Package oracle.jdbc.spi

Interface OracleConfigurationSecretProvider

All Known Subinterfaces:

OracleConfigurationJsonSecretProvider

public interface OracleConfigurationSecretProvider

Defines the contract for secret providers in a OracleConfigurationParser. For more information please refer to: OracleConfigurationProvider.

The Secret Provider can either define a 'password' or a 'wallet_location' with the following properties. For an example look at OracleConfigurationProvider:

• 'type'. The secret type, required string. It is used by the Service Provider Interface to load the OracleConfigurationSecretProvider implementation at runtime. The driver provides a built-in basic provider using Base64 (not recommended for production environments). Known external providers include: 'ocivault' and 'azurevault'.
• 'value'. A reference to the secret value, required string, it depends on the secret type and the OracleConfigurationSecretProvider implementation. If the type is 'base64', then it is the Base64 encoding of the secret. If the type is 'ocivault', then it is the OCID of the secret in OCI. If it is 'azurevault', then it is the Azure Key Vault URI.
• 'authentication' and the rest of the properties. They are optional properties used by the OracleConfigurationSecretProvider implementation to configure the authentication. Each provider can define the schema of those properties, and how they are passed by the implementation of OracleConfigurationParser. For example, JsonParser flattens the nested 'password' and 'wallet_location' objects into Map and pass the Map object to OracleConfigurationSecretProvider to get a secret. The built-in Base64 provider doesn't use the authentication-related properties.

The driver provides a built-in basic provider using Base64 (not recommended for production environments).

Method Summary

Modifier and Type	Method	Description
static OracleConfigurationSecretProvider	find(java.lang.String secretType)	Helper method to load the Provider depending on its type.
char[]	getSecret(java.util.Map<java.lang.String,java.lang.String> secretProperties)	Returns the secret using the 'value' and 'authentication' attributes of the password or wallet_location objects in configuration.
java.lang.String	getSecretType()	Returns the secret type, which is a unique identifier for the Service Provider Interface.

Method Detail

getSecret

char[] getSecret(java.util.Map<java.lang.String,java.lang.String> secretProperties)

Returns the secret using the 'value' and 'authentication' attributes of the password or wallet_location objects in configuration.

For example: if the password type is 'ocivault', the password value should be the OCID of the Secret holding the password in OCI Vault. The same applies to the 'wallet_location' object.

Parameters:

secretProperties - secret map, required by the provider to get the secret (either password or wallet_location). Not null.

Returns:

secret value. Not null.

getSecretType

java.lang.String getSecretType()

Returns the secret type, which is a unique identifier for the Service Provider Interface. It is used by the Configuration File Reader at Runtime to load the different Secret providers.

Returns:

secret type. Not null.

find

static OracleConfigurationSecretProvider find(java.lang.String secretType)

Helper method to load the Provider depending on its type. External providers for a secret in a Configuration Provider need to implement this interface. The secret type is indicated in the secret map by the 'type' attribute in the 'password' or 'wallet_location' objects. Providers need to implement getSecretType() with this in mind.

This method will look at runtime for (SPI) secret providers which type equals the one defined in the JSON payload.

Parameters:

secretType - secret type of the SPI to be found. Not null.

Returns:

OracleConfigurationSecretProvider of this specific type.