From 17f65411bde86e55b7c6d06e1954c81b49de1dc7 Mon Sep 17 00:00:00 2001
From: Ulisses Lima <ulisseslima@users.noreply.github.com>
Date: Tue, 13 Jun 2023 08:41:20 -0300
Subject: [PATCH] BAEL-6046 MongoDB - Field Level Encryption (#14229)

* bael-6046 - first draft

* review 1

* review 2

* null checks and lambda

* review 3

* removing converter

* debug

* auto encryption config

* createKeyUniqueIndex() and updated dependencies.

* Review 5.
---
 .../com/baeldung/boot/csfle/data/Citizen.java |  6 ++--
 .../boot/csfle/data/EncryptedCitizen.java     |  4 +--
 .../boot/csfle/service/CitizenService.java    | 31 +++++++++++--------
 3 files changed, 22 insertions(+), 19 deletions(-)

diff --git a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/Citizen.java b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/Citizen.java
index 11e776123a..fb38ae4018 100644
--- a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/Citizen.java
+++ b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/Citizen.java
@@ -12,10 +12,8 @@ public class Citizen {
     public Citizen() {
     }
 
-    public Citizen(EncryptedCitizen encryptedCitizen) {
-        if (encryptedCitizen != null) {
-            this.name = encryptedCitizen.getName();
-        }
+    public Citizen(String name) {
+        this.name = name;
     }
 
     public String getName() {
diff --git a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/EncryptedCitizen.java b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/EncryptedCitizen.java
index c7ca5566a9..b8d7f413ce 100644
--- a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/EncryptedCitizen.java
+++ b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/EncryptedCitizen.java
@@ -13,8 +13,8 @@ public class EncryptedCitizen {
     public EncryptedCitizen() {
     }
 
-    public EncryptedCitizen(Citizen citizen) {
-        this.name = citizen.getName();
+    public EncryptedCitizen(String name) {
+        this.name = name;
     }
 
     public String getName() {
diff --git a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/service/CitizenService.java b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/service/CitizenService.java
index c93b00f3f8..094483bbdf 100644
--- a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/service/CitizenService.java
+++ b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/service/CitizenService.java
@@ -39,7 +39,7 @@ public class CitizenService {
         if (encryptionConfig.isAutoEncryption()) {
             return mongo.save(citizen);
         } else {
-            EncryptedCitizen encryptedCitizen = new EncryptedCitizen(citizen);
+            EncryptedCitizen encryptedCitizen = new EncryptedCitizen(citizen.getName());
             encryptedCitizen.setEmail(encrypt(citizen.getEmail(), DETERMINISTIC_ALGORITHM));
             encryptedCitizen.setBirthYear(encrypt(citizen.getBirthYear(), RANDOM_ALGORITHM));
 
@@ -77,19 +77,10 @@ public class CitizenService {
         }
     }
 
-    public Binary encrypt(Object value, String algorithm) {
-        if (value == null)
+    public Binary encrypt(BsonValue bsonValue, String algorithm) {
+        if (bsonValue == null)
             return null;
 
-        BsonValue bsonValue;
-        if (value instanceof Integer) {
-            bsonValue = new BsonInt32((Integer) value);
-        } else if (value instanceof String) {
-            bsonValue = new BsonString((String) value);
-        } else {
-            throw new IllegalArgumentException("unsupported type: " + value.getClass());
-        }
-
         EncryptOptions options = new EncryptOptions(algorithm);
         options.keyId(encryptionConfig.getDataKeyId());
 
@@ -97,6 +88,20 @@ public class CitizenService {
         return new Binary(encryptedValue.getType(), encryptedValue.getData());
     }
 
+    public Binary encrypt(String value, String algorithm) {
+        if (value == null)
+            return null;
+
+        return encrypt(new BsonString(value), algorithm);
+    }
+
+    public Binary encrypt(Integer value, String algorithm) {
+        if (value == null)
+            return null;
+
+        return encrypt(new BsonInt32(value), algorithm);
+    }
+
     public BsonValue decryptProperty(Binary value) {
         if (value == null)
             return null;
@@ -108,7 +113,7 @@ public class CitizenService {
         if (encrypted == null)
             return null;
 
-        Citizen citizen = new Citizen(encrypted);
+        Citizen citizen = new Citizen(encrypted.getName());
 
         BsonValue decryptedBirthYear = decryptProperty(encrypted.getBirthYear());
         if (decryptedBirthYear != null) {