We are writing an application that creates short lived secrets using the "response wrapping" feature of Vault. Vault API uses a header to set the TTL to a non-default value.
Is there a way to set the X-Vault-Wrap-TTL header using spring-vault?
Asked
Active
Viewed 454 times
1 Answers
1
Spring Vault does not provide an API to create wrapped responses because it would require mirroring all API with a different response type. If you require response wrapping, then use the session callback:
ResponseEntity<VaultResponse> response = vaultOperations.doWithSession(restOperations -> {
HttpHeaders headers = new HttpHeaders();
headers.add("X-Vault-Wrap-TTL", "1h");
return restOperations.exchange("secret/mykey", HttpMethod.GET, new HttpEntity<>(headers), VaultResponse.class);
});
Map<String, String> wrapInfo = response.getBody().getWrapInfo();
// token to unwrap the response
VaultToken token = VaultToken.of(wrapInfo.get("token"));
mp911de
- 17,546
- 2
- 55
- 95