Re: [keycloak-dev] Addition of vault() method to KeycloakSession

KeycloakSession methods are mostly used to load a manager, not the provider directly. As such it has a wrapper API usually. Just look at keys or signing for instance. If it's just loading the provider directly then there's no need to add it to the KeycloakSession. On Thu, 22 Aug 2019 at 20:02, Stefan Guilhen <sguilhen(a)redhat.com&gt; wrote: > Hi all, > > We've been considering the addition of a vault() method to KeycloakSession > that returns an object that can be used to obtain secrets in different > flavors from the configured vault. This is inline with what we already > have > for keys, tokens, etc and provides users of the vault with a better > experience than looking up the provider using getProvider(Class) and then > figuring out how to translate secrets retrieved in raw form into more > usable formats, like String. > > As of now, all the interfaces of the Vault SPI are in the > server-spi-private module and for this to work I will need to move a > couple > of them to the server-spi module, but I think this is ok since the plan is > to eventually move all the interfaces there at some point. > > Just wanted to check if anyone has any strong objections to this plan > before I move on with the implementation. > > Cheers! > -- > > Stefan Guilhen > > Principal Software Engineer > > Red Hat <https://www.redhat.com/> > > sguilhen(a)redhat.com IM: sguilhen > @RedHat <https://twitter.com/redhat> Red Hat > <https://www.linkedin.com/company/red-hat> Red Hat > <https://www.facebook.com/RedHatInc> > <https://www.redhat.com/> > _______________________________________________ > keycloak-dev mailing list > keycloak-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-dev >