Package org.forgerock.openam.secrets

Interface SecretIdProvider

All Known Implementing Classes:
IotSecretIdProvider
@EvolvingAll public interface SecretIdProvider
This interface allows AM's modules/components to easily expose which secret IDs they are using. During AM startup, the SecretIdRegistry will register the secret IDs for the singleton services. Multi-instance services on the other hand will be queried as and when the complete list of available secret IDs is required.

To extend the secret ID registry, an instance of this interface should be made available via a service loader file.

Since:
AM 6.5.0
See Also:
  • SecretIdRegistry

  • Method Details

    • getGlobalSingletonSecretIds

      default com.google.common.collect.Multimap<String,String> getGlobalSingletonSecretIds()
      Returns the secret IDs used by global singleton services. The key in the map is the name of the component that uses the secret ID, and the values are the secret IDs used by the component.
      Returns:
      A multimap containing the secret IDs used per component.

    • getRealmSingletonSecretIds

      default com.google.common.collect.Multimap<String,String> getRealmSingletonSecretIds()
      Returns the secret IDs used by realm level singleton services. The key in the map is the name of the component that uses the secret ID, and the values are the secret IDs used by the component.
      Returns:
      A multimap containing the secret IDs used per component.

    • getGlobalMultiInstanceSecretIds

      default com.google.common.collect.Multimap<String,String> getGlobalMultiInstanceSecretIds(SSOToken authorizationToken)
      Returns the secret IDs used by global multi-instance services, e.g. those used by audit handlers, which may have multiple instances per realm. The key in the map is the name of the component that uses the secret ID, and the values are the secret IDs used by the component.
      Parameters:
      authorizationToken - The session ID of the end-user who wants to look up the secret IDs.
      Returns:
      A multimap containing the secret IDs used per component.

    • getRealmMultiInstanceSecretIds

      default com.google.common.collect.Multimap<String,String> getRealmMultiInstanceSecretIds(SSOToken authorizationToken, Realm realm)
      Returns the secret IDs used by realm level multi-instance services, e.g. those used by authentication modules or nodes, which may have multiple instances per realm. The key in the map is the name of the component that uses the secret ID, and the values are the secret IDs used by the component.
      Parameters:
      authorizationToken - The session ID of the end-user who wants to look up the secret IDs.
      realm - The realm where the secret IDs have to be looked up.
      Returns:
      A multimap containing the secret IDs used per component.