org.wso2.cloud.secrets.utils

Class AzureKeyVaultUtils

java.lang.Object

org.wso2.cloud.secrets.utils.AzureKeyVaultUtils

public class AzureKeyVaultUtils
extends Object

Utilities required for dealing with Azure Key Vault.

Since:

1.0.0

Constructor Summary

Constructors

Constructor and Description
AzureKeyVaultUtils()

Method Summary

Modifier and Type	Method and Description
static com.azure.security.keyvault.certificates.CertificateClient	createCertificateClient(String azureKeyVaultName) Create CertificateClient instance using the provided Azure Key Vault name.
static com.azure.security.keyvault.secrets.SecretClient	createSecretClient(String azureKeyVaultName) Create SecretClient instance using the provided Azure Key Vault name.
static String	getPublicKeyForEncryption(com.azure.security.keyvault.certificates.CertificateClient certificateClient) Retrieve the public key from the Azure Key Vault Certificate resource.
static void	pushSecretsToAzureKeyVault(List<Secret> secrets, com.azure.security.keyvault.secrets.SecretClient secretClient) Push the provided encrypted secrets to the target Azure Key Vault.
static List<Secret>	retrievePlainTextSecrets(InputSecretIdentifiers inputSecretIdentifiers, com.azure.security.keyvault.secrets.SecretClient secretClient) Retrieve the defined plain text passwords from the source Azure Key Vault.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AzureKeyVaultUtils

public AzureKeyVaultUtils()

Method Detail

retrievePlainTextSecrets

public static List<Secret> retrievePlainTextSecrets(InputSecretIdentifiers inputSecretIdentifiers,
                                                    com.azure.security.keyvault.secrets.SecretClient secretClient)

Retrieve the defined plain text passwords from the source Azure Key Vault. The Azure Key Vault Secrets to be retrieved are defined in the input secrets file.

Parameters:

inputSecretIdentifiers - input secrets which are to be encrypted and pushed to the target Key Vault

secretClient - a SecretClient instance for source Azure Key Vault access

Returns:

List of input secrets which are to be encrypted and pushed to the target Key Vault

pushSecretsToAzureKeyVault

public static void pushSecretsToAzureKeyVault(List<Secret> secrets,
                                              com.azure.security.keyvault.secrets.SecretClient secretClient)

Push the provided encrypted secrets to the target Azure Key Vault.

Parameters:

secrets - encrypted secrets to be pushed to the target Key Vault

secretClient - a SecretClient instance for target Azure Key Vault access

getPublicKeyForEncryption

public static String getPublicKeyForEncryption(com.azure.security.keyvault.certificates.CertificateClient certificateClient)

Retrieve the public key from the Azure Key Vault Certificate resource.

Parameters:

certificateClient - a CertificateClient instance for target Azure Key Vault access

Returns:

complete public key string

createSecretClient

public static com.azure.security.keyvault.secrets.SecretClient createSecretClient(String azureKeyVaultName)

Create SecretClient instance using the provided Azure Key Vault name.

Parameters:

azureKeyVaultName - name of the Azure Key Vault

Returns:

created SecretClient instance using the provided Azure Key Vault name

createCertificateClient

public static com.azure.security.keyvault.certificates.CertificateClient createCertificateClient(String azureKeyVaultName)

Create CertificateClient instance using the provided Azure Key Vault name.

Parameters:

azureKeyVaultName - name of the Azure Key Vault

Returns:

created CertificateClient instance using the provided Azure Key Vault name