add possibility to pass preconfigured http client to reuse http/tls resources for consequent requests (#44)

Author: samfrown

src/main/java/io/github/jopenlibs/vault/VaultConfig.java

@@ -1,6 +1,7 @@
 package io.github.jopenlibs.vault;
 
 import java.io.Serializable;
+import java.net.http.HttpClient;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 
@@ -43,6 +44,7 @@ public class VaultConfig implements Serializable {
     private Integer globalEngineVersion;
     private String nameSpace;
     private EnvironmentLoader environmentLoader;
+    private HttpClient httpClient;
 
     /**
      * <p>The code used to load environment variables is encapsulated here, so that a mock version
@@ -278,6 +280,19 @@ public VaultConfig prefixPath(String prefixPath) {
         return prefixPathDepth(countElements + 1);
     }
 
+    /**
+     * <p>Set a preconfigured HttpClient instance to use by REST API calls. This allows to reuse
+     * http resources (connections, worker threads) between calls. If a preconfigured HttpClient is specified, then
+     * sslConfig and openTimeout values passed to VaultConfig are ignored.
+     *
+     * @param httpClient preconfigured http client instance
+     * @return VaultConfig
+     */
+    public VaultConfig httpClient(HttpClient httpClient) {
+        this.httpClient = httpClient;
+        return this;
+    }
+
     /**
      * <p>Sets the maximum number of times that an API operation will retry upon failure.</p>
      *
@@ -318,7 +333,6 @@ void setEngineVersion(final Integer engineVersion) {
         this.globalEngineVersion = engineVersion;
     }
 
-
     /**
      * <p>This is the terminating method in the builder pattern.  The method that validates all of
      * the fields that has been set already, uses environment variables when available to populate
@@ -414,4 +428,8 @@ public String getNameSpace() {
     public int getPrefixPathDepth() {
         return prefixPathDepth;
     }
+
+    public HttpClient getHttpClient() {
+        return httpClient;
+    }
 }

src/main/java/io/github/jopenlibs/vault/api/Auth.java

@@ -11,7 +11,6 @@
 import io.github.jopenlibs.vault.response.LookupResponse;
 import io.github.jopenlibs.vault.response.UnwrapResponse;
 import io.github.jopenlibs.vault.response.WrapResponse;
-import io.github.jopenlibs.vault.rest.Rest;
 import io.github.jopenlibs.vault.rest.RestResponse;
 import java.io.Serializable;
 import java.nio.charset.StandardCharsets;
@@ -376,7 +375,7 @@ public AuthResponse createToken(final TokenRequest tokenRequest, final String to
             final String url = urlBuilder.toString();
 
             // HTTP request to Vault
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(url)
                     .header("X-Vault-Token", config.getToken())
                     .header("X-Vault-Namespace", this.nameSpace)
@@ -437,7 +436,7 @@ public AuthResponse loginByAppID(final String path, final String appId, final St
             // HTTP request to Vault
             final String requestJson = Json.object().add("app_id", appId).add("user_id", userId)
                     .toString();
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/auth/" + path)
                     .header("X-Vault-Namespace", this.nameSpace)
                     .body(requestJson.getBytes(StandardCharsets.UTF_8))
@@ -525,7 +524,7 @@ public AuthResponse loginByAppRole(final String path, final String roleId,
             // HTTP request to Vault
             final String requestJson = Json.object().add("role_id", roleId)
                     .add("secret_id", secretId).toString();
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/auth/" + path + "/login")
                     .header("X-Vault-Namespace", this.nameSpace)
                     .header("X-Vault-Request", "true")
@@ -602,7 +601,7 @@ public AuthResponse loginByUserPass(final String username, final String password
         return retry(attempt -> {
             // HTTP request to Vault
             final String requestJson = Json.object().add("password", password).toString();
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/auth/" + mount + "/login/" + username)
                     .header("X-Vault-Namespace", this.nameSpace)
                     .header("X-Vault-Request", "true")
@@ -721,7 +720,7 @@ public AuthResponse loginByAwsEc2(final String role, final String identity,
             }
             final String requestJson = request.toString();
 
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/auth/" + mount + "/login")
                     .body(requestJson.getBytes(StandardCharsets.UTF_8))
                     .header("X-Vault-Namespace", this.nameSpace)
@@ -789,7 +788,7 @@ public AuthResponse loginByAwsEc2(final String role, final String pkcs7, final S
                 request.add("nonce", nonce);
             }
             final String requestJson = request.toString();
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/auth/" + mount + "/login")
                     .header("X-Vault-Namespace", this.nameSpace)
                     .header("X-Vault-Request", "true")
@@ -866,7 +865,7 @@ public AuthResponse loginByAwsIam(final String role, final String iamRequestUrl,
                 request.add("role", role);
             }
             final String requestJson = request.toString();
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/auth/" + mount + "/login")
                     .header("X-Vault-Namespace", this.nameSpace)
                     .header("X-Vault-Request", "true")
@@ -939,7 +938,7 @@ public AuthResponse loginByGithub(final String githubToken, final String githubA
         return retry(attempt -> {
             // HTTP request to Vault
             final String requestJson = Json.object().add("token", githubToken).toString();
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/auth/" + mount + "/login")
                     .header("X-Vault-Namespace", this.nameSpace)
                     .header("X-Vault-Request", "true")
@@ -1020,7 +1019,7 @@ public AuthResponse loginByJwt(final String provider, final String role, final S
             // HTTP request to Vault
             final String requestJson = Json.object().add("role", role).add("jwt", jwt)
                     .toString();
-            final RestResponse restResponse = new Rest()
+            final RestResponse restResponse = getRest()
                     .url(config.getAddress() + "/v1/" + authPath + "/login")
                     .header("X-Vault-Namespace", this.nameSpace)
                     .header("X-Vault-Request", "true")
@@ -1179,7 +1178,7 @@ public AuthResponse loginByCert(final String certAuthMount) throws VaultExceptio
         final String mount = certAuthMount != null ? certAuthMount : "cert";
 
         return retry(attempt -> {
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/auth/" + mount + "/login")
                     .header("X-Vault-Namespace", this.nameSpace)
                     .header("X-Vault-Request", "true")
@@ -1251,7 +1250,7 @@ public AuthResponse renewSelf(final long increment, final String tokenAuthMount)
         return retry(attempt -> {
             // HTTP request to Vault
             final String requestJson = Json.object().add("increment", increment).toString();
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/auth/" + mount + "/renew-self")
                     .header("X-Vault-Token", config.getToken())
                     .header("X-Vault-Namespace", this.nameSpace)
@@ -1307,7 +1306,7 @@ public LookupResponse lookupSelf(final String tokenAuthMount) throws VaultExcept
 
         return retry(attempt -> {
             // HTTP request to Vault
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/auth/" + mount + "/lookup-self")
                     .header("X-Vault-Token", config.getToken())
                     .header("X-Vault-Namespace", this.nameSpace)
@@ -1384,7 +1383,7 @@ public void revokeSelf(final String tokenAuthMount) throws VaultException {
 
         retry(attempt -> {
             // HTTP request to Vault
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/auth/" + mount + "/revoke-self")
                     .header("X-Vault-Token", config.getToken())
                     .header("X-Vault-Namespace", this.nameSpace)

src/main/java/io/github/jopenlibs/vault/api/Debug.java

@@ -94,7 +94,7 @@ public HealthResponse health(
 
         return retry(attempt -> {
             // Build an HTTP request for Vault
-            final Rest rest = new Rest()//NOPMD
+            final Rest rest = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/" + path)
                     .header("X-Vault-Token", config.getToken())
                     .header("X-Vault-Namespace", this.nameSpace)

src/main/java/io/github/jopenlibs/vault/api/Logical.java

@@ -6,7 +6,6 @@
 import io.github.jopenlibs.vault.json.JsonObject;
 import io.github.jopenlibs.vault.json.JsonValue;
 import io.github.jopenlibs.vault.response.LogicalResponse;
-import io.github.jopenlibs.vault.rest.Rest;
 import io.github.jopenlibs.vault.rest.RestResponse;
 import java.nio.charset.StandardCharsets;
 import java.util.Arrays;
@@ -85,7 +84,7 @@ private LogicalResponse read(final String path, final logicalOperations operatio
             throws VaultException {
         return retry(attempt -> {
             // Make an HTTP request to Vault
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/" + adjustPathForReadOrWrite(path,
                             config.getPrefixPathDepth(), operation))
                     .header("X-Vault-Token", config.getToken())
@@ -142,7 +141,7 @@ public LogicalResponse read(final String path, Boolean shouldRetry, final Intege
                 attempt -> {
                     // Make an HTTP request to Vault
                     final RestResponse restResponse =
-                            new Rest() //NOPMD
+                            getRest() //NOPMD
                                     .url(config.getAddress() + "/v1/" + adjustPathForReadOrWrite(
                                             path,
                                             config.getPrefixPathDepth(), logicalOperations.readV2))
@@ -275,7 +274,7 @@ private LogicalResponse write(final String path, final Map<String, Object> nameV
                 }
             }
             // Make an HTTP request to Vault
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/" + adjustPathForReadOrWrite(path,
                             config.getPrefixPathDepth(), operation))
                     .body(jsonObjectToWriteFromEngineVersion(operation, requestJson).toString()
@@ -368,7 +367,7 @@ private LogicalResponse delete(final String path, final Logical.logicalOperation
             throws VaultException {
         return retry(attempt -> {
             // Make an HTTP request to Vault
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/" + adjustPathForDelete(path,
                             config.getPrefixPathDepth(), operation))
                     .header("X-Vault-Token", config.getToken())
@@ -418,7 +417,7 @@ public LogicalResponse delete(final String path, final int[] versions) throws Va
         return retry(attempt -> {
             // Make an HTTP request to Vault
             JsonObject versionsToDelete = new JsonObject().add("versions", versions);
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/" + adjustPathForVersionDelete(path,
                             config.getPrefixPathDepth()))
                     .header("X-Vault-Token", config.getToken())
@@ -478,7 +477,7 @@ public LogicalResponse unDelete(final String path, final int[] versions) throws
         return retry(attempt -> {
             // Make an HTTP request to Vault
             JsonObject versionsToUnDelete = new JsonObject().add("versions", versions);
-            final RestResponse restResponse = new Rest() //NOPMD
+            final RestResponse restResponse = getRest() //NOPMD
                     .url(config.getAddress() + "/v1/" + adjustPathForVersionUnDelete(path,
                             config.getPrefixPathDepth()))
                     .header("X-Vault-Token", config.getToken())
@@ -525,7 +524,7 @@ public LogicalResponse destroy(final String path, final int[] versions) throws V
         return retry(attempt -> {
             // Make an HTTP request to Vault
             JsonObject versionsToDestroy = new JsonObject().add("versions", versions);
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/" + adjustPathForVersionDestroy(path,
                             config.getPrefixPathDepth()))
                     .header("X-Vault-Token", config.getToken())
@@ -562,7 +561,7 @@ public LogicalResponse upgrade(final String kvPath) throws VaultException {
             // Make an HTTP request to Vault
             JsonObject kvToUpgrade = new JsonObject().add("options",
                     new JsonObject().add("version", 2));
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(config.getAddress() + "/v1/sys/mounts/" + (kvPath.replaceAll("/", "")
                             + "/tune"))
                     .header("X-Vault-Token", config.getToken())

src/main/java/io/github/jopenlibs/vault/api/OperationsBase.java

@@ -2,6 +2,7 @@
 
 import io.github.jopenlibs.vault.VaultConfig;
 import io.github.jopenlibs.vault.VaultException;
+import io.github.jopenlibs.vault.rest.Rest;
 
 
 /**
@@ -45,6 +46,10 @@ static <T> T retry(final EndpointOperation<T> op, int retryCount, long retryInte
         }
     }
 
+    protected Rest getRest() {
+        return new Rest(config.getHttpClient());
+    }
+
     public interface EndpointOperation<T> {
 
         /**
@@ -64,4 +69,5 @@ private static void sleep(long delay) {
             e.printStackTrace();
         }
     }
+
 }

src/main/java/io/github/jopenlibs/vault/api/database/Database.java

@@ -6,7 +6,6 @@
 import io.github.jopenlibs.vault.json.Json;
 import io.github.jopenlibs.vault.json.JsonObject;
 import io.github.jopenlibs.vault.response.DatabaseResponse;
-import io.github.jopenlibs.vault.rest.Rest;
 import io.github.jopenlibs.vault.rest.RestResponse;
 import java.nio.charset.StandardCharsets;
 import java.util.List;
@@ -91,7 +90,7 @@ public DatabaseResponse createOrUpdateRole(final String roleName,
         return retry(attempt -> {
             final String requestJson = roleOptionsToJson(options);
 
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(String.format("%s/v1/%s/roles/%s", config.getAddress(), this.mountPath,
                             roleName))
                     .header("X-Vault-Token", config.getToken())
@@ -137,7 +136,7 @@ public DatabaseResponse createOrUpdateRole(final String roleName,
      */
     public DatabaseResponse getRole(final String roleName) throws VaultException {
         return retry(attempt -> {
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(String.format("%s/v1/%s/roles/%s", config.getAddress(), this.mountPath,
                             roleName))
                     .header("X-Vault-Token", config.getToken())
@@ -190,7 +189,7 @@ public DatabaseResponse revoke(final String serialNumber) throws VaultException
             }
             final String requestJson = jsonObject.toString();
 
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(String.format("%s/v1/%s/revoke", config.getAddress(), this.mountPath))
                     .header("X-Vault-Token", config.getToken())
                     .header("X-Vault-Namespace", this.nameSpace)
@@ -235,7 +234,7 @@ public DatabaseResponse revoke(final String serialNumber) throws VaultException
      */
     public DatabaseResponse deleteRole(final String roleName) throws VaultException {
         return retry(attempt -> {
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(String.format("%s/v1/%s/roles/%s", config.getAddress(), this.mountPath,
                             roleName))
                     .header("X-Vault-Token", config.getToken())
@@ -282,7 +281,7 @@ public DatabaseResponse deleteRole(final String roleName) throws VaultException
      */
     public DatabaseResponse creds(final String roleName) throws VaultException {
         return retry(attempt -> {
-            final RestResponse restResponse = new Rest()//NOPMD
+            final RestResponse restResponse = getRest()//NOPMD
                     .url(String.format("%s/v1/%s/creds/%s", config.getAddress(), this.mountPath,
                             roleName))
                     .header("X-Vault-Token", config.getToken())