Uses of Class
org.forgerock.secrets.SecretsProvider

Packages that use SecretsProvider

Package	Description
org.forgerock.config.resolvers	This package contains the common config property resolvers.
org.forgerock.http.oauth2	This package provides APIs for OAuth 2.0 services implementations.
org.forgerock.json.jose.jwe	Classes and interfaces for JWT encryption and JWEs.
org.forgerock.json.jose.jws	Classes and interfaces for JWT signing and JWS'.
org.forgerock.json.jose.tokenhandler	JWT implementation(s) of TokenHandler.
org.forgerock.macaroons	Implementation of Macaroons: Cookies with contextual caveats for decentralized authorization in the cloud. See Macaroon for more details.
org.forgerock.oauth.resolvers	This package contains classes to generate Open ID Resolvers, which can validate a supplied JWS against an Open ID Connect provider.
org.forgerock.oauth.resolvers.service	This package contains classes for a service which can be configured to produce OpenID Connect Resolvers.
org.forgerock.openam.secrets	The AM supporting classes for centrally configuring secrets.
org.forgerock.secrets	Provides a unified API for accessing secrets of various kinds.
org.forgerock.secrets.propertyresolver	Provides a SecretStore implementation that loads secrets from a Common Configuration PropertyResolver and then decodes it with a SecretPropertyFormat.

Uses of SecretsProvider in org.forgerock.config.resolvers

Methods in org.forgerock.config.resolvers with parameters of type SecretsProvider

Modifier and Type	Method	Description
static PropertyResolver	PropertyResolvers.secretsPropertyResolver(SecretsProvider secretsProvider)	Constructs a resolver that looks up GenericSecrets from the given SecretsProvider and converts them to UTF-8 strings.

Uses of SecretsProvider in org.forgerock.http.oauth2

Fields in org.forgerock.http.oauth2 declared as SecretsProvider

Modifier and Type	Field	Description
protected SecretsProvider	PrivateKeyJwtClientAuthenticationFilter.Builder.secretsProvider	SecretsProvider capable of providing the secret.

Methods in org.forgerock.http.oauth2 with parameters of type SecretsProvider

Modifier and Type	Method	Description
T	PrivateKeyJwtClientAuthenticationFilter.Builder.withSecretsProvider(SecretsProvider secretsProvider)	Deprecated, for removal: This API element is subject to removal in a future version. Please use SecretReference API instead.

Uses of SecretsProvider in org.forgerock.json.jose.jwe

Methods in org.forgerock.json.jose.jwe with parameters of type SecretsProvider

Modifier and Type	Method	Description
Promise<? extends EncryptedJwt,JweDecryptionCheckedException>	EncryptedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)	Attempts to decrypt the JWT using any available keys for the given Purpose from the given SecretsProvider.
Promise<SignedThenEncryptedJwt,JweDecryptionCheckedException>	SignedThenEncryptedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)
Promise<SignedThenEncryptedJwt,JweDecryptionCheckedException>	SignedThenEncryptedJwt.decryptAndVerify(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose, Purpose<VerificationKey> verificationPurpose)	Decrypts the outer JWT and then verifies the signature on the inner JWT using secrets from the supplied SecretsProvider.
Promise<byte[],JweDecryptionCheckedException>	EncryptedJwt.decryptRawPayload(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)	Attempts to decrypt the raw payload of the JWT using any keys from the given SecretsProvider that satisfy the supplied Purpose.

Uses of SecretsProvider in org.forgerock.json.jose.jws

Methods in org.forgerock.json.jose.jws with parameters of type SecretsProvider

Modifier and Type	Method	Description
Promise<? extends EncryptedJwt,JweDecryptionCheckedException>	EncryptedThenSignedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose)	Decrypts the inner encrypted JWE so that the payload can be accessed.

Constructors in org.forgerock.json.jose.jws with parameters of type SecretsProvider

Modifier	Constructor	Description
	SigningManager(SecretsProvider provider)	Builds a new SigningManager that can build SigningHandler based on asynchronously retrieved Secrets from the given provider.

Uses of SecretsProvider in org.forgerock.json.jose.tokenhandler

Methods in org.forgerock.json.jose.tokenhandler with parameters of type SecretsProvider

Modifier and Type	Method	Description
SecretsJwtTokenHandler.Builder	SecretsJwtTokenHandler.Builder.secretsProvider(SecretsProvider secretsProvider)	Configures the SecretsProvider from which to retrieve signing and encryption keys.

Uses of SecretsProvider in org.forgerock.macaroons

Constructors in org.forgerock.macaroons with parameters of type SecretsProvider

Modifier	Constructor	Description
	MacaroonVerifier(SecretsProvider secretsProvider, Purpose<VerificationKey> purpose)	Constructs the macaroon verifier with the given source of verification keys.

Uses of SecretsProvider in org.forgerock.oauth.resolvers

Methods in org.forgerock.oauth.resolvers with parameters of type SecretsProvider

Modifier and Type	Method	Description
OpenIdResolver	OpenIdResolverFactory.createSecretsProviderResolver(String issuer, SecretsProvider provider, Purpose<VerificationKey> purpose)	Creates a public key based resolver for the supplied issuer using keys available through the given provider.

Constructors in org.forgerock.oauth.resolvers with parameters of type SecretsProvider

Modifier	Constructor	Description
	EncryptedOpenIdResolverFactory(SecretsProvider secretsProvider, Purpose<DataDecryptionKey> idTokenPurpose)	Constructs a new EncryptedOpenIdResolverFactory instance.

Uses of SecretsProvider in org.forgerock.oauth.resolvers.service

Constructors in org.forgerock.oauth.resolvers.service with parameters of type SecretsProvider

Modifier	Constructor	Description
	OpenIdResolverServiceImpl(Client client, BiPredicate<String,String> issuerComparator, SecretsProvider secretsProvider, Purpose<DataDecryptionKey> idTokenPurpose)	Constructor for the OpenIdResolverServiceImpl which will use the supplied read and connection timeouts when communicating over HTTP.
	OpenIdResolverServiceImpl(Client client, SecretsProvider secretsProvider, Purpose<DataDecryptionKey> idTokenPurpose)	Constructor for the OpenIdResolverServiceImpl which will use the supplied read and connection timeouts when communicating over HTTP.

Uses of SecretsProvider in org.forgerock.openam.secrets

Subclasses of SecretsProvider in org.forgerock.openam.secrets

Modifier and Type	Class	Description
class	SecretsProviderFacade	A facade around SecretsProvider instances from the realm and global levels that will delegate correctly to the global provider when a secret is not found in the realm, and knows how to resolve secrets for a DefaultingPurpose.

Constructors in org.forgerock.openam.secrets with parameters of type SecretsProvider

Modifier	Constructor	Description
protected	SecretsProviderFacade(SecretsProvider secretsProvider, org.forgerock.openam.secrets.rotation.SecretLabelListener secretLabelListener, org.forgerock.openam.audit.AuditEventFactory auditEventFactory, org.forgerock.openam.audit.AuditEventPublisher auditEventPublisher)
protected	SecretsProviderFacade(SecretsProvider globalSecretsProvider, SecretsProvider realmSecretsProvider, org.forgerock.openam.secrets.rotation.SecretLabelListener secretLabelListener, org.forgerock.openam.audit.AuditEventFactory auditEventFactory, org.forgerock.openam.audit.AuditEventPublisher auditEventPublisher)
	SecretsReferenceProvider(SecretsProvider secretsProvider)

Uses of SecretsProvider in org.forgerock.secrets

Methods in org.forgerock.secrets that return SecretsProvider

Modifier and Type	Method	Description
final <T extends Secret> SecretsProvider	SecretsProvider.setActiveStore(SecretStore<? super T> store, Purpose<? extends T>... purposes)	Sets the active store to use for the given purpose.
SecretsProvider	SecretsProvider.setDefaultStores(SecretStore<?> activeStore, SecretStore<?>... defaultStores)	Sets the default store(s) to use if there is no specific store configured for a particular purpose.
<S extends Secret> SecretsProvider	SecretsProvider.useSpecificSecretForPurpose(Purpose<S> purpose, S secret)	Configures this SecretsProvider to always return the specific given secret for the given purpose.
<S extends Secret> SecretsProvider	SecretsProvider.useSpecificSecretsForPurpose(Purpose<S> purpose, List<S> secrets)	Configures this SecretsProvider to always return the specific given secrets for the given purpose.

Methods in org.forgerock.secrets with parameters of type SecretsProvider

Modifier and Type	Method	Description
static <T extends Secret> SecretReference<T>	SecretReference.active(SecretsProvider secretsProvider, Purpose<T> purpose, Clock clock)	Creates a reference to the active secret for the given purpose using the given secrets provider.
static <T extends Secret> SecretReference<T>	SecretReference.named(SecretsProvider secretsProvider, Purpose<T> purpose, String name, Clock clock)	Creates a reference to a named secret using the given secrets provider.
static <T extends Secret> ValidSecretsReference<T,NeverThrowsException>	ValidSecretsReference.valid(SecretsProvider secretsProvider, Purpose<T> purpose, Clock clock)	Creates a reference to the valid secrets for the given purpose using the given secrets provider.
static <T extends Secret> ValidSecretsReference<T,NeverThrowsException>	ValidSecretsReference.validOrNamed(SecretsProvider secretsProvider, Purpose<T> purpose, String name, Clock clock)	This creates a reference to either the named secret or all valid secrets for the purpose.

Constructors in org.forgerock.secrets with parameters of type SecretsProvider

Modifier	Constructor	Description
	SecretReference(SecretsProvider provider, Purpose<T> purpose)	Deprecated. Use createActiveReference(Purpose) or SecretReference.active(SecretsProvider, Purpose, Clock) instead.
	SecretReference(SecretsProvider provider, Purpose<T> purpose, Clock clock)	Deprecated. Use createActiveReference(Purpose) or SecretReference.active(SecretsProvider, Purpose, Clock) instead.
	SecretsLoadStoreParameter(SecretsProvider secretsProvider, Set<Purpose<? extends CryptoKey>> purposes, Clock clock)	Initialises the keystore with the given secrets API objects.
	SecretsLoadStoreParameter(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose, Clock clock)	Initialises the keystore with the given secrets API objects.

Uses of SecretsProvider in org.forgerock.secrets.propertyresolver

Constructors in org.forgerock.secrets.propertyresolver with parameters of type SecretsProvider

Modifier	Constructor	Description
	PemPropertyFormat(SecretsProvider secretsProvider, Purpose<GenericSecret> decryptionPasswordPurpose)	Initializes the property format with the given secrets provider and purpose for decrypting password-encrypted PEM files.
	PemPropertyFormat(SecretsProvider secretsProvider, Purpose<GenericSecret> decryptionPasswordPurpose, Supplier<SecretBuilder> secretBuilderSupplier)	Initializes the property format with the given secrets provider and purpose for decrypting password-encrypted PEM files.