From 078933c8fd63d771ed468f79e6c8308c24e557f0 Mon Sep 17 00:00:00 2001
From: Christian Dupuis <cdupuis@gopivotal.com>
Date: Fri, 29 Nov 2013 15:16:06 +0100
Subject: [PATCH] Add actuator endpoint to expose ConfigurationProperties

This information should probably be also available from the console and log similar to AutoConfigurationReport.
---
 .../EndpointAutoConfiguration.java            |   7 ++
 ...ConfigurationPropertiesReportEndpoint.java | 103 ++++++++++++++++++
 ...gurationPropertiesReportEndpointTests.java |  67 ++++++++++++
 3 files changed, 177 insertions(+)
 create mode 100644 spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/ConfigurationPropertiesReportEndpoint.java
 create mode 100644 spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/ConfigurationPropertiesReportEndpointTests.java

diff --git a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/EndpointAutoConfiguration.java b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/EndpointAutoConfiguration.java
index e46645b434b..5cf1e88c7ef 100644
--- a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/EndpointAutoConfiguration.java
+++ b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/EndpointAutoConfiguration.java
@@ -26,6 +26,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.actuate.endpoint.AutoConfigurationReportEndpoint;
 import org.springframework.boot.actuate.endpoint.BeansEndpoint;
+import org.springframework.boot.actuate.endpoint.ConfigurationPropertiesReportEndpoint;
 import org.springframework.boot.actuate.endpoint.DumpEndpoint;
 import org.springframework.boot.actuate.endpoint.Endpoint;
 import org.springframework.boot.actuate.endpoint.EnvironmentEndpoint;
@@ -162,6 +163,12 @@ public class EndpointAutoConfiguration {
 		return new ShutdownEndpoint();
 	}
 
+	@Bean
+	@ConditionalOnMissingBean
+	public ConfigurationPropertiesReportEndpoint configurationPropertiesReportEndpoint() {
+		return new ConfigurationPropertiesReportEndpoint();
+	}
+
 	@Configuration
 	protected static class InfoPropertiesConfiguration {
 
diff --git a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/ConfigurationPropertiesReportEndpoint.java b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/ConfigurationPropertiesReportEndpoint.java
new file mode 100644
index 00000000000..5081f723808
--- /dev/null
+++ b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/ConfigurationPropertiesReportEndpoint.java
@@ -0,0 +1,103 @@
+/*
+ * Copyright 2013 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.actuate.endpoint;
+
+import java.util.Map;
+
+import org.springframework.beans.BeansException;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.ApplicationContextAware;
+import org.springframework.util.Assert;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+/**
+ * {@link Endpoint} to expose application properties from {@link ConfigurationProperties}
+ * annotated classes.
+ * 
+ * <p>
+ * To protect sensitive information from being exposed, configure property names by using
+ * <code>endpoints.configprops.keys_to_sanitize</code>.
+ * 
+ * @author Christian Dupuis
+ */
+@ConfigurationProperties(name = "endpoints.configprops", ignoreUnknownFields = false)
+public class ConfigurationPropertiesReportEndpoint extends
+		AbstractEndpoint<Map<String, Object>> implements ApplicationContextAware {
+
+	private String[] keysToSanitize = new String[] { "password", "secret" };
+
+	private ApplicationContext context;
+
+	public ConfigurationPropertiesReportEndpoint() {
+		super("/configprops");
+	}
+
+	@Override
+	public void setApplicationContext(ApplicationContext context) throws BeansException {
+		this.context = context;
+	}
+
+	public String[] getKeysToSanitize() {
+		return this.keysToSanitize;
+	}
+
+	public void setKeysToSanitize(String[] keysToSanitize) {
+		Assert.notNull(keysToSanitize, "KeysToSanitize must not be null");
+		this.keysToSanitize = keysToSanitize;
+	}
+
+	@Override
+	@SuppressWarnings("unchecked")
+	protected Map<String, Object> doInvoke() {
+		Map<String, Object> beans = this.context
+				.getBeansWithAnnotation(ConfigurationProperties.class);
+
+		// Serialize beans into map structure and sanitize values
+		for (Map.Entry<String, Object> entry : beans.entrySet()) {
+			ObjectMapper m = new ObjectMapper();
+			beans.put(entry.getKey(),
+					sanitize(m.convertValue(entry.getValue(), Map.class)));
+		}
+
+		return beans;
+	}
+
+	@SuppressWarnings("unchecked")
+	private Map<String, Object> sanitize(Map<String, Object> map) {
+		for (Map.Entry<String, Object> entry : map.entrySet()) {
+			if (entry.getValue() instanceof Map) {
+				map.put(entry.getKey(), sanitize((Map<String, Object>) entry.getValue()));
+			}
+			else {
+				map.put(entry.getKey(), sanitize(entry.getKey(), entry.getValue()));
+			}
+		}
+		return map;
+	}
+
+	private Object sanitize(String name, Object object) {
+		for (String keyToSanitize : this.keysToSanitize) {
+			if (name.toLowerCase().endsWith(keyToSanitize)) {
+				return object == null ? null : "******";
+			}
+		}
+		return object;
+	}
+
+}
diff --git a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/ConfigurationPropertiesReportEndpointTests.java b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/ConfigurationPropertiesReportEndpointTests.java
new file mode 100644
index 00000000000..df643ea37f5
--- /dev/null
+++ b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/ConfigurationPropertiesReportEndpointTests.java
@@ -0,0 +1,67 @@
+/*
+ * Copyright 2013 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.actuate.endpoint;
+
+import org.junit.Test;
+import org.springframework.boot.actuate.properties.ManagementServerProperties;
+import org.springframework.boot.autoconfigure.security.SecurityProperties;
+import org.springframework.boot.autoconfigure.web.ServerProperties;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import static org.hamcrest.Matchers.greaterThan;
+import static org.junit.Assert.assertThat;
+
+public class ConfigurationPropertiesReportEndpointTests extends
+		AbstractEndpointTests<ConfigurationPropertiesReportEndpoint> {
+
+	public ConfigurationPropertiesReportEndpointTests() {
+		super(Config.class, ConfigurationPropertiesReportEndpoint.class, "/configprops",
+				true, "endpoints.configprops");
+	}
+
+	@Test
+	public void invoke() throws Exception {
+		assertThat(getEndpointBean().invoke().size(), greaterThan(0));
+	}
+
+	@Configuration
+	@EnableConfigurationProperties
+	public static class Config {
+
+		@Bean
+		public ConfigurationPropertiesReportEndpoint endpoint() {
+			return new ConfigurationPropertiesReportEndpoint();
+		}
+
+		@Bean
+		public ServerProperties serverProperties() {
+			return new ServerProperties();
+		}
+
+		@Bean
+		public ManagementServerProperties managementServerProperties() {
+			return new ManagementServerProperties();
+		}
+
+		@Bean
+		public SecurityProperties securityProperties() {
+			return new SecurityProperties();
+		}
+	}
+}