|
|
|
@ -40,7 +40,6 @@ import org.springframework.data.mongodb.core.encryption.EncryptionKey; |
|
|
|
import org.springframework.data.mongodb.core.encryption.EncryptionKeyResolver; |
|
|
|
import org.springframework.data.mongodb.core.encryption.EncryptionKeyResolver; |
|
|
|
import org.springframework.data.mongodb.core.encryption.EncryptionOptions; |
|
|
|
import org.springframework.data.mongodb.core.encryption.EncryptionOptions; |
|
|
|
import org.springframework.data.mongodb.core.mapping.Encrypted; |
|
|
|
import org.springframework.data.mongodb.core.mapping.Encrypted; |
|
|
|
import org.springframework.data.mongodb.core.mapping.ExplicitEncrypted; |
|
|
|
|
|
|
|
import org.springframework.data.mongodb.core.mapping.MongoPersistentProperty; |
|
|
|
import org.springframework.data.mongodb.core.mapping.MongoPersistentProperty; |
|
|
|
import org.springframework.data.mongodb.core.mapping.RangeEncrypted; |
|
|
|
import org.springframework.data.mongodb.core.mapping.RangeEncrypted; |
|
|
|
import org.springframework.data.mongodb.util.BsonUtils; |
|
|
|
import org.springframework.data.mongodb.util.BsonUtils; |
|
|
|
@ -172,43 +171,45 @@ public class MongoEncryptionConverter implements EncryptingConverter<Object, Obj |
|
|
|
getProperty(context).getOwner().getName(), getProperty(context).getName())); |
|
|
|
getProperty(context).getOwner().getName(), getProperty(context).getName())); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
boolean encryptExpression = false; |
|
|
|
|
|
|
|
String algorithm = annotation.algorithm(); |
|
|
|
String algorithm = annotation.algorithm(); |
|
|
|
EncryptionKey key = keyResolver.getKey(context); |
|
|
|
EncryptionKey key = keyResolver.getKey(context); |
|
|
|
EncryptionOptions encryptionOptions = new EncryptionOptions(algorithm, key); |
|
|
|
|
|
|
|
String fieldNameAndQueryOperator = context.getFieldNameAndQueryOperator(); |
|
|
|
String fieldNameAndQueryOperator = context.getFieldNameAndQueryOperator(); |
|
|
|
|
|
|
|
|
|
|
|
ExplicitEncrypted explicitEncryptedAnnotation = persistentProperty.findAnnotation(ExplicitEncrypted.class); |
|
|
|
EncryptionOptions encryptionOptions = new EncryptionOptions(algorithm, key, |
|
|
|
if (explicitEncryptedAnnotation != null) { |
|
|
|
getEQOptions(persistentProperty, fieldNameAndQueryOperator)); |
|
|
|
encryptionOptions = new EncryptionOptions(algorithm, key, QueryableEncryptionOptions.none()); |
|
|
|
|
|
|
|
|
|
|
|
if (fieldNameAndQueryOperator != null |
|
|
|
|
|
|
|
&& !encryptionOptions.queryableEncryptionOptions().equals(QueryableEncryptionOptions.none())) { |
|
|
|
|
|
|
|
return encryptExpression(fieldNameAndQueryOperator, value, encryptionOptions); |
|
|
|
} else { |
|
|
|
} else { |
|
|
|
RangeEncrypted rangeEncryptedAnnotation = persistentProperty.findAnnotation(RangeEncrypted.class); |
|
|
|
return encryptValue(value, context, persistentProperty, encryptionOptions); |
|
|
|
if (rangeEncryptedAnnotation != null) { |
|
|
|
} |
|
|
|
QueryableEncryptionOptions queryableEncryptionOptions = QueryableEncryptionOptions.none(); |
|
|
|
} |
|
|
|
String rangeOptions = rangeEncryptedAnnotation.rangeOptions(); |
|
|
|
|
|
|
|
if (!rangeOptions.isEmpty()) { |
|
|
|
|
|
|
|
queryableEncryptionOptions = queryableEncryptionOptions.attributes(Document.parse(rangeOptions)); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (rangeEncryptedAnnotation.contentionFactor() >= 0) { |
|
|
|
private static QueryableEncryptionOptions getEQOptions(MongoPersistentProperty persistentProperty, |
|
|
|
queryableEncryptionOptions = queryableEncryptionOptions |
|
|
|
String fieldNameAndQueryOperator) { |
|
|
|
.contentionFactor(rangeEncryptedAnnotation.contentionFactor()); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
boolean isPartOfARangeQuery = fieldNameAndQueryOperator != null; |
|
|
|
QueryableEncryptionOptions queryableEncryptionOptions = QueryableEncryptionOptions.none(); |
|
|
|
if (isPartOfARangeQuery) { |
|
|
|
RangeEncrypted rangeEncryptedAnnotation = persistentProperty.findAnnotation(RangeEncrypted.class); |
|
|
|
encryptExpression = true; |
|
|
|
if (rangeEncryptedAnnotation == null) { |
|
|
|
queryableEncryptionOptions = queryableEncryptionOptions.queryType("range"); |
|
|
|
return queryableEncryptionOptions; |
|
|
|
} |
|
|
|
|
|
|
|
encryptionOptions = new EncryptionOptions(algorithm, key, queryableEncryptionOptions); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if (encryptExpression) { |
|
|
|
String rangeOptions = rangeEncryptedAnnotation.rangeOptions(); |
|
|
|
return encryptExpression(fieldNameAndQueryOperator, value, encryptionOptions); |
|
|
|
if (!rangeOptions.isEmpty()) { |
|
|
|
} else { |
|
|
|
queryableEncryptionOptions = queryableEncryptionOptions.attributes(Document.parse(rangeOptions)); |
|
|
|
return encryptValue(value, context, persistentProperty, encryptionOptions); |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (rangeEncryptedAnnotation.contentionFactor() >= 0) { |
|
|
|
|
|
|
|
queryableEncryptionOptions = queryableEncryptionOptions |
|
|
|
|
|
|
|
.contentionFactor(rangeEncryptedAnnotation.contentionFactor()); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
boolean isPartOfARangeQuery = fieldNameAndQueryOperator != null; |
|
|
|
|
|
|
|
if (isPartOfARangeQuery) { |
|
|
|
|
|
|
|
queryableEncryptionOptions = queryableEncryptionOptions.queryType("range"); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
return queryableEncryptionOptions; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
private BsonBinary encryptValue(Object value, EncryptionContext context, MongoPersistentProperty persistentProperty, |
|
|
|
private BsonBinary encryptValue(Object value, EncryptionContext context, MongoPersistentProperty persistentProperty, |
|
|
|
|
Christoph Strobl
9 months ago