Uses of Class
org.forgerock.secrets.Purpose

Packages that use Purpose

Package	Description
org.forgerock.http.oauth2	This package provides APIs for OAuth 2.0 services implementations.
org.forgerock.json.jose.jwe	Classes and interfaces for JWT encryption and JWEs.
org.forgerock.json.jose.jwk	Classes and interfaces for creating and manipulating JWKs.
org.forgerock.json.jose.jws	Classes and interfaces for JWT signing and JWS'.
org.forgerock.json.jose.tokenhandler	JWT implementation(s) of TokenHandler.
org.forgerock.openig.secrets	Provides the Common Secrets API for accessing secrets of various kinds.
org.forgerock.openig.tools.jwt.validation	This package contains classes used to perform JWT validation.
org.forgerock.openig.types	Contains everything commonly used to work with TypeDefinition.
org.forgerock.openig.util	Miscellaneous utility classes.
org.forgerock.secrets	Provides a unified API for accessing secrets of various kinds.
org.forgerock.secrets.jwkset	Secret store backend for retrieving keys from a local or remote JWK Set.
org.forgerock.secrets.keystore	Implementations of SecretStore for accessing keys stored in Java KeyStores, such as PKCS#11 Hardware Security Modules (HSMs) and PKCS#12 file-based encrypted key stores.
org.forgerock.secrets.oauth2	A Secrets API backend that can obtain OAuth 2 access tokens from a token endpoint, along with a collection of grant type handlers.
org.forgerock.secrets.propertyresolver	Provides a SecretStore implementation that loads secrets from a Common Configuration PropertyResolver and then decodes it with a SecretPropertyFormat.

Uses of Purpose in org.forgerock.http.oauth2

Methods in org.forgerock.http.oauth2 with parameters of type Purpose

Modifier and Type	Method	Description
EncryptedPrivateKeyJwtClientAuthenticationFilter.Builder	EncryptedPrivateKeyJwtClientAuthenticationFilter.Builder.withEncryptionPurpose(Purpose<DataEncryptionKey> encryptionPurpose)	Deprecated, for removal: This API element is subject to removal in a future version. Please use EncryptedPrivateKeyJwtClientAuthenticationFilter.Builder.withEncryptionSecretReference(SecretReference) instead.
T	PrivateKeyJwtClientAuthenticationFilter.Builder.withSigningPurpose(Purpose<SigningKey> signingPurpose)	Deprecated, for removal: This API element is subject to removal in a future version. Please use PrivateKeyJwtClientAuthenticationFilter.Builder.withSigningSecretReference(SecretReference) instead.

Uses of Purpose in org.forgerock.json.jose.jwe

Methods in org.forgerock.json.jose.jwe that return Purpose

Modifier and Type	Method	Description
Purpose<? extends CryptoKey>	JweAlgorithm.getDecryptionPurpose(String label)	Returns a Purpose that can be used to retrieve keys that are suitable for decryption with this JWE algorithm.
Purpose<? extends CryptoKey>	JweAlgorithmType.getDecryptionPurpose(String label)	Returns a Purpose that can be used to retrieve keys that are suitable for decryption with this type of JWE algorithm.
Purpose<? extends CryptoKey>	JweAlgorithm.getEncryptionPurpose(String label)	Returns a Purpose that can be used to retrieve keys that are suitable for encryption with this JWE algorithm.
Purpose<? extends CryptoKey>	JweAlgorithmType.getEncryptionPurpose(String label)	Returns a Purpose that can be used to retrieve keys that are suitable for encryption with this type of JWE algorithm.

Methods in org.forgerock.json.jose.jwe with parameters of type Purpose

Modifier and Type	Method	Description
Promise<? extends EncryptedJwt,JweDecryptionCheckedException>	EncryptedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)	Attempts to decrypt the JWT using any available keys for the given Purpose from the given SecretsProvider.
Promise<SignedThenEncryptedJwt,JweDecryptionCheckedException>	SignedThenEncryptedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)
Promise<SignedThenEncryptedJwt,JweDecryptionCheckedException>	SignedThenEncryptedJwt.decryptAndVerify(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose, Purpose<VerificationKey> verificationPurpose)	Decrypts the outer JWT and then verifies the signature on the inner JWT using secrets from the supplied SecretsProvider.
Promise<byte[],JweDecryptionCheckedException>	EncryptedJwt.decryptRawPayload(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)	Attempts to decrypt the raw payload of the JWT using any keys from the given SecretsProvider that satisfy the supplied Purpose.

Uses of Purpose in org.forgerock.json.jose.jwk

Methods in org.forgerock.json.jose.jwk with parameters of type Purpose

Modifier and Type	Method	Description
<T extends CryptoKey> T	JWK.toCryptoKey(Purpose<T> purpose, Instant expiry)	Converts this JWK into a CryptoKey subclass object for use with the Secrets API.

Uses of Purpose in org.forgerock.json.jose.jws

Methods in org.forgerock.json.jose.jws with parameters of type Purpose

Modifier and Type	Method	Description
Promise<? extends EncryptedJwt,JweDecryptionCheckedException>	EncryptedThenSignedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose)	Decrypts the inner encrypted JWE so that the payload can be accessed.
SigningHandler	SigningManager.newSigningHandler(JWK jwk, Purpose<SigningKey> purpose)	Returns a signing handler from the given JSON Web Key (JWK) which will be used to sign a JWT.
SigningHandler	SigningManager.newSigningHandler(JWK jwk, Purpose<SigningKey> purpose, Instant expiry)	Returns a signing handler from the given JSON Web Key (JWK) which will be used to sign a JWT.
Promise<SigningHandler,NoSuchSecretException>	SigningManager.newSigningHandler(Purpose<SigningKey> purpose)	Constructs a new SigningHandler configured for signing with the provided secret purpose.
SigningHandler	SigningManager.newVerificationHandler(JWK jwk, Purpose<VerificationKey> purpose)	Returns a signing handler from the given JSON Web Key (JWK) which will be used to verify a JWT.
SigningHandler	SigningManager.newVerificationHandler(JWK jwk, Purpose<VerificationKey> purpose, Instant expiry)	Returns a signing handler from the given JSON Web Key (JWK) which will be used to verify a JWT.
Promise<SigningHandler,NeverThrowsException>	SigningManager.newVerificationHandler(Purpose<VerificationKey> purpose, String keyId)	Constructs a new SigningHandler configured for verifying with the provided secret purpose.

Uses of Purpose in org.forgerock.json.jose.tokenhandler

Methods in org.forgerock.json.jose.tokenhandler with parameters of type Purpose

Modifier and Type	Method	Description
SecretsJwtTokenHandler.Builder	SecretsJwtTokenHandler.Builder.decryptionPurpose(Purpose<? extends CryptoKey> decryptionKeyPurpose)	Specifies the Purpose used to retrieve decryption keys from the secrets provider.
SecretsJwtTokenHandler.Builder	SecretsJwtTokenHandler.Builder.encryptionPurpose(Purpose<? extends CryptoKey> encryptionKeyPurpose)	Specifies the Purpose used to retrieve encryption keys from the secrets provider.
SecretsJwtTokenHandler.Builder	SecretsJwtTokenHandler.Builder.signingPurpose(Purpose<SigningKey> signingKeyPurpose)	Specifies the Purpose used to retrieve signing keys from the secrets provider.
SecretsJwtTokenHandler.Builder	SecretsJwtTokenHandler.Builder.verificationPurpose(Purpose<VerificationKey> verificationKeyPurpose)	Specifies the Purpose used to retrieve verification keys from the secrets provider.

Constructors in org.forgerock.json.jose.tokenhandler with parameters of type Purpose

Constructor	Description
SecretsJwtTokenHandler(JweAlgorithm jweAlgorithm, EncryptionMethod jweMethod, JwsAlgorithm jwsAlgorithm, Optional<Long> tokenLifeTimeInSeconds, KeyPair jweKeyPair, SigningManager manager, Purpose<SigningKey> signingKeyPurpose, Purpose<VerificationKey> verificationKeyPurpose, Clock clock)	Deprecated. Use SecretsJwtTokenHandler.builder() instead.

Uses of Purpose in org.forgerock.openig.secrets

Methods in org.forgerock.openig.secrets with parameters of type Purpose

Modifier and Type	Method	Description
<T extends CryptoKey> KeyStore	DefaultSecretsService.asKeyStore(Purpose<T> purpose)	Deprecated.
<T extends CryptoKey> KeyStore	SecretsService.asKeyStore(Purpose<T> purpose)	Returns a view of this secrets provider as a keystore for the given purpose.
<S extends Secret> SecretReference<S>	DefaultSecretsService.createActiveReference(Purpose<S> purpose)	Deprecated.
<S extends Secret> SecretReference<S>	SecretsService.createActiveReference(Purpose<S> purpose)	Create a SecretReference for the given Purpose.
<S extends Secret> SecretReference<S>	DefaultSecretsService.createNamedReference(Purpose<S> purpose, String name)	Deprecated.
<S extends Secret> SecretReference<S>	SecretsService.createNamedReference(Purpose<S> purpose, String name)	Creates a reference to a secret with the given name (stable id) for the given purpose.
<S extends GenericSecret> Promise<S,NoSuchSecretException>	Base64EncodedSecretStore.getActive(Purpose<S> purpose)
<S extends Secret> Promise<S,NoSuchSecretException>	DefaultSecretsService.getActiveSecret(Purpose<S> purpose)	Deprecated.
<S extends Secret> Promise<S,NoSuchSecretException>	SecretsService.getActiveSecret(Purpose<S> purpose)	Gets the currently active secret for the given purpose.
X509ExtendedKeyManager	DefaultSecretsService.getKeyManager(Purpose<? extends CryptoKey> purpose)	Deprecated.
X509ExtendedKeyManager	DefaultSecretsService.getKeyManager(Purpose<? extends CryptoKey> purpose, Options options)	Deprecated.
X509ExtendedKeyManager	SecretsService.getKeyManager(Purpose<? extends CryptoKey> purpose)	Returns a KeyManager that can be used to initialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.
X509ExtendedKeyManager	SecretsService.getKeyManager(Purpose<? extends CryptoKey> purpose, Options options)	Returns a KeyManager that can be used to initialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.
<S extends GenericSecret> Promise<S,NoSuchSecretException>	Base64EncodedSecretStore.getNamed(Purpose<S> purpose, String name)
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	DefaultSecretsService.getNamedOrValidSecrets(Purpose<S> purpose, String id)	Deprecated.
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	SecretsService.getNamedOrValidSecrets(Purpose<S> purpose, String id)	If the given id is not null, then this returns the single named secret that corresponds to that stable id (or a stream of valid secrets for the given purpose if no such secret exists), otherwise it returns all valid secrets for the given purpose.
<S extends Secret> Promise<S,NoSuchSecretException>	DefaultSecretsService.getNamedSecret(Purpose<S> purpose, String id)	Deprecated.
<S extends Secret> Promise<S,NoSuchSecretException>	SecretsService.getNamedSecret(Purpose<S> purpose, String id)	Gets the secret for the given purpose with the given stable secret id.
SecretsTrustManager	DefaultSecretsService.getTrustManager(Purpose<? extends CryptoKey> purpose)	Deprecated.
SecretsTrustManager	DefaultSecretsService.getTrustManager(Purpose<? extends CryptoKey> purpose, Options options)	Deprecated.
SecretsTrustManager	SecretsService.getTrustManager(Purpose<? extends CryptoKey> purpose)	Constructs an X509ExtendedTrustManager that will retrieve certificates from this secrets provider for the provided purpose.
SecretsTrustManager	SecretsService.getTrustManager(Purpose<? extends CryptoKey> purpose, Options options)	Constructs an X509ExtendedTrustManager that will retrieve certificates from this secrets provider for the provided purpose.
<S extends GenericSecret> Promise<Stream<S>,NeverThrowsException>	Base64EncodedSecretStore.getValid(Purpose<S> purpose)
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	DefaultSecretsService.getValidSecrets(Purpose<S> purpose)	Deprecated.
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	SecretsService.getValidSecrets(Purpose<S> purpose)	Returns all secrets for the given purpose which have not yet expired.
KeyStoreSecretStore	HsmSecretStoreHeaplet.keyStore(SecretsProvider secretsProvider, Purpose<GenericSecret> storePasswordPurpose, Options options)
KeyStoreSecretStore	KeyStoreSecretStoreHeaplet.keyStore(SecretsProvider secretsProvider, Purpose<GenericSecret> storePasswordPurpose, Options options)
<S extends Secret> SecretsProvider	DefaultSecretsService.useSpecificSecretForPurpose(Purpose<S> purpose, S secret)	Deprecated.
<S extends Secret> SecretsProvider	SecretsService.useSpecificSecretForPurpose(Purpose<S> purpose, S secret)	Configures this SecretsProvider to always return the specific given secret for the given purpose.

Uses of Purpose in org.forgerock.openig.tools.jwt.validation

Methods in org.forgerock.openig.tools.jwt.validation with parameters of type Purpose

Modifier and Type	Method	Description
static JwtConstraint	Constraints.canBeDecrypted(SecretsProvider secretsProvider, Purpose<DataDecryptionKey> purpose)	Provides a JwtConstraint configured with the supplied SecretsProvider that contain a secret capable of decrypting and verifying a JWT's encryption.

Constructors in org.forgerock.openig.tools.jwt.validation with parameters of type Purpose

Constructor	Description
JweDecryptionConstraint(SecretsProvider secretsProvider, Purpose<DataDecryptionKey> purpose)	Construct a JweDecryptionConstraint.
JwsSignatureVerifier(SigningManager signingManager, Purpose<VerificationKey> verificationPurpose)	Constructor taking a SigningManager and verification Purpose.

Uses of Purpose in org.forgerock.openig.types

Methods in org.forgerock.openig.types that return types with arguments of type Purpose

Modifier and Type	Method	Description
static <T extends Secret> org.forgerock.openig.model.type.StringTypeDefinition<Purpose<T>>	TypeDefinitions.purposeOf(Class<T> type)	Represents a runtime Purpose of secret's type T, which is a String with a specific Syntax.

Uses of Purpose in org.forgerock.openig.util

Methods in org.forgerock.openig.util that return types with arguments of type Purpose

Modifier and Type	Method	Description
static <S extends Secret> Function<JsonValue,Purpose<S>,JsonValueException>	JsonValues.purposeOf(Class<S> type)	Returns a function returning a Purpose from the given String value representing the purpose label.

Method parameters in org.forgerock.openig.util with type arguments of type Purpose

Modifier and Type	Method	Description
static <S extends Secret> Function<JsonValue,SecretReference<S>,JsonValueException>	JsonValues.secretReferenceOf(Function<JsonValue,Purpose<S>,JsonValueException> purposeTransformer, SecretsProvider secretsProvider)	Returns a function that returns a SecretReference for the Purpose represented by the given String value label and known to the supplied SecretsProvider.

Uses of Purpose in org.forgerock.secrets

Fields in org.forgerock.secrets declared as Purpose

Modifier and Type	Field	Description
static Purpose<DataDecryptionKey>	Purpose.DATA_DECRYPTION	Indicates a key intended for decrypting data.
static Purpose<DataEncryptionKey>	Purpose.DATA_ENCRYPTION	Indicates a key intended for encrypting data.
static Purpose<KeyAgreementKey>	Purpose.KEY_AGREEMENT	Indicates a key intended for an interactive key agreement protocol, such as Diffie-Hellman (DH) or the elliptic curve equivalent (ECDH).
static Purpose<KeyDecryptionKey>	Purpose.KEY_DECRYPTION	Indicates a key intended for decrypting ("unwrapping") other keys.
static Purpose<KeyEncryptionKey>	Purpose.KEY_ENCRYPTION	Indicates a key intended for encrypting ("wrapping") other keys.
static Purpose<GenericSecret>	Purpose.PASSWORD	Indicates a secret intended to be used as a password for authentication to some service.
static Purpose<SigningKey>	Purpose.SIGN	Indicates a key intended for creating digital signatures or message authentication codes (MACs).
static Purpose<VerificationKey>	Purpose.VERIFY	Indicates a key intended for verifying digital signatures or message authentication codes.
static Purpose<CertificateVerificationKey>	Purpose.VERIFY_CERTIFICATE	Indicates a key intended for verifying certificate signatures.

Methods in org.forgerock.secrets that return Purpose

Modifier and Type	Method	Description
Purpose<?>	NoSuchSecretException.getPurpose()	Returns the purpose for which no secret was found, or null if not specified.
static <T extends Secret> Purpose<T>	Purpose.purpose(String label, Class<T> type)	Constructs a purpose object.
static <T extends Secret> Purpose<T>	Purpose.purpose(String label, Class<T> type, SecretConstraint<? super T>... constraints)	Constructs a purpose object.
Purpose<T>	Purpose.withConstraints(SecretConstraint<? super T>... constraints)	Constructs a new purpose that is identical to this purpose but which imposes additional constraints on the secrets that can satisfy it.

Methods in org.forgerock.secrets with parameters of type Purpose

Modifier and Type	Method	Description
static <T extends Secret> SecretReference<T>	SecretReference.active(SecretsProvider secretsProvider, Purpose<T> purpose, Clock clock)	Creates a reference to the active secret for the given purpose using the given secrets provider.
<T extends CryptoKey> KeyStore	SecretsProvider.asKeyStore(Purpose<T> purpose)	Returns a view of this secrets provider as a keystore for the given purpose.
<T extends Secret> T	SecretBuilder.build(Purpose<T> purpose)	Builds a secret of the given type, enforcing any constraints attached to the purpose.
<S extends Secret> SecretReference<S>	SecretsProvider.createActiveReference(Purpose<S> purpose)	Creates the secret reference from the given purpose.
<S extends Secret> SecretReference<S>	SecretsProvider.createNamedReference(Purpose<S> purpose, String name)	Creates a reference to a secret with the given name (stable id) for the given purpose.
default <S extends T> Promise<S,NoSuchSecretException>	SecretStore.getActive(Purpose<S> purpose)	Returns the active secret for the given purpose.
<S extends T> Promise<S,NoSuchSecretException>	ThreadPoolSecretStore.getActive(Purpose<S> purpose)
<S extends Secret> Promise<S,NoSuchSecretException>	SecretsProvider.getActiveSecret(Purpose<S> purpose)	Gets the currently active secret for the given purpose.
X509ExtendedKeyManager	SecretsProvider.getKeyManager(Purpose<? extends CryptoKey> purpose)	Returns a KeyManager that can be used to initialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.
X509ExtendedKeyManager	SecretsProvider.getKeyManager(Purpose<? extends CryptoKey> purpose, Options options)	Returns a KeyManager that can be used to initialize an SSLContext, allowing certificates and private keys to be retrieved from this secrets provider.
default <S extends T> Promise<S,NoSuchSecretException>	SecretStore.getNamed(Purpose<S> purpose, String name)	Returns the named secret from this store.
<S extends T> Promise<S,NoSuchSecretException>	ThreadPoolSecretStore.getNamed(Purpose<S> purpose, String name)
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	SecretsProvider.getNamedOrValidSecrets(Purpose<S> purpose, String id)	If the given id is not null, then this returns the single named secret that corresponds to that stable id (or a stream of valid secrets for the given purpose if no such secret exists), otherwise it returns all valid secrets for the given purpose.
<S extends Secret> Promise<S,NoSuchSecretException>	SecretsProvider.getNamedSecret(Purpose<S> purpose, String id)	Gets the secret for the given purpose with the given stable secret id.
SecretsTrustManager	SecretsProvider.getTrustManager(Purpose<? extends CryptoKey> purpose)	Constructs an X509ExtendedTrustManager that will retrieve certificates from this secrets provider for the provided purpose.
SecretsTrustManager	SecretsProvider.getTrustManager(Purpose<? extends CryptoKey> purpose, Options options)	Constructs an X509ExtendedTrustManager that will retrieve certificates from this secrets provider for the provided purpose.
<S extends T> Promise<Stream<S>,NeverThrowsException>	SecretStore.getValid(Purpose<S> purpose)	Returns all valid secrets for the given purpose from this store.
<S extends T> Promise<Stream<S>,NeverThrowsException>	ThreadPoolSecretStore.getValid(Purpose<S> purpose)
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	SecretsProvider.getValidSecrets(Purpose<S> purpose)	Returns all secrets for the given purpose which have not yet expired.
static <T extends Secret> SecretReference<T>	SecretReference.named(SecretsProvider secretsProvider, Purpose<T> purpose, String name, Clock clock)	Creates a reference to a named secret using the given secrets provider.
default void	SecretStore.retire(Purpose<? extends T> purpose, String secretIdToRetire)	Retires the given secret for the given purpose.
void	ThreadPoolSecretStore.retire(Purpose<? extends T> purpose, String secretIdToRetire)
default void	SecretStore.rotate(Purpose<? extends T> purpose, String newActiveSecretId)	Rotates the active secret for the given purpose.
void	ThreadPoolSecretStore.rotate(Purpose<? extends T> purpose, String newActiveSecretId)
protected <T extends Secret> void	SecretsProvider.setActiveStore(SecretStore<? super T> store, Purpose<? extends T> purpose)	Sets the active store to use for the given purpose.
<T extends Secret> SecretsProvider	SecretsProvider.setActiveStore(SecretStore<? super T> store, Purpose<? extends T>... purposes)	Sets the active store to use for the given purpose.
<S extends Secret> SecretsProvider	SecretsProvider.useSpecificSecretForPurpose(Purpose<S> purpose, S secret)	Configures this SecretsProvider to always return the specific given secret for the given purpose.

Method parameters in org.forgerock.secrets with type arguments of type Purpose

Modifier and Type	Method	Description
KeyStore	SecretsProvider.asKeyStore(Set<Purpose<? extends CryptoKey>> purposes)	Returns a view of this secrets provider as a keystore for the given purposes.
SecretsTrustManager	SecretsProvider.getTrustManager(Set<Purpose<? extends CryptoKey>> purposes, Options options)	Constructs an X509ExtendedTrustManager that will retrieve certificates from this secrets provider for the provided purposes.

Constructors in org.forgerock.secrets with parameters of type Purpose

Constructor	Description
NoSuchSecretException(Purpose<?> purpose)	Constructs the exception for the given purpose.
NoSuchSecretException(Purpose<?> purpose, String id)	Constructs the exception for the given purpose and secret stable id.
SecretReference(SecretsProvider provider, Purpose<T> purpose)	Deprecated. Use SecretsProvider.createActiveReference(Purpose) or SecretReference.active(SecretsProvider, Purpose, Clock) instead.
SecretReference(SecretsProvider provider, Purpose<T> purpose, Clock clock)	Deprecated. Use SecretsProvider.createActiveReference(Purpose) or SecretReference.active(SecretsProvider, Purpose, Clock) instead.
SecretsLoadStoreParameter(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose, Clock clock)	Initialises the keystore with the given secrets API objects.

Constructor parameters in org.forgerock.secrets with type arguments of type Purpose

Constructor	Description
SecretsLoadStoreParameter(SecretsProvider secretsProvider, Set<Purpose<? extends CryptoKey>> purposes, Clock clock)	Initialises the keystore with the given secrets API objects.

Uses of Purpose in org.forgerock.secrets.jwkset

Methods in org.forgerock.secrets.jwkset with parameters of type Purpose

Modifier and Type	Method	Description
<S extends CryptoKey> Promise<S,NoSuchSecretException>	JwkSetSecretStore.getNamed(Purpose<S> purpose, String name)
<S extends CryptoKey> Promise<Stream<S>,NeverThrowsException>	JwkSetSecretStore.getValid(Purpose<S> purpose)

Uses of Purpose in org.forgerock.secrets.keystore

Methods in org.forgerock.secrets.keystore with parameters of type Purpose

Modifier and Type	Method	Description
<S extends Secret> Promise<S,NoSuchSecretException>	KeyStoreSecretStore.getActive(Purpose<S> purpose)
<S extends Secret> Promise<S,NoSuchSecretException>	KeyStoreSecretStore.getNamed(Purpose<S> purpose, String id)
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	KeyStoreSecretStore.getValid(Purpose<S> purpose)
void	KeyStoreSecretStore.retire(Purpose<? extends Secret> purpose, String oldAlias)	Retires a key previously used for a given purpose.
void	KeyStoreSecretStore.rotate(Purpose<? extends Secret> purpose, String newAlias)	Rotates the key associated with a given purpose.

Uses of Purpose in org.forgerock.secrets.oauth2

Methods in org.forgerock.secrets.oauth2 with parameters of type Purpose

Modifier and Type	Method	Description
AccessTokenSecretStore.Builder	AccessTokenSecretStore.Builder.forPurpose(Purpose<GenericSecret> purpose)	Configures the purpose for which this access token store is to be used.
<S extends GenericSecret> Promise<S,NoSuchSecretException>	AccessTokenSecretStore.getActive(Purpose<S> purpose)
<S extends GenericSecret> Promise<S,NoSuchSecretException>	AccessTokenSecretStore.getNamed(Purpose<S> purpose, String name)
<S extends GenericSecret> Promise<Stream<S>,NeverThrowsException>	AccessTokenSecretStore.getValid(Purpose<S> purpose)

Uses of Purpose in org.forgerock.secrets.propertyresolver

Methods in org.forgerock.secrets.propertyresolver with parameters of type Purpose

Modifier and Type	Method	Description
<S extends Secret> Promise<S,NoSuchSecretException>	PropertyResolverSecretStore.getActive(Purpose<S> purpose)
<S extends Secret> Promise<S,NoSuchSecretException>	PropertyResolverSecretStore.getNamed(Purpose<S> purpose, String name)
<S extends Secret> Promise<Stream<S>,NeverThrowsException>	PropertyResolverSecretStore.getValid(Purpose<S> purpose)	Returns a stream of the active secret for the given purpose.

Constructors in org.forgerock.secrets.propertyresolver with parameters of type Purpose

Constructor	Description
PemPropertyFormat(SecretsProvider secretsProvider, Purpose<GenericSecret> decryptionPasswordPurpose)	Initializes the property format with the given secrets provider and purpose for decrypting password-encrypted PEM files.
PemPropertyFormat(SecretsProvider secretsProvider, Purpose<GenericSecret> decryptionPasswordPurpose, Supplier<SecretBuilder> secretBuilderSupplier)	Initializes the property format with the given secrets provider and purpose for decrypting password-encrypted PEM files.