From 1508281f586d251e7b8bb9f757e63da1d304114a Mon Sep 17 00:00:00 2001 From: Jake Date: Sun, 23 Jun 2024 16:17:38 +0900 Subject: [PATCH 1/4] wip: jasypt --- build.gradle.kts | 2 ++ .../com/mashup/pic/config/JasyptConfig.kt | 34 +++++++++++++++++++ .../kotlin/com/mashup/pic/SharedContext.kt | 8 +++++ .../com/mashup/pic/config/JasyptConfigTest.kt | 29 ++++++++++++++++ 4 files changed, 73 insertions(+) create mode 100644 pic-common/src/main/kotlin/com/mashup/pic/config/JasyptConfig.kt create mode 100644 pic-common/src/test/kotlin/com/mashup/pic/SharedContext.kt create mode 100644 pic-common/src/test/kotlin/com/mashup/pic/config/JasyptConfigTest.kt diff --git a/build.gradle.kts b/build.gradle.kts index 99e54fd5..40d6d6ab 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -27,7 +27,9 @@ subprojects { dependencies { implementation("org.springframework.boot:spring-boot-starter") implementation("org.jetbrains.kotlin:kotlin-reflect") + implementation("com.github.ulisesbocchio:jasypt-spring-boot-starter:3.0.5") + testImplementation("org.springframework.boot:spring-boot-starter-test") testRuntimeOnly("org.junit.platform:junit-platform-launcher") } diff --git a/pic-common/src/main/kotlin/com/mashup/pic/config/JasyptConfig.kt b/pic-common/src/main/kotlin/com/mashup/pic/config/JasyptConfig.kt new file mode 100644 index 00000000..3dc7b59a --- /dev/null +++ b/pic-common/src/main/kotlin/com/mashup/pic/config/JasyptConfig.kt @@ -0,0 +1,34 @@ +package com.mashup.pic.config + +import com.ulisesbocchio.jasyptspringboot.annotation.EnableEncryptableProperties +import org.jasypt.encryption.StringEncryptor +import org.jasypt.encryption.pbe.PooledPBEStringEncryptor +import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig +import org.springframework.beans.factory.annotation.Value +import org.springframework.context.annotation.Bean +import org.springframework.context.annotation.Configuration + +@Configuration +@EnableEncryptableProperties +class JasyptConfig { + @Value("\${JASYPT_ENCRYPTOR_PASSWORD}") + private lateinit var password: String + + @Bean("jasyptStringEncryptor") + fun stringEncryptor(): StringEncryptor { + val encryptor = PooledPBEStringEncryptor() + val configPassword = password + val config = SimpleStringPBEConfig().apply { + this.password = configPassword + this.algorithm = "PBEWithMD5AndDES" + this.keyObtentionIterations = 1000 + this.poolSize = 1 + this.providerName = "SunJCE" + this.saltGenerator = org.jasypt.salt.RandomSaltGenerator() + this.ivGenerator = org.jasypt.iv.NoIvGenerator() + this.stringOutputType = "base64" + } + encryptor.setConfig(config) + return encryptor + } +} \ No newline at end of file diff --git a/pic-common/src/test/kotlin/com/mashup/pic/SharedContext.kt b/pic-common/src/test/kotlin/com/mashup/pic/SharedContext.kt new file mode 100644 index 00000000..9f45df8a --- /dev/null +++ b/pic-common/src/test/kotlin/com/mashup/pic/SharedContext.kt @@ -0,0 +1,8 @@ +package com.mashup.pic + +import org.springframework.boot.test.context.SpringBootTest +import org.springframework.test.context.TestConstructor + +@TestConstructor(autowireMode = TestConstructor.AutowireMode.ALL) +@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) +abstract class SharedContext \ No newline at end of file diff --git a/pic-common/src/test/kotlin/com/mashup/pic/config/JasyptConfigTest.kt b/pic-common/src/test/kotlin/com/mashup/pic/config/JasyptConfigTest.kt new file mode 100644 index 00000000..bb2ee66f --- /dev/null +++ b/pic-common/src/test/kotlin/com/mashup/pic/config/JasyptConfigTest.kt @@ -0,0 +1,29 @@ +package com.mashup.pic.config + +import com.mashup.pic.SharedContext +import org.hamcrest.Matchers.`is` +import org.hamcrest.MatcherAssert.assertThat +import org.jasypt.encryption.StringEncryptor +import org.junit.jupiter.api.Disabled +import org.junit.jupiter.api.Test +import org.springframework.boot.test.context.SpringBootTest + +/** + * Run > Edit Configurations > Configuration > Environment variables > 'JASYPT_ENCRYPTOR_PASSWORD={암호화키}' 입력 + */ +//@Disabled("암호화, 복호화 결과 확인을 위한 테스트이므로 비활성화") +@SpringBootTest(classes = [JasyptConfig::class]) +class JasyptConfigTest( + private val stringEncryptor: StringEncryptor +) : SharedContext() { + + private val plainText: String = "eojngnwegjnweognoi;uewgnn" + + @Test + fun execute() { + stringEncryptor.encrypt(plainText).let { encrypted -> + println(encrypted) + assertThat(stringEncryptor.decrypt(encrypted), `is`(plainText)) + } + } +} \ No newline at end of file From b173808f615d7b3924a957ede774add8a889ee70 Mon Sep 17 00:00:00 2001 From: Jake Date: Sun, 23 Jun 2024 18:07:30 +0900 Subject: [PATCH 2/4] feat: apply jasypt --- .../main/resources/application-domain.yaml | 6 ++-- pic-api/src/main/resources/application.yaml | 6 ++-- .../com/mashup/pic/config/JasyptConfig.kt | 28 +------------------ .../com/mashup/pic/config/JasyptConfigTest.kt | 4 +-- 4 files changed, 9 insertions(+), 35 deletions(-) diff --git a/pic-api/src/main/resources/application-domain.yaml b/pic-api/src/main/resources/application-domain.yaml index d584c93c..5ca6fe34 100644 --- a/pic-api/src/main/resources/application-domain.yaml +++ b/pic-api/src/main/resources/application-domain.yaml @@ -1,8 +1,8 @@ spring: datasource: - url: ${MYSQL_URL} - username: ${MYSQL_USERNAME} - password: ${MYSQL_PASSWORD} + url: ENC(Ay1RamiVb1M/bs+asVmYBsfpJKWCV/GlfYiAJTiO5nW7l9HAeGWVDneMntFvqS+myIfeypom11iMvX0KAXkBKnRd408MJWVuepy8uMU6tR+NqmwTJBOdSd9flGdOvSlnyG7l/YqwK46KtSC513pNwsV8UlIypgEDVn+Of3q/N2biF/oUXcJRsmGxn5XzY7v8InR+CBoakJJmCzHaaYPxMRQFEd/l3a9bsTfyNSUcbYg=) + username: ENC(MeGy+GMnB7qvepqgo1UWRTBadVuqO/NYMlQmif0WItNsbzShuX2U5Dl4iVKrznuz) + password: ENC(9hUR9OvMkz9IEOgjKsf7uXbUaLUaT1RXGR9AjOU2vDYEhVuTwFtu+vyU9IPv6HzHfmK16liLpmKXdBsf2OkZyg==) driver-class-name: com.mysql.cj.jdbc.Driver jpa: hibernate: diff --git a/pic-api/src/main/resources/application.yaml b/pic-api/src/main/resources/application.yaml index 93714466..0cc0d013 100644 --- a/pic-api/src/main/resources/application.yaml +++ b/pic-api/src/main/resources/application.yaml @@ -5,10 +5,10 @@ spring: import: - classpath:/application-domain.yaml jwt: - secret-key: ${SECRET_KEY} + secret-key: ENC(NtDCxHj5jr9w2VZJ8ePLbjYrgB5mcL68ysQhvGgnj53mqiHnML6eWOi3X0sL4CRUnvqZMEKx9af16oM02kKDj91w76d72ljnLVhT49M1lhc=) kakao: issuer: https://kauth.kakao.com audience: - rest: ${KAKAO_REST_KEY} - native: ${KAKAO_NATIVE_KEY} + rest: ENC(fEnBOJApIyZToWk4lc77g7xYnG20FhdIFwAJkolwbrEWZ5S+Gm/gJWUbMFciWL99oSEVLhTJxUOzxZWjr4Z+8A==) + native: ENC(/vP+mCyAS0JwUoWO207Sp4OwXLiiYdF//59zusyXxoEB8MJg0q8AYVEzubY5EGdhM/rioCqlhAQyqDgZuwxws2pwdONcc1qG7SDksRymywQ=) jwk-uri: https://kauth.kakao.com/.well-known/jwks.json diff --git a/pic-common/src/main/kotlin/com/mashup/pic/config/JasyptConfig.kt b/pic-common/src/main/kotlin/com/mashup/pic/config/JasyptConfig.kt index 3dc7b59a..f1b0d4b6 100644 --- a/pic-common/src/main/kotlin/com/mashup/pic/config/JasyptConfig.kt +++ b/pic-common/src/main/kotlin/com/mashup/pic/config/JasyptConfig.kt @@ -1,34 +1,8 @@ package com.mashup.pic.config import com.ulisesbocchio.jasyptspringboot.annotation.EnableEncryptableProperties -import org.jasypt.encryption.StringEncryptor -import org.jasypt.encryption.pbe.PooledPBEStringEncryptor -import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig -import org.springframework.beans.factory.annotation.Value -import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration @Configuration @EnableEncryptableProperties -class JasyptConfig { - @Value("\${JASYPT_ENCRYPTOR_PASSWORD}") - private lateinit var password: String - - @Bean("jasyptStringEncryptor") - fun stringEncryptor(): StringEncryptor { - val encryptor = PooledPBEStringEncryptor() - val configPassword = password - val config = SimpleStringPBEConfig().apply { - this.password = configPassword - this.algorithm = "PBEWithMD5AndDES" - this.keyObtentionIterations = 1000 - this.poolSize = 1 - this.providerName = "SunJCE" - this.saltGenerator = org.jasypt.salt.RandomSaltGenerator() - this.ivGenerator = org.jasypt.iv.NoIvGenerator() - this.stringOutputType = "base64" - } - encryptor.setConfig(config) - return encryptor - } -} \ No newline at end of file +class JasyptConfig \ No newline at end of file diff --git a/pic-common/src/test/kotlin/com/mashup/pic/config/JasyptConfigTest.kt b/pic-common/src/test/kotlin/com/mashup/pic/config/JasyptConfigTest.kt index bb2ee66f..523bbb87 100644 --- a/pic-common/src/test/kotlin/com/mashup/pic/config/JasyptConfigTest.kt +++ b/pic-common/src/test/kotlin/com/mashup/pic/config/JasyptConfigTest.kt @@ -11,13 +11,13 @@ import org.springframework.boot.test.context.SpringBootTest /** * Run > Edit Configurations > Configuration > Environment variables > 'JASYPT_ENCRYPTOR_PASSWORD={암호화키}' 입력 */ -//@Disabled("암호화, 복호화 결과 확인을 위한 테스트이므로 비활성화") +@Disabled("암호화, 복호화 결과 확인을 위한 테스트이므로 비활성화") @SpringBootTest(classes = [JasyptConfig::class]) class JasyptConfigTest( private val stringEncryptor: StringEncryptor ) : SharedContext() { - private val plainText: String = "eojngnwegjnweognoi;uewgnn" + private val plainText: String = "test" @Test fun execute() { From 5010b5951a93ee7d1252683d93c03b15a00e4f42 Mon Sep 17 00:00:00 2001 From: Jake Date: Sun, 23 Jun 2024 18:10:27 +0900 Subject: [PATCH 3/4] refactor: eof --- .../src/main/kotlin/com/mashup/pic/config/JasyptConfig.kt | 2 +- pic-common/src/test/kotlin/com/mashup/pic/SharedContext.kt | 2 +- .../src/test/kotlin/com/mashup/pic/config/JasyptConfigTest.kt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pic-common/src/main/kotlin/com/mashup/pic/config/JasyptConfig.kt b/pic-common/src/main/kotlin/com/mashup/pic/config/JasyptConfig.kt index f1b0d4b6..8b2fe1d2 100644 --- a/pic-common/src/main/kotlin/com/mashup/pic/config/JasyptConfig.kt +++ b/pic-common/src/main/kotlin/com/mashup/pic/config/JasyptConfig.kt @@ -5,4 +5,4 @@ import org.springframework.context.annotation.Configuration @Configuration @EnableEncryptableProperties -class JasyptConfig \ No newline at end of file +class JasyptConfig diff --git a/pic-common/src/test/kotlin/com/mashup/pic/SharedContext.kt b/pic-common/src/test/kotlin/com/mashup/pic/SharedContext.kt index 9f45df8a..c4a76497 100644 --- a/pic-common/src/test/kotlin/com/mashup/pic/SharedContext.kt +++ b/pic-common/src/test/kotlin/com/mashup/pic/SharedContext.kt @@ -5,4 +5,4 @@ import org.springframework.test.context.TestConstructor @TestConstructor(autowireMode = TestConstructor.AutowireMode.ALL) @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) -abstract class SharedContext \ No newline at end of file +abstract class SharedContext diff --git a/pic-common/src/test/kotlin/com/mashup/pic/config/JasyptConfigTest.kt b/pic-common/src/test/kotlin/com/mashup/pic/config/JasyptConfigTest.kt index 523bbb87..634507c6 100644 --- a/pic-common/src/test/kotlin/com/mashup/pic/config/JasyptConfigTest.kt +++ b/pic-common/src/test/kotlin/com/mashup/pic/config/JasyptConfigTest.kt @@ -26,4 +26,4 @@ class JasyptConfigTest( assertThat(stringEncryptor.decrypt(encrypted), `is`(plainText)) } } -} \ No newline at end of file +} From 41499c27b33fb13b2388cc96d06a99aa634ce758 Mon Sep 17 00:00:00 2001 From: Jake Date: Sun, 23 Jun 2024 22:14:57 +0900 Subject: [PATCH 4/4] refactor: version management --- build.gradle.kts | 4 +++- gradle.properties | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/build.gradle.kts b/build.gradle.kts index 40d6d6ab..57955aa8 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -9,6 +9,8 @@ plugins { java.sourceCompatibility = JavaVersion.VERSION_21 +val jasyptVersion: String by project.extra + allprojects { group = "com.mashup.ppangzip" version = "0.0.1-SNAPSHOT" @@ -27,7 +29,7 @@ subprojects { dependencies { implementation("org.springframework.boot:spring-boot-starter") implementation("org.jetbrains.kotlin:kotlin-reflect") - implementation("com.github.ulisesbocchio:jasypt-spring-boot-starter:3.0.5") + implementation("com.github.ulisesbocchio:jasypt-spring-boot-starter:${jasyptVersion}") testImplementation("org.springframework.boot:spring-boot-starter-test") testRuntimeOnly("org.junit.platform:junit-platform-launcher") diff --git a/gradle.properties b/gradle.properties index 8c0a1555..7c18b1fd 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,3 +1,4 @@ jjwtVersion=0.11.5 mysqlConnectorVersion=8.0.33 springDocOpenApiVersion=2.0.2 +jasyptVersion=3.0.5