The config for this service could look something like this:
This config was borrowed from https://docs.google.com/document/d/1BkhAJwWDOAffKKyX-5v2wL-K1n71HWBjsLb4IkeX8P8/edit#. When designing this config we should consult other products so that our config looks similar for better platform understanding.
- Must be able to configure the SecretStores IDM currently supports (HSM, and filebased keystores)
- Should be able to define custom purposes beyond the default purposes available in the Purposes class
- Must be able to retrieve named secrets, an active secret for a given purpose, and all valid secrets for a given purpose from the configured SecretStores
- Must have an osgi service that can be referenced by other IDM services to access the SecretsApi
- Should have unit tests to prove above functionality.