Fix serialization for field level encryption. #1622
Conversation
mikereiche
changed the title
| import java.util.HashMap; | ||
| import java.util.HashSet; | ||
| import java.util.List; | ||
| import java.util.Map; |
There was a problem hiding this comment.
The CryptoConverter now needs the ObjectMapper.
| TypeInformation<?> type = ClassTypeInformation.from(value.getClass()); | ||
| ((MappingCouchbaseConverter) this).writeInternalRoot(value, embeddedDoc, type, false, null); | ||
| ((MappingCouchbaseConverter) this).writeInternalRoot(value, embeddedDoc, type, false, null, true); | ||
| value = embeddedDoc; |
There was a problem hiding this comment.
writeInternalRoot needs a flag of whether or not to process PropertyValueConverters (specifically the CryptoConverter) so it doesn't recursively encrypt such an annotated property.
| import org.springframework.data.convert.ValueConversionContext; | ||
| import org.springframework.data.mapping.PersistentProperty; | ||
|
|
||
| import com.couchbase.client.core.encryption.CryptoManager; |
There was a problem hiding this comment.
Addition of ObjectMapper.
| return plaintextParser.readValueAs(beanPropertyTypeRef); | ||
| */ | ||
|
|
There was a problem hiding this comment.
The deleted comment is a bit misleading. The conversions do take place in context.getConverter.read() and getPotentiallyConvertedSimpleRead() below.
| CouchbaseDocument doc = new CouchbaseDocument(); | ||
| context.getConverter().writeInternalRoot(value, doc, property.getTypeInformation(), false, property, false); | ||
| plainText = JsonObject.from(doc.export()).toBytes(); | ||
| } |
There was a problem hiding this comment.
The old code relied on the entity (Airport, Address etc) produced by context.read(value) have a nice toString() method that gives the json representation of the object. It's a bad assumption.
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ |
There was a problem hiding this comment.
Add one of our @jsonvalue Enums to Address which gets used in the FLE tests and elsewhere.
| T10("\"10%"), T20("\"20%"), T30("\"30%"); | ||
|
|
||
| private final String code; | ||
|
|
There was a problem hiding this comment.
Add a quote to the content of the Enum serialization.
| @Encrypted public DateTime encDateTime; | ||
|
|
||
| @Encrypted public ETurbulenceCategory turbulence; | ||
| @Encrypted public Address encAddress = new Address(); |
There was a problem hiding this comment.
Add an encrypted @jsonvalue Enum.
| encString = "myString"; | ||
| encStrings = new String[] { "myString" }; | ||
| encString = "myS\"tring"; | ||
| encStrings = new String[] { "mySt\"ring" }; |
There was a problem hiding this comment.
make a tricky String and String array
| encDateTime = NOW_DateTime; | ||
|
|
||
| encAddress = new Address(); | ||
|
|
There was a problem hiding this comment.
let the caller (test case) initialize this.
mikereiche
deleted the
datacouch_1621_fixes_to_fle_encryption_serialization_deserialization
branch
The key changes are at lines 141 and 145 of CryptoConverter.
(a) use objectMapper to encode strings instead of just escaping and adding quotes; and
(b) use context.getConverter().writeInternalRoot() to serialize instead of
relying on context.read(value).toString()) which relies on the entity object having a toString() that produces json.
Closes #1621.