如何从 azure-key-vault 加载 bean 属性值

Question

Answer 1

我尝试使用下面的代码在 Spring boot 中使用驼峰从 Azure Key Vault 加载 bean 值。

代码：

KeyVaultConfig.java：

package com.example.demo._8.config;
import com.azure.identity.ClientSecretCredential;
import com.azure.identity.ClientSecretCredentialBuilder;
import com.azure.security.keyvault.secrets.SecretClient;
import com.azure.security.keyvault.secrets.SecretClientBuilder;
import com.example.demo._8.model.Shape;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class KeyVaultConfig {
    @Value("${azure.keyvault.vault-url}")
    private String vaultUrl;
    @Value("${azure.keyvault.client-id}")
    private String clientId;
    @Value("${azure.keyvault.client-secret}")
    private String clientSecret;
    @Value("${azure.keyvault.tenant-id}")
    private String tenantId;

    @Bean
    public SecretClient secretClient() {
        ClientSecretCredential clientSecretCredential = new ClientSecretCredentialBuilder()
                .clientId(clientId)
                .clientSecret(clientSecret)
                .tenantId(tenantId)
                .build();
        return new SecretClientBuilder()
                .vaultUrl(vaultUrl)
                .credential(clientSecretCredential)
                .buildClient();
    }
    @Bean(name = "shape1")
    public Shape shape1() {
        String type = secretClient().getSecret("type").getValue();
        String color = secretClient().getSecret("color").getValue();
        Shape shape = new Shape();
        shape.setType(type);
        shape.setColor(color);
        return shape;
    }
}

ShapeController.java：

package com.example.demo._8.controller;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import com.example.demo._8.model.Shape;

@RestController
public class ShapeController {
    @Autowired
    @Qualifier("shape1")
    private Shape shape;
    @GetMapping("/")
    public String getShapeDetails() {
        return "Shape details: Type - " + shape.getType() + ", Color - " + shape.getColor();
    }
}

Shape.java：

package com.example.demo._8.model;
public class Shape1 {
    private String type;
    private String color;
    public String getType() {
        return type;
    }
    public void setType(String type) {
        this.type = type;
    }
    public String getColor() {
        return color;
    }
    public void setColor(String color) {
        this.color = color;
    }
}

应用程序属性：

server.port=8080
azure.keyvault.vault-url=https://<keyvault_name>.vault.azure.net/
azure.keyvault.client-id=<client_ID>
azure.keyvault.client-secret=<clin_secret>
azure.keyvault.tenant-id=<tenant_ID>

pom.xml：

<dependencies>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <dependency>
        <groupId>com.azure</groupId>
        <artifactId>azure-security-keyvault-secrets</artifactId>
        <version>4.6.0</version> 
    </dependency>
    <dependency>
        <groupId>com.azure</groupId>
        <artifactId>azure-identity</artifactId>
        <version>1.5.4</version> 
    </dependency>
    <dependency>
        <groupId>org.apache.camel.springboot</groupId>
        <artifactId>camel-spring-boot-starter</artifactId>
        <version>4.6.0</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-test</artifactId>
        <scope>test</scope>
    </dependency>
</dependencies>

我在访问策略中授予了对我的 Azure AD 应用程序的访问权限，以从 Azure Key Vault 中读取机密，如下所示，

enter image description here