Module io.helidon.integrations.vault.auths.token
Package io.helidon.integrations.vault.auths.token

Interface TokenAuth

  • public interface TokenAuth
    Token authentication method API. All methods block the current thread. This implementation is not suitable for reactive programming. Use TokenAuthRx in reactive code.

    • Method Detail

      • create

        static TokenAuth create​(TokenAuthRx reactive)
        Create blocking token authentication method from its reactive counterpart.
        Parameters:
        reactive - reactive token authentication method API
        Returns:
        blocking token authentication method API

      • createToken

        default CreateToken.Response createToken()
        Create a new child token with default configuration.
        Returns:
        a new token

      • createOrphan

        default CreateToken.Response createOrphan()
        Create a new orphan token with default configuration.
        Returns:
        a new token

      • renew

        RenewToken.Response renew​(RenewToken.Request request)
        Renews a lease associated with a token. This is used to prevent the expiration of a token, and the automatic revocation of it. Token renewal is possible only if there is a lease associated with it.
        Parameters:
        request - with token to renew
        Returns:
        a new token

      • revoke

        RevokeToken.Response revoke​(RevokeToken.Request request)
        Revokes a token and all child tokens. When the token is revoked, all dynamic secrets generated with it are also revoked.
        Parameters:
        request - with token to revoke
        Returns:
        when revocation finishes

      • createTokenRole

        CreateTokenRole.Response createTokenRole​(CreateTokenRole.Request request)
        Creates (or replaces) the named role. Roles enforce specific behavior when creating tokens that allow token functionality that is otherwise not available or would require sudo/root privileges to access. Role parameters, when set, override any provided options to the create endpoints. The role name is also included in the token path, allowing all tokens created against a role to be revoked using the /sys/leases/revoke-prefix endpoint.
        Parameters:
        request - token role request
        Returns:
        when creation finishes

      • revokeAndOrphan

        RevokeAndOrphanToken.Response revokeAndOrphan​(RevokeAndOrphanToken.Request request)
        Revokes a token and orphans all child tokens. When the token is revoked, all dynamic secrets generated with it are also revoked. This is a root protected endpoint.
        Parameters:
        request - with token to revoke
        Returns:
        when revocation finishes