From 93b059948cdc2530198b18a13a95587243ef22a9 Mon Sep 17 00:00:00 2001 From: Roman Strobl Date: Tue, 25 Jun 2024 20:30:46 +0200 Subject: [PATCH] Fix #194: Missing decryption on fetch --- .../converter/AttachmentConverter.java | 46 ++---------------- .../converter/DocumentConverter.java | 30 ++---------- .../converter/PhotoConverter.java | 47 ++----------------- .../service/AttachmentService.java | 1 - .../service/DocumentService.java | 1 - .../service/EncryptionService.java | 2 +- 6 files changed, 16 insertions(+), 111 deletions(-) diff --git a/user-data-store-server/src/main/java/com/wultra/security/userdatastore/converter/AttachmentConverter.java b/user-data-store-server/src/main/java/com/wultra/security/userdatastore/converter/AttachmentConverter.java index 854aedb1..b22337ca 100644 --- a/user-data-store-server/src/main/java/com/wultra/security/userdatastore/converter/AttachmentConverter.java +++ b/user-data-store-server/src/main/java/com/wultra/security/userdatastore/converter/AttachmentConverter.java @@ -19,57 +19,21 @@ import com.wultra.security.userdatastore.client.model.dto.AttachmentDto; import com.wultra.security.userdatastore.model.entity.AttachmentEntity; -import com.wultra.security.userdatastore.model.entity.DocumentEntity; import com.wultra.security.userdatastore.model.repository.DocumentRepository; -import org.springframework.beans.factory.annotation.Autowired; +import com.wultra.security.userdatastore.service.EncryptionService; +import lombok.AllArgsConstructor; import org.springframework.stereotype.Component; -import java.util.Optional; - /** * Converter for attachments. * * @author Roman Strobl, roman.strobl@wultra.com */ @Component +@AllArgsConstructor public class AttachmentConverter { - private final DocumentRepository documentRepository; - - /** - * Converter constructor. - * @param documentRepository Document repository. - */ - @Autowired - public AttachmentConverter(DocumentRepository documentRepository) { - this.documentRepository = documentRepository; - } - - /** - * Convert {@link AttachmentDto} to {@link AttachmentEntity}. - * @param attachment Attachment DTO. - * @return Attachment entity. - */ - public AttachmentEntity toAttachmentEntity(final AttachmentDto attachment) { - if (attachment == null) { - return null; - } - - final Optional documentEntityOptional = documentRepository.findById(attachment.documentId()); - if (documentEntityOptional.isEmpty()) { - return null; - } - - final AttachmentEntity entity = new AttachmentEntity(); - entity.setId(attachment.id()); - entity.setDocument(documentEntityOptional.get()); - entity.setAttachmentData(attachment.attachmentData()); - entity.setAttachmentType(attachment.attachmentType()); - entity.setExternalId(attachment.externalId()); - entity.setTimestampCreated(attachment.timestampCreated()); - entity.setTimestampLastUpdated(attachment.timestampLastUpdated()); - return entity; - } + private final EncryptionService encryptionService; /** * Convert {@link AttachmentEntity} to {@link AttachmentDto}. @@ -84,7 +48,7 @@ public AttachmentDto toAttachment(final AttachmentEntity entity) { return AttachmentDto.builder() .id(entity.getId()) .documentId(entity.getDocument().getId()) - .attachmentData(entity.getAttachmentData()) + .attachmentData(encryptionService.decryptAttachment(entity)) .attachmentType(entity.getAttachmentType()) .externalId(entity.getExternalId()) .timestampCreated(entity.getTimestampCreated()) diff --git a/user-data-store-server/src/main/java/com/wultra/security/userdatastore/converter/DocumentConverter.java b/user-data-store-server/src/main/java/com/wultra/security/userdatastore/converter/DocumentConverter.java index 3552e5cb..3a36c664 100644 --- a/user-data-store-server/src/main/java/com/wultra/security/userdatastore/converter/DocumentConverter.java +++ b/user-data-store-server/src/main/java/com/wultra/security/userdatastore/converter/DocumentConverter.java @@ -22,6 +22,8 @@ import com.fasterxml.jackson.databind.ObjectMapper; import com.wultra.security.userdatastore.client.model.dto.DocumentDto; import com.wultra.security.userdatastore.model.entity.DocumentEntity; +import com.wultra.security.userdatastore.service.EncryptionService; +import lombok.AllArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Component; @@ -35,33 +37,11 @@ */ @Component @Slf4j +@AllArgsConstructor public class DocumentConverter { private final ObjectMapper OBJECT_MAPPER = new ObjectMapper(); - - /** - * Convert {@link DocumentDto} to {@link DocumentEntity}. - * @param document Document DTO. - * @return Document entity. - */ - public DocumentEntity toDocumentEntity(final DocumentDto document) { - if (document == null) { - return null; - } - - final DocumentEntity entity = new DocumentEntity(); - entity.setId(document.id()); - entity.setUserId(document.userId()); - entity.setDocumentType(document.documentType()); - entity.setDataType(document.dataType()); - entity.setDocumentDataId(document.documentDataId()); - entity.setExternalId(document.externalId()); - entity.setDocumentData(document.documentData()); - convertAndSetAttributes(document.attributes(), entity); - entity.setTimestampCreated(document.timestampCreated()); - entity.setTimestampLastUpdated(document.timestampLastUpdated()); - return entity; - } + private final EncryptionService encryptionService; /** * Convert {@link DocumentEntity} to {@link DocumentDto}. @@ -80,7 +60,7 @@ public DocumentDto toDocument(final DocumentEntity entity) { .dataType(entity.getDataType()) .documentDataId(entity.getDocumentDataId()) .externalId(entity.getExternalId()) - .documentData(entity.getDocumentData()) + .documentData(encryptionService.decryptDocumentData(entity)) .attributes(convertAttributesToMap(entity.getAttributes())) .timestampCreated(entity.getTimestampCreated()) .timestampLastUpdated(entity.getTimestampLastUpdated()) diff --git a/user-data-store-server/src/main/java/com/wultra/security/userdatastore/converter/PhotoConverter.java b/user-data-store-server/src/main/java/com/wultra/security/userdatastore/converter/PhotoConverter.java index c18e847b..bf3f2996 100644 --- a/user-data-store-server/src/main/java/com/wultra/security/userdatastore/converter/PhotoConverter.java +++ b/user-data-store-server/src/main/java/com/wultra/security/userdatastore/converter/PhotoConverter.java @@ -18,58 +18,22 @@ package com.wultra.security.userdatastore.converter; import com.wultra.security.userdatastore.client.model.dto.PhotoDto; -import com.wultra.security.userdatastore.model.entity.DocumentEntity; import com.wultra.security.userdatastore.model.entity.PhotoEntity; import com.wultra.security.userdatastore.model.repository.DocumentRepository; -import org.springframework.beans.factory.annotation.Autowired; +import com.wultra.security.userdatastore.service.EncryptionService; +import lombok.AllArgsConstructor; import org.springframework.stereotype.Component; -import java.util.Optional; - /** * Converter for photos. * * @author Roman Strobl, roman.strobl@wultra.com */ @Component +@AllArgsConstructor public class PhotoConverter { - private final DocumentRepository documentRepository; - - /** - * Converter constructor. - * @param documentRepository Document repository. - */ - @Autowired - public PhotoConverter(DocumentRepository documentRepository) { - this.documentRepository = documentRepository; - } - - /** - * Convert {@link PhotoDto} to {@link PhotoEntity}. - * @param photo Photo DTO. - * @return Photo entity. - */ - public PhotoEntity toPhotoEntity(final PhotoDto photo) { - if (photo == null) { - return null; - } - - final Optional documentEntityOptional = documentRepository.findById(photo.documentId()); - if (documentEntityOptional.isEmpty()) { - return null; - } - - final PhotoEntity entity = new PhotoEntity(); - entity.setId(photo.id()); - entity.setDocument(documentEntityOptional.get()); - entity.setPhotoData(photo.photoData()); - entity.setPhotoType(photo.photoType()); - entity.setExternalId(photo.externalId()); - entity.setTimestampCreated(photo.timestampCreated()); - entity.setTimestampLastUpdated(photo.timestampLastUpdated()); - return entity; - } + private final EncryptionService encryptionService; /** * Convert {@link PhotoEntity} to {@link PhotoDto}. @@ -84,7 +48,7 @@ public PhotoDto toPhoto(final PhotoEntity entity) { return PhotoDto.builder() .id(entity.getId()) .documentId(entity.getDocument().getId()) - .photoData(entity.getPhotoData()) + .photoData(encryptionService.decryptPhoto(entity)) .photoType(entity.getPhotoType()) .externalId(entity.getExternalId()) .timestampCreated(entity.getTimestampCreated()) @@ -93,4 +57,3 @@ public PhotoDto toPhoto(final PhotoEntity entity) { } } - diff --git a/user-data-store-server/src/main/java/com/wultra/security/userdatastore/service/AttachmentService.java b/user-data-store-server/src/main/java/com/wultra/security/userdatastore/service/AttachmentService.java index e6e893e8..72991984 100644 --- a/user-data-store-server/src/main/java/com/wultra/security/userdatastore/service/AttachmentService.java +++ b/user-data-store-server/src/main/java/com/wultra/security/userdatastore/service/AttachmentService.java @@ -70,7 +70,6 @@ public AttachmentResponse fetchAttachments(final String userId, final Optional attachmentEntities = attachmentRepository.findAllByUserId(userId); - attachmentEntities.forEach(encryptionService::decryptAttachment); final List attachments = attachmentEntities.stream().map(attachmentConverter::toAttachment).toList(); audit("Retrieved attachments for user ID: {}", userId); return new AttachmentResponse(attachments); diff --git a/user-data-store-server/src/main/java/com/wultra/security/userdatastore/service/DocumentService.java b/user-data-store-server/src/main/java/com/wultra/security/userdatastore/service/DocumentService.java index 293c6ae7..efe55e0e 100644 --- a/user-data-store-server/src/main/java/com/wultra/security/userdatastore/service/DocumentService.java +++ b/user-data-store-server/src/main/java/com/wultra/security/userdatastore/service/DocumentService.java @@ -67,7 +67,6 @@ public DocumentResponse fetchDocuments(final String userId, final Optional documentEntities = documentRepository.findAllByUserId(userId); - documentEntities.forEach(encryptionService::decryptDocumentData); final List documents = documentEntities.stream().map(documentConverter::toDocument).toList(); audit("Retrieved documents of user ID: {}", userId); return new DocumentResponse(documents); diff --git a/user-data-store-server/src/main/java/com/wultra/security/userdatastore/service/EncryptionService.java b/user-data-store-server/src/main/java/com/wultra/security/userdatastore/service/EncryptionService.java index d46d1365..608c2bd9 100644 --- a/user-data-store-server/src/main/java/com/wultra/security/userdatastore/service/EncryptionService.java +++ b/user-data-store-server/src/main/java/com/wultra/security/userdatastore/service/EncryptionService.java @@ -47,7 +47,7 @@ */ @Service @Slf4j -class EncryptionService { +public class EncryptionService { private final String masterDbEncryptionKeyBase64;