Module io.helidon.integrations.vault.auths.token
Package io.helidon.integrations.vault.auths.token

Interface TokenAuth

public interface TokenAuth
Token authentication method API. All methods block the current thread. This implementation is not suitable for reactive programming. Use TokenAuthRx in reactive code.

  • Field Details

  • Method Details

    • create

      static TokenAuth create(TokenAuthRx reactive)
      Create blocking token authentication method from its reactive counterpart.
      Parameters:
      reactive - reactive token authentication method API
      Returns:
      blocking token authentication method API

    • createToken

      default CreateToken.Response createToken()
      Create a new child token with default configuration.
      Returns:
      a new token

    • createOrphan

      default CreateToken.Response createOrphan()
      Create a new orphan token with default configuration.
      Returns:
      a new token

    • createToken

      CreateToken.Response createToken(CreateToken.Request request)
      Create a new token with customized configuration.
      Parameters:
      request - token request
      Returns:
      a new token

    • renew

      RenewToken.Response renew(RenewToken.Request request)
      Renews a lease associated with a token. This is used to prevent the expiration of a token, and the automatic revocation of it. Token renewal is possible only if there is a lease associated with it.
      Parameters:
      request - with token to renew
      Returns:
      a new token

    • revoke

      RevokeToken.Response revoke(RevokeToken.Request request)
      Revokes a token and all child tokens. When the token is revoked, all dynamic secrets generated with it are also revoked.
      Parameters:
      request - with token to revoke
      Returns:
      when revocation finishes

    • createTokenRole

      CreateTokenRole.Response createTokenRole(CreateTokenRole.Request request)
      Creates (or replaces) the named role. Roles enforce specific behavior when creating tokens that allow token functionality that is otherwise not available or would require sudo/root privileges to access. Role parameters, when set, override any provided options to the create endpoints. The role name is also included in the token path, allowing all tokens created against a role to be revoked using the /sys/leases/revoke-prefix endpoint.
      Parameters:
      request - token role request
      Returns:
      when creation finishes

    • deleteTokenRole

      DeleteTokenRole.Response deleteTokenRole(DeleteTokenRole.Request request)
      Delete a named token role.
      Parameters:
      request - with name of the role
      Returns:
      when deleted

    • revokeAndOrphan

      RevokeAndOrphanToken.Response revokeAndOrphan(RevokeAndOrphanToken.Request request)
      Revokes a token and orphans all child tokens. When the token is revoked, all dynamic secrets generated with it are also revoked. This is a root protected endpoint.
      Parameters:
      request - with token to revoke
      Returns:
      when revocation finishes