Package org.saidone.service

Class SecretService

java.lang.Object
org.saidone.component.BaseComponent
org.saidone.service.SecretService
All Implemented Interfaces:
org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware
@Service @ConditionalOnExpression("${application.service.vault.encryption.enabled}.equals(true)") public class SecretService extends BaseComponent
Service class for interacting with Vault to retrieve secrets.

This service uses Spring Vault's versioned key-value operations to fetch secrets from a configured Vault path and key. It supports retrieving secrets by specific version or the latest version if none is specified.

  • Constructor Details

    • SecretService

      public SecretService()

  • Method Details

    • init

      public void init()
      Initializes the service after dependency injection.

      Sets up the VaultVersionedKeyValueOperations instance used to retrieve secrets and verifies that Vault is initialized. If Vault is not initialized, the application is gracefully shut down.

      Overrides:
      init in class BaseComponent

    • getSecret

      public Secret getSecret()
      Retrieves the latest version of the secret from Vault.

      This is a convenience method that delegates to getSecret(Integer) with a null version to fetch the most recent secret value.

      Returns:
      the secret containing the raw bytes and version information
      Throws:
      RuntimeException - if the secret cannot be retrieved

    • getSecret

      public Secret getSecret(Integer version)
      Retrieves the secret from Vault for the specified version.
      Parameters:
      version - the version of the secret to retrieve; if null, retrieves the latest version
      Returns:
      a Secret containing the secret bytes and the version number
      Throws:
      RuntimeException - if unable to retrieve the secret or if an error occurs during retrieval