spring approleauthentication出错-uri不是绝对的

avwztpqn  于 2021-07-13  发布在  Java
关注(0)|答案(1)|浏览(297)

我正试图用适当的身份验证从保险库检索秘密。但我得到了一个错误:
java.lang.illegalargumentexception:uri不是绝对的
我要做的是创建一个vaultendpoint,然后根据选择的方法使用token身份验证或approle身份验证。令牌身份验证没有问题,但是每当我尝试检索一个秘密,甚至让vaulttoken使用approle登录时,uri不是绝对错误。
我见过很多人https://docs.oracle.com/javase/8/docs/api/java/net/uri.html uri在指定方案时是绝对的,否则它是相对的。但是我认为我的uri指定了一个方案。
所以我有点迷路了。有人知道我做错了什么吗?或者我为什么会犯这个错误?
我使用spring-vault-core-2.2.0.release
这是我的密码:

VaultEndpoint ep = VaultEndpoint.create(host, portInt);
    if (scheme != null) {
        ep.setScheme(scheme);
    }

    if (authMethod.equals("token")) {
        vaultTemplate = new VaultTemplate(ep, new TokenAuthentication(token));

    } else if (authMethod.equals("appRole")) {

        RestOperations restOperations = VaultClients.createRestTemplate();

        AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
                .roleId(AppRoleAuthenticationOptions.RoleId.provided(roleId))
                .secretId(AppRoleAuthenticationOptions.SecretId.wrapped(VaultToken.of(secretId))).build();

        vaultTemplate = new VaultTemplate(ep, new AppRoleAuthentication(options, restOperations));
    }
  }

如果尝试获取vaulttoken,则会出现相同的错误:

RestOperations restOperations = VaultClients.createRestTemplate();
        AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
                .roleId(AppRoleAuthenticationOptions.RoleId.provided(roleId))
                .secretId(AppRoleAuthenticationOptions.SecretId.wrapped(VaultToken.of(uncryptedSecretId))).build();

        AppRoleAuthentication appRoleAuth = new AppRoleAuthentication(options, restOperations);
        VaultToken appRoleToken = appRoleAuth.login();

错误如下:

java.lang.IllegalArgumentException: URI is not absolute
    at java.net.URI.toURL(Unknown Source)
    at org.springframework.http.client.SimpleClientHttpRequestFactory.createRequest(SimpleClientHttpRequestFactory.java:145)
    at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:98)
    at org.springframework.vault.client.VaultClients.lambda$createRestTemplate$0(VaultClients.java:128)
    at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93)
    at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77)
    at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
    at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53)
    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:742)
    at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:677)
    at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:586)
    at org.springframework.vault.authentication.AppRoleAuthentication.getSecretId(AppRoleAuthentication.java:305)
    at org.springframework.vault.authentication.AppRoleAuthentication.getAppRoleLoginBody(AppRoleAuthentication.java:344)
    at org.springframework.vault.authentication.AppRoleAuthentication.createTokenUsingAppRole(AppRoleAuthentication.java:201)
    at org.springframework.vault.authentication.AppRoleAuthentication.login(AppRoleAuthentication.java:191)

更新

在进一步调查之后,问题是我如何示例化rest模板。我将spring上下文库添加到我的项目中,并实现了abstractvaultconfiguration类。这个类包含一个restoperations()函数,它解决了我的问题。
我就是这样解决问题的:

public class AppRoleAuthenticationService extends AbstractVaultConfiguration {

private String roleId;
private String secretId;
private String host;
private String scheme;
private String port;

public AppRoleAuthenticationService(String roleId, String secretId, String host, String scheme, String port) {
    this.roleId = roleId;
    this.secretId = secretId;
    this.host = host;
    this.scheme = scheme;
    this.port = port;
}

@Override
public VaultEndpoint vaultEndpoint() {
    int portInt = Integer.parseInt(port);
    VaultEndpoint ep = VaultEndpoint.create(host, portInt);
    if (scheme != null) {
        ep.setScheme(scheme);
    }

    return ep;
}

@Override
public ClientAuthentication clientAuthentication() {

    AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
            .roleId(AppRoleAuthenticationOptions.RoleId.provided(roleId))
            .secretId(AppRoleAuthenticationOptions.SecretId.provided(secretId)).build();

    return new AppRoleAuthentication(options, restOperations());
}

}
然后用这个类:

AppRoleAuthenticationService appRoleAuth = new AppRoleAuthenticationService(roleId, 
      uncryptedSecretId, host, scheme, port);
VaultEndpoint vaultEp = appRoleAuth.vaultEndpoint();
ClientAuthentication auth = appRoleAuth.clientAuthentication();

vaultTemplate = new VaultTemplate(vaultEp, auth);
Javaspringhashicorp-vaultspring-vault

1条答案

按热度按时间
vmdwslir

vmdwslir1#

我设法解决了我的问题,我更新了原来的帖子来分享答案。

赞(0)分享  回复(0)举报  2021-07-13
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备2022004421号-2 NULL123 https://www.null123.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com