Package org.forgerock.secrets.vault

Class VaultConfig

java.lang.Object
org.forgerock.secrets.vault.VaultConfig
public final class VaultConfig extends Object
Encapsulates the common configuration required for Hashicorp Vault secret backends.

  • Method Details

    • builder

      public static VaultConfig.Builder builder(Handler httpClient, URI baseUri)
      Returns a new VaultConfig.Builder to construct the configuration.
      Parameters:
      httpClient - the CHF HTTP client handler to use for connections to Vault. Must not be null.
      baseUri - the base URI of the Vault installation. Must not be null.
      Returns:
      a new configuration builder.

    • getClock

      public Clock getClock()
      Returns the clock to use for determining secret expiry times.
      Returns:
      the clock to use for secret expiry time.

    • getBaseUri

      public URI getBaseUri()
      Returns the base URI of the Vault installation.
      Returns:
      the URI of the Vault installation.

    • getNamespace

      public Optional<String> getNamespace()
      Returns the Vault namespace to use, or Optional.empty() if no namespace is configured.
      Returns:
      the namespace if one is configured.

    • getPath

      public Optional<String> getPath()
      Returns the path at which the vault secret engine to be used is mounted relative to the base URI.
      Returns:
      the path of the secret engine on the Vault server.

    • getHttpClient

      public Handler getHttpClient()
      Returns the CHF HTTP client handler to use for connections to Vault.
      Returns:
      the CHF HTTP client handler.

    • getPurposeMapping

      public Function<Purpose<?>,String> getPurposeMapping()
      Returns the mapping from purposes to Vault secret names.
      Returns:
      the purpose mapping.