Class SingleAliasPurposeMappingValidator
java.lang.Object
org.forgerock.openam.secrets.config.PurposeMappingValidator
org.forgerock.openam.secrets.config.SingleAliasPurposeMappingValidator
- All Implemented Interfaces:
ServiceConfigValidatorV2
Validates purpose mappings for the
GoogleKeyManagementServiceSecretStore and
GoogleSecretManagerSecretStoreProvider. This enforces the additional
constraint that there is only a single alias mapped for each secret id. Google KMS and SM natively support
versioning so there is no need to map a secret ID to more than one secret or key name.-
Constructor Summary
ConstructorsConstructorDescriptionSingleAliasPurposeMappingValidator(AnnotatedServiceRegistry serviceRegistry) -
Method Summary
-
Constructor Details
-
SingleAliasPurposeMappingValidator
-
-
Method Details
-
validate
public void validate(Realm realm, String serviceName, List<String> configPath, Map<String, Set<String>> attributes) throws ServiceConfigException, ServiceErrorExceptionDescription copied from interface:ServiceConfigValidatorV2Implement this method to perform the validation of the attributes.- Specified by:
validatein interfaceServiceConfigValidatorV2- Overrides:
validatein classPurposeMappingValidator- Parameters:
realm- The realm the config is in, ornullif it is not in a realm.serviceName- The name of the service to be validated.configPath- The names of the service config. The last element in the list will be the name of this config. In the case of service-level (non-SubSchema) config, this will be an empty list.attributes- The map of attribute names to values. This map will contain the default values for attributes where a value is not defined in this instance.- Throws:
ServiceConfigException- If the configuration is not valid, throw an SMSException, with a description of why it is invalid.ServiceErrorException- If an exception occurred when trying to validate the config.
-