未应用 Spring Vault 配置

时间:2021-01-25 15:55:33

标签: java spring-boot hashicorp-vault spring-vault vault

我是 Spring Vault 的新手,也是 Springboot 的新手,我正在尝试学习这个,所以我需要帮助。不过,对于这篇很长的帖子,我们深表歉意。

这是我在网上查看各种教程所建立的 Spring Vault 项目的来源

Credential.java

package com.example.vault.demoVault;

public class Credential {
    private String username;

    private String password;

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }
}

CredentialService.java

package com.example.vault.demoVault;

import java.net.URISyntaxException;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.vault.core.VaultTemplate;
import org.springframework.vault.support.VaultResponseSupport;

/**
 * Sample service to demonstrate storing and retrieval of secrets.
 *
 * NOTE: We need to configure Vault and provide the Vault uri in the properties file.
 *
 */
@Service
public class CredentialService {

    @Autowired
    private VaultTemplate vaultTemplate;

    /**
     *  To Secure Credentials
     * @param credentials
     * @return VaultResponse
     * @throws URISyntaxException
     */
    public void secureCredentials(Credential credentials) throws URISyntaxException {

        vaultTemplate.write("secret/gs-vault-config", credentials);
    }

    /**
     * To Retrieve Credentials
     * @return Credentials
     * @throws URISyntaxException
     */
    public Credential accessCredentials() throws URISyntaxException {

        VaultResponseSupport<Credential> response = vaultTemplate.read("secret/gs-vault-config", Credential.class);
        return response.getData();
    }

}

DemoVaultApplication.java

package com.example.vault.demoVault;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
public class DemoVaultApplication{

    public static void main(String[] args) {
        SpringApplication.run(DemoVaultApplication.class, args);
    }
}

VaultConfig.java

package com.example.vault.demoVault;

import org.springframework.context.annotation.Configuration;
import org.springframework.vault.authentication.ClientAuthentication;
import org.springframework.vault.authentication.TokenAuthentication;
import org.springframework.vault.client.VaultEndpoint;
import org.springframework.vault.config.AbstractVaultConfiguration;

/**
 * Example class to configure Vault beans using AbstractVaultConfiguration
 *
 */
@Configuration
public class VaultConfig extends AbstractVaultConfiguration {

    @Override
    public VaultEndpoint vaultEndpoint() {
        VaultEndpoint endpoint = new VaultEndpoint();
        endpoint.setScheme("http");
        return new VaultEndpoint();
    }

    @Override
    public ClientAuthentication clientAuthentication() {
        return new TokenAuthentication("00000000-0000-0000-0000-000000000000");
    }
}

VaultRestController.java

package com.example.vault.demoVault;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import java.net.URISyntaxException;

@RestController
public class VaultRestController {

    @Autowired
    private CredentialService credentialService;

    @GetMapping("/credential")
    public ResponseEntity<Credential> getCredentialEndpoint() throws URISyntaxException {
        Credential credential = credentialService.accessCredentials();
        return new ResponseEntity<Credential>(credential, HttpStatus.OK);
    }
}

pom.xml

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>


    <groupId>com.example.vault</groupId>
    <artifactId>demoVault</artifactId>
    <version>0.0.1-SNAPSHOT</version>

    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.3.2.RELEASE</version>
    </parent>

    <dependencies>

        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-vault-config</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>

    <dependencyManagement>
        <dependencies>
            <dependency>
                <groupId>org.springframework.cloud</groupId>
                <artifactId>spring-cloud-dependencies</artifactId>
                <version>${spring-cloud.version}</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
        </dependencies>
    </dependencyManagement>

    <properties>
        <java.version>1.8</java.version>
        <spring-cloud.version>Hoxton.SR9</spring-cloud.version>
    </properties>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>

</project>

当我运行这个项目时出现错误

2021-01-25 20:46:26.856 ERROR 66844 --- [           main] o.s.boot.SpringApplication               : Application run failed

org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'vaultPropertySourceLocator' defined in class path resource [org/springframework/cloud/vault/config/VaultBootstrapPropertySourceConfiguration.class]: Unsatisfied dependency expressed through method 'vaultPropertySourceLocator' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'vaultTemplate' defined in class path resource [org/springframework/cloud/vault/config/VaultBootstrapConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.vault.core.VaultTemplate]: Factory method 'vaultTemplate' threw exception; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'vaultSessionManager' defined in class path resource [org/springframework/cloud/vault/config/VaultBootstrapConfiguration.class]: Unsatisfied dependency expressed through method 'vaultSessionManager' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientAuthentication' defined in class path resource [org/springframework/cloud/vault/config/VaultBootstrapConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.vault.authentication.ClientAuthentication]: Factory method 'clientAuthentication' threw exception; nested exception is java.lang.IllegalArgumentException: Token (spring.cloud.vault.token) must not be empty
    at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:797) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:538) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1336) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1176) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:556) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:516) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:324) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    .
    . //frames omitted due to length constraint
    .
    at com.example.vault.demoVault.DemoVaultApplication.main(DemoVaultApplication.java:10) [classes/:na]
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'vaultTemplate' defined in class path resource [org/springframework/cloud/vault/config/VaultBootstrapConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.vault.core.VaultTemplate]: Factory method 'vaultTemplate' threw exception; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'vaultSessionManager' defined in class path resource [org/springframework/cloud/vault/config/VaultBootstrapConfiguration.class]: Unsatisfied dependency expressed through method 'vaultSessionManager' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientAuthentication' defined in class path resource [org/springframework/cloud/vault/config/VaultBootstrapConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.vault.authentication.ClientAuthentication]: Factory method 'clientAuthentication' threw exception; nested exception is java.lang.IllegalArgumentException: Token (spring.cloud.vault.token) must not be empty
    at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:655) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:483) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1336) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    .
    . //frames omitted due to length constraint
    .
    ... 31 common frames omitted
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.vault.core.VaultTemplate]: Factory method 'vaultTemplate' threw exception; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'vaultSessionManager' defined in class path resource [org/springframework/cloud/vault/config/VaultBootstrapConfiguration.class]: Unsatisfied dependency expressed through method 'vaultSessionManager' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientAuthentication' defined in class path resource [org/springframework/cloud/vault/config/VaultBootstrapConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.vault.authentication.ClientAuthentication]: Factory method 'clientAuthentication' threw exception; nested exception is java.lang.IllegalArgumentException: Token (spring.cloud.vault.token) must not be empty
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:650) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    ... 45 common frames omitted
Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'vaultSessionManager' defined in class path resource [org/springframework/cloud/vault/config/VaultBootstrapConfiguration.class]: Unsatisfied dependency expressed through method 'vaultSessionManager' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientAuthentication' defined in class path resource [org/springframework/cloud/vault/config/VaultBootstrapConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.vault.authentication.ClientAuthentication]: Factory method 'clientAuthentication' threw exception; nested exception is java.lang.IllegalArgumentException: Token (spring.cloud.vault.token) must not be empty
    at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:797) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:538) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1336) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1176) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:556) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    .
    . //frames omitted due to length constraint
    .
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    ... 46 common frames omitted
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientAuthentication' defined in class path resource [org/springframework/cloud/vault/config/VaultBootstrapConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.vault.authentication.ClientAuthentication]: Factory method 'clientAuthentication' threw exception; nested exception is java.lang.IllegalArgumentException: Token (spring.cloud.vault.token) must not be empty
    at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:655) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:483) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    .
    . //frames omitted due to length constraint
    .
    ... 66 common frames omitted
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.vault.authentication.ClientAuthentication]: Factory method 'clientAuthentication' threw exception; nested exception is java.lang.IllegalArgumentException: Token (spring.cloud.vault.token) must not be empty
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:650) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    ... 80 common frames omitted
Caused by: java.lang.IllegalArgumentException: Token (spring.cloud.vault.token) must not be empty
    at org.springframework.util.Assert.hasText(Assert.java:287) ~[spring-core-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    at org.springframework.cloud.vault.config.ClientAuthenticationFactory.createClientAuthentication(ClientAuthenticationFactory.java:143) ~[spring-cloud-vault-config-2.2.6.RELEASE.jar:2.2.6.RELEASE]
    at org.springframework.cloud.vault.config.VaultBootstrapConfiguration.clientAuthentication(VaultBootstrapConfiguration.java:248) ~[spring-cloud-vault-config-2.2.6.RELEASE.jar:2.2.6.RELEASE]
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_251]
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_251]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_251]
    at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_251]
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~[spring-beans-5.2.8.RELEASE.jar:5.2.8.RELEASE]
    ... 81 common frames omitted


Process finished with exit code 1

现在,根据我的理解,由于我从 VaultConfig.java 扩展了我的 AbstractVaultConfiguration,因此我不需要 bootstrap.properties 文件来配置我的保险库客户端应用程序,spring 会选择设置这些配置并自行处理它,但显然这不会发生并且应用程序无法启动,因为显然它需要那些 bootstrap.properties 配置。看来我的应用程序没有注意到我的 VaultConfig,我在其中设置了一个简单的端点以通过 http 工作并使用我的根令牌进行身份验证。我在这里错过了什么吗?我无法弄清楚查看互联网上的示例

如果应用程序确实需要这样的 bootstrap.properties

spring.application.name=gs-vault-config
spring.cloud.vault.token=00000000-0000-0000-0000-000000000000
spring.cloud.vault.scheme=http
spring.cloud.vault.kv.enabled=true

那么 VaultConfig 和 AbstractVaultConfiguration 的意义何在?

此外,当我将 bootstrap.properties 文件放入我的项目时,应用程序会启动并且我特别提到了属性 spring.cloud.vault.scheme=http 但是当我调用我的端点时它仍然给了我

javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection

期待 https 调用的错误,我也不明白为什么。

感谢任何帮助。提前致谢

0 个答案:

没有答案