Uses of Class
org.forgerock.secrets.SecretsProvider
Package
Description
This package provides APIs for OAuth 2.0 services implementations.
Classes and interfaces for JWT encryption and JWEs.
Classes and interfaces for JWT signing and JWS'.
JWT implementation(s) of
TokenHandler
.Collection of heaplets supporting OAuth2 client authentication Filters.
Provides the Common Secrets API for accessing secrets of various kinds.
This package contains classes used to perform JWT validation.
Miscellaneous utility classes.
Provides a unified API for accessing secrets of various kinds.
Provides a
SecretStore
implementation that loads secrets from a Common Configuration
PropertyResolver
and then decodes it with a
SecretPropertyFormat
.-
Uses of SecretsProvider in org.forgerock.http.oauth2
Modifier and TypeFieldDescriptionprotected SecretsProvider
PrivateKeyJwtClientAuthenticationFilter.Builder.secretsProvider
SecretsProvider
capable of providing the secret.Modifier and TypeMethodDescriptionPrivateKeyJwtClientAuthenticationFilter.Builder.withSecretsProvider
(SecretsProvider secretsProvider) Deprecated, for removal: This API element is subject to removal in a future version. -
Uses of SecretsProvider in org.forgerock.json.jose.jwe
Modifier and TypeMethodDescriptionPromise<? extends EncryptedJwt,
JweDecryptionCheckedException> EncryptedJwt.decrypt
(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose) Attempts to decrypt the JWT using any available keys for the givenPurpose
from the givenSecretsProvider
.SignedThenEncryptedJwt.decrypt
(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose) SignedThenEncryptedJwt.decryptAndVerify
(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose, Purpose<VerificationKey> verificationPurpose) Decrypts the outer JWT and then verifies the signature on the inner JWT using secrets from the suppliedSecretsProvider
.Promise<byte[],
JweDecryptionCheckedException> EncryptedJwt.decryptRawPayload
(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose) Attempts to decrypt the raw payload of the JWT using any keys from the givenSecretsProvider
that satisfy the suppliedPurpose
. -
Uses of SecretsProvider in org.forgerock.json.jose.jws
Modifier and TypeMethodDescriptionPromise<? extends EncryptedJwt,
JweDecryptionCheckedException> EncryptedThenSignedJwt.decrypt
(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose) Decrypts the inner encrypted JWE so that the payload can be accessed.ModifierConstructorDescriptionSigningManager
(SecretsProvider provider) Builds a new SigningManager that can buildSigningHandler
based on asynchronously retrieved Secrets from the givenprovider
. -
Uses of SecretsProvider in org.forgerock.json.jose.tokenhandler
Modifier and TypeMethodDescriptionSecretsJwtTokenHandler.Builder.secretsProvider
(SecretsProvider secretsProvider) Configures theSecretsProvider
from which to retrieve signing and encryption keys. -
Uses of SecretsProvider in org.forgerock.openig.filter.oauth2.client.authentication
Modifier and TypeFieldDescriptionprotected SecretsProvider
PrivateKeyJwtClientAuthenticationFilterHeaplet.secretsProvider
ConfiguredSecretsProvider
providing access to required keys. -
Uses of SecretsProvider in org.forgerock.openig.secrets
Modifier and TypeMethodDescriptionSecretsService.setDefaultStores
(SecretStore<?> activeStore, SecretStore<?>... defaultStores) Sets the default store(s) to use if there is no specific store configured for a particular purpose.<S extends Secret>
SecretsProviderSecretsService.useSpecificSecretForPurpose
(Purpose<S> purpose, S secret) Configures this SecretsProvider to always return the specific given secret for the given purpose.Modifier and TypeMethodDescriptionSecretsProviderHeaplet.secretsProvider
(Heap heap) Method supporting other client heaplets that wish to create aSecretsProvider
using alternative compact configuration formats.Modifier and TypeMethodDescriptionHsmSecretStoreHeaplet.keyStore
(SecretsProvider secretsProvider, Purpose<GenericSecret> storePasswordPurpose, Options options) KeyStoreSecretStoreHeaplet.keyStore
(SecretsProvider secretsProvider, Purpose<GenericSecret> storePasswordPurpose, Options options) -
Uses of SecretsProvider in org.forgerock.openig.tools.jwt.validation
Modifier and TypeMethodDescriptionstatic JwtConstraint
Constraints.canBeDecrypted
(SecretsProvider secretsProvider, Purpose<DataDecryptionKey> purpose) Provides aJwtConstraint
configured with the suppliedSecretsProvider
that contain a secret capable of decrypting and verifying a JWT's encryption.ModifierConstructorDescriptionJweDecryptionConstraint
(SecretsProvider secretsProvider, Purpose<DataDecryptionKey> purpose) Construct aJweDecryptionConstraint
. -
Uses of SecretsProvider in org.forgerock.openig.util
Modifier and TypeMethodDescriptionstatic <S extends Secret>
Function<JsonValue,SecretReference<S>, JsonValueException> JsonValues.secretReferenceOf
(Function<JsonValue, Purpose<S>, JsonValueException> purposeTransformer, SecretsProvider secretsProvider) Returns a function that returns aSecretReference
for thePurpose
represented by the givenString
value label and known to the suppliedSecretsProvider
. -
Uses of SecretsProvider in org.forgerock.secrets
Modifier and TypeMethodDescriptionfinal <T extends Secret>
SecretsProviderSecretsProvider.setActiveStore
(SecretStore<? super T> store, Purpose<? extends T>... purposes) Sets the active store to use for the given purpose.SecretsProvider.setDefaultStores
(SecretStore<?> activeStore, SecretStore<?>... defaultStores) Sets the default store(s) to use if there is no specific store configured for a particular purpose.<S extends Secret>
SecretsProviderSecretsProvider.useSpecificSecretForPurpose
(Purpose<S> purpose, S secret) Configures this SecretsProvider to always return the specific given secret for the given purpose.<S extends Secret>
SecretsProviderSecretsProvider.useSpecificSecretsForPurpose
(Purpose<S> purpose, List<S> secrets) Configures this SecretsProvider to always return the specific given secrets for the given purpose.Modifier and TypeMethodDescriptionstatic <T extends Secret>
SecretReference<T>SecretReference.active
(SecretsProvider secretsProvider, Purpose<T> purpose, Clock clock) Creates a reference to the active secret for the given purpose using the given secrets provider.static <T extends Secret>
SecretReference<T>SecretReference.named
(SecretsProvider secretsProvider, Purpose<T> purpose, String name, Clock clock) Creates a reference to a named secret using the given secrets provider.static <T extends Secret>
ValidSecretsReference<T,NeverThrowsException> ValidSecretsReference.valid
(SecretsProvider secretsProvider, Purpose<T> purpose, Clock clock) Creates a reference to the valid secrets for the given purpose using the given secrets provider.static <T extends Secret>
ValidSecretsReference<T,NeverThrowsException> ValidSecretsReference.validOrNamed
(SecretsProvider secretsProvider, Purpose<T> purpose, String name, Clock clock) This creates a reference to either the named secret or all valid secrets for the purpose.ModifierConstructorDescriptionSecretReference
(SecretsProvider provider, Purpose<T> purpose) Deprecated.SecretReference
(SecretsProvider provider, Purpose<T> purpose, Clock clock) Deprecated.SecretsLoadStoreParameter
(SecretsProvider secretsProvider, Set<Purpose<? extends CryptoKey>> purposes, Clock clock) Initialises the keystore with the given secrets API objects.SecretsLoadStoreParameter
(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose, Clock clock) Initialises the keystore with the given secrets API objects. -
Uses of SecretsProvider in org.forgerock.secrets.propertyresolver
ModifierConstructorDescriptionPemPropertyFormat
(SecretsProvider secretsProvider, Purpose<GenericSecret> decryptionPasswordPurpose) Initializes the property format with the given secrets provider and purpose for decrypting password-encrypted PEM files.PemPropertyFormat
(SecretsProvider secretsProvider, Purpose<GenericSecret> decryptionPasswordPurpose, Supplier<SecretBuilder> secretBuilderSupplier) Initializes the property format with the given secrets provider and purpose for decrypting password-encrypted PEM files.
SecretReference
API instead.