Class Secrets
Runtime access to the secrets your app needs (API keys such as a Google Maps
key) WITHOUT shipping them inside the binary, where they are trivially
extractable. A secret is defined once in the Codename One Cloud vault (the
Secrets page of the build console), fetched on demand over TLS, and cached
in the device keychain via SecureStorage -- so you can rotate the value
server-side without reshipping the app.
// off the EDT (the first call may hit the network):
String mapsKey = Secrets.get("googlemaps.key");
Only secrets the developer published to the app-readable namespace are
served to a device; server-only credentials (such as the App Store / Google
Play keys used by commerce validation) are never reachable from the client.
On the simulator or a local (non-cloud) build there is no build key, so
get(String) returns the cached value if any and otherwise null.
-
Method Summary
Modifier and TypeMethodDescriptionstatic voidDrop the cached copy ofnamefrom the keychain; the nextget(String)re-fetches it.static StringThe secret namedname-- from the keychain cache when present, otherwise fetched from the cloud vault and cached.static StringAsget(String)but returnsdefaultValuewhen the secret is absent.static StringForce a fresh fetch from the cloud vault, replacing the keychain cache.
-
Method Details
-
get
The secret namedname-- from the keychain cache when present, otherwise fetched from the cloud vault and cached. Returnsnullwhen it is unavailable (undefined, not app-readable, or offline with no cached copy). The first fetch blocks on the network, so call this off the EDT. -
get
Asget(String)but returnsdefaultValuewhen the secret is absent. -
refresh
-
clear
Drop the cached copy ofnamefrom the keychain; the nextget(String)re-fetches it.
-