diff --git a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultKeyStore.java b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultKeyStore.java index ee2d5c23cf7c..2af5c6c0af61 100644 --- a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultKeyStore.java +++ b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultKeyStore.java @@ -182,16 +182,19 @@ public static KeyStore getKeyVaultKeyStoreBySystemProperty() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException { KeyStore keyStore = KeyStore.getInstance(KeyVaultJcaProvider.PROVIDER_NAME); - KeyVaultLoadStoreParameter keyVaultLoadStoreParameter = new KeyVaultLoadStoreParameter( - System.getProperty("azure.keyvault.uri"), System.getProperty("azure.keyvault.tenant-id"), - System.getProperty("azure.keyvault.client-id"), System.getProperty("azure.keyvault.client-secret"), - System.getProperty("azure.keyvault.managed-identity"), System.getProperty("azure.keyvault.access-token")); + KeyVaultLoadStoreParameter.Builder builder + = KeyVaultLoadStoreParameter.createBuilder(System.getProperty("azure.keyvault.uri")) + .tenantId(System.getProperty("azure.keyvault.tenant-id")) + .clientId(System.getProperty("azure.keyvault.client-id")) + .clientSecret(System.getProperty("azure.keyvault.client-secret")) + .managedIdentity(System.getProperty("azure.keyvault.managed-identity")) + .accessToken(System.getProperty("azure.keyvault.access-token")); if (Boolean.parseBoolean(System.getProperty("azure.keyvault.disable-challenge-resource-verification"))) { - keyVaultLoadStoreParameter.disableChallengeResourceVerification(); + builder.disableChallengeResourceVerification(); } - keyStore.load(keyVaultLoadStoreParameter); + keyStore.load(builder.build()); return keyStore; } diff --git a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultLoadStoreParameter.java b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultLoadStoreParameter.java index 1b75896e2a22..2ef64cc3b4bb 100644 --- a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultLoadStoreParameter.java +++ b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultLoadStoreParameter.java @@ -50,9 +50,11 @@ public final class KeyVaultLoadStoreParameter implements KeyStore.LoadStoreParam * Constructor. * * @param keyVaultUri The Azure Key Vault URI. + * @deprecated Use {@link #createBuilder(String)} instead for a more flexible and maintainable API. */ + @Deprecated public KeyVaultLoadStoreParameter(String keyVaultUri) { - this(keyVaultUri, null, null, null, null, null); + this(new Builder(keyVaultUri)); } /** @@ -60,9 +62,11 @@ public KeyVaultLoadStoreParameter(String keyVaultUri) { * * @param keyVaultUri The Azure Key Vault URI. * @param managedIdentity The managed identity. + * @deprecated Use {@link #createBuilder(String)} instead for a more flexible and maintainable API. */ + @Deprecated public KeyVaultLoadStoreParameter(String keyVaultUri, String managedIdentity) { - this(keyVaultUri, null, null, null, managedIdentity, null); + this(new Builder(keyVaultUri).managedIdentity(managedIdentity)); } /** @@ -72,9 +76,11 @@ public KeyVaultLoadStoreParameter(String keyVaultUri, String managedIdentity) { * @param tenantId The tenant id. * @param clientId The client id. * @param clientSecret The client secret. + * @deprecated Use {@link #createBuilder(String)} instead for a more flexible and maintainable API. */ + @Deprecated public KeyVaultLoadStoreParameter(String keyVaultUri, String tenantId, String clientId, String clientSecret) { - this(keyVaultUri, tenantId, clientId, clientSecret, null, null); + this(new Builder(keyVaultUri).tenantId(tenantId).clientId(clientId).clientSecret(clientSecret)); } /** @@ -85,31 +91,30 @@ public KeyVaultLoadStoreParameter(String keyVaultUri, String tenantId, String cl * @param clientId The client id. * @param clientSecret The client secret. * @param managedIdentity The managed identity. + * @deprecated Use {@link #createBuilder(String)} instead for a more flexible and maintainable API. */ + @Deprecated public KeyVaultLoadStoreParameter(String keyVaultUri, String tenantId, String clientId, String clientSecret, String managedIdentity) { - this(keyVaultUri, tenantId, clientId, clientSecret, managedIdentity, null); + this(new Builder(keyVaultUri).tenantId(tenantId) + .clientId(clientId) + .clientSecret(clientSecret) + .managedIdentity(managedIdentity)); } /** - * Constructor. + * Private constructor used by the builder. * - * @param keyVaultUri The Azure Key Vault URI. - * @param tenantId The tenant id. - * @param clientId The client id. - * @param clientSecret The client secret. - * @param managedIdentity The managed identity. - * @param accessToken The access token. + * @param builder The builder instance. */ - public KeyVaultLoadStoreParameter(String keyVaultUri, String tenantId, String clientId, String clientSecret, - String managedIdentity, String accessToken) { - - this.keyVaultUri = keyVaultUri; - this.tenantId = tenantId; - this.clientId = clientId; - this.clientSecret = clientSecret; - this.managedIdentity = managedIdentity; - this.accessToken = accessToken; + private KeyVaultLoadStoreParameter(Builder builder) { + this.keyVaultUri = builder.keyVaultUri; + this.tenantId = builder.tenantId; + this.clientId = builder.clientId; + this.clientSecret = builder.clientSecret; + this.managedIdentity = builder.managedIdentity; + this.accessToken = builder.accessToken; + this.disableChallengeResourceVerification = builder.disableChallengeResourceVerification; } /** @@ -154,7 +159,7 @@ public String getManagedIdentity() { * * @return The access token. */ - public String getAccessToken() { + String getAccessToken() { return accessToken; } @@ -193,4 +198,116 @@ boolean isChallengeResourceVerificationDisabled() { public void disableChallengeResourceVerification() { disableChallengeResourceVerification = true; } + + /** + * Creates a new builder instance for constructing KeyVaultLoadStoreParameter. + * + * @param keyVaultUri The Azure Key Vault URI (required). + * @return A new builder instance. + */ + public static Builder createBuilder(String keyVaultUri) { + return new Builder(keyVaultUri); + } + + /** + * Builder class for constructing KeyVaultLoadStoreParameter instances with a fluent API. + * This provides a clearer and more maintainable way to create instances compared to + * multiple overloaded constructors. + */ + public static final class Builder { + private final String keyVaultUri; + private String tenantId; + private String clientId; + private String clientSecret; + private String managedIdentity; + private String accessToken; + private boolean disableChallengeResourceVerification = false; + + /** + * Creates a new builder with the required Key Vault URI. + * + * @param keyVaultUri The Azure Key Vault URI (required). + */ + private Builder(String keyVaultUri) { + if (keyVaultUri == null) { + throw new IllegalArgumentException("keyVaultUri cannot be null"); + } + this.keyVaultUri = keyVaultUri; + } + + /** + * Sets the tenant id for authentication. + * + * @param tenantId The tenant id. + * @return This builder instance. + */ + public Builder tenantId(String tenantId) { + this.tenantId = tenantId; + return this; + } + + /** + * Sets the client id for authentication. + * + * @param clientId The client id. + * @return This builder instance. + */ + public Builder clientId(String clientId) { + this.clientId = clientId; + return this; + } + + /** + * Sets the client secret for authentication. + * + * @param clientSecret The client secret. + * @return This builder instance. + */ + public Builder clientSecret(String clientSecret) { + this.clientSecret = clientSecret; + return this; + } + + /** + * Sets the managed identity for authentication. + * + * @param managedIdentity The user-assigned managed identity. + * @return This builder instance. + */ + public Builder managedIdentity(String managedIdentity) { + this.managedIdentity = managedIdentity; + return this; + } + + /** + * Sets the access token for authentication. + * + * @param accessToken The access token. + * @return This builder instance. + */ + public Builder accessToken(String accessToken) { + this.accessToken = accessToken; + return this; + } + + /** + * Disables verifying if the authentication challenge resource matches the Key Vault or + * Managed HSM domain. This verification is performed by default. + * + * @return This builder instance. + */ + public Builder disableChallengeResourceVerification() { + this.disableChallengeResourceVerification = true; + return this; + } + + /** + * Builds and returns a new KeyVaultLoadStoreParameter instance with the configured values. + * + * @return A new KeyVaultLoadStoreParameter instance. + */ + public KeyVaultLoadStoreParameter build() { + return new KeyVaultLoadStoreParameter(this); + } + } } diff --git a/sdk/keyvault/azure-security-keyvault-jca/src/test/java/com/azure/security/keyvault/jca/KeyVaultKeyStoreTest.java b/sdk/keyvault/azure-security-keyvault-jca/src/test/java/com/azure/security/keyvault/jca/KeyVaultKeyStoreTest.java index 1199492586c5..c926906b8301 100644 --- a/sdk/keyvault/azure-security-keyvault-jca/src/test/java/com/azure/security/keyvault/jca/KeyVaultKeyStoreTest.java +++ b/sdk/keyvault/azure-security-keyvault-jca/src/test/java/com/azure/security/keyvault/jca/KeyVaultKeyStoreTest.java @@ -31,11 +31,12 @@ public class KeyVaultKeyStoreTest { public static void setEnvironmentProperty() { PropertyConvertorUtils.putEnvironmentPropertyToSystemPropertyForKeyVaultJca(); keystore = new KeyVaultKeyStore(); - KeyVaultLoadStoreParameter parameter - = new KeyVaultLoadStoreParameter(PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_ENDPOINT"), - PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_TENANT_ID"), - PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_CLIENT_ID"), - PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_CLIENT_SECRET")); + KeyVaultLoadStoreParameter parameter = KeyVaultLoadStoreParameter + .createBuilder(PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_ENDPOINT")) + .tenantId(PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_TENANT_ID")) + .clientId(PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_CLIENT_ID")) + .clientSecret(PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_CLIENT_SECRET")) + .build(); certificateName = PropertyConvertorUtils.getPropertyValue("AZURE_KEYVAULT_CERTIFICATE_NAME"); keystore.engineLoad(parameter); }