• Home
• org.prompto
• AwsClient
• 0.1.32
• source code
• AwsKMSSecretKeyFactory.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

prompto.security.AwsKMSSecretKeyFactory Maven / Gradle / Ivy

package prompto.security;

import prompto.aws.KMS;
import prompto.config.IConfigurationReader;
import prompto.config.ISecretKeyConfiguration;
import prompto.utils.Logger;

public class AwsKMSSecretKeyFactory implements ISecretKeyFactory {

	private static Logger logger = new Logger();

	IAwsKMSSecretKeyConfiguration config;
	
	public AwsKMSSecretKeyFactory() {
	}
	
	public AwsKMSSecretKeyFactory(ISecretKeyConfiguration config) {
		this.config = (IAwsKMSSecretKeyConfiguration) config;
	}
	
	@Override
	public ISecretKeyConfiguration newConfiguration(IConfigurationReader reader) {
		return new AwsKMSSecretKeyConfiguration(reader);
	}

	@Override
	public String getAsPlainText() {
		String awsRegion = config.getAwsRegion();
		String awsAccessKey = config.getAwsAccesKey();
		String awsSecretKey = config.getAwsSecretKey();
		logger.debug(()->"AWS KMS - decrypting secret " + new String(config.getSecret()) + " in region: " + awsRegion + " with access key: " + awsAccessKey);
		KMS kms = KMS.newInstance(awsRegion, awsAccessKey, awsSecretKey);
		String plainText = kms.decrypt(new String(config.getSecret()));
		if("true".equals(System.getenv("DEBUG_AWS_KMS")))
			logger.debug(()->"AWS KMS: decrypted secret " + new String(config.getSecret()) + " to " + plainText);
		return plainText;
	}


}