Package org.forgerock.openam.secrets.config

Class SingleAliasPurposeMappingValidator

  • All Implemented Interfaces:
    ServiceConfigValidatorV2
    @EvolvingAll
public class SingleAliasPurposeMappingValidator
extends PurposeMappingValidator
    Validates purpose mappings for the GoogleKeyManagementServiceSecretStore and GoogleSecretManagerSecretStoreProvider. This enforces the additional constraint that there is only a single alias mapped for each secret id. Google KMS and SM natively support versioning so there is no need to map a secret ID to more than one secret or key name.

    • Constructor Detail

      • SingleAliasPurposeMappingValidator

        @Inject
public SingleAliasPurposeMappingValidator​(AnnotatedServiceRegistry serviceRegistry)

    • Method Detail

      • validate

        public void validate​(Realm realm,
                     String serviceName,
                     List<String> configPath,
                     Map<String,​Set<String>> attributes)
              throws ServiceConfigException,
                     ServiceErrorException
        Description copied from interface: ServiceConfigValidatorV2
        Implement this method to perform the validation of the attributes.
        Specified by:
        validate in interface ServiceConfigValidatorV2
        Overrides:
        validate in class PurposeMappingValidator
        Parameters:
        realm - The realm the config is in, or null if it is not in a realm.
        serviceName - The name of the service to be validated.
        configPath - The names of the service config. The last element in the list will be the name of this config. In the case of service-level (non-SubSchema) config, this will be an empty list.
        attributes - The map of attribute names to values. This map will contain the default values for attributes where a value is not defined in this instance.
        Throws:
        ServiceConfigException - If the configuration is not valid, throw an SMSException, with a description of why it is invalid.
        ServiceErrorException - If an exception occurred when trying to validate the config.