Package org.forgerock.secrets.vault

Class VaultConfig.Builder

java.lang.Object

org.forgerock.secrets.vault.VaultConfig.Builder

Enclosing class:

VaultConfig

public static final class VaultConfig.Builder
extends Object

Builder object for Vault configuration settings. Setting a clock(Clock) explicitly is recommended.

Method Summary

Modifier and Type	Method	Description
VaultConfig	build()	Builds the Vault configuration based on the supplied settings.
VaultConfig.Builder	clock(Clock clock)	Specifies the clock to use for calculating expiry times.
VaultConfig.Builder	namespace(String namespace)	Specifies the (optional) namespace to use in calls to Vault.
VaultConfig.Builder	path(String path)	Specifies the path on the server of the secret engine to use.
VaultConfig.Builder	purposeMapping(Function<Purpose<?>,String> purposeMapping)	Configures the mapping from purposes to named entries in a Vault secret engine.
VaultConfig.Builder	purposeMapping(Map<Purpose<?>,String> purposeMapping)	Configures the mapping from purposes to named entries in a Vault secret engine.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

clock

public VaultConfig.Builder clock(Clock clock)

Specifies the clock to use for calculating expiry times.

Parameters:

clock - the clock to use.

Returns:

this builder.

namespace

public VaultConfig.Builder namespace(String namespace)

Specifies the (optional) namespace to use in calls to Vault. This will become the X-Vault-Namespace header on requests if specified.

Parameters:

namespace - the vault namespace to use.

Returns:

this builder.

path

public VaultConfig.Builder path(String path)

Specifies the path on the server of the secret engine to use. If not specified a default will be chosen based on the type of secret engine being used.

Parameters:

path - the path to the secret engine relative to the base URI.

Returns:

this builder.

purposeMapping

public VaultConfig.Builder purposeMapping(Function<Purpose<?>,String> purposeMapping)

Configures the mapping from purposes to named entries in a Vault secret engine. The default mapping uses the purpose label. If the function returns null for a given purpose then a NoSuchSecretException will be thrown when retrieving secrets for that purpose.

Parameters:

purposeMapping - the mapping from purposes to Vault secret names.

Returns:

this builder.

purposeMapping

public VaultConfig.Builder purposeMapping(Map<Purpose<?>,String> purposeMapping)

Configures the mapping from purposes to named entries in a Vault secret engine. If no explicit mapping is provided then a NoSuchSecretException will be thrown when attempting to access a secret for that purpose.

Parameters:

purposeMapping - the purpose mapping.

Returns:

this builder.

build

public VaultConfig build()

Builds the Vault configuration based on the supplied settings.

Returns:

the vault configuration.