Package org.wildfly.security.credential.store

Class CredentialStore

  • public final class CredentialStore
extends Object
    This class represents credential store functionality. Type of the credential store is determined by instance type and is loaded from Provider.
    Author:
    Peter Skopek.

    • Field Detail

      • CREDENTIAL_STORE_TYPE

        public static final String CREDENTIAL_STORE_TYPE
        JCA service type for a credential store.
        See Also:
        Constant Field Values

    • Method Detail

      • getInstance

        public static CredentialStore getInstance​(String algorithm)
                                   throws NoSuchAlgorithmException
        Get a CredentialStore instance. The returned CredentialStore object will implement the given algorithm.
        Parameters:
        algorithm - the name of the algorithm
        Returns:
        a CredentialStore instance
        Throws:
        NoSuchAlgorithmException - if the given algorithm has no available implementations

      • getInstance

        public static CredentialStore getInstance​(String algorithm,
                                          Supplier<Provider[]> providers)
                                   throws NoSuchAlgorithmException
        Get a CredentialStore instance. The returned CredentialStore object will implement the given algorithm.
        Parameters:
        algorithm - the name of the algorithm
        providers - supplier of provider instances to search.
        Returns:
        a CredentialStore instance
        Throws:
        NoSuchAlgorithmException - if the given algorithm has no available implementations

      • getInstance

        public static CredentialStore getInstance​(String algorithm,
                                          Provider provider)
                                   throws NoSuchAlgorithmException
        Get a CredentialStore instance. The returned CredentialStore object will implement the given algorithm.
        Parameters:
        algorithm - the name of the algorithm
        provider - the provider to use
        Returns:
        a CredentialStore instance
        Throws:
        NoSuchAlgorithmException - if the given algorithm has no available implementations

      • initialize

        public void initialize​(Map<String,​String> attributes,
                       CredentialStore.ProtectionParameter protectionParameter,
                       Provider[] providers)
                throws CredentialStoreException
        Initialize Credential Store service with given attributes. This procedure should set CredentialStoreSpi.initialized after successful initialization.
        Parameters:
        attributes - attributes to used to pass information to Credential Store service
        protectionParameter - the protection parameter to use when accessing the store
        providers - providers to be injected into SPI implementation to get custom object instances of various type from
        Throws:
        CredentialStoreException - if initialization fails due to any reason

      • isInitialized

        public boolean isInitialized()
        Checks whether underlying credential store is initialized.
        Returns:
        true in case of initialization passed successfully, false otherwise.

      • isModifiable

        public boolean isModifiable()
        Check if credential store supports modification of actual store
        Returns:
        true in case of modification of store is supported

      • exists

        public <C extends Credential> boolean exists​(String credentialAlias,
                                             Class<C> credentialType)
                                      throws CredentialStoreException,
                                             UnsupportedCredentialTypeException
        Check whether credential store has an entry associated with the given credential alias of specified credential type.
        Type Parameters:
        C - the class of type to which should be credential casted
        Parameters:
        credentialAlias - alias to check existence
        credentialType - to check existence in the credential store
        Returns:
        true in case key exist in store
        Throws:
        CredentialStoreException - when there is a problem with credential store
        UnsupportedCredentialTypeException - when the credentialType is not supported

      • retrieve

        public <C extends Credential> C retrieve​(String credentialAlias,
                                         Class<C> credentialType)
                                  throws CredentialStoreException,
                                         UnsupportedCredentialTypeException
        Retrieve credential stored in the store under the key and of the credential type
        Type Parameters:
        C - the class of type to which should be credential casted
        Parameters:
        credentialAlias - to find the credential in the store
        credentialType - - credential type to retrieve from under the credentialAlias from the store
        Returns:
        instance of Credential stored in the store
        Throws:
        CredentialStoreException - - if credentialAlias credentialType combination doesn't exist or credentialAlias cannot be retrieved
        UnsupportedCredentialTypeException - when the credentialType is not supported

      • retrieve

        public <C extends Credential> C retrieve​(String credentialAlias,
                                         Class<C> credentialType,
                                         String credentialAlgorithm)
                                  throws CredentialStoreException
        Retrieve credential stored in the store under the key and of the credential type.
        Type Parameters:
        C - the class of type to which should be credential casted
        Parameters:
        credentialAlias - to find the credential in the store
        credentialType - credential type to retrieve from under the credentialAlias from the store
        credentialAlgorithm - the credential algorithm to match, or null to match any
        Returns:
        instance of Credential stored in the store
        Throws:
        CredentialStoreException - if credentialAlias credentialType combination doesn't exist or credentialAlias cannot be retrieved

      • retrieve

        public <C extends Credential> C retrieve​(String credentialAlias,
                                         Class<C> credentialType,
                                         String credentialAlgorithm,
                                         AlgorithmParameterSpec parameterSpec)
                                  throws CredentialStoreException
        Retrieve credential stored in the store under the key and of the credential type.
        Type Parameters:
        C - the class of type to which should be credential casted
        Parameters:
        credentialAlias - to find the credential in the store
        credentialType - credential type to retrieve from under the credentialAlias from the store
        credentialAlgorithm - the credential algorithm to match, or null to match any
        parameterSpec - the parameter specification to match, or null to match any
        Returns:
        instance of Credential stored in the store
        Throws:
        CredentialStoreException - if credentialAlias credentialType combination doesn't exist or credentialAlias cannot be retrieved

      • retrieve

        public <C extends Credential> C retrieve​(String credentialAlias,
                                         Class<C> credentialType,
                                         String credentialAlgorithm,
                                         AlgorithmParameterSpec parameterSpec,
                                         CredentialStore.ProtectionParameter protectionParameter)
                                  throws CredentialStoreException
        Retrieve credential stored in the store under the key and of the credential type.
        Type Parameters:
        C - the class of type to which should be credential casted
        Parameters:
        credentialAlias - to find the credential in the store
        credentialType - credential type to retrieve from under the credentialAlias from the store
        credentialAlgorithm - the credential algorithm to match, or null to match any
        parameterSpec - the parameter specification to match, or null to match any
        protectionParameter - the protection parameter to use, or null to use none
        Returns:
        instance of Credential stored in the store
        Throws:
        CredentialStoreException - if credentialAlias credentialType combination doesn't exist or credentialAlias cannot be retrieved

      • remove

        public void remove​(String credentialAlias,
                   Class<? extends Credential> credentialType)
            throws CredentialStoreException
        Remove the credentialType with from given alias matching the given criteria from the store.
        Parameters:
        credentialAlias - alias to remove credential(s) from
        credentialType - credential type to match (must not be null)
        Throws:
        CredentialStoreException - if credential removal fails

      • remove

        public void remove​(String credentialAlias,
                   Class<? extends Credential> credentialType,
                   String credentialAlgorithm)
            throws CredentialStoreException
        Remove the credentialType with from given alias matching the given criteria from the store.
        Parameters:
        credentialAlias - alias to remove credential(s) from
        credentialType - credential type to match (must not be null)
        credentialAlgorithm - the algorithm name to match, or null to match any
        Throws:
        CredentialStoreException - if credential removal fails

      • remove

        public void remove​(String credentialAlias,
                   Class<? extends Credential> credentialType,
                   String credentialAlgorithm,
                   AlgorithmParameterSpec parameterSpec)
            throws CredentialStoreException
        Remove the credentialType with from given alias matching the given criteria from the store.
        Parameters:
        credentialAlias - alias to remove credential(s) from
        credentialType - credential type to match (must not be null)
        credentialAlgorithm - the algorithm name to match, or null to match any
        parameterSpec - the parameters to match, or null to match any
        Throws:
        CredentialStoreException - if credential removal fails

      • flush

        public void flush()
           throws CredentialStoreException
        Flush the contents of this credential store to storage. This method may be a no-op on credential stores without backing storage or which do not buffer changes.
        Throws:
        CredentialStoreException - if flushing the store fails for some reason