Package org.forgerock.secrets.vault

Class VaultConfig

  • public final class VaultConfig
extends Object
    Encapsulates the common configuration required for Hashicorp Vault secret backends.

    • Method Detail

      • builder

        public static VaultConfig.Builder builder​(Handler httpClient,
                                          URI baseUri)
        Returns a new VaultConfig.Builder to construct the configuration.
        Parameters:
        httpClient - the CHF HTTP client handler to use for connections to Vault. Must not be null.
        baseUri - the base URI of the Vault installation. Must not be null.
        Returns:
        a new configuration builder.

      • getClock

        public Clock getClock()
        Returns the clock to use for determining secret expiry times.
        Returns:
        the clock to use for secret expiry time.

      • getBaseUri

        public URI getBaseUri()
        Returns the base URI of the Vault installation.
        Returns:
        the URI of the Vault installation.

      • getNamespace

        public Optional<String> getNamespace()
        Returns the Vault namespace to use, or Optional.empty() if no namespace is configured.
        Returns:
        the namespace if one is configured.

      • getPath

        public Optional<String> getPath()
        Returns the path at which the vault secret engine to be used is mounted relative to the base URI.
        Returns:
        the path of the secret engine on the Vault server.

      • getHttpClient

        public Handler getHttpClient()
        Returns the CHF HTTP client handler to use for connections to Vault.
        Returns:
        the CHF HTTP client handler.

      • getPurposeMapping

        public Function<Purpose<?>,​String> getPurposeMapping()
        Returns the mapping from purposes to Vault secret names.
        Returns:
        the purpose mapping.