Package org.keycloak.vault
Class FilesKeystoreVaultProvider
java.lang.Object
org.keycloak.vault.AbstractVaultProvider
org.keycloak.vault.FilesKeystoreVaultProvider
- All Implemented Interfaces:
Provider
,VaultProvider
-
Field Summary
Fields inherited from class org.keycloak.vault.AbstractVaultProvider
realm, resolvers
-
Constructor Summary
ConstructorDescriptionFilesKeystoreVaultProvider
(Path keystorePath, String keystorePass, String keystoreType, String realmName, List<VaultKeyResolver> resolvers) Creates a newFilesKeystoreVaultProvider
. -
Method Summary
Modifier and TypeMethodDescriptionvoid
close()
protected VaultRawSecret
obtainSecretInternal
(String alias) Subclasses ofAbstractVaultProvider
must implement this method.Methods inherited from class org.keycloak.vault.AbstractVaultProvider
obtainSecret, validate
-
Constructor Details
-
FilesKeystoreVaultProvider
public FilesKeystoreVaultProvider(@Nonnull Path keystorePath, @Nonnull String keystorePass, @Nonnull String keystoreType, @Nonnull String realmName, @Nonnull List<VaultKeyResolver> resolvers) Creates a newFilesKeystoreVaultProvider
.- Parameters:
keystorePath
- A path to a vault. Can not be null.keystorePass
- A password to a vault. Can not be null.keystoreType
- Specifies a type of keystore. Can not be null. Default value is PKCS12.realmName
- A realm name. Can not be null.
-
-
Method Details
-
obtainSecretInternal
Description copied from class:AbstractVaultProvider
Subclasses ofAbstractVaultProvider
must implement this method. It is meant to be implemented in the same way as theAbstractVaultProvider.obtainSecret(String)
method from theVaultProvider
interface, but the specified vault key must be used as is - i.e. implementations should refrain from processing the key again as the format was already defined by one of the configured key resolvers.- Specified by:
obtainSecretInternal
in classAbstractVaultProvider
- Parameters:
alias
- aString
representing the name of the entry that is being fetched from the vault.- Returns:
- a
VaultRawSecret
representing the obtained secret. It can be a empty secret if no secret could be obtained using the specified vault key.
-
close
public void close()
-