Uses of Class
org.forgerock.secrets.Purpose

Packages that use Purpose

Package	Description
org.forgerock.http.oauth2	This package provides APIs for OAuth 2.0 services implementations.
org.forgerock.json.crypto.simple	Simple JSON cryptographic implementation.
org.forgerock.json.jose.jwe	Classes and interfaces for JWT encryption and JWEs.
org.forgerock.json.jose.jwk	Classes and interfaces for creating and manipulating JWKs.
org.forgerock.json.jose.jws	Classes and interfaces for JWT signing and JWS'.
org.forgerock.json.jose.tokenhandler	JWT implementation(s) of TokenHandler.
org.forgerock.macaroons	Implementation of Macaroons: Cookies with contextual caveats for decentralized authorization in the cloud. See Macaroon for more details.
org.forgerock.oauth.resolvers	This package contains classes to generate Open ID Resolvers, which can validate a supplied JWS against an Open ID Connect provider.
org.forgerock.oauth.resolvers.service	This package contains classes for a service which can be configured to produce OpenID Connect Resolvers.
org.forgerock.openam.secrets	The AM supporting classes for centrally configuring secrets.
org.forgerock.secrets	Provides a unified API for accessing secrets of various kinds.
org.forgerock.secrets.gcp.sm	Classes for integrating Google Secret Manager into the ForgeRock Secrets API.
org.forgerock.secrets.gcpkms	A secret store implementation that can retrieve keys from a Google Cloud Platform Key Management Service.
org.forgerock.secrets.jwkset	Secret store backend for retrieving keys from a local or remote JWK Set.
org.forgerock.secrets.keystore	Implementations of SecretStore for accessing keys stored in Java KeyStores, such as PKCS#11 Hardware Security Modules (HSMs) and PKCS#12 file-based encrypted key stores.
org.forgerock.secrets.oauth2	A Secrets API backend that can obtain OAuth 2 access tokens from a token endpoint, along with a collection of grant type handlers.
org.forgerock.secrets.propertyresolver	Provides a SecretStore implementation that loads secrets from a Common Configuration PropertyResolver and then decodes it with a SecretPropertyFormat.
org.forgerock.secrets.vault	Secrets backend that reads secrets from a remote Hashicorp Vault server.

Uses of Purpose in org.forgerock.http.oauth2

Methods in org.forgerock.http.oauth2 with parameters of type Purpose

Modifier and Type	Method	Description
EncryptedPrivateKeyJwtClientAuthenticationFilter.Builder	EncryptedPrivateKeyJwtClientAuthenticationFilter.Builder.withEncryptionPurpose(Purpose<DataEncryptionKey> encryptionPurpose)	Deprecated, for removal: This API element is subject to removal in a future version. Please use EncryptedPrivateKeyJwtClientAuthenticationFilter.Builder.withEncryptionSecretReference(SecretReference) instead.
T	PrivateKeyJwtClientAuthenticationFilter.Builder.withSigningPurpose(Purpose<SigningKey> signingPurpose)	Deprecated, for removal: This API element is subject to removal in a future version. Please use PrivateKeyJwtClientAuthenticationFilter.Builder.withSigningSecretReference(SecretReference) instead.

Uses of Purpose in org.forgerock.json.crypto.simple

Methods in org.forgerock.json.crypto.simple with parameters of type Purpose

Modifier and Type	Method	Description
Key	PurposeBasedKeySelector.select(Purpose<? extends CryptoKey> purpose, String stableId)	Get a Key base on a given Purpose and stable id.

Constructors in org.forgerock.json.crypto.simple with parameters of type Purpose

Modifier	Constructor	Description
	SimpleEncryptor(String cipher, Key key, Purpose<? extends CryptoKey> purpose, String stableId)	Constructor.

Uses of Purpose in org.forgerock.json.jose.jwe

Methods in org.forgerock.json.jose.jwe that return Purpose

Modifier and Type	Method	Description
Purpose<? extends CryptoKey>	JweAlgorithm.getDecryptionPurpose(String label)	Returns a Purpose that can be used to retrieve keys that are suitable for decryption with this JWE algorithm.
Purpose<? extends CryptoKey>	JweAlgorithmType.getDecryptionPurpose(String label)	Returns a Purpose that can be used to retrieve keys that are suitable for decryption with this type of JWE algorithm.
Purpose<? extends CryptoKey>	JweAlgorithm.getEncryptionPurpose(String label)	Returns a Purpose that can be used to retrieve keys that are suitable for encryption with this JWE algorithm.
Purpose<? extends CryptoKey>	JweAlgorithmType.getEncryptionPurpose(String label)	Returns a Purpose that can be used to retrieve keys that are suitable for encryption with this type of JWE algorithm.

Methods in org.forgerock.json.jose.jwe with parameters of type Purpose

Modifier and Type	Method	Description
Promise<? extends EncryptedJwt,JweDecryptionCheckedException>	EncryptedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)	Attempts to decrypt the JWT using any available keys for the given Purpose from the given SecretsProvider.
Promise<SignedThenEncryptedJwt,JweDecryptionCheckedException>	SignedThenEncryptedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)
Promise<SignedThenEncryptedJwt,JweDecryptionCheckedException>	SignedThenEncryptedJwt.decryptAndVerify(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose, Purpose<VerificationKey> verificationPurpose)	Decrypts the outer JWT and then verifies the signature on the inner JWT using secrets from the supplied SecretsProvider.
Promise<byte[],JweDecryptionCheckedException>	EncryptedJwt.decryptRawPayload(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)	Attempts to decrypt the raw payload of the JWT using any keys from the given SecretsProvider that satisfy the supplied Purpose.

Uses of Purpose in org.forgerock.json.jose.jwk

Methods in org.forgerock.json.jose.jwk with parameters of type Purpose

Modifier and Type	Method	Description
<T extends CryptoKey> T	JWK.toCryptoKey(Purpose<T> purpose, Instant expiry)	Converts this JWK into a CryptoKey subclass object for use with the Secrets API.

Uses of Purpose in org.forgerock.json.jose.jws

Methods in org.forgerock.json.jose.jws with parameters of type Purpose

Modifier and Type	Method	Description
Promise<? extends EncryptedJwt,JweDecryptionCheckedException>	EncryptedThenSignedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose)	Decrypts the inner encrypted JWE so that the payload can be accessed.
SigningHandler	SigningManager.newSigningHandler(JWK jwk, Purpose<SigningKey> purpose)	Returns a signing handler from the given JSON Web Key (JWK) which will be used to sign a JWT.
SigningHandler	SigningManager.newSigningHandler(JWK jwk, Purpose<SigningKey> purpose, Instant expiry)	Returns a signing handler from the given JSON Web Key (JWK) which will be used to sign a JWT.
Promise<SigningHandler,NoSuchSecretException>	SigningManager.newSigningHandler(Purpose<SigningKey> purpose)	Constructs a new SigningHandler configured for signing with the provided secret purpose.
SigningHandler	SigningManager.newVerificationHandler(JWK jwk, Purpose<VerificationKey> purpose)	Returns a signing handler from the given JSON Web Key (JWK) which will be used to verify a JWT.
SigningHandler	SigningManager.newVerificationHandler(JWK jwk, Purpose<VerificationKey> purpose, Instant expiry)	Returns a signing handler from the given JSON Web Key (JWK) which will be used to verify a JWT.
Promise<SigningHandler,NeverThrowsException>	SigningManager.newVerificationHandler(Purpose<VerificationKey> purpose, String keyId)	Constructs a new SigningHandler configured for verifying with the provided secret purpose.

Uses of Purpose in org.forgerock.json.jose.tokenhandler

Methods in org.forgerock.json.jose.tokenhandler with parameters of type Purpose

Modifier and Type	Method	Description
SecretsJwtTokenHandler.Builder	SecretsJwtTokenHandler.Builder.decryptionPurpose(Purpose<? extends CryptoKey> decryptionKeyPurpose)	Specifies the Purpose used to retrieve decryption keys from the secrets provider.
SecretsJwtTokenHandler.Builder	SecretsJwtTokenHandler.Builder.encryptionPurpose(Purpose<? extends CryptoKey> encryptionKeyPurpose)	Specifies the Purpose used to retrieve encryption keys from the secrets provider.
SecretsJwtTokenHandler.Builder	SecretsJwtTokenHandler.Builder.signingPurpose(Purpose<SigningKey> signingKeyPurpose)	Specifies the Purpose used to retrieve signing keys from the secrets provider.
SecretsJwtTokenHandler.Builder	SecretsJwtTokenHandler.Builder.verificationPurpose(Purpose<VerificationKey> verificationKeyPurpose)	Specifies the Purpose used to retrieve verification keys from the secrets provider.

Constructors in org.forgerock.json.jose.tokenhandler with parameters of type Purpose

Modifier	Constructor	Description
	SecretsJwtTokenHandler(JweAlgorithm jweAlgorithm, EncryptionMethod jweMethod, JwsAlgorithm jwsAlgorithm, Optional<Long> tokenLifeTimeInSeconds, KeyPair jweKeyPair, SigningManager manager, Purpose<SigningKey> signingKeyPurpose, Purpose<VerificationKey> verificationKeyPurpose, Clock clock)	Deprecated. Use SecretsJwtTokenHandler.builder() instead.

Uses of Purpose in org.forgerock.macaroons

Constructors in org.forgerock.macaroons with parameters of type Purpose

Modifier	Constructor	Description
	MacaroonVerifier(SecretsProvider secretsProvider, Purpose<VerificationKey> purpose)	Constructs the macaroon verifier with the given source of verification keys.

Uses of Purpose in org.forgerock.oauth.resolvers

Methods in org.forgerock.oauth.resolvers with parameters of type Purpose

Modifier and Type	Method	Description
OpenIdResolver	OpenIdResolverFactory.createSecretsProviderResolver(String issuer, SecretsProvider provider, Purpose<VerificationKey> purpose)	Creates a public key based resolver for the supplied issuer using keys available through the given provider.

Constructors in org.forgerock.oauth.resolvers with parameters of type Purpose

Modifier	Constructor	Description
	EncryptedOpenIdResolverFactory(SecretsProvider secretsProvider, Purpose<DataDecryptionKey> idTokenPurpose)	Constructs a new EncryptedOpenIdResolverFactory instance.

Uses of Purpose in org.forgerock.oauth.resolvers.service

Constructors in org.forgerock.oauth.resolvers.service with parameters of type Purpose

Modifier	Constructor	Description
	OpenIdResolverServiceImpl(Client client, BiPredicate<String,String> issuerComparator, SecretsProvider secretsProvider, Purpose<DataDecryptionKey> idTokenPurpose)	Constructor for the OpenIdResolverServiceImpl which will use the supplied read and connection timeouts when communicating over HTTP.
	OpenIdResolverServiceImpl(Client client, SecretsProvider secretsProvider, Purpose<DataDecryptionKey> idTokenPurpose)	Constructor for the OpenIdResolverServiceImpl which will use the supplied read and connection timeouts when communicating over HTTP.

Uses of Purpose in org.forgerock.openam.secrets

Methods in org.forgerock.openam.secrets that return Purpose

Modifier and Type	Method	Description
Purpose<S>	DefaultingPurpose.getCustomPurpose(String instanceId)	Returns the instance specific purpose.
Purpose<S>	DefaultingPurpose.getDefaultPurpose()	Returns the default purpose.
static Purpose<KeyEncryptionKey>	SecretsUtils.realmQualifiedEncryptionPurpose(String realm, String rootPurpose)	Returns the purpose to use at the global scope for looking up a realm-specific encryption key.

Methods in org.forgerock.openam.secrets with parameters of type Purpose

Modifier and Type	Method	Description
<T extends Secret> SecretReference<T>	SecretsReferenceProvider.get(Purpose<T> purpose)	Get the reference for the secrets that fulfil the purpose.
<S extends Secret> Promise<S,NoSuchSecretException>	SecretsProviderFacade.getActiveSecret(Purpose<S> purpose)
X509ExtendedKeyManager	SecretsProviderFacade.getKeyManager(Purpose<? extends CryptoKey> purpose)
X509ExtendedKeyManager	SecretsProviderFacade.getKeyManager(Purpose<? extends CryptoKey> purpose, Options options)
<S extends Secret> Promise<S,NoSuchSecretException>	SecretsProviderFacade.getNamedSecret(Purpose<S> purpose, String id)
SecretsTrustManager	SecretsProviderFacade.getTrustManager(Purpose<? extends CryptoKey> purpose, Options options)
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	SecretsProviderFacade.getValidSecrets(Purpose<S> purpose)

Constructors in org.forgerock.openam.secrets with parameters of type Purpose

Modifier	Constructor	Description
	DefaultingPurpose(Purpose<S> defaultPurpose, String customSecretId)	Creates a new defaulting purpose.

Uses of Purpose in org.forgerock.secrets

Fields in org.forgerock.secrets declared as Purpose

Modifier and Type	Field	Description
static final Purpose<DataDecryptionKey>	Purpose.DATA_DECRYPTION	Indicates a key intended for decrypting data.
static final Purpose<DataEncryptionKey>	Purpose.DATA_ENCRYPTION	Indicates a key intended for encrypting data.
static final Purpose<KeyAgreementKey>	Purpose.KEY_AGREEMENT	Indicates a key intended for an interactive key agreement protocol, such as Diffie-Hellman (DH) or the elliptic curve equivalent (ECDH).
static final Purpose<KeyDecryptionKey>	Purpose.KEY_DECRYPTION	Indicates a key intended for decrypting ("unwrapping") other keys.
static final Purpose<KeyEncryptionKey>	Purpose.KEY_ENCRYPTION	Indicates a key intended for encrypting ("wrapping") other keys.
static final Purpose<GenericSecret>	Purpose.PASSWORD	Indicates a secret intended to be used as a password for authentication to some service.
static final Purpose<SigningKey>	Purpose.SIGN	Indicates a key intended for creating digital signatures or message authentication codes (MACs).
static final Purpose<VerificationKey>	Purpose.VERIFY	Indicates a key intended for verifying digital signatures or message authentication codes.
static final Purpose<CertificateVerificationKey>	Purpose.VERIFY_CERTIFICATE	Indicates a key intended for verifying certificate signatures.

Methods in org.forgerock.secrets that return Purpose

Modifier and Type	Method	Description
Purpose<?>	NoSuchSecretException.getPurpose()	Returns the purpose for which no secret was found, or null if not specified.
static <T extends Secret> Purpose<T>	Purpose.purpose(String label, Class<T> type)	Constructs a purpose object.
static <T extends Secret> Purpose<T>	Purpose.purpose(String label, Class<T> type, SecretConstraint<? super T>... constraints)	Constructs a purpose object.
final Purpose<T>	Purpose.withConstraints(SecretConstraint<? super T>... constraints)	Constructs a new purpose that is identical to this purpose but which imposes additional constraints on the secrets that can satisfy it.

Methods in org.forgerock.secrets with parameters of type Purpose

Modifier and Type	Method	Description
static <T extends Secret> SecretReference<T>	SecretReference.active(SecretsProvider secretsProvider, Purpose<T> purpose, Clock clock)	Creates a reference to the active secret for the given purpose using the given secrets provider.
<T extends CryptoKey> KeyStore	SecretsProvider.asKeyStore(Purpose<T> purpose)	Returns a view of this secrets provider as a keystore for the given purpose.
<T extends Secret> T	SecretBuilder.build(Purpose<T> purpose)	Builds a secret of the given type, enforcing any constraints attached to the purpose.
<S extends Secret> SecretReference<S>	SecretsProvider.createActiveReference(Purpose<S> purpose)	Creates the secret reference from the given purpose.
<S extends Secret> SecretReference<S>	SecretsProvider.createNamedReference(Purpose<S> purpose, String name)	Creates a reference to a secret with the given name (stable id) for the given purpose.
<S extends Secret> ValidSecretsReference<S,NeverThrowsException>	SecretsProvider.createValidOrNamedReference(Purpose<S> purpose, String name)	Creates the valid secrets reference from the given purpose.
<S extends Secret> ValidSecretsReference<S,NeverThrowsException>	SecretsProvider.createValidReference(Purpose<S> purpose)	Creates the valid secrets reference from the given purpose.
default <S extends T> Promise<S,NoSuchSecretException>	SecretStore.getActive(Purpose<S> purpose)	Returns the active secret for the given purpose.
<S extends T> Promise<S,NoSuchSecretException>	ThreadPoolSecretStore.getActive(Purpose<S> purpose)
<S extends Secret> Promise<S,NoSuchSecretException>	SecretsProvider.getActiveSecret(Purpose<S> purpose)	Gets the currently active secret for the given purpose.
X509ExtendedKeyManager	SecretsProvider.getKeyManager(Purpose<? extends CryptoKey> purpose)	Returns a KeyManager that can be used to initialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.
X509ExtendedKeyManager	SecretsProvider.getKeyManager(Purpose<? extends CryptoKey> purpose, Options options)	Returns a KeyManager that can be used to initialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.
default <S extends T> Promise<S,NoSuchSecretException>	SecretStore.getNamed(Purpose<S> purpose, String name)	Returns the named secret from this store.
<S extends T> Promise<S,NoSuchSecretException>	ThreadPoolSecretStore.getNamed(Purpose<S> purpose, String name)
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	SecretsProvider.getNamedOrValidSecrets(Purpose<S> purpose, String id)	If the given id is not null, then this returns the single named secret that corresponds to that stable id (or a stream of valid secrets for the given purpose if no such secret exists), otherwise it returns all valid secrets for the given purpose.
<S extends Secret> Promise<S,NoSuchSecretException>	SecretsProvider.getNamedSecret(Purpose<S> purpose, String id)	Gets the secret for the given purpose with the given stable secret id.
SecretsTrustManager	SecretsProvider.getTrustManager(Purpose<? extends CryptoKey> purpose)	Constructs an X509ExtendedTrustManager that will retrieve certificates from this secrets provider for the provided purpose.
SecretsTrustManager	SecretsProvider.getTrustManager(Purpose<? extends CryptoKey> purpose, Options options)	Constructs an X509ExtendedTrustManager that will retrieve certificates from this secrets provider for the provided purpose.
<S extends T> Promise<Stream<S>,NeverThrowsException>	SecretStore.getValid(Purpose<S> purpose)	Returns all valid secrets for the given purpose from this store.
<S extends T> Promise<Stream<S>,NeverThrowsException>	ThreadPoolSecretStore.getValid(Purpose<S> purpose)
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	SecretsProvider.getValidSecrets(Purpose<S> purpose)	Returns all secrets for the given purpose which have not yet expired.
static <T extends Secret> SecretReference<T>	SecretReference.named(SecretsProvider secretsProvider, Purpose<T> purpose, String name, Clock clock)	Creates a reference to a named secret using the given secrets provider.
default void	SecretStore.retire(Purpose<? extends T> purpose, String secretIdToRetire)	Retires the given secret for the given purpose.
void	ThreadPoolSecretStore.retire(Purpose<? extends T> purpose, String secretIdToRetire)
default void	SecretStore.rotate(Purpose<? extends T> purpose, String newActiveSecretId)	Rotates the active secret for the given purpose.
void	ThreadPoolSecretStore.rotate(Purpose<? extends T> purpose, String newActiveSecretId)
protected <T extends Secret> void	SecretsProvider.setActiveStore(SecretStore<? super T> store, Purpose<? extends T> purpose)	Sets the active store to use for the given purpose.
final <T extends Secret> SecretsProvider	SecretsProvider.setActiveStore(SecretStore<? super T> store, Purpose<? extends T>... purposes)	Sets the active store to use for the given purpose.
<S extends Secret> SecretsProvider	SecretsProvider.useSpecificSecretForPurpose(Purpose<S> purpose, S secret)	Configures this SecretsProvider to always return the specific given secret for the given purpose.
<S extends Secret> SecretsProvider	SecretsProvider.useSpecificSecretsForPurpose(Purpose<S> purpose, List<S> secrets)	Configures this SecretsProvider to always return the specific given secrets for the given purpose.
static <T extends Secret> ValidSecretsReference<T,NeverThrowsException>	ValidSecretsReference.valid(SecretsProvider secretsProvider, Purpose<T> purpose, Clock clock)	Creates a reference to the valid secrets for the given purpose using the given secrets provider.
static <T extends Secret> ValidSecretsReference<T,NeverThrowsException>	ValidSecretsReference.validOrNamed(SecretsProvider secretsProvider, Purpose<T> purpose, String name, Clock clock)	This creates a reference to either the named secret or all valid secrets for the purpose.

Method parameters in org.forgerock.secrets with type arguments of type Purpose

Modifier and Type	Method	Description
KeyStore	SecretsProvider.asKeyStore(Set<Purpose<? extends CryptoKey>> purposes)	Returns a view of this secrets provider as a keystore for the given purposes.
X509ExtendedKeyManager	SecretsProvider.getKeyManager(Set<Purpose<? extends CryptoKey>> purposes, Options options)	Returns a KeyManager that can be used to initialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.
SecretsTrustManager	SecretsProvider.getTrustManager(Set<Purpose<? extends CryptoKey>> purposes, Options options)	Constructs an X509ExtendedTrustManager that will retrieve certificates from this secrets provider for the provided purposes.

Constructors in org.forgerock.secrets with parameters of type Purpose

Modifier	Constructor	Description
	NoSuchSecretException(Purpose<?> purpose)	Constructs the exception for the given purpose.
	NoSuchSecretException(Purpose<?> purpose, String id)	Constructs the exception for the given purpose and secret stable id.
	SecretReference(SecretsProvider provider, Purpose<T> purpose)	Deprecated. Use SecretsProvider.createActiveReference(Purpose) or SecretReference.active(SecretsProvider, Purpose, Clock) instead.
	SecretReference(SecretsProvider provider, Purpose<T> purpose, Clock clock)	Deprecated. Use SecretsProvider.createActiveReference(Purpose) or SecretReference.active(SecretsProvider, Purpose, Clock) instead.
	SecretsLoadStoreParameter(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose, Clock clock)	Initialises the keystore with the given secrets API objects.

Constructor parameters in org.forgerock.secrets with type arguments of type Purpose

Modifier	Constructor	Description
	SecretsLoadStoreParameter(SecretsProvider secretsProvider, Set<Purpose<? extends CryptoKey>> purposes, Clock clock)	Initialises the keystore with the given secrets API objects.

Uses of Purpose in org.forgerock.secrets.gcp.sm

Methods in org.forgerock.secrets.gcp.sm with parameters of type Purpose

Modifier and Type	Method	Description
<S extends Secret> Promise<S,NoSuchSecretException>	GoogleSecretManagerSecretStore.getActive(Purpose<S> purpose)
<S extends Secret> Promise<S,NoSuchSecretException>	GoogleSecretManagerSecretStore.getNamed(Purpose<S> purpose, String name)
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	GoogleSecretManagerSecretStore.getValid(Purpose<S> purpose)

Method parameters in org.forgerock.secrets.gcp.sm with type arguments of type Purpose

Modifier and Type	Method	Description
GoogleSecretManagerSecretStore.Builder	GoogleSecretManagerSecretStore.Builder.formatMapping(Function<Purpose<?>,Optional<SecretDecoder>> formatMapping)	Specifies a SecretDecoder to use to decode data returned by Secret Manager.
GoogleSecretManagerSecretStore.Builder	GoogleSecretManagerSecretStore.Builder.purposeMapping(Function<Purpose<?>,String> purposeMapping)	Specifies the GCP secret name to use for the given purpose.
GoogleSecretManagerSecretStore.Builder	GoogleSecretManagerSecretStore.Builder.purposeMapping(Map<Purpose<?>,String> purposeMapping)	Specifies the GCP secret name to use for the given purpose.

Uses of Purpose in org.forgerock.secrets.gcpkms

Methods in org.forgerock.secrets.gcpkms with parameters of type Purpose

Modifier and Type	Method	Description
<S extends CryptoKey> Promise<S,NoSuchSecretException>	GoogleKmsSecretStore.getActive(Purpose<S> purpose)
<S extends CryptoKey> Promise<S,NoSuchSecretException>	GoogleKmsSecretStore.getNamed(Purpose<S> purpose, String name)
<S extends CryptoKey> Promise<Stream<S>,NeverThrowsException>	GoogleKmsSecretStore.getValid(Purpose<S> purpose)

Method parameters in org.forgerock.secrets.gcpkms with type arguments of type Purpose

Modifier and Type	Method	Description
GoogleKmsSecretStore.Builder	GoogleKmsSecretStore.Builder.cryptoKeyMapping(Function<Purpose<? extends CryptoKey>,String> cryptoKeyMapping)	Sets the mapping from purposes to crypto key names in KMS.
GoogleKmsSecretStore.Builder	GoogleKmsSecretStore.Builder.cryptoKeyMapping(Map<Purpose<? extends CryptoKey>,String> mapping)	Sets the mapping from purposes to crypto key names in KMS.

Constructors in org.forgerock.secrets.gcpkms with parameters of type Purpose

Modifier	Constructor	Description
	GoogleKmsEncryptedPropertyFormat(GoogleKmsSecretStore secretStore, Purpose<DataDecryptionKey> purpose)	Initializes the property format with the given secret store and purpose.

Uses of Purpose in org.forgerock.secrets.jwkset

Methods in org.forgerock.secrets.jwkset with parameters of type Purpose

Modifier and Type	Method	Description
<S extends CryptoKey> Promise<S,NoSuchSecretException>	JwkSetSecretStore.getNamed(Purpose<S> purpose, String name)
<S extends CryptoKey> Promise<Stream<S>,NeverThrowsException>	JwkSetSecretStore.getValid(Purpose<S> purpose)

Uses of Purpose in org.forgerock.secrets.keystore

Methods in org.forgerock.secrets.keystore with parameters of type Purpose

Modifier and Type	Method	Description
<S extends Secret> Promise<S,NoSuchSecretException>	KeyStoreSecretStore.getActive(Purpose<S> purpose)
<S extends Secret> Promise<S,NoSuchSecretException>	KeyStoreSecretStore.getNamed(Purpose<S> purpose, String id)
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	KeyStoreSecretStore.getValid(Purpose<S> purpose)
void	KeyStoreSecretStore.retire(Purpose<? extends Secret> purpose, String oldAlias)	Retires a key previously used for a given purpose.
void	KeyStoreSecretStore.rotate(Purpose<? extends Secret> purpose, String newAlias)	Rotates the key associated with a given purpose.

Uses of Purpose in org.forgerock.secrets.oauth2

Methods in org.forgerock.secrets.oauth2 with parameters of type Purpose

Modifier and Type	Method	Description
AccessTokenSecretStore.Builder	AccessTokenSecretStore.Builder.forPurpose(Purpose<GenericSecret> purpose)	Configures the purpose for which this access token store is to be used.
<S extends GenericSecret> Promise<S,NoSuchSecretException>	AccessTokenSecretStore.getActive(Purpose<S> purpose)
<S extends GenericSecret> Promise<S,NoSuchSecretException>	AccessTokenSecretStore.getNamed(Purpose<S> purpose, String name)
<S extends GenericSecret> Promise<Stream<S>,NeverThrowsException>	AccessTokenSecretStore.getValid(Purpose<S> purpose)

Uses of Purpose in org.forgerock.secrets.propertyresolver

Methods in org.forgerock.secrets.propertyresolver with parameters of type Purpose

Modifier and Type	Method	Description
<S extends Secret> Promise<S,NoSuchSecretException>	FileSystemSecretStore.getActive(Purpose<S> purpose)
<S extends Secret> Promise<S,NoSuchSecretException>	PropertyResolverSecretStore.getActive(Purpose<S> purpose)
<S extends Secret> Promise<S,NoSuchSecretException>	FileSystemSecretStore.getNamed(Purpose<S> purpose, String name)
<S extends Secret> Promise<S,NoSuchSecretException>	PropertyResolverSecretStore.getNamed(Purpose<S> purpose, String name)
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	FileSystemSecretStore.getValid(Purpose<S> purpose)
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	PropertyResolverSecretStore.getValid(Purpose<S> purpose)	Returns a stream of the active secret for the given purpose.

Constructors in org.forgerock.secrets.propertyresolver with parameters of type Purpose

Modifier	Constructor	Description
	PemPropertyFormat(SecretsProvider secretsProvider, Purpose<GenericSecret> decryptionPasswordPurpose)	Initializes the property format with the given secrets provider and purpose for decrypting password-encrypted PEM files.
	PemPropertyFormat(SecretsProvider secretsProvider, Purpose<GenericSecret> decryptionPasswordPurpose, Supplier<SecretBuilder> secretBuilderSupplier)	Initializes the property format with the given secrets provider and purpose for decrypting password-encrypted PEM files.

Uses of Purpose in org.forgerock.secrets.vault

Methods in org.forgerock.secrets.vault that return types with arguments of type Purpose

Modifier and Type	Method	Description
Function<Purpose<?>,String>	VaultConfig.getPurposeMapping()	Returns the mapping from purposes to Vault secret names.

Method parameters in org.forgerock.secrets.vault with type arguments of type Purpose

Modifier and Type	Method	Description
VaultConfig.Builder	VaultConfig.Builder.purposeMapping(Function<Purpose<?>,String> purposeMapping)	Configures the mapping from purposes to named entries in a Vault secret engine.
VaultConfig.Builder	VaultConfig.Builder.purposeMapping(Map<Purpose<?>,String> purposeMapping)	Configures the mapping from purposes to named entries in a Vault secret engine.