Package org.keycloak.vault

Class FilesKeystoreVaultProvider

java.lang.Object
org.keycloak.vault.AbstractVaultProvider
org.keycloak.vault.FilesKeystoreVaultProvider
All Implemented Interfaces:
Provider, VaultProvider
public class FilesKeystoreVaultProvider extends AbstractVaultProvider

  • Constructor Details

    • FilesKeystoreVaultProvider

      public FilesKeystoreVaultProvider(@Nonnull Path keystorePath, @Nonnull String keystorePass, @Nonnull String keystoreType, @Nonnull String realmName, @Nonnull List<VaultKeyResolver> resolvers)
      Creates a new FilesKeystoreVaultProvider.
      Parameters:
      keystorePath - A path to a vault. Can not be null.
      keystorePass - A password to a vault. Can not be null.
      keystoreType - Specifies a type of keystore. Can not be null. Default value is PKCS12.
      realmName - A realm name. Can not be null.

  • Method Details

    • obtainSecretInternal

      protected VaultRawSecret obtainSecretInternal(String alias)
      Description copied from class: AbstractVaultProvider
      Subclasses of AbstractVaultProvider must implement this method. It is meant to be implemented in the same way as the AbstractVaultProvider.obtainSecret(String) method from the VaultProvider interface, but the specified vault key must be used as is - i.e. implementations should refrain from processing the key again as the format was already defined by one of the configured key resolvers.
      Specified by:
      obtainSecretInternal in class AbstractVaultProvider
      Parameters:
      alias - a String representing the name of the entry that is being fetched from the vault.
      Returns:
      a VaultRawSecret representing the obtained secret. It can be a empty secret if no secret could be obtained using the specified vault key.

    • close

      public void close()