Update SessionManager implementation for non-renewable tokensΒ #863
Description
My organization has a vault policy which does not allow renewal of vault tokens. Therefore I am looking into creating a custom implementation of SessionManager which regenerates the token rather than attempting to renew. I have a simple implementation which seems to work:
Component
@Slf4j
public class VaultCustomSessionManager implements SessionManager {
private Optional<VaultToken> actualToken = Optional.empty();
private Optional<Long> expirationTime = Optional.empty();
private final ClientAuthentication clientAuthentication;
public VaultCustomSessionManager(final ClientAuthentication clientAuthentication) {
this.clientAuthentication = clientAuthentication;
}
@Synchronized
@Override
public VaultToken getSessionToken() {
boolean isExpired = this.expirationTime.map(expiration -> expiration < System.currentTimeMillis()).orElse(false);
if (this.actualToken.isEmpty() || isExpired) {
VaultToken newToken = this.clientAuthentication.login();
if (newToken instanceof LoginToken loginToken) {
this.expirationTime = Optional.of(System.currentTimeMillis() + loginToken.getLeaseDuration().toMillis());
} else {
// default duration to zero - do not refresh
this.expirationTime = Optional.empty();
}
this.actualToken = Optional.of(newToken);
}
return this.actualToken.get();
}
}
Is this something that could be contributed back as an autoconfiguration option for those who cannot renew tokens?