Package org.keycloak.vault
package org.keycloak.vault
-
ClassDescriptionAbstract class that is meant to be extended by implementations of
VaultProvider
that want to have support for key resolvers.Abstract class that is meant to be extended by implementations ofVaultProviderFactory
that want to offer support for the configuration of key resolvers.Enum containing the availableVaultKeyResolver
s.DefaultVaultCharSecret
implementation based onCharBuffer
.Default raw secret implementation forbyte[]
.DefaultVaultCharSecret
implementation based onString
.DefaultVaultTranscriber
implementation that uses the configuredVaultProvider
to obtain raw secrets and convert them into other types.A text-based vault provider, which stores each secret in a separate file.Creates and configuresFilesPlainTextVaultProvider
.ACharBuffer
based representation of the secret obtained from the vault that supports automated cleanup of memory.This exception is thrown when the factory fails to init due to a configuration error.VaultKeyResolver
is aBiFunction
whose implementation of theBiFunction.apply(Object, Object)
method takes twoString
s representing the realm name and the key name (as used in${vault.key}
expressions) and returns anotherString
representing the final constructed key that is to be used when obtaining secrets from the vault.Thrown when a vault directory doesn't exist.Provider interface for a vault.Raw representation of the secret obtained from vault that supports automated cleanup of memory.SPI for a low-level vault access.AString
based representation of the secret obtained from the vault that supports automated cleanup of memory.A facade to the configured vault provider that exposes utility methods for obtaining the vault secrets in different formats (such asVaultRawSecret
,VaultCharSecret
orVaultStringSecret
).