Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NIFI-9988 Corrected Property Decryption for Authorizers and Providers 

- Updated Protection Scheme Resolver to support both Name matching and Path matching

Signed-off-by: Nathan Gough <thenatog@gmail.com>

This closes #6017.
This commit is contained in:
exceptionfactory 2022-05-04 12:48:34 -05:00 committed by Nathan Gough
parent e20aa0ea2a
commit 272325cb4e
2 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
nifi-commons/nifi-property-protection-factory/src/main/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolver.java
View File

@ -37,7 +37,9 @@ public class StandardProtectionSchemeResolver implements ProtectionSchemeResolve
public ProtectionScheme getProtectionScheme(final String scheme) { public ProtectionScheme getProtectionScheme(final String scheme) {
Objects.requireNonNull(scheme, "Scheme required"); Objects.requireNonNull(scheme, "Scheme required");
return Arrays.stream(PropertyProtectionScheme.values()) return Arrays.stream(PropertyProtectionScheme.values())
.filter(propertyProtectionScheme -> propertyProtectionScheme.name().equals(scheme)) .filter(propertyProtectionScheme ->
propertyProtectionScheme.name().equals(scheme) || scheme.startsWith(propertyProtectionScheme.getPath())
)
.findFirst() .findFirst()
.orElseThrow(() -> new SensitivePropertyProtectionException(String.format("Protection Scheme [%s] not supported", scheme))); .orElseThrow(() -> new SensitivePropertyProtectionException(String.format("Protection Scheme [%s] not supported", scheme)));
} }

9
nifi-commons/nifi-property-protection-factory/src/test/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolverTest.java
View File

@ -30,6 +30,8 @@ public class StandardProtectionSchemeResolverTest {
private static final String AES_GCM_PATH = "aes/gcm"; private static final String AES_GCM_PATH = "aes/gcm";
private static final String AES_GCM_256_PATH = "aes/gcm/256";
private static final String UNKNOWN = "UNKNOWN"; private static final String UNKNOWN = "UNKNOWN";
private StandardProtectionSchemeResolver resolver; private StandardProtectionSchemeResolver resolver;
@ -46,6 +48,13 @@ public class StandardProtectionSchemeResolverTest {
assertEquals(AES_GCM_PATH, protectionScheme.getPath()); assertEquals(AES_GCM_PATH, protectionScheme.getPath());
} }
@Test
public void getProtectionSchemeAesGcm256Found() {
final ProtectionScheme protectionScheme = resolver.getProtectionScheme(AES_GCM_256_PATH);
assertNotNull(protectionScheme);
assertEquals(AES_GCM_PATH, protectionScheme.getPath());
}
@Test @Test
public void getProtectionSchemeUnknownNotFound() { public void getProtectionSchemeUnknownNotFound() {
final SensitivePropertyProtectionException exception = assertThrows(SensitivePropertyProtectionException.class, () -> resolver.getProtectionScheme(UNKNOWN)); final SensitivePropertyProtectionException exception = assertThrows(SensitivePropertyProtectionException.class, () -> resolver.getProtectionScheme(UNKNOWN));