View Javadoc 

1   /*
2    * Copyright 2012-2013 smartics, Kronseder & Reiner GmbH
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package de.smartics.properties.tutorial.config.encrypted;
17  
18  import static org.hamcrest.MatcherAssert.assertThat;
19  import static org.hamcrest.Matchers.is;
20  
21  import org.junit.Test;
22  
23  import de.smartics.projectdoc.annotations.DocCategory;
24  import de.smartics.projectdoc.annotations.Document;
25  import de.smartics.projectdoc.annotations.topic.DocChapter;
26  import de.smartics.properties.api.config.app.ConfigurationPropertiesFactory;
27  import de.smartics.properties.api.config.app.ConfigurationPropertiesFactoryFactory;
28  import de.smartics.properties.api.config.domain.ConfigurationPropertiesManagement;
29  import de.smartics.properties.api.config.domain.key.ApplicationId;
30  import de.smartics.properties.api.config.domain.key.ConfigurationKey;
31  import de.smartics.properties.api.config.domain.key.EnvironmentId;
32  import de.smartics.properties.impl.config.domain.key.rtaware.TenantUserConfigurationKey;
33  import de.smartics.sandbox.mail.MailServerProperties;
34  
35  /**
36   * This tutorial shows how property values can be encrypted.
37   */
38  @Document(title = "Encrypting Property Values", sortKey = "basics1200")
39  @DocCategory({ "basics" })
40  // @DocTopic(path="basics", step="1200")
41  public class EncryptedPropertyValueTutorial
42  {
43    /**
44     * The security implementation to en- and decrypt values is configured via the
45     * service API. Therefore there is a file named
46     *
47     * <pre>
48     * META-INF/services/de.smartics.properties.api.core.security.PropertyValueSecurity
49     * </pre>
50     *
51     * that contains the following information
52     *
53     * <pre>
54     * de.smartics.properties.api.core.security.PropertiesBasedPropertyValueSecurity
55     * </pre>
56     * <p>
57     * The implementation requires to configure
58     * </p>
59     * <pre>
60     * META-INF/smartics-properties/security.properties
61     * </pre>
62     * <p>
63     * like this
64     * </p>
65     * <pre>de.smartics.properties.security.provider=
66  de.smartics.properties.security.transformation=AES/ECB/PKCS5Padding
67  de.smartics.properties.security.key=+pvrmeQCmtWmYVOZ57uuIQ==
68  de.smartics.properties.security.algorithm=AES</pre>
69     * <p>
70     * Now let's have a look how we can access encrypted information.
71     * </p>
72     * <pre>
73     *   @PropertyValueSecured
74     *   String password();
75     *  </pre>
76     *  <p>
77     *  The value is defined as follows:
78     *  </p>
79     *  <pre>
80     *  mail.server.password=mail.server.password=Kt1uRD0IdYsIAnOR20fUwQ==
81     *  </pre>
82     *  <p>
83     *    Now access the password:
84     *  </p>
85     * {@insertCode}
86     * <p>
87     * There is no magic shown in the code. Note that the password is
88     * automatically decrypted and ready to use. If you do not want the
89     * decryption been made, simply declare the password property like this:
90     * </p>
91     * <pre>
92     *   @PropertyValueSecured(decrypt = false)
93     *   String password();
94     *  </pre>
95     *  <p>
96     *  This way you declare that the property is expected to be secured, but is
97     *  passed in its encrypted form to the caller.
98     */
99    @DocChapter
100   @Test
101   public void accessEncryptedPropertyValues()
102   {
103     final MailServerProperties properties = fetchProperties();
104 
105     final String password = properties.password();
106     assertThat(password, is("testme"));
107   }
108 
109   private MailServerProperties fetchProperties()
110   {
111     final ConfigurationPropertiesFactory factory =
112         ConfigurationPropertiesFactoryFactory.createDefaultFactory();
113 
114     final ConfigurationKey<?> key =
115         new TenantUserConfigurationKey(new EnvironmentId("test"), new ApplicationId(
116             "de.smartics.sandbox", "test-application", "0.1.0"));
117     final ConfigurationPropertiesManagement config =
118         factory.createManagement(key);
119 
120     final MailServerProperties properties =
121         config.getProperties(MailServerProperties.class);
122     return properties;
123   }
124 }