Uses of Class
org.forgerock.secrets.SecretsProvider

Packages that use SecretsProvider

Package	Description
org.forgerock.http.oauth2	This package provides APIs for OAuth 2.0 services implementations.
org.forgerock.json.jose.jwe	Classes and interfaces for JWT encryption and JWEs.
org.forgerock.json.jose.jws	Classes and interfaces for JWT signing and JWS'.
org.forgerock.json.jose.tokenhandler	JWT implementation(s) of TokenHandler.
org.forgerock.openig.filter.oauth2.client.authentication	Collection of heaplets supporting OAuth2 client authentication Filters.
org.forgerock.openig.secrets	Provides the Common Secrets API for accessing secrets of various kinds.
org.forgerock.openig.tools.jwt.validation	This package contains classes used to perform JWT validation.
org.forgerock.openig.tools.secrets	Contains every Commons secrets related classes used in IG but not backported into Commons.
org.forgerock.openig.util	Miscellaneous utility classes.
org.forgerock.secrets	Provides a unified API for accessing secrets of various kinds.
org.forgerock.secrets.propertyresolver	Provides a SecretStore implementation that loads secrets from a Common Configuration PropertyResolver and then decodes it with a SecretPropertyFormat.

Uses of SecretsProvider in org.forgerock.http.oauth2

Fields in org.forgerock.http.oauth2 declared as SecretsProvider

Modifier and Type	Field	Description
protected SecretsProvider	PrivateKeyJwtClientAuthenticationFilter.Builder.secretsProvider	SecretsProvider capable of providing the secret.

Methods in org.forgerock.http.oauth2 with parameters of type SecretsProvider

Modifier and Type	Method	Description
T	PrivateKeyJwtClientAuthenticationFilter.Builder.withSecretsProvider(SecretsProvider secretsProvider)	Deprecated, for removal: This API element is subject to removal in a future version. Please use SecretReference API instead.

Uses of SecretsProvider in org.forgerock.json.jose.jwe

Methods in org.forgerock.json.jose.jwe with parameters of type SecretsProvider

Modifier and Type	Method	Description
Promise<? extends EncryptedJwt,JweDecryptionCheckedException>	EncryptedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)	Attempts to decrypt the JWT using any available keys for the given Purpose from the given SecretsProvider.
Promise<SignedThenEncryptedJwt,JweDecryptionCheckedException>	SignedThenEncryptedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)
Promise<SignedThenEncryptedJwt,JweDecryptionCheckedException>	SignedThenEncryptedJwt.decryptAndVerify(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose, Purpose<VerificationKey> verificationPurpose)	Decrypts the outer JWT and then verifies the signature on the inner JWT using secrets from the supplied SecretsProvider.
Promise<byte[],JweDecryptionCheckedException>	EncryptedJwt.decryptRawPayload(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose)	Attempts to decrypt the raw payload of the JWT using any keys from the given SecretsProvider that satisfy the supplied Purpose.

Uses of SecretsProvider in org.forgerock.json.jose.jws

Methods in org.forgerock.json.jose.jws with parameters of type SecretsProvider

Modifier and Type	Method	Description
Promise<? extends EncryptedJwt,JweDecryptionCheckedException>	EncryptedThenSignedJwt.decrypt(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> decryptionPurpose)	Decrypts the inner encrypted JWE so that the payload can be accessed.

Constructors in org.forgerock.json.jose.jws with parameters of type SecretsProvider

Modifier	Constructor	Description
	SigningManager(SecretsProvider provider)	Builds a new SigningManager that can build SigningHandler based on asynchronously retrieved Secrets from the given provider.

Uses of SecretsProvider in org.forgerock.json.jose.tokenhandler

Methods in org.forgerock.json.jose.tokenhandler with parameters of type SecretsProvider

Modifier and Type	Method	Description
SecretsJwtTokenHandler.Builder	SecretsJwtTokenHandler.Builder.secretsProvider(SecretsProvider secretsProvider)	Configures the SecretsProvider from which to retrieve signing and encryption keys.

Uses of SecretsProvider in org.forgerock.openig.filter.oauth2.client.authentication

Fields in org.forgerock.openig.filter.oauth2.client.authentication declared as SecretsProvider

Modifier and Type	Field	Description
protected SecretsProvider	PrivateKeyJwtClientAuthenticationFilterHeaplet.secretsProvider	Configured SecretsProvider providing access to required keys.

Uses of SecretsProvider in org.forgerock.openig.secrets

Methods in org.forgerock.openig.secrets that return types with arguments of type SecretsProvider

Modifier and Type	Method	Description
static Promise<SecretsProvider,FailedToLoadJWKException>	JwkSetSecretStoreHeaplet.jwkSetSecretProvider(URI jwkUri, Handler handler, Clock clock)	Create a Secrets provider backed by a JwkSetSecretStore with default values.
static Function<JsonValue,SecretsProvider,HeapException>	SecretsProviderHeaplet.secretsProvider(Heap heap)	Method supporting other client heaplets that wish to create a SecretsProvider using alternative compact configuration formats.

Methods in org.forgerock.openig.secrets with parameters of type SecretsProvider

Modifier and Type	Method	Description
KeyStoreSecretStore	HsmSecretStoreHeaplet.keyStore(SecretsProvider secretsProvider, Purpose<GenericSecret> storePasswordPurpose, Options options)
KeyStoreSecretStore	KeyStoreSecretStoreHeaplet.keyStore(SecretsProvider secretsProvider, Purpose<GenericSecret> storePasswordPurpose, Options options)

Uses of SecretsProvider in org.forgerock.openig.tools.jwt.validation

Methods in org.forgerock.openig.tools.jwt.validation with parameters of type SecretsProvider

Modifier and Type	Method	Description
static JwtConstraint	Constraints.canBeDecrypted(SecretsProvider secretsProvider, Purpose<DataDecryptionKey> purpose)	Provides a JwtConstraint configured with the supplied SecretsProvider that contain a secret capable of decrypting and verifying a JWT's encryption.
static JwtConstraint	Constraints.hasValidSignature(SecretsProvider secretsProvider, Purpose<VerificationKey> purpose)	Validates the signature of this SignedJwt.

Constructors in org.forgerock.openig.tools.jwt.validation with parameters of type SecretsProvider

Modifier	Constructor	Description
	JweDecryptionConstraint(SecretsProvider secretsProvider, Purpose<DataDecryptionKey> purpose)	Construct a JweDecryptionConstraint.

Uses of SecretsProvider in org.forgerock.openig.tools.secrets

Methods in org.forgerock.openig.tools.secrets with parameters of type SecretsProvider

Modifier and Type	Method	Description
static GenericWrapperSecretStore	GenericWrapperSecretStore.secretKey(SecretsProvider secretsProvider, String algorithm, Clock clock)	Creates a GenericWrapperSecretStore that maps generic secrets to a Secret Key based crypto key.

Uses of SecretsProvider in org.forgerock.openig.util

Methods in org.forgerock.openig.util with parameters of type SecretsProvider

Modifier and Type	Method	Description
static Function<JsonValue,JwtFactory,HeapException>	JwtFactoryConfigUtils.jwtFactory(Heap heap, SecretsProvider secretsProvider)	Function supporting transformation of JSON configuration to a JwtFactory instance registered in the heap.
static <S extends Secret> Function<JsonValue,SecretReference<S>,JsonValueException>	JsonValues.secretReferenceOf(Function<JsonValue,Purpose<S>,JsonValueException> purposeTransformer, SecretsProvider secretsProvider)	Returns a function that returns a SecretReference for the Purpose represented by the given String value label and known to the supplied SecretsProvider.
static Function<JsonValue,JwtFactory,HeapException>	JwtFactoryConfigUtils.signedJwtFactory(Heap heap, SecretsProvider secretsProvider)	Function supporting transformation of JSON configuration to a JwtFactory instance registered in the heap.

Uses of SecretsProvider in org.forgerock.secrets

Methods in org.forgerock.secrets that return SecretsProvider

Modifier and Type	Method	Description
final <T extends Secret> SecretsProvider	SecretsProvider.setActiveStore(SecretStore<? super T> store, Purpose<? extends T>... purposes)	Sets the active store to use for the given purpose.
SecretsProvider	SecretsProvider.setDefaultStores(SecretStore<?> activeStore, SecretStore<?>... defaultStores)	Sets the default store(s) to use if there is no specific store configured for a particular purpose.
<S extends Secret> SecretsProvider	SecretsProvider.useSpecificSecretForPurpose(Purpose<S> purpose, S secret)	Configures this SecretsProvider to always return the specific given secret for the given purpose.
<S extends Secret> SecretsProvider	SecretsProvider.useSpecificSecretsForPurpose(Purpose<S> purpose, List<S> secrets)	Configures this SecretsProvider to always return the specific given secrets for the given purpose.

Methods in org.forgerock.secrets with parameters of type SecretsProvider

Modifier and Type	Method	Description
static <T extends Secret> SecretReference<T>	SecretReference.active(SecretsProvider secretsProvider, Purpose<T> purpose, Clock clock)	Creates a reference to the active secret for the given purpose using the given secrets provider.
static <T extends Secret> SecretReference<T>	SecretReference.named(SecretsProvider secretsProvider, Purpose<T> purpose, String name, Clock clock)	Creates a reference to a named secret using the given secrets provider.
static <T extends Secret> ValidSecretsReference<T,NeverThrowsException>	ValidSecretsReference.valid(SecretsProvider secretsProvider, Purpose<T> purpose, Clock clock)	Creates a reference to the valid secrets for the given purpose using the given secrets provider.
static <T extends Secret> ValidSecretsReference<T,NeverThrowsException>	ValidSecretsReference.validOrNamed(SecretsProvider secretsProvider, Purpose<T> purpose, String name, Clock clock)	This creates a reference to either the named secret or all valid secrets for the purpose.

Constructors in org.forgerock.secrets with parameters of type SecretsProvider

Modifier	Constructor	Description
	SecretReference(SecretsProvider provider, Purpose<T> purpose)	Deprecated. Use createActiveReference(Purpose) or SecretReference.active(SecretsProvider, Purpose, Clock) instead.
	SecretReference(SecretsProvider provider, Purpose<T> purpose, Clock clock)	Deprecated. Use createActiveReference(Purpose) or SecretReference.active(SecretsProvider, Purpose, Clock) instead.
	SecretsLoadStoreParameter(SecretsProvider secretsProvider, Set<Purpose<? extends CryptoKey>> purposes, Clock clock)	Initialises the keystore with the given secrets API objects.
	SecretsLoadStoreParameter(SecretsProvider secretsProvider, Purpose<? extends CryptoKey> purpose, Clock clock)	Initialises the keystore with the given secrets API objects.

Uses of SecretsProvider in org.forgerock.secrets.propertyresolver

Constructors in org.forgerock.secrets.propertyresolver with parameters of type SecretsProvider

Modifier	Constructor	Description
	PemPropertyFormat(SecretsProvider secretsProvider, Purpose<GenericSecret> decryptionPasswordPurpose)	Initializes the property format with the given secrets provider and purpose for decrypting password-encrypted PEM files.
	PemPropertyFormat(SecretsProvider secretsProvider, Purpose<GenericSecret> decryptionPasswordPurpose, Supplier<SecretBuilder> secretBuilderSupplier)	Initializes the property format with the given secrets provider and purpose for decrypting password-encrypted PEM files.