Avoid schema keyId uuid representation errors.
To avoid driver configuration specific UUID representation format errors (binary subtype 3 vs. subtype 4) we now directly convert the given key into its subtype 4 format. Resolves: #3929 Original pull request: #3931.
This commit is contained in:
Christoph Strobl
committed by
Mark Paluch
Mark Paluch
parent
d61cf8f57e
commit
04ec49eb9e
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2021 the original author or authors.
|
||||
* Copyright 2021-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -18,11 +18,15 @@ package org.springframework.data.mongodb.util.encryption;
|
||||
import java.util.UUID;
|
||||
import java.util.function.Supplier;
|
||||
|
||||
import org.bson.BsonBinary;
|
||||
import org.bson.BsonBinarySubType;
|
||||
import org.bson.types.Binary;
|
||||
import org.springframework.data.mongodb.util.spel.ExpressionUtils;
|
||||
import org.springframework.expression.EvaluationContext;
|
||||
import org.springframework.expression.Expression;
|
||||
import org.springframework.lang.Nullable;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.Base64Utils;
|
||||
|
||||
/**
|
||||
* Internal utility class for dealing with encryption related matters.
|
||||
@@ -35,8 +39,8 @@ public final class EncryptionUtils {
|
||||
/**
|
||||
* Resolve a given plain {@link String} value into the store native {@literal keyId} format, considering potential
|
||||
* {@link Expression expressions}. <br />
|
||||
* The potential keyId is probed against an {@link UUID#fromString(String) UUID value} and the {@literal base64}
|
||||
* encoded {@code $binary} representation.
|
||||
* The potential keyId is probed against an {@link UUID#fromString(String) UUID value} or decoded from the
|
||||
* {@literal base64} representation prior to conversion into its {@link Binary} format.
|
||||
*
|
||||
* @param value the source value to resolve the keyId for. Must not be {@literal null}.
|
||||
* @param evaluationContext a {@link Supplier} used to provide the {@link EvaluationContext} in case an
|
||||
@@ -57,11 +61,13 @@ public final class EncryptionUtils {
|
||||
return potentialKeyId;
|
||||
}
|
||||
}
|
||||
|
||||
try {
|
||||
return UUID.fromString(potentialKeyId.toString());
|
||||
return new Binary(BsonBinarySubType.UUID_STANDARD,
|
||||
new BsonBinary(UUID.fromString(potentialKeyId.toString())).getData());
|
||||
} catch (IllegalArgumentException e) {
|
||||
return org.bson.Document.parse("{ val : { $binary : { base64 : '" + potentialKeyId + "', subType : '04'} } }")
|
||||
.get("val");
|
||||
|
||||
return new Binary(BsonBinarySubType.UUID_STANDARD, Base64Utils.decodeFromString(potentialKeyId.toString()));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2019-2021 the original author or authors.
|
||||
* Copyright 2019-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -23,6 +23,7 @@ import java.util.LinkedHashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import org.bson.BsonDocument;
|
||||
import org.bson.Document;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
@@ -107,7 +108,7 @@ public class MappingMongoJsonSchemaCreatorUnitTests {
|
||||
.createSchemaFor(Patient.class);
|
||||
|
||||
Document targetSchema = schema.schemaDocument();
|
||||
assertThat(targetSchema).isEqualTo(Document.parse(PATIENT));
|
||||
assertThat(targetSchema.toBsonDocument()).isEqualTo(BsonDocument.parse(PATIENT));
|
||||
}
|
||||
|
||||
@Test // GH-3800
|
||||
@@ -136,7 +137,7 @@ public class MappingMongoJsonSchemaCreatorUnitTests {
|
||||
.filter(MongoJsonSchemaCreator.encryptedOnly()) //
|
||||
.createSchemaFor(EncryptionMetadataFromProperty.class);
|
||||
|
||||
assertThat(schema.schemaDocument()).isEqualTo(Document.parse(ENC_FROM_PROPERTY_SCHEMA));
|
||||
assertThat(schema.schemaDocument().toBsonDocument()).isEqualTo(BsonDocument.parse(ENC_FROM_PROPERTY_SCHEMA));
|
||||
}
|
||||
|
||||
@Test // GH-3800
|
||||
@@ -154,7 +155,7 @@ public class MappingMongoJsonSchemaCreatorUnitTests {
|
||||
.filter(MongoJsonSchemaCreator.encryptedOnly()) //
|
||||
.createSchemaFor(EncryptionMetadataFromMethod.class);
|
||||
|
||||
assertThat(schema.schemaDocument()).isEqualTo(Document.parse(ENC_FROM_METHOD_SCHEMA));
|
||||
assertThat(schema.schemaDocument().toBsonDocument()).isEqualTo(BsonDocument.parse(ENC_FROM_METHOD_SCHEMA));
|
||||
}
|
||||
|
||||
// --> TYPES AND JSON
|
||||
@@ -392,7 +393,7 @@ public class MappingMongoJsonSchemaCreatorUnitTests {
|
||||
}
|
||||
|
||||
static final String ENC_FROM_PROPERTY_ENTITY_KEY = "C5a5aMB7Ttq4wSJTFeRn8g==";
|
||||
static final String ENC_FROM_PROPERTY_PROPOERTY_KEY = "Mw6mdTVPQfm4quqSCLVB3g=";
|
||||
static final String ENC_FROM_PROPERTY_PROPOERTY_KEY = "Mw6mdTVPQfm4quqSCLVB3g==";
|
||||
static final String ENC_FROM_PROPERTY_SCHEMA = "{" + //
|
||||
" 'encryptMetadata': {" + //
|
||||
" 'keyId': [" + //
|
||||
|
||||
Reference in New Issue
Block a user