Java HttpStatus.OK属性代码示例

/**
 * List operation for the specified path.  Will return a {@link Map} with a single entry of keys which is an
 * array of strings that represents the keys at that path. If Vault returns an unexpected response code, a
 * {@link VaultServerException} will be thrown with the code and error details.  If an unexpected I/O error is
 * encountered, a {@link VaultClientException} will be thrown wrapping the underlying exception.
 * <p>
 * See https://www.vaultproject.io/docs/secrets/generic/index.html for details on what the list operation returns.
 * </p>
 *
 * @param path Path to the data
 * @return Map containing the keys at that path
 */
public VaultListResponse list(final String path) {
    final HttpUrl url = buildUrl(SECRET_PATH_PREFIX, path + "?list=true");
    logger.debug("list: requestUrl={}", url);

    final Response response = execute(url, HttpMethod.GET, null);

    if (response.code() == HttpStatus.NOT_FOUND) {
        response.close();
        return new VaultListResponse();
    } else if (response.code() != HttpStatus.OK) {
        parseAndThrowErrorResponse(response);
    }

    final Type mapType = new TypeToken<Map<String, Object>>() {
    }.getType();
    final Map<String, Object> rootData = parseResponseBody(response, mapType);
    return gson.fromJson(gson.toJson(rootData.get("data")), VaultListResponse.class);
}
 

/**
 * Gets all the details about the client token being used by the requester.  Also serves as a simple way
 * to test that a token is still active.  If an unexpected response is recieved, a {@link VaultServerException}
 * will be thrown with details.
 *
 * @return Client token details
 */
public VaultClientTokenResponse lookupSelf() {
    final HttpUrl url = buildUrl(AUTH_PATH_PREFIX, "token/lookup-self");
    logger.debug("lookupSelf: requestUrl={}", url);

    final Response response = execute(url, HttpMethod.GET, null);

    if (response.code() != HttpStatus.OK) {
        parseAndThrowErrorResponse(response);
    }

    final Type mapType = new TypeToken<Map<String, Object>>() {
    }.getType();
    final Map<String, Object> rootData = parseResponseBody(response, mapType);
    return gson.fromJson(gson.toJson(rootData.get("data")), VaultClientTokenResponse.class);
}
 

/**
 * Initializes a new Vault. The Vault must've not been previously initialized.
 *
 * @param secretShares    The number of shares to split the master key into
 * @param secretThreshold The number of shares required to reconstruct the master key.
 *                        This must be less than or equal to secret_shares
 * @return Object including the master keys and initial root token
 */
public VaultInitResponse init(final int secretShares, final int secretThreshold) {
    final HttpUrl url = buildUrl(SYS_PATH_PREFIX, "init");

    final Map<String, Integer> requestBody = new HashMap<>();
    requestBody.put("secret_shares", secretShares);
    requestBody.put("secret_threshold", secretThreshold);

    final Response response = execute(url, HttpMethod.PUT, requestBody);

    if (response.code() != HttpStatus.OK) {
        parseAndThrowErrorResponse(response);
    }

    return parseResponseBody(response, VaultInitResponse.class);
}
 

/**
 * Retrieves the encrypted auth response from Cerberus.
 *
 * @param iamPrincipalArn IAM principal ARN used in the row key
 * @param region          Current region of the running function or instance
 * @return Base64 and encrypted token
 */
protected String getEncryptedAuthData(final String iamPrincipalArn, Region region) {
    final String url = urlResolver.resolve();

    if (StringUtils.isBlank(url)) {
        throw new VaultClientException("Unable to find the Vault URL.");
    }

    LOGGER.info(String.format("Attempting to authenticate with AWS IAM principal ARN [%s] against [%s]",
            iamPrincipalArn, url));

    try {
        Request.Builder requestBuilder = new Request.Builder().url(url + "/v2/auth/iam-principal")
                .addHeader(HttpHeader.ACCEPT, DEFAULT_MEDIA_TYPE.toString())
                .addHeader(HttpHeader.CONTENT_TYPE, DEFAULT_MEDIA_TYPE.toString())
                .addHeader(ClientVersion.CERBERUS_CLIENT_HEADER, cerberusJavaClientHeaderValue)
                .method(HttpMethod.POST, buildCredentialsRequestBody(iamPrincipalArn, region));

        Response response = httpClient.newCall(requestBuilder.build()).execute();

        if (response.code() != HttpStatus.OK) {
            parseAndThrowErrorResponse(response.code(), response.body().string());
        }

        final Type mapType = new TypeToken<Map<String, String>>() {
        }.getType();
        final Map<String, String> authData = gson.fromJson(response.body().string(), mapType);
        final String key = "auth_data";

        if (authData.containsKey(key)) {
            LOGGER.info(String.format("Authentication successful with AWS IAM principal ARN [%s] against [%s]",
                    iamPrincipalArn, url));
            return authData.get(key);
        } else {
            throw new VaultClientException("Success response from IAM role authenticate endpoint missing auth data!");
        }
    } catch (IOException e) {
        throw new VaultClientException("I/O error while communicating with Cerberus", e);
    }
}
 

/**
 * Read operation for a specified path.  Will return a {@link Map} of the data stored at the specified path.
 * If Vault returns an unexpected response code, a {@link VaultServerException} will be thrown with the code
 * and error details.  If an unexpected I/O error is encountered, a {@link VaultClientException} will be thrown
 * wrapping the underlying exception.
 *
 * @param path Path to the data
 * @return Map of the data
 */
public GenericVaultResponse readDataGenerically(final String path) {
    final HttpUrl url = buildUrl(SECRET_PATH_PREFIX, path);
    log.debug("read: requestUrl={}", url);

    final Response response = execute(url, HttpMethod.GET, null);

    if (response.code() != HttpStatus.OK) {
        parseAndThrowErrorResponse(response);
    }

    return parseResponseBody(response, GenericVaultResponse.class);
}
 

/**
 * Read operation for a specified path.  Will return a {@link Map} of the data stored at the specified path.
 * If Vault returns an unexpected response code, a {@link VaultServerException} will be thrown with the code
 * and error details.  If an unexpected I/O error is encountered, a {@link VaultClientException} will be thrown
 * wrapping the underlying exception.
 *
 * @param path Path to the data
 * @return Map of the data
 */
public VaultResponse read(final String path) {
    final HttpUrl url = buildUrl(SECRET_PATH_PREFIX, path);
    logger.debug("read: requestUrl={}", url);

    final Response response = execute(url, HttpMethod.GET, null);

    if (response.code() != HttpStatus.OK) {
        parseAndThrowErrorResponse(response);
    }

    return parseResponseBody(response, VaultResponse.class);
}
 

/**
 * Lists all the available policies.
 *
 * @return Set of policy names
 */
public Set<String> policies() {
    final HttpUrl url = buildUrl(SYS_PATH_PREFIX, "policy");
    final Response response = execute(url, HttpMethod.GET, null);

    if (response.code() != HttpStatus.OK) {
        parseAndThrowErrorResponse(response);
    }

    final Type mapType = new TypeToken<Map<String, Set<String>>>() {
    }.getType();
    final Map<String, Set<String>> policyMap = parseResponseBody(response, mapType);

    return policyMap.get("policies");
}
 

/**
 * Retrieve the rules for the named policy.
 *
 * @param name Policy name
 * @return Policy rules
 */
public VaultPolicy policy(final String name) {
    final HttpUrl url = buildUrl(SYS_PATH_PREFIX, String.format("policy/%s", name));
    final Response response = execute(url, HttpMethod.GET, null);

    if (response.code() != HttpStatus.OK) {
        parseAndThrowErrorResponse(response);
    }

    return parseResponseBody(response, VaultPolicy.class);
}
 

/**
 * Creates a new token. Certain options are only available to when called by a root token.
 *
 * @param vaultTokenAuthRequest Request object with optional parameters
 * @return Auth response with the token and details
 */
public VaultAuthResponse createToken(final VaultTokenAuthRequest vaultTokenAuthRequest) {
    final HttpUrl url = buildUrl(AUTH_PATH_PREFIX, "token/create");
    final Response response = execute(url, HttpMethod.POST, vaultTokenAuthRequest);

    if (response.code() != HttpStatus.OK) {
        parseAndThrowErrorResponse(response);
    }

    final Type mapType = new TypeToken<Map<String, Object>>() {
    }.getType();
    final Map<String, Object> authData = parseResponseBody(response, mapType);
    return getGson().fromJson(getGson().toJson(authData.get("auth")), VaultAuthResponse.class);
}
 

/**
 * Creates a new token. Certain options are only available to when called by a root token.
 * A root token is not required to create an orphan token (otherwise set with the no_parent option).
 *
 * @param vaultTokenAuthRequest Request object with optional parameters
 * @return Auth response with the token and details
 */
public VaultAuthResponse createOrphanToken(final VaultTokenAuthRequest vaultTokenAuthRequest) {
    final HttpUrl url = buildUrl(AUTH_PATH_PREFIX, "token/create-orphan");
    final Response response = execute(url, HttpMethod.POST, vaultTokenAuthRequest);

    if (response.code() != HttpStatus.OK) {
        parseAndThrowErrorResponse(response);
    }

    final Type mapType = new TypeToken<Map<String, Object>>() {
    }.getType();
    final Map<String, Object> authData = parseResponseBody(response, mapType);
    return getGson().fromJson(getGson().toJson(authData.get("auth")), VaultAuthResponse.class);
}
 

/**
 * Lookup up the specified token and return details about it.
 *
 * @param token Token to lookup
 * @return Token details
 */
public VaultClientTokenResponse lookupToken(final String token) {
    final HttpUrl url = buildUrl(AUTH_PATH_PREFIX, String.format("token/lookup/%s", token));
    final Response response = execute(url, HttpMethod.GET, null);

    if (response.code() != HttpStatus.OK) {
        parseAndThrowErrorResponse(response);
    }

    final Type mapType = new TypeToken<Map<String, Object>>() {
    }.getType();
    final Map<String, Object> rootData = parseResponseBody(response, mapType);
    return getGson().fromJson(getGson().toJson(rootData.get("data")), VaultClientTokenResponse.class);
}
 

/**
 * Enter a single master key share to progress the unsealing of the Vault. If the threshold number of master key
 * shares is reached, Vault will attempt to unseal the Vault. Otherwise, this API must be called multiple times
 * until that threshold is met.
 * <p>
 * Either the key or reset parameter must be provided; if both are provided, reset takes precedence.
 * </p>
 *
 * @param key   A single master share key
 * @param reset If true, the previously-provided unseal keys are discarded from memory and the unseal process
 *              is reset.
 * @return Seal status
 */
public VaultSealStatusResponse unseal(final String key, final boolean reset) {
    final HttpUrl url = buildUrl(SYS_PATH_PREFIX, "unseal");
    final VaultUnsealRequest request = new VaultUnsealRequest(key, reset);

    final Response response = execute(url, HttpMethod.PUT, request);

    if (response.code() != HttpStatus.OK) {
        parseAndThrowErrorResponse(response);
    }

    return parseResponseBody(response, VaultSealStatusResponse.class);
}