OCI Vault Secret Reader - POC

Proof of Concept (POC) - Integration examples with OCI Vault Secrets in multiple programming languages.

This repository contains functional implementations to retrieve secrets from Oracle Cloud Infrastructure (OCI) Vaults using different programming languages. Each implementation demonstrates best practices and language-specific patterns.

---

📋 Table of Contents

• Overview
• Prerequisites
• OCI Configuration
• Available Implementations
• Project Structure
• How to Use
• License

---

🎯 Overview

This project provides practical examples of how to access secrets stored in OCI Vault through console applications in:

• .NET 9 (C#)
• Python 3.8+
• Node.js 18+ (JavaScript/ES Modules)
• Java 17+ (Maven)

All implementations:

• ✅ Use authentication via OCI configuration file
• ✅ Decode secrets in Base64 format
• ✅ Implement robust error handling
• ✅ Follow best practices for each language
• ✅ Are production-ready

---

📦 Prerequisites

General

• Active Oracle Cloud Infrastructure account
• Read permissions on OCI Vault
• OCI configuration file (~/.oci/config)
• OCI API private key

By Language

Language	Requirements
.NET	.NET 9 SDK
Python	Python 3.8+ and pip
JavaScript	Node.js 18.0+ and npm
Java	Java 17+, Maven 3.6+

---

🔐 OCI Configuration

Before running any implementation, configure your OCI credentials:

1. Create the configuration file

mkdir -p ~/.oci
touch ~/.oci/config

2. Configure the ~/.oci/config file

[DEFAULT]
user=ocid1.user.oc1..xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
fingerprint=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
tenancy=ocid1.tenancy.oc1..xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
region=sa-saopaulo-1
key_file=~/.oci/oci_api_key.pem

3. Add your private key

Place your API private key in the path specified in key_file:

chmod 600 ~/.oci/oci_api_key.pem

---

🚀 Available Implementations

🟦 .NET 9 (C#)

Implementation using .NET 9 with official OCI SDK.

📖 Complete Documentation

cd dotnet/OciVaultSecretReader
dotnet run -- <secret-ocid>

---

🟨 Python

Python implementation using OCI Python SDK with type hints.

📖 Complete Documentation

cd python/oci-vault-secret-reader
pip install -r requirements.txt
python oci_vault_secret_reader.py <secret-ocid>

---

🟩 Node.js (JavaScript)

Node.js implementation using ES Modules and OCI SDK.

📖 Complete Documentation

cd javascript/oci-vault-secret-reader
npm install
node index.js <secret-ocid>

---

☕ Java (Maven)

Java 17+ implementation with Maven and OCI Java SDK.

📖 Complete Documentation

cd java/oci-vault-secret-reader
mvn clean package
java -jar target/oci-vault-secret-reader-1.0.0.jar <secret-ocid>

---

📁 Project Structure

PocOciSdk/
├── README.md                              # This file
├── LICENSE                                # MIT License
├── .gitignore
│
├── dotnet/                                # .NET Implementation
│   ├── OciVaultSecretReader/
│   │   ├── Program.cs
│   │   ├── OciVaultSecretReader.csproj
│   │   └── .gitignore
│   └── README.md
│
├── python/                                # Python Implementation
│   ├── oci-vault-secret-reader/
│   │   ├── oci_vault_secret_reader.py
│   │   ├── requirements.txt
│   │   └── .gitignore
│   └── README.md
│
├── javascript/                            # Node.js Implementation
│   ├── oci-vault-secret-reader/
│   │   ├── index.js
│   │   ├── package.json
│   │   └── .gitignore
│   └── README.md
│
└── java/                                  # Java Implementation
    ├── oci-vault-secret-reader/
    │   ├── src/main/java/com/example/oci/
    │   │   └── OciVaultSecretReader.java
    │   ├── pom.xml
    │   └── .gitignore
    └── README.md

---

💡 How to Use

Step 1: Clone the Repository

git clone <repository-url>
cd PocOciSdk

Step 2: Configure OCI

Follow the instructions in OCI Configuration.

Step 3: Choose an Implementation

Navigate to the desired language directory and follow the specific instructions in the corresponding README.

Step 4: Execute

All implementations follow the same usage pattern:

<execution-command> <secret-ocid>

OCID Example:

ocid1.vaultsecret.oc1.sa-saopaulo-1.amaaaaaaaswkexiaspam2smuu5siwrmp346xirulfeyw3qung3xfj5tsbkia

Expected Output

=== OCI Vault Secret Reader ===

Fetching secret: ocid1.vaultsecret.oc1.sa-saopaulo-1.xxxxx...

Secret retrieved successfully!
Secret ID: ocid1.vaultsecret.oc1.sa-saopaulo-1.xxxxx
Version: 1
Stages: CURRENT
Creation time: 2025-10-23T10:00:00.000Z

Secret Value:
<your-secret-value-here>

---

📚 Additional Resources

• OCI Vault Documentation
• OCI SDK for .NET
• OCI SDK for Python
• OCI SDK for Java
• OCI SDK for JavaScript/TypeScript

---

🤝 Contributing

Contributions are welcome! Feel free to:

1. Fork the project
2. Create a branch for your feature (git checkout -b feature/MyFeature)
3. Commit your changes (git commit -m 'Add MyFeature')
4. Push to the branch (git push origin feature/MyFeature)
5. Open a Pull Request

---

📄 License

This project is licensed under the MIT License. See the LICENSE file for details.

---

✨ Project Status

Language	Status	Last Update
.NET 9	✅ Functional	2025-10-23
Python	✅ Functional	2025-10-23
JavaScript	✅ Functional	2025-10-23
Java	✅ Functional	2025-10-23

---

Developed by Raphael A. F. Cardoso

⬆ Back to top