Uses of Class
org.forgerock.secrets.SecretsProvider
-
Packages that use SecretsProvider Package Description org.forgerock.config.resolvers This package contains the common config property resolvers.org.forgerock.http.oauth2 This package provides APIs for OAuth 2.0 services implementations.org.forgerock.json.jose.jwe Classes and interfaces for JWT encryption and JWEs.org.forgerock.json.jose.jws Classes and interfaces for JWT signing and JWS'.org.forgerock.json.jose.tokenhandler JWT implementation(s) ofTokenHandler
.org.forgerock.macaroons Implementation of Macaroons: Cookies with contextual caveats for decentralized authorization in the cloud. SeeMacaroon
for more details.org.forgerock.oauth.resolvers This package contains classes to generate Open ID Resolvers, which can validate a supplied JWS against an Open ID Connect provider.org.forgerock.oauth.resolvers.service This package contains classes for a service which can be configured to produce OpenID Connect Resolvers.org.forgerock.openam.secrets The AM supporting classes for centrally configuring secrets.org.forgerock.secrets Provides a unified API for accessing secrets of various kinds.org.forgerock.secrets.propertyresolver Provides aSecretStore
implementation that loads secrets from a Common ConfigurationPropertyResolver
and then decodes it with aSecretPropertyFormat
. -
-
Uses of SecretsProvider in org.forgerock.config.resolvers
Methods in org.forgerock.config.resolvers with parameters of type SecretsProvider Modifier and Type Method Description static PropertyResolver
PropertyResolvers. secretsPropertyResolver(SecretsProvider secretsProvider)
Constructs a resolver that looks upGenericSecret
s from the givenSecretsProvider
and converts them to UTF-8 strings. -
Uses of SecretsProvider in org.forgerock.http.oauth2
Fields in org.forgerock.http.oauth2 declared as SecretsProvider Modifier and Type Field Description protected SecretsProvider
PrivateKeyJwtClientAuthenticationFilter.Builder. secretsProvider
SecretsProvider
capable of providing the secret.Methods in org.forgerock.http.oauth2 with parameters of type SecretsProvider Modifier and Type Method Description T
PrivateKeyJwtClientAuthenticationFilter.Builder. withSecretsProvider(SecretsProvider secretsProvider)
Deprecated, for removal: This API element is subject to removal in a future version.Please useSecretReference
API instead. -
Uses of SecretsProvider in org.forgerock.json.jose.jwe
Methods in org.forgerock.json.jose.jwe with parameters of type SecretsProvider Modifier and Type Method Description Promise<? extends EncryptedJwt,JweDecryptionCheckedException>
EncryptedJwt. decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)
Attempts to decrypt the JWT using any available keys for the givenPurpose
from the givenSecretsProvider
.Promise<SignedThenEncryptedJwt,JweDecryptionCheckedException>
SignedThenEncryptedJwt. decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)
Promise<SignedThenEncryptedJwt,JweDecryptionCheckedException>
SignedThenEncryptedJwt. decryptAndVerify(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose, Purpose<VerificationKey> verificationPurpose)
Decrypts the outer JWT and then verifies the signature on the inner JWT using secrets from the suppliedSecretsProvider
.Promise<byte[],JweDecryptionCheckedException>
EncryptedJwt. decryptRawPayload(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)
Attempts to decrypt the raw payload of the JWT using any keys from the givenSecretsProvider
that satisfy the suppliedPurpose
. -
Uses of SecretsProvider in org.forgerock.json.jose.jws
Methods in org.forgerock.json.jose.jws with parameters of type SecretsProvider Modifier and Type Method Description Promise<? extends EncryptedJwt,JweDecryptionCheckedException>
EncryptedThenSignedJwt. decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose)
Decrypts the inner encrypted JWE so that the payload can be accessed.Constructors in org.forgerock.json.jose.jws with parameters of type SecretsProvider Constructor Description SigningManager(SecretsProvider provider)
Builds a new SigningManager that can buildSigningHandler
based on asynchronously retrieved Secrets from the givenprovider
. -
Uses of SecretsProvider in org.forgerock.json.jose.tokenhandler
Methods in org.forgerock.json.jose.tokenhandler with parameters of type SecretsProvider Modifier and Type Method Description SecretsJwtTokenHandler.Builder
SecretsJwtTokenHandler.Builder. secretsProvider(SecretsProvider secretsProvider)
Configures theSecretsProvider
from which to retrieve signing and encryption keys. -
Uses of SecretsProvider in org.forgerock.macaroons
Constructors in org.forgerock.macaroons with parameters of type SecretsProvider Constructor Description MacaroonVerifier(SecretsProvider secretsProvider, Purpose<VerificationKey> purpose)
Constructs the macaroon verifier with the given source of verification keys. -
Uses of SecretsProvider in org.forgerock.oauth.resolvers
Methods in org.forgerock.oauth.resolvers with parameters of type SecretsProvider Modifier and Type Method Description OpenIdResolver
OpenIdResolverFactory. createSecretsProviderResolver(String issuer, SecretsProvider provider, Purpose<VerificationKey> purpose)
Creates a public key based resolver for the suppliedissuer
using keys available through the givenprovider
.Constructors in org.forgerock.oauth.resolvers with parameters of type SecretsProvider Constructor Description EncryptedOpenIdResolverFactory(SecretsProvider secretsProvider, Purpose<DataDecryptionKey> idTokenPurpose)
Constructs a newEncryptedOpenIdResolverFactory
instance. -
Uses of SecretsProvider in org.forgerock.oauth.resolvers.service
Constructors in org.forgerock.oauth.resolvers.service with parameters of type SecretsProvider Constructor Description OpenIdResolverServiceImpl(Client client, BiPredicate<String,String> issuerComparator, SecretsProvider secretsProvider, Purpose<DataDecryptionKey> idTokenPurpose)
Constructor for the OpenIdResolverServiceImpl which will use the supplied read and connection timeouts when communicating over HTTP.OpenIdResolverServiceImpl(Client client, SecretsProvider secretsProvider, Purpose<DataDecryptionKey> idTokenPurpose)
Constructor for the OpenIdResolverServiceImpl which will use the supplied read and connection timeouts when communicating over HTTP. -
Uses of SecretsProvider in org.forgerock.openam.secrets
Subclasses of SecretsProvider in org.forgerock.openam.secrets Modifier and Type Class Description class
SecretsProviderFacade
A facade aroundSecretsProvider
instances from the realm and global levels that will delegate correctly to the global provider when a secret is not found in the realm, and knows how to resolve secrets for aDefaultingPurpose
.Methods in org.forgerock.openam.secrets with parameters of type SecretsProvider Modifier and Type Method Description static SecretsProviderFacade
SecretsProviderFacade. singleton(SecretsProvider secretsProvider)
Make a facade from a single secrets provider.static SecretsProviderFacade
SecretsProviderFacade. singleton(SecretsProvider globalSecretsProvider, SecretsProvider realmSecretsProvider)
Make a facade from the given secrets provider.Constructors in org.forgerock.openam.secrets with parameters of type SecretsProvider Constructor Description SecretsReferenceProvider(SecretsProvider secretsProvider)
-
Uses of SecretsProvider in org.forgerock.secrets
Methods in org.forgerock.secrets that return SecretsProvider Modifier and Type Method Description <T extends Secret>
SecretsProviderSecretsProvider. setActiveStore(SecretStore<? super T> store, Purpose<? extends T>... purposes)
Sets the active store to use for the given purpose.SecretsProvider
SecretsProvider. setDefaultStores(SecretStore<?> activeStore, SecretStore<?>... defaultStores)
Sets the default store(s) to use if there is no specific store configured for a particular purpose.<S extends Secret>
SecretsProviderSecretsProvider. useSpecificSecretForPurpose(Purpose<S> purpose, S secret)
Configures this SecretsProvider to always return the specific given secret for the given purpose.Methods in org.forgerock.secrets with parameters of type SecretsProvider Modifier and Type Method Description static <T extends Secret>
SecretReference<T>SecretReference. active(SecretsProvider secretsProvider, Purpose<T> purpose, Clock clock)
Creates a reference to the active secret for the given purpose using the given secrets provider.static <T extends Secret>
SecretReference<T>SecretReference. named(SecretsProvider secretsProvider, Purpose<T> purpose, String name, Clock clock)
Creates a reference to a named secret using the given secrets provider.Constructors in org.forgerock.secrets with parameters of type SecretsProvider Constructor Description SecretReference(SecretsProvider provider, Purpose<T> purpose)
Deprecated.SecretReference(SecretsProvider provider, Purpose<T> purpose, Clock clock)
Deprecated.SecretsLoadStoreParameter(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose, Clock clock)
Initialises the keystore with the given secrets API objects. -
Uses of SecretsProvider in org.forgerock.secrets.propertyresolver
Constructors in org.forgerock.secrets.propertyresolver with parameters of type SecretsProvider Constructor Description PemPropertyFormat(SecretsProvider secretsProvider, Purpose<GenericSecret> decryptionPasswordPurpose)
Initializes the property format with the given secrets provider and purpose for decrypting password-encrypted PEM files.PemPropertyFormat(SecretsProvider secretsProvider, Purpose<GenericSecret> decryptionPasswordPurpose, Supplier<SecretBuilder> secretBuilderSupplier)
Initializes the property format with the given secrets provider and purpose for decrypting password-encrypted PEM files.
-