Class SecretsStoreConnector
java.lang.Object
org.odpi.openmetadata.frameworks.connectors.Connector
org.odpi.openmetadata.frameworks.connectors.ConnectorBase
org.odpi.openmetadata.frameworks.connectors.SecretsStoreConnector
- All Implemented Interfaces:
AuditLoggingComponent,SecureConnectorExtension,VirtualConnectorExtension
- Direct Known Subclasses:
EnvVarSecretsStoreConnector,YAMLSecretsStoreConnector
SecretsStoreConnector is the interface for a connector that is able to retrieve secrets (passwords, certificates, ...) from a secure location.
The secrets store connector is embedded in a connector that needs one or more secrets to perform its tasks. Both connectors are initialised
together by the ConnectorBroker. The secrets store connector is called by the surrounding connector to extract the needed secrets.
When the ConnectorBroker detects that there is a secrets store connector embedded in another connector, it attempts to retrieve the standard
secrets for the corresponding connection object (if they are null):
- userId
- clearPassword
- encryptedPassword
-
Nested Class Summary
Nested classes/interfaces inherited from class org.odpi.openmetadata.frameworks.connectors.ConnectorBase
ConnectorBase.ProtectedConnection -
Field Summary
FieldsFields inherited from class org.odpi.openmetadata.frameworks.connectors.ConnectorBase
auditLog, connectedAssetProperties, connectionBean, connectionProperties, connectorInstanceId, embeddedConnectors, messageFormatter, secretsStoreConnectorMap -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidCalled by subclass to determine if the secrets should be refreshedReturn the component description that is used by this connector in the audit log.abstract longRetrieve the refresh time from the secrets store.abstract StringRetrieve a secret from the secrets store.abstract StringRetrieve a secret from the secrets store.abstract UserAccountRetrieve the requested user definitions stored in the secrets collection.abstract Map<String,UserAccount> getUsers()Retrieve any user definitions stored in the secrets collection.protected abstract voidRequest that the subclass refreshes its secrets.protected voidReset the next refresh timevoidsetAuditLog(AuditLog auditLog) Receive an audit log object that can be used to record audit log messages.voidstart()Indicates that the connector is completely configured and can begin processing.Methods inherited from class org.odpi.openmetadata.frameworks.connectors.ConnectorBase
combineConfigurationProperties, disconnect, disconnectConnectors, equals, getArrayConfigurationProperty, getAssetTypeName, getBooleanConfigurationProperty, getConnectedAssetProperties, getConnection, getConnectorInstanceId, getDateConfigurationProperty, getIntConfigurationProperty, getLongConfigurationProperty, getNetworkAddresses, getStringConfigurationProperty, getSuppliedPlaceholderProperties, hashCode, initialize, initializeConnectedAssetProperties, initializeEmbeddedConnectors, initializeSecretsStoreConnector, isActive, logExceptionRecord, logRecord, logRecord, throwMissingConfigurationProperty, throwMissingResource, throwNoAsset, throwWrongTypeOfAsset, throwWrongTypeOfResource, throwWrongTypeOfRootSchema, toStringMethods inherited from class org.odpi.openmetadata.frameworks.connectors.Connector
clearStatisticProperty, clearStatisticTimestamp, getConnectorStatistics, getStatisticCounter, getStatisticProperty, getStatisticTimestamp, incrementStatisticCounter, initializeStatisticCounter, setStatisticProperty, setStatisticTimestamp
-
Field Details
-
secretsCollectionName
-
-
Constructor Details
-
SecretsStoreConnector
public SecretsStoreConnector()
-
-
Method Details
-
getConnectorComponentDescription
Return the component description that is used by this connector in the audit log.- Specified by:
getConnectorComponentDescriptionin interfaceAuditLoggingComponent- Returns:
- id, name, description, wiki page URL.
-
setAuditLog
Receive an audit log object that can be used to record audit log messages. The caller has initialized it with the correct component description and log destinations.- Specified by:
setAuditLogin interfaceAuditLoggingComponent- Parameters:
auditLog- audit log object
-
start
Indicates that the connector is completely configured and can begin processing.- Overrides:
startin classConnectorBase- Throws:
ConnectorCheckedException- there is a problem within the connector.
-
checkSecretsStillValid
Called by subclass to determine if the secrets should be refreshed- Throws:
ConnectorCheckedException
-
refreshSecrets
protected abstract void refreshSecrets()Request that the subclass refreshes its secrets. -
resetRefreshTime
Reset the next refresh time- Throws:
ConnectorCheckedException- problem with the store
-
getSecret
Retrieve a secret from the secrets store.- Parameters:
secretName- name of the secret.- Returns:
- secret
- Throws:
ConnectorCheckedException- there is a problem with the connector
-
getSecret
public abstract String getSecret(String secretsCollectionName, String secretName) throws ConnectorCheckedException Retrieve a secret from the secrets store.- Parameters:
secretsCollectionName- name of collectionsecretName- name of the secret.- Returns:
- secret
- Throws:
ConnectorCheckedException- there is a problem with the connector
-
getRefreshTimeInterval
Retrieve the refresh time from the secrets store.- Returns:
- how long the secrets can be cached - 0 means indefinitely
- Throws:
ConnectorCheckedException- there is a problem with the connector
-
getUser
Retrieve the requested user definitions stored in the secrets collection.- Parameters:
userId- userId for the lookup- Returns:
- associated user details or null
- Throws:
ConnectorCheckedException- there is a problem with the connector
-
getUsers
Retrieve any user definitions stored in the secrets collection.- Returns:
- map of userIds to user details
- Throws:
ConnectorCheckedException- there is a problem with the connector
-