Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for deriving json schema for encrypted properties. #3801

Closed
wants to merge 2 commits into from
Closed

Add support for deriving json schema for encrypted properties. #3801

wants to merge 2 commits into from

Conversation

christophstrobl
Copy link
Member

Closes: #3800

@christophstrobl christophstrobl mentioned this pull request Sep 6, 2021
Closed
@christophstrobl christophstrobl marked this pull request as ready for review September 10, 2021 09:48
mp911de
mp911de reviewed Sep 13, 2021
View reviewed changes
spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/mapping/Encrypted.java Outdated
@@ -0,0 +1,112 @@
/*
* Copyright 2021. the original author or authors.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit:

Copyright 2021 the original author or authors.

(there's a dot after 2021)

mp911de
mp911de reviewed Sep 13, 2021
View reviewed changes
...mongodb/src/main/java/org/springframework/data/mongodb/core/mapping/MongoMappingContext.java Outdated
@@ -145,4 +150,10 @@ public void setAutoIndexCreation(boolean autoCreateIndexes) {

return new UnwrappedMongoPersistentEntity<>(entity, new UnwrapEntityContext(persistentProperty));
}

@Nullable
public ApplicationContext getApplicationContext() {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This doesn't seem seem to be necessary as we do not have any callers to getApplicationContext()

mp911de
mp911de reviewed Sep 13, 2021
View reviewed changes
src/main/asciidoc/reference/mongo-json-schema.adoc
@Encrypted(keyId = "xKVup8B1Q+CkHaVRx+qa+g==", algorithm = "AEAD_AES_256_CBC_HMAC_SHA_512-Random") <1>
static class Patient {

@Id String id;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: Indent

mp911de
mp911de reviewed Sep 13, 2021
View reviewed changes
src/main/asciidoc/reference/mongo-json-schema.adoc

[TIP]
====
The `@Encrypted` Annoation supports resolving keyIds via SpEL Expressions.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/Annoation/annotation

mp911de
mp911de reviewed Sep 13, 2021
View reviewed changes
src/main/asciidoc/reference/mongo-json-schema.adoc
@Encrypted(keyId = "#{mongocrypt.keyId(#target)}")
static class Patient {

@Id String id;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: Indent

mp911de
mp911de reviewed Sep 13, 2021
View reviewed changes
src/main/asciidoc/reference/mongo-json-schema.adoc Outdated

// ... keyVaultCollection, kmsProvider, ...

MongoJsonSchemaCreator schemaCreator = MongoJsonSchemaCreator.create(mappingContext);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: Indent

@christophstrobl
Prepare issue branch.
685d1f3
@christophstrobl
Add support for deriving json schema for encrypted properties.
95d9e67 
This commit introduces support for creating a MongoJsonSchema containing encrypted fields for a given type based on mapping metadata.
Using the Encrypted annotation allows to derive required encryptMetadata and encrypt properties within a given (mapping)context.

@document
@Encrypted(keyId = "...")
static class Patient {

    // ...

    @Encrypted(algorithm = "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic")
    private Integer ssn;

}

MongoJsonSchemaCreator schemaCreator = MongoJsonSchemaCreator.create(mappingContext);
MongoJsonSchema patientSchema = schemaCreator
    .filter(MongoJsonSchemaCreator.encryptedOnly())
    .createSchemaFor(Patient.class);
@mp911de mp911de added this to the 3.3 M3 (2021.1.0) milestone Sep 14, 2021
@mp911de mp911de added the type: enhancement A general enhancement label Sep 14, 2021
mp911de pushed a commit that referenced this pull request Sep 14, 2021
@christophstrobl @mp911de
Add support for deriving json schema for encrypted properties.
99203b3 
This commit introduces support for creating a MongoJsonSchema containing encrypted fields for a given type based on mapping metadata.
Using the Encrypted annotation allows to derive required encryptMetadata and encrypt properties within a given (mapping)context.

@document
@Encrypted(keyId = "...")
static class Patient {

    // ...

    @Encrypted(algorithm = "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic")
    private Integer ssn;

}

MongoJsonSchemaCreator schemaCreator = MongoJsonSchemaCreator.create(mappingContext);
MongoJsonSchema patientSchema = schemaCreator
    .filter(MongoJsonSchemaCreator.encryptedOnly())
    .createSchemaFor(Patient.class);

Closes: #3800
Original pull request: #3801.
@mp911de
Copy link
Member

mp911de commented Sep 14, 2021

That's merged now

@mp911de mp911de closed this Sep 14, 2021
@mp911de mp911de deleted the issue/3800 branch September 14, 2021 07:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mp911de mp911de mp911de left review comments

Assignees
No one assigned
Labels
type: enhancement A general enhancement
Projects
None yet
Milestone
3.3 M3 (2021.1.0)
Development

Successfully merging this pull request may close these issues.

Add support for deriving json schema for encrypted properties.
2 participants
@christophstrobl @mp911de