java.lang.Object
- org.forgerock.openig.heap.GenericHeaplet
- - org.forgerock.openig.secrets.SystemAndEnvSecretStoreHeaplet

All Implemented Interfaces:: Heaplet

public class SystemAndEnvSecretStoreHeaplet
extends GenericHeaplet

This heaplet represents an instance of a PropertyResolverSecretStore resolving properties in system then in environment variables.

 {
       "type": "SystemAndEnvSecretStore",
       "config": {
         "format":                    expression(enum)             [OPTIONAL - PLAIN or BASE64, default is base64.]
         "mappings":[                 array                        [OPTIONAL - secrets mappings.]
           {                          object
             "secretId":                expression                   [REQUIRED - The label of the secret to map.]
             "format":                  reference                    [REQUIRED - a reference to a
                                                                                 {@link SecretPropertyFormat} object.]
           }
         ]
         "leaseExpiry":               expression<duration>         [ OPTIONAL - defaults to 5 minutes.]
       }
    }

Example:

 {
       "type": "SystemAndEnvSecretStore",
       "config": {
         "format": "BASE64"
       }
    }

Note that the EnvironmentVariableResolver transforms the keys from dot notations according specific rules.

See Also:: EnvironmentVariableResolver

Field Summary
- Fields inherited from class org.forgerock.openig.heap.GenericHeaplet
  config, heap, name, object, qualified

Constructor Summary

Constructors
Constructor Description

SystemAndEnvSecretStoreHeaplet()

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`Object`	`create()`	Called to request the heaplet create an object.
`static SecretStore<Secret>`	`newBase64SysEnvSecretStore()`	Returns a new instance of a SecretStore that reads base64-encoded secrets (passwords or symmetric keys) from system properties and environment variables.

Methods inherited from class org.forgerock.openig.heap.GenericHeaplet
create, destroy, endpointRegistry, evaluatedWithHeapProperties, expression, getConfig, getHeap, getSecretService, getSecretsProvider, getType, initialBindings, meterRegistryHolder, start

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - SystemAndEnvSecretStoreHeaplet
```
public SystemAndEnvSecretStoreHeaplet()
```
- Method Detail
  - newBase64SysEnvSecretStore
```
public static SecretStore<Secret> newBase64SysEnvSecretStore()
```
    Returns a new instance of a SecretStore that reads base64-encoded secrets (passwords or symmetric keys) from system properties and environment variables.
    
    Returns:
    
    new system and environment base64-enabled SecretStore instance
  - create
```
public Object create()
              throws HeapException
```
    Description copied from class: GenericHeaplet
    
    Called to request the heaplet create an object. Called by Heaplet.create(Name, JsonValue, Heap) after initializing the protected field members. Implementations should parse configuration but not acquire resources, start threads, or log any initialization messages. These tasks should be performed by the GenericHeaplet.start() method.
    
    Specified by:
    
    create in class GenericHeaplet
    
    Returns:
    
    The created object.
    
    Throws:
    
    HeapException - if an exception occurred during creation of the heap object or any of its dependencies.

Class SystemAndEnvSecretStoreHeaplet

Field Summary

Fields inherited from class org.forgerock.openig.heap.GenericHeaplet

Constructor Summary

Method Summary

Methods inherited from class org.forgerock.openig.heap.GenericHeaplet

Methods inherited from class java.lang.Object

Constructor Detail

SystemAndEnvSecretStoreHeaplet

Method Detail

newBase64SysEnvSecretStore

create