com.ulisesbocchio.jasyptspringboot.configuration.EnableEncryptablePropertiesConfiguration Maven / Gradle / Ivy
package com.ulisesbocchio.jasyptspringboot.configuration;
import com.ulisesbocchio.jasyptspringboot.InterceptionMode;
import lombok.extern.slf4j.Slf4j;
import org.jasypt.encryption.StringEncryptor;
import org.jasypt.encryption.pbe.config.StringPBEConfig;
import org.springframework.beans.factory.config.BeanFactoryPostProcessor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.core.env.ConfigurableEnvironment;
import org.springframework.core.env.Environment;
import org.springframework.core.env.PropertySource;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
/**
* Configuration class that registers a {@link BeanFactoryPostProcessor} that wraps all {@link PropertySource} defined in the {@link Environment}
* with {@link com.ulisesbocchio.jasyptspringboot.wrapper.EncryptablePropertySourceWrapper} and defines a default {@link StringEncryptor} for decrypting properties
* that can be configured through the same properties it wraps.
* The {@link StringEncryptor} bean is only defined when no other
* bean of type {@link StringEncryptor} is present in the Application Context, thus allowing for custom definition if required.
* The default {@link StringEncryptor} can be configured through the following properties:
*
*
* Key Required Default Value
*
*
* jasypt.encryptor.password True -
*
*
* jasypt.encryptor.algorithm False PBEWITHHMACSHA512ANDAES_256
*
*
* jasypt.encryptor.keyObtentionIterations False 1000
*
*
* jasypt.encryptor.poolSize False 1
*
* jasypt.encryptor.providerName False SunJCE
*
*
* jasypt.encryptor.saltGeneratorClassname False org.jasypt.salt.RandomSaltGenerator
*
*
* jasypt.encryptor.ivGeneratorClassname False org.jasypt.iv.RandomIvGenerator
*
*
* jasypt.encryptor.stringOutputType False base64
*
*
*
* For mor information about the configuration properties
*
* @author Ulises Bocchio
* @see StringPBEConfig
*/
@Configuration
@Import({EncryptablePropertyResolverConfiguration.class, CachingConfiguration.class})
@Slf4j
public class EnableEncryptablePropertiesConfiguration {
@SuppressWarnings("unchecked")
@Bean
public static EnableEncryptablePropertiesBeanFactoryPostProcessor enableEncryptablePropertySourcesPostProcessor(final ConfigurableEnvironment environment) {
final boolean proxyPropertySources = environment.getProperty("jasypt.encryptor.proxy-property-sources", Boolean.TYPE, false);
final List skipPropertySources = (List) environment.getProperty("jasypt.encryptor.skip-property-sources", List.class, Collections.EMPTY_LIST);
final List>> skipPropertySourceClasses = skipPropertySources.stream().map(EnableEncryptablePropertiesConfiguration::getPropertiesClass).collect(Collectors.toList());
final InterceptionMode interceptionMode = proxyPropertySources ? InterceptionMode.PROXY : InterceptionMode.WRAPPER;
return new EnableEncryptablePropertiesBeanFactoryPostProcessor(environment, interceptionMode, skipPropertySourceClasses);
}
@SuppressWarnings("unchecked")
private static Class> getPropertiesClass(String className) {
try {
Class clazz = Class.forName(className);
if (PropertySource.class.isAssignableFrom(clazz)) {
return (Class>) clazz;
}
throw new IllegalArgumentException(String.format("Invalid jasypt.encryptor.skip-property-sources: Class %s does not implement %s", className, PropertySource.class.getName()));
} catch (ClassNotFoundException e) {
throw new IllegalArgumentException(String.format("Invalid jasypt.encryptor.skip-property-sources: Class %s not found", className), e);
}
}
}