Package org.forgerock.secrets

Class Secret

java.lang.Object

org.forgerock.secrets.Secret

All Implemented Interfaces:

AutoCloseable

Direct Known Subclasses:

CryptoKey, GenericSecret

public abstract class Secret
extends Object
implements AutoCloseable

A secret is any piece of data that should be kept confidential. This includes connection passwords and API keys, as well as cryptographic key material.

Secrets are thread-safe and are immutable until destroyed (closed).

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	Secret(SecretBuilder builder)	Constructs the secret using the given builder.

Method Summary

Modifier and Type	Method	Description
void	close()
final boolean	equals(Object that)
final Instant	getExpiryTime()	The expiry time of this secret.
final String	getStableId()	A stable identifier for this particular secret that can be used to lookup the same secret in future.
final int	hashCode()
boolean	isClosed()	Indicates whether this secret has been closed by calling the close() method.
final boolean	isExpired(Clock clock)	Indicates whether the secret has expired according to the given clock.
String	toString()

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Details

Secret

protected Secret(SecretBuilder builder)

Constructs the secret using the given builder.

Parameters:

builder - the secret builder.

Method Details

getExpiryTime

public final Instant getExpiryTime()

The expiry time of this secret. The secret should not be used beyond this time without being re-fetched from the SecretsProvider.

Returns:

the expiry time.

isExpired

public final boolean isExpired(Clock clock)

Indicates whether the secret has expired according to the given clock.

Parameters:

clock - the clock to use to determine the current time.

Returns:

true if the secret has expired and should be re-fetched from the SecretsProvider.

getStableId

public final String getStableId()

A stable identifier for this particular secret that can be used to lookup the same secret in future. This value is guaranteed (with high probability) to be unique to this particular secret and the same across all server instances that share the same secret store.

Returns:

the stable identifier for this secret.

close

public void close()

Specified by:

close in interface AutoCloseable

isClosed

public boolean isClosed()

Indicates whether this secret has been closed by calling the close() method. A secret that has been closed should be considered invalid and re-fetched from the SecretsProvider.

Returns:

true if the secret has been closed.

equals

public final boolean equals(Object that)

Overrides:

equals in class Object

hashCode

public final int hashCode()

Overrides:

hashCode in class Object

toString

public String toString()

Overrides:

toString in class Object