X-Vault-Request", "true")
543543
.connectTimeoutSeconds(config.getOpenTimeout())
@@ -574,7 +574,7 @@ public LogicalResponse upgrade(final String kvPath) throws VaultException {
574574
final RestResponse restResponse = getRest()//NOPMD
575575
.url(config.getAddress() + "/v1/sys/mounts/" + (kvPath.replaceAll("/", "")
576576
+ "/tune"))
577-
.header("X-Vault-Token", config.getToken())
577+
.token(config.getToken())
578578
.header("X-Vault-Namespace", this.nameSpace)
579579
.header("X-Vault-Request", "true")
580580
.connectTimeoutSeconds(config.getOpenTimeout())

src/main/java/io/github/jopenlibs/vault/api/database/Database.java

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -93,7 +93,7 @@ public DatabaseResponse createOrUpdateRole(final String roleName,
9393
final RestResponse restResponse = getRest()//NOPMD
9494
.url(String.format("%s/v1/%s/roles/%s", config.getAddress(), this.mountPath,
9595
roleName))
96-
.header("X-Vault-Token", config.getToken())
96+
.token(config.getToken())
9797
.header("X-Vault-Namespace", this.nameSpace)
9898
.header("X-Vault-Request", "true")
9999
.body(requestJson.getBytes(StandardCharsets.UTF_8))
@@ -139,7 +139,7 @@ public DatabaseResponse getRole(final String roleName) throws VaultException {
139139
final RestResponse restResponse = getRest()//NOPMD
140140
.url(String.format("%s/v1/%s/roles/%s", config.getAddress(), this.mountPath,
141141
roleName))
142-
.header("X-Vault-Token", config.getToken())
142+
.token(config.getToken())
143143
.header("X-Vault-Namespace", this.nameSpace)
144144
.header("X-Vault-Request", "true")
145145
.connectTimeoutSeconds(config.getOpenTimeout())
@@ -191,7 +191,7 @@ public DatabaseResponse revoke(final String serialNumber) throws VaultException
191191

192192
final RestResponse restResponse = getRest()//NOPMD
193193
.url(String.format("%s/v1/%s/revoke", config.getAddress(), this.mountPath))
194-
.header("X-Vault-Token", config.getToken())
194+
.token(config.getToken())
195195
.header("X-Vault-Namespace", this.nameSpace)
196196
.header("X-Vault-Request", "true")
197197
.connectTimeoutSeconds(config.getOpenTimeout())
@@ -237,7 +237,7 @@ public DatabaseResponse deleteRole(final String roleName) throws VaultException
237237
final RestResponse restResponse = getRest()//NOPMD
238238
.url(String.format("%s/v1/%s/roles/%s", config.getAddress(), this.mountPath,
239239
roleName))
240-
.header("X-Vault-Token", config.getToken())
240+
.token(config.getToken())
241241
.header("X-Vault-Namespace", this.nameSpace)
242242
.header("X-Vault-Request", "true")
243243
.connectTimeoutSeconds(config.getOpenTimeout())
@@ -284,7 +284,7 @@ public DatabaseResponse creds(final String roleName) throws VaultException {
284284
final RestResponse restResponse = getRest()//NOPMD
285285
.url(String.format("%s/v1/%s/creds/%s", config.getAddress(), this.mountPath,
286286
roleName))
287-
.header("X-Vault-Token", config.getToken())
287+
.token(config.getToken())
288288
.header("X-Vault-Namespace", this.nameSpace)
289289
.header("X-Vault-Request", "true")
290290
.connectTimeoutSeconds(config.getOpenTimeout())

src/main/java/io/github/jopenlibs/vault/api/pki/Pki.java

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -119,7 +119,7 @@ public PkiResponse createOrUpdateRole(final String roleName, final RoleOptions o
119119
final RestResponse restResponse = getRest()//NOPMD
120120
.url(String.format("%s/v1/%s/roles/%s", config.getAddress(), this.mountPath,
121121
roleName))
122-
.header("X-Vault-Token", config.getToken())
122+
.token(config.getToken())
123123
.header("X-Vault-Namespace", this.nameSpace)
124124
.header("X-Vault-Request", "true")
125125
.body(requestJson.getBytes(StandardCharsets.UTF_8))
@@ -167,7 +167,7 @@ public PkiResponse getRole(final String roleName) throws VaultException {
167167
final RestResponse restResponse = getRest()//NOPMD
168168
.url(String.format("%s/v1/%s/roles/%s", config.getAddress(), this.mountPath,
169169
roleName))
170-
.header("X-Vault-Token", config.getToken())
170+
.token(config.getToken())
171171
.header("X-Vault-Namespace", this.nameSpace)
172172
.header("X-Vault-Request", "true")
173173
.connectTimeoutSeconds(config.getOpenTimeout())
@@ -187,7 +187,7 @@ public PkiResponse getRole(final String roleName) throws VaultException {
187187
}
188188

189189
/**
190-
* <p>Operation to revike a certificate in the vault using the PKI backend.
190+
* <p>Operation to revoke a certificate in the vault using the PKI backend.
191191
* Relies on an authentication token being present in the <code>VaultConfig</code>
192192
* instance.</p>
193193
*
@@ -218,7 +218,7 @@ public PkiResponse revoke(final String serialNumber) throws VaultException {
218218
final String requestJson = jsonObject.toString();
219219
final RestResponse restResponse = getRest()//NOPMD
220220
.url(String.format("%s/v1/%s/revoke", config.getAddress(), this.mountPath))
221-
.header("X-Vault-Token", config.getToken())
221+
.token(config.getToken())
222222
.header("X-Vault-Namespace", this.nameSpace)
223223
.header("X-Vault-Request", "true")
224224
.connectTimeoutSeconds(config.getOpenTimeout())
@@ -264,7 +264,7 @@ public PkiResponse deleteRole(final String roleName) throws VaultException {
264264
final RestResponse restResponse = getRest()//NOPMD
265265
.url(String.format("%s/v1/%s/roles/%s", config.getAddress(), this.mountPath,
266266
roleName))
267-
.header("X-Vault-Token", config.getToken())
267+
.token(config.getToken())
268268
.header("X-Vault-Namespace", this.nameSpace)
269269
.header("X-Vault-Request", "true")
270270
.connectTimeoutSeconds(config.getOpenTimeout())
@@ -541,7 +541,7 @@ public PkiResponse issue(
541541

542542
final RestResponse restResponse = getRest()//NOPMD
543543
.url(String.format(endpoint, config.getAddress(), this.mountPath, roleName))
544-
.header("X-Vault-Token", config.getToken())
544+
.token(config.getToken())
545545
.header("X-Vault-Namespace", this.nameSpace)
546546
.header("X-Vault-Request", "true")
547547
.body(requestJson.getBytes(StandardCharsets.UTF_8))

0 commit comments

Comments
 (0)