Package it.pagopa.swclient.mil.azureservices.keyvault.keys.service

Class AzureKeyVaultKeysReactiveService

java.lang.Object
it.pagopa.swclient.mil.azureservices.keyvault.keys.service.AzureKeyVaultKeysReactiveService
@ApplicationScoped public class AzureKeyVaultKeysReactiveService extends Object

This service is a kind of wrapper of AzureKeyVaultKeysReactiveClient which implements:

  • the retrieving, caching (done by means of AzureIdentityReactiveService) and renewal (when it expires or when used the resource API returns 401 or 403) of the access token from Microsoft Entra ID that will be used with Azure Key Vault (by means of AzureKeyVaultKeysReactiveClient);
  • the retrying with exponential back-off in case of 429 from Azure Key Vault.

To use this service, the application.properties should have the definition of the following properties to control the back-off policy:

  • azure-key-vault-keys.backoff.initial-duration
  • azure-key-vault-keys.backoff.jitter
  • azure-key-vault-keys.backoff.number-of-attempts
Author:
Antonio Tarricone

  • Field Details

  • Constructor Details

  • Method Details

    • proceed

      private io.smallrye.mutiny.Uni<Object> proceed(jakarta.interceptor.InvocationContext context)

      Transforms Exception in RuntimeException to allow handling with Mutiny.

      Parameters:
      context - InvocationContext
      Returns:
      Object returned by the target method.

    • authenticate

      Object authenticate(jakarta.interceptor.InvocationContext context)

      This method decorates the others:

      • retrieving the access token from Microsoft Entra ID by means of AzureIdentityReactiveService;
      • renewing of the access token from Microsoft Entra ID the invoked target API returns 401 or 403;
      • retrying with exponential back-off in case of 429 from Azure Key Vault.
      Parameters:
      context - InvocationContext
      Returns:
      Object returned by the target method.

    • createKey

      public io.smallrye.mutiny.Uni<KeyBundle> createKey(String keyName, KeyCreateParameters keyCreateParameters)

      Creates a new key, stores it, then returns key parameters and attributes to the client.

      Parameters:
      keyName - The name for the new key. Regex pattern: ^[0-9a-zA-Z-]+$
      keyCreateParameters - KeyCreateParameters
      Returns:
      KeyBundle

    • getKeys

      public io.smallrye.mutiny.Uni<KeyListResult> getKeys()

      Lists keys in the specified vault.

      Returns:
      KeyListResult

    • getKeys

      public io.smallrye.mutiny.Uni<KeyListResult> getKeys(String skiptoken)

      Lists keys in the specified vault.

      Parameters:
      skiptoken - Token to handle paging.
      Returns:
      KeyListResult

    • getKey

      public io.smallrye.mutiny.Uni<KeyBundle> getKey(String keyName, String keyVersion)

      Returns the public part of a stored key.

      Parameters:
      keyName - The name of the key to get.
      keyVersion - The version of the key.
      Returns:
      KeyBundle

    • getKeyVersions

      public io.smallrye.mutiny.Uni<KeyListResult> getKeyVersions(String keyName)

      Returns a list of individual key versions with the same key name.

      Parameters:
      keyName - The name of the key.
      Returns:
      KeyListResult

    • getKeyVersions

      public io.smallrye.mutiny.Uni<KeyListResult> getKeyVersions(String keyName, String skiptoken)

      Returns a list of individual key versions with the same key name.

      Parameters:
      keyName - The name of the key.
      skiptoken - Token to handle paging.
      Returns:
      KeyListResult

    • sign

      public io.smallrye.mutiny.Uni<KeyOperationResult> sign(String keyName, String keyVersion, KeySignParameters keySignParameters)

      Creates a signature from a digest using the specified key.

      Parameters:
      keyName - The name of the key.
      keyVersion - The version of the key.
      keySignParameters - KeySignParameters
      Returns:
      KeyOperationResult

    • verify

      public io.smallrye.mutiny.Uni<KeyVerifyResult> verify(String keyName, String keyVersion, KeyVerifyParameters keyVerifyParameters)

      Verifies a signature using a specified key.

      Parameters:
      keyName - The name of the key.
      keyVersion - The version of the key.
      keyVerifyParameters - KeyVerifyParameters
      Returns:
      KeyVerifyResult

    • encrypt

      public io.smallrye.mutiny.Uni<KeyOperationResult> encrypt(String keyName, String keyVersion, KeyOperationParameters keyOperationParameters)

      Encrypts an arbitrary sequence of bytes using an encryption key that is stored in a key vault.

      Parameters:
      keyName - The name of the key.
      keyVersion - The version of the key.
      keyOperationParameters - KeyOperationParameters
      Returns:
      KeyOperationResult

    • decrypt

      public io.smallrye.mutiny.Uni<KeyOperationResult> decrypt(String keyName, String keyVersion, KeyOperationParameters keyOperationParameters)

      Decrypts a single block of encrypted data.

      Parameters:
      keyName - The name of the key.
      keyVersion - The version of the key.
      keyOperationParameters - KeyOperationParameters
      Returns:
      KeyOperationResult

    • deleteKey

      public io.smallrye.mutiny.Uni<DeletedKeyBundle> deleteKey(String keyName)

      Deletes a key of any type from storage in Azure Key Vault.

      Parameters:
      keyName - The name of the key to delete.
      Returns:
      DeletedKeyBundle