Generate Secrets
This handler (com.rierino.handler.SecretEventHandler) provides ability to encrypt/decrypt and hash data.
Handler Parameters
key.state
Name of the state manager with key definitions
secret_key
-
key
Constant key to use for signing operations
1234567890ABC
-
encryptkey
Constant key to use for encryption operations
1234567890ABC
-
provider
Security provider to use (auto for default, BC for bouncy castle)
BC
auto
issuer
Issuer to include in generated tokens
Rierino
-
algorithm
Default encyption algorithm
-
AES/ECB/PKCS5Padding
keyAlgorithm
Default key generation algorithm
-
AES
hashAlgorithm
Default hashing algorithm
-
SHA-256
certificateKeySize
Default key size for certificate generation
-
2048
certificateAlgorithm
Default algorithm for certificate key generation
-
RSA
certificateSignatureAlgorithm
Default algorithm for signing certificates
-
SHA256withRSA
certificateLifetime
Default lifetime (in days) for generated certificates
-
1
certificateDN
Default distinguished name for the generated certificates
-
CN=rierino.com, O=Rierino
Actions
All actions of this handler share the following event metadata parameters for getting key inputs:
key
Constant key to use for operations
1234567890ABC
-
keyPath
Json path of key in event payload
parameters.key
-
keyId
ID of the key to use from key state
123
-
keyIdPath
Json path of key id to use from key state
parameters.id
-
Encrypt
Encrypts a given json node or string value using preferred algorithms. Event metadata fields applicable for this action are as follows:
inputElement
Json path for the input in request event payload
data
-
outputElement
Json path for the output in response event payload
secret
-
With event metadata parameters as:
algorithm
Custom cipher algorithm to use
-
Handler default
keyAlgorithm
Custom SecretKey algorithm to use
-
Handler default
provider
Custom security provider to use
-
Handler default
Decrypt
Decryptes a previously encrypted value and returns as a json node or string value. This action uses the same fields as Encrypt action, with the addition of following event metadata parameter:
isJson
Whether encrypted value is json and should be parsed into an object
true
false
Hash
Hashes a given json node or string value using preferred algorithms. Event metadata fields applicable for this action are as follows:
inputElement
Json path for the input in request event payload
data
-
outputElement
Json path for the output in response event payload
secret
-
With event metadata parameters as:
algorithm
Custom hash algorithm to use
-
Handler default
provider
Custom security provider to use
-
Handler default
iterations
Iterations to update the hash
100
1
ValidateHash
Validates the hash of a given json node or string value using preferred algorithms. Event metadata fields applicable for this action are as follows:
inputElement
Json path for the input in request event payload, with "hash" and "data" elements
parameters
-
outputElement
Json path for the output in response event payload
secret
-
With event metadata parameters as:
algorithm
Custom hash algorithm to use
-
Handler default
provider
Custom security provider to use
-
Handler default
iterations
Iterations to update the hash
100
1
GenerateToken
Generates a JWT token for given claims (including special claims such as audience). Event metadata fields applicable for this action are as follows:
inputElement
Json path for the fields to include as claims in token
parameters
-
outputElement
Json path to add token at
secret
-
With event metadata parameters as:
provider
Custom security provider to use
-
Handler default
expirationTime
Milliseconds to expiration of token
60000
0
ValidateToken
Validates a JWT token. Event metadata fields applicable for this action are as follows:
inputElement
Json path for the token
parameters.token
-
outputElement
Json path to add validation result to
isValid
-
With event metadata parameters as:
provider
Custom security provider to use
-
Handler default
inputPattern
Jmespath expression to apply on input element
-
-
DecodeToken
Decodes a JWT token and returns its claims. Event metadata fields applicable for this action are as follows:
inputElement
Json path for the token
parameters.token
-
outputElement
Json path to add decoded claims to
claims
-
With event metadata parameters as:
provider
Custom security provider to use
-
Handler default
inputPattern
Jmespath expression to apply on input element
-
-
validate
Whether the token must be valid to decode
false
true
GenerateCertificate
Generates a certificate, returning private key and public certificate values. Event metadata fields applicable for this action are as follows:
inputElement
Json path for custom certificate DN and lifetime
parameters.cert
-
outputElement
Json path to add "key" and "certificate" outputs to
produced
-
With event metadata parameters as:
provider
Custom security provider to use
-
Handler default
certificateAlgorithm
Custom certificate algorithm
-
Handler default
certificateSignatureAlgorithm
Custom signature algorithm
-
Handler default
certificateKeySize
Custom key size
-
Handler default
certificateDN
Custom certificate DN
-
Handler default
certificateLifeTime
Custom certificate lifetime in days
-
Handler default
Last updated