Generate Secrets
This handler (com.rierino.handler.SecretEventHandler) provides ability to encrypt/decrypt and hash data.
Handler Parameters
key.state
Name of the state manager with key definitions
secret_key
-
key
Constant key to use for operations
1234567890ABC
-
issuer
Issuer to include in generated tokens
Rierino
-
Actions
All actions of this handler share the following event metadata parameters:
key
Constant key to use for operations
1234567890ABC
-
keyPath
Json path of key in event payload
parameters.key
-
keyId
ID of the key to use from key state
123
-
keyIdPath
Json path of key id to use from key state
parameters.id
-
Encrypt
Encrypts a given json node or string value using preferred algorithms. Event metadata fields applicable for this action are as follows:
inputElement
Json path for the input in request event payload
data
-
outputElement
Json path for the output in response event payload
secret
-
With event metadata parameters as:
algorithm
Cipher algorithm to use
-
AES/ECB/PKCS5Padding
keyAlgorithm
SecretKey algorithm to use
-
AES
Decrypt
Decryptes a previously encrypted value and returns as a json node or string value. This action uses the same fields as Encrypt action, with the addition of following event metadata parameter:
isJson
Whether encrypted value is json and should be parsed into an object
true
false
Hash
Hashes a given json node or string value using preferred algorithms. Event metadata fields applicable for this action are as follows:
inputElement
Json path for the input in request event payload
data
-
outputElement
Json path for the output in response event payload
secret
-
With event metadata parameters as:
algorithm
MessageDigest algorithm to use
-
SHA-256
iterations
Iterations to update the hash
100
1
Hash actions can be used to generate secure API keys, when used together with JmesPath salt_key action that creates secure random key. These keys can be stored with access.roles details for key based authentication.
ValidateHash
Validates the hash of a given json node or string value using preferred algorithms. Event metadata fields applicable for this action are as follows:
inputElement
Json path for the input in request event payload, with "hash" and "data" elements
parameters
-
outputElement
Json path for the output in response event payload
secret
-
With event metadata parameters as:
algorithm
MessageDigest algorithm to use
-
SHA-256
iterations
Iterations to update the hash
100
1
GenerateToken
Generates a JWT token for given claims (including special claims such as audience). Event metadata fields applicable for this action are as follows:
inputElement
Json path for the fields to include as claims in token
parameters
-
outputElement
Json path to add token at
secret
-
With event metadata parameters as:
expirationTime
Milliseconds to expiration of token
60000
0
ValidateToken
Validates a JWT token. Event metadata fields applicable for this action are as follows:
inputElement
Json path for the token
parameters.token
-
outputElement
Json path to add validation result to
isValid
-
With event metadata parameters as:
inputPattern
Jmespath expression to apply on input element
-
-
DecodeToken
Decodes a JWT token and returns its claims. Event metadata fields applicable for this action are as follows:
inputElement
Json path for the token
parameters.token
-
outputElement
Json path to add decoded claims to
claims
-
With event metadata parameters as:
inputPattern
Jmespath expression to apply on input element
-
-
validate
Whether the token must be valid to decode
false
true
Last updated