Add support for keystore in server
E.g.
encrypt.keystore.location: file:///var/keys/keystore.jks
encrypt.keystore.password: ${KEYSTORE_PASSWORD}
encrypt.keystore.alias: myKey
Fixes gh-3
This commit is contained in:
@@ -1,4 +1,3 @@
|
||||
|
||||
package org.springframework.platform.config.server;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
@@ -12,6 +11,9 @@ import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Profile;
|
||||
import org.springframework.core.env.ConfigurableEnvironment;
|
||||
import org.springframework.core.io.Resource;
|
||||
import org.springframework.security.rsa.crypto.KeyStoreKeyFactory;
|
||||
import org.springframework.security.rsa.crypto.RsaSecretEncryptor;
|
||||
|
||||
@Configuration
|
||||
@ComponentScan
|
||||
@@ -27,9 +29,11 @@ public class Application {
|
||||
protected static class KeyConfiguration {
|
||||
@Autowired
|
||||
private EncryptionController controller;
|
||||
|
||||
|
||||
private String key;
|
||||
|
||||
|
||||
private KeyStore keyStore = new KeyStore();
|
||||
|
||||
public String getKey() {
|
||||
return key;
|
||||
}
|
||||
@@ -38,12 +42,57 @@ public class Application {
|
||||
this.key = key;
|
||||
}
|
||||
|
||||
public KeyStore getKeyStore() {
|
||||
return keyStore;
|
||||
}
|
||||
|
||||
public void setKeyStore(KeyStore keyStore) {
|
||||
this.keyStore = keyStore;
|
||||
}
|
||||
|
||||
@PostConstruct
|
||||
public void init() {
|
||||
if (key!=null) {
|
||||
if (keyStore.getLocation() != null) {
|
||||
controller.setEncryptor(new RsaSecretEncryptor(new KeyStoreKeyFactory(
|
||||
keyStore.getLocation(), keyStore.getPassword().toCharArray())
|
||||
.getKeyPair(keyStore.getAlias())));
|
||||
}
|
||||
if (key != null) {
|
||||
controller.uploadKey(key);
|
||||
}
|
||||
}
|
||||
|
||||
public static class KeyStore {
|
||||
|
||||
private Resource location;
|
||||
private String password;
|
||||
private String alias;
|
||||
|
||||
public String getAlias() {
|
||||
return alias;
|
||||
}
|
||||
|
||||
public void setAlias(String alias) {
|
||||
this.alias = alias;
|
||||
}
|
||||
|
||||
public Resource getLocation() {
|
||||
return location;
|
||||
}
|
||||
|
||||
public void setLocation(Resource location) {
|
||||
this.location = location;
|
||||
}
|
||||
|
||||
public String getPassword() {
|
||||
return password;
|
||||
}
|
||||
|
||||
public void setPassword(String password) {
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@Configuration
|
||||
@@ -51,7 +100,7 @@ public class Application {
|
||||
protected static class NativeRepositoryConfiguration {
|
||||
@Autowired
|
||||
private ConfigurableEnvironment environment;
|
||||
|
||||
|
||||
@Bean
|
||||
public NativeEnvironmentRepository repository() {
|
||||
return new NativeEnvironmentRepository(environment);
|
||||
|
||||
@@ -22,6 +22,7 @@ import java.util.Map;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.platform.config.Environment;
|
||||
@@ -51,6 +52,7 @@ public class EncryptionController {
|
||||
|
||||
private TextEncryptor encryptor;
|
||||
|
||||
@Autowired(required=false)
|
||||
public void setEncryptor(TextEncryptor encryptor) {
|
||||
this.encryptor = encryptor;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user