[keycloak-dev] Addition of vault() method to KeycloakSession
Stefan Guilhen
sguilhen at redhat.com
Thu Aug 22 14:00:16 EDT 2019
Hi all,
We've been considering the addition of a vault() method to KeycloakSession
that returns an object that can be used to obtain secrets in different
flavors from the configured vault. This is inline with what we already have
for keys, tokens, etc and provides users of the vault with a better
experience than looking up the provider using getProvider(Class) and then
figuring out how to translate secrets retrieved in raw form into more
usable formats, like String.
As of now, all the interfaces of the Vault SPI are in the
server-spi-private module and for this to work I will need to move a couple
of them to the server-spi module, but I think this is ok since the plan is
to eventually move all the interfaces there at some point.
Just wanted to check if anyone has any strong objections to this plan
before I move on with the implementation.
Cheers!
--
Stefan Guilhen
Principal Software Engineer
Red Hat <https://www.redhat.com/>
sguilhen at redhat.com IM: sguilhen
@RedHat <https://twitter.com/redhat> Red Hat
<https://www.linkedin.com/company/red-hat> Red Hat
<https://www.facebook.com/RedHatInc>
<https://www.redhat.com/>
More information about the keycloak-dev
mailing list