public interface OracleConfigurationJsonSecretProvider extends OracleConfigurationSecretProvider
Defines the contract for secret providers in a JSON Configuration.
For more information please refer to:
OracleConfigurationProvider.
There is a new interface OracleConfigurationSecretProvider
designed for broader use cases that accepts Map as the input type and
returns secrets. This interface (OracleConfigurationProvider) is
kept due to backward compatibility reasons. The interface extends
OracleConfigurationProvider so its implementations can still be
located by a Service Loader.
The JSON Secret Provider can either define a 'password' or a
'wallet_location' with the following properties. For an example look at
OracleConfigurationProvider:
OracleConfigurationJsonSecretProvider
implementation at runtime. The driver provides a built-in basic provider using
Base64 (not recommended for production environments). Known external
providers include: 'ocivault' and 'azurevault'.OracleConfigurationJsonSecretProvider
implementation. If the type is 'base64', then it is the Base64 encoding of
the secret. If the type is 'vault-oci', then it is the OCID of the secret in
OCI. If it is 'vault-azure', then it is the Azure Key Vault URI.OracleConfigurationJsonSecretProvider implementation to configure the
authentication. Each provider can define the schema of this 'authentication'
object. The built-in Base64 provider doesn't use it.| Modifier and Type | Method and Description |
|---|---|
static OracleConfigurationJsonSecretProvider |
find(java.lang.String secretType)
Helper method to load the Provider depending on its type.
|
default char[] |
getSecret(java.util.Map<java.lang.String,java.lang.String> secretProperties)
Returns the secret using the 'value' and 'authentication' attributes of
the password or wallet_location objects in configuration.
|
char[] |
getSecret(OracleJsonObject secret)
Returns the secret using the 'value' and 'authentication' attributes of
the password or wallet_location JSON Object.
|
getSecretTypechar[] getSecret(OracleJsonObject secret)
Returns the secret using the 'value' and 'authentication' attributes of the password or wallet_location JSON Object.
For example: if the password type is 'vault-oci', the password value should be the OCID of the Secret holding the password in OCI Vault. The same applies to the 'wallet_location' object.
secret - JSON Object, required by the provider to get the secret
(either password or wallet_location).
Not null.default char[] getSecret(java.util.Map<java.lang.String,java.lang.String> secretProperties)
Returns the secret using the 'value' and 'authentication' attributes of the password or wallet_location objects in configuration.
For example: if the password type is 'ocivault', the password value should be the OCID of the Secret holding the password in OCI Vault. The same applies to the 'wallet_location' object.
This method has default implementation which recovers the input
secretProperties to the original OracleJsonObject format,
and calls getSecret(OracleJsonObject) using the recovered
OracleJsonObject to get the secret.
getSecret in interface OracleConfigurationSecretProvidersecretProperties - secret map, required by the provider to get the
secret (either password or wallet_location). Not null.static OracleConfigurationJsonSecretProvider find(java.lang.String secretType)
Helper method to load the Provider depending on its type. External providers for a secret in a JSON Provider need to implement this interface. The secret type is indicated in the JSON payload by the 'type' attribute in the 'password' or 'wallet_location' objects. Providers need to implement getSecretType() with this in mind.
This method will look at runtime for (SPI) secret providers which type equals the one defined in the JSON payload.
find in interface OracleConfigurationSecretProvidersecretType - secret type of the SPI to be found. Not null.