From 749a077478bfff27e37a25d14b873c374ae9eb88 Mon Sep 17 00:00:00 2001
From: Ulisses Lima <ulisseslima@users.noreply.github.com>
Date: Sat, 18 Feb 2023 10:27:12 -0300
Subject: [PATCH] BAEL-6046 - MongoDB - Field Level Encryption (#13494)

---
 .../boot/csfle/config/MongoClientConfig.java       |  7 -------
 .../csfle/config/converter/BinaryConverter.java    | 13 -------------
 .../java/com/baeldung/boot/csfle/data/Citizen.java |  4 +++-
 .../baeldung/boot/csfle/data/EncryptedCitizen.java | 14 +++++++-------
 .../boot/csfle/service/CitizenService.java         | 14 ++++++++++----
 .../boot/csfle/CitizenServiceLiveTest.java         |  8 +++++---
 .../src/main/resources/application.properties      |  7 ++++++-
 7 files changed, 31 insertions(+), 36 deletions(-)
 delete mode 100644 persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/config/converter/BinaryConverter.java

diff --git a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/config/MongoClientConfig.java b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/config/MongoClientConfig.java
index e63034a5b5..0dff1ec86d 100644
--- a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/config/MongoClientConfig.java
+++ b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/config/MongoClientConfig.java
@@ -14,9 +14,7 @@ import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.data.mongodb.config.AbstractMongoClientConfiguration;
-import org.springframework.data.mongodb.core.convert.MongoCustomConversions;
 
-import com.baeldung.boot.csfle.config.converter.BinaryConverter;
 import com.mongodb.AutoEncryptionSettings;
 import com.mongodb.ClientEncryptionSettings;
 import com.mongodb.ConnectionString;
@@ -50,11 +48,6 @@ public class MongoClientConfig extends AbstractMongoClientConfiguration {
         return db;
     }
 
-    @Override
-    public MongoCustomConversions customConversions() {
-        return new MongoCustomConversions(Arrays.asList(new BinaryConverter()));
-    }
-
     @Bean
     @Override
     public MongoClient mongoClient() {
diff --git a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/config/converter/BinaryConverter.java b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/config/converter/BinaryConverter.java
deleted file mode 100644
index 15231551fc..0000000000
--- a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/config/converter/BinaryConverter.java
+++ /dev/null
@@ -1,13 +0,0 @@
-package com.baeldung.boot.csfle.config.converter;
-
-import org.bson.BsonBinary;
-import org.bson.types.Binary;
-import org.springframework.core.convert.converter.Converter;
-
-public class BinaryConverter implements Converter<Binary, BsonBinary> {
-
-    @Override
-    public BsonBinary convert(Binary source) {
-        return new BsonBinary(source.getType(), source.getData());
-    }
-}
diff --git a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/Citizen.java b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/Citizen.java
index 9d6496a17b..11e776123a 100644
--- a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/Citizen.java
+++ b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/Citizen.java
@@ -13,7 +13,9 @@ public class Citizen {
     }
 
     public Citizen(EncryptedCitizen encryptedCitizen) {
-        this.name = encryptedCitizen.getName();
+        if (encryptedCitizen != null) {
+            this.name = encryptedCitizen.getName();
+        }
     }
 
     public String getName() {
diff --git a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/EncryptedCitizen.java b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/EncryptedCitizen.java
index 01c9245fbf..c7ca5566a9 100644
--- a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/EncryptedCitizen.java
+++ b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/data/EncryptedCitizen.java
@@ -1,14 +1,14 @@
 package com.baeldung.boot.csfle.data;
 
-import org.bson.BsonBinary;
+import org.bson.types.Binary;
 import org.springframework.data.mongodb.core.mapping.Document;
 
 @Document("citizens")
 public class EncryptedCitizen {
 
     private String name;
-    private BsonBinary email;
-    private BsonBinary birthYear;
+    private Binary email;
+    private Binary birthYear;
 
     public EncryptedCitizen() {
     }
@@ -25,19 +25,19 @@ public class EncryptedCitizen {
         this.name = name;
     }
 
-    public BsonBinary getEmail() {
+    public Binary getEmail() {
         return email;
     }
 
-    public void setEmail(BsonBinary email) {
+    public void setEmail(Binary email) {
         this.email = email;
     }
 
-    public BsonBinary getBirthYear() {
+    public Binary getBirthYear() {
         return birthYear;
     }
 
-    public void setBirthYear(BsonBinary birthYear) {
+    public void setBirthYear(Binary birthYear) {
         this.birthYear = birthYear;
     }
 
diff --git a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/service/CitizenService.java b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/service/CitizenService.java
index 91b5940b25..6b3c463d0d 100644
--- a/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/service/CitizenService.java
+++ b/persistence-modules/spring-boot-persistence-mongodb-3/src/main/java/com/baeldung/boot/csfle/service/CitizenService.java
@@ -7,6 +7,7 @@ import org.bson.BsonBinary;
 import org.bson.BsonInt32;
 import org.bson.BsonString;
 import org.bson.BsonValue;
+import org.bson.types.Binary;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.mongodb.core.MongoTemplate;
 import org.springframework.data.mongodb.core.query.Criteria;
@@ -65,7 +66,7 @@ public class CitizenService {
         }
     }
 
-    public BsonBinary encrypt(Object value, String algorithm) {
+    public Binary encrypt(Object value, String algorithm) {
         if (value == null)
             return null;
 
@@ -80,17 +81,22 @@ public class CitizenService {
 
         EncryptOptions options = new EncryptOptions(algorithm);
         options.keyId(encryptionConfig.getDataKeyId());
-        return clientEncryption.encrypt(bsonValue, options);
+
+        BsonBinary encryptedValue = clientEncryption.encrypt(bsonValue, options);
+        return new Binary(encryptedValue.getType(), encryptedValue.getData());
     }
 
-    public BsonValue decryptProperty(BsonBinary value) {
+    public BsonValue decryptProperty(Binary value) {
         if (value == null)
             return null;
 
-        return clientEncryption.decrypt(value);
+        return clientEncryption.decrypt(new BsonBinary(value.getType(), value.getData()));
     }
 
     private Citizen decrypt(EncryptedCitizen encrypted) {
+        if (encrypted == null)
+            return null;
+
         Citizen citizen = new Citizen(encrypted);
 
         BsonValue decryptedBirthYear = decryptProperty(encrypted.getBirthYear());
diff --git a/persistence-modules/spring-boot-persistence-mongodb-3/src/test/java/com/baeldung/boot/csfle/CitizenServiceLiveTest.java b/persistence-modules/spring-boot-persistence-mongodb-3/src/test/java/com/baeldung/boot/csfle/CitizenServiceLiveTest.java
index 5d0a931bb9..471cb2883a 100644
--- a/persistence-modules/spring-boot-persistence-mongodb-3/src/test/java/com/baeldung/boot/csfle/CitizenServiceLiveTest.java
+++ b/persistence-modules/spring-boot-persistence-mongodb-3/src/test/java/com/baeldung/boot/csfle/CitizenServiceLiveTest.java
@@ -1,8 +1,10 @@
 package com.baeldung.boot.csfle;
 
-import static org.junit.jupiter.api.Assertions.*;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertNull;
 
-import org.bson.BsonBinary;
+import org.bson.types.Binary;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -36,7 +38,7 @@ public class CitizenServiceLiveTest {
         citizen.setName("Foo");
         citizen.setEmail("foo@citizen.com");
 
-        BsonBinary encryptedEmail = service.encrypt(citizen.getEmail(), CitizenService.DETERMINISTIC_ALGORITHM);
+        Binary encryptedEmail = service.encrypt(citizen.getEmail(), CitizenService.DETERMINISTIC_ALGORITHM);
 
         EncryptedCitizen saved = service.save(citizen);
         assertEquals(encryptedEmail, saved.getEmail());
diff --git a/persistence-modules/spring-data-jpa-repo-2/src/main/resources/application.properties b/persistence-modules/spring-data-jpa-repo-2/src/main/resources/application.properties
index 3ca0cc1242..db4837d8d2 100644
--- a/persistence-modules/spring-data-jpa-repo-2/src/main/resources/application.properties
+++ b/persistence-modules/spring-data-jpa-repo-2/src/main/resources/application.properties
@@ -3,4 +3,9 @@ spring.datasource.username=sa
 spring.datasource.password=sa
 
 spring.jpa.properties.hibernate.globally_quoted_identifiers=true
-logging.level.com.baeldung.spring.data.persistence.search=debug
\ No newline at end of file
+logging.level.com.baeldung.spring.data.persistence.search=debug
+
+spring.jpa.show-sql=true
+logging.level.org.hibernate.SQL=DEBUG
+logging.level.org.hibernate.type.descriptor.sql.BasicBinder=TRACE
+spring.jpa.properties.hibernate.format_sql=true