feature: try to setup custom key for each client application
broken due to https://github.com/spring-cloud/spring-cloud-config/issues/2252
This commit is contained in:
parent
d4cb711469
commit
8ec4c49997
@ -1,3 +1,4 @@
|
|||||||
# Enable auto-env through the sdkman_auto_env config
|
# Enable auto-env through the sdkman_auto_env config
|
||||||
# Add key=value pairs of SDKs to use below
|
# Add key=value pairs of SDKs to use below
|
||||||
java=17.0.6-tem
|
java=17.0.6-tem
|
||||||
|
springboot=2.7.9
|
||||||
|
7
Makefile
7
Makefile
@ -4,6 +4,10 @@ GRADLE_BIN=./gradlew
|
|||||||
BASIC_AUTH="user:b3956c50-2e1e-4426-aaca-6b09f7cc4808"
|
BASIC_AUTH="user:b3956c50-2e1e-4426-aaca-6b09f7cc4808"
|
||||||
SERVER_CONFIG=localhost:8090
|
SERVER_CONFIG=localhost:8090
|
||||||
|
|
||||||
|
setup:
|
||||||
|
sdk install springboot 2.7.9
|
||||||
|
spring install org.springframework.cloud:spring-cloud-cli:2.2.4.RELEASE
|
||||||
|
|
||||||
build:
|
build:
|
||||||
# build without executing test
|
# build without executing test
|
||||||
$(GRADLE_BIN) build -x test
|
$(GRADLE_BIN) build -x test
|
||||||
@ -20,6 +24,9 @@ run-server:
|
|||||||
curl-server:
|
curl-server:
|
||||||
curl -s -u $(BASIC_AUTH) $(SERVER_CONFIG)/client/development |jq
|
curl -s -u $(BASIC_AUTH) $(SERVER_CONFIG)/client/development |jq
|
||||||
|
|
||||||
|
encrypt-cli:
|
||||||
|
spring encrypt 'Hello world 2' --key toto
|
||||||
|
|
||||||
encrypt-server:
|
encrypt-server:
|
||||||
curl -s -u $(BASIC_AUTH) $(SERVER_CONFIG)/encrypt/client/development --data-urlencode "Hello world 2"
|
curl -s -u $(BASIC_AUTH) $(SERVER_CONFIG)/encrypt/client/development --data-urlencode "Hello world 2"
|
||||||
|
|
||||||
|
@ -3,3 +3,4 @@ spring.profiles.active=development
|
|||||||
spring.config.import=configserver:http://user:b3956c50-2e1e-4426-aaca-6b09f7cc4808@localhost:8090
|
spring.config.import=configserver:http://user:b3956c50-2e1e-4426-aaca-6b09f7cc4808@localhost:8090
|
||||||
|
|
||||||
encrypt.key=toto
|
encrypt.key=toto
|
||||||
|
spring.cloud.config.server.bootstrap=
|
||||||
|
@ -1,12 +1,14 @@
|
|||||||
package tk.antoine.roux.springcloudconfig;
|
package tk.antoine.roux.springcloudconfig;
|
||||||
|
|
||||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||||
|
import org.springframework.boot.context.properties.ConfigurationPropertiesScan;
|
||||||
import org.springframework.cloud.config.server.EnableConfigServer;
|
import org.springframework.cloud.config.server.EnableConfigServer;
|
||||||
|
|
||||||
import static org.springframework.boot.SpringApplication.run;
|
import static org.springframework.boot.SpringApplication.run;
|
||||||
|
|
||||||
@EnableConfigServer
|
@EnableConfigServer
|
||||||
@SpringBootApplication
|
@SpringBootApplication
|
||||||
|
@ConfigurationPropertiesScan
|
||||||
public class SpringCloudConfigServerApplication {
|
public class SpringCloudConfigServerApplication {
|
||||||
|
|
||||||
public static void main(String[] args) {
|
public static void main(String[] args) {
|
||||||
|
@ -0,0 +1,26 @@
|
|||||||
|
package tk.antoine.roux.springcloudconfig.configurations;
|
||||||
|
|
||||||
|
import org.springframework.cloud.bootstrap.encrypt.KeyProperties;
|
||||||
|
import org.springframework.cloud.config.server.config.DefaultTextEncryptionAutoConfiguration;
|
||||||
|
import org.springframework.cloud.config.server.encryption.TextEncryptorLocator;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
|
||||||
|
@Configuration(proxyBeanMethods = false)
|
||||||
|
public class Encryption {
|
||||||
|
|
||||||
|
private final DefaultTextEncryptionAutoConfiguration defaultTextEncryptionAutoConfiguration;
|
||||||
|
|
||||||
|
public Encryption() {
|
||||||
|
defaultTextEncryptionAutoConfiguration = new DefaultTextEncryptionAutoConfiguration();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public TextEncryptorLocator textEncryptorLocator(MultiKeyProperties multiKeyProperties) {
|
||||||
|
return keys -> {
|
||||||
|
KeyProperties keyPropertiesForClient = multiKeyProperties.encrypt().get(keys.get("application"));
|
||||||
|
return defaultTextEncryptionAutoConfiguration.defaultTextEncryptor(keyPropertiesForClient);
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -0,0 +1,10 @@
|
|||||||
|
package tk.antoine.roux.springcloudconfig.configurations;
|
||||||
|
|
||||||
|
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||||
|
import org.springframework.cloud.bootstrap.encrypt.KeyProperties;
|
||||||
|
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
@ConfigurationProperties("custom")
|
||||||
|
public record MultiKeyProperties(Map<String, KeyProperties> encrypt) {
|
||||||
|
}
|
@ -9,6 +9,6 @@ spring.security.user.password=b3956c50-2e1e-4426-aaca-6b09f7cc4808
|
|||||||
#spring.cloud.config.server.git.search-paths='{application}/{profile}'
|
#spring.cloud.config.server.git.search-paths='{application}/{profile}'
|
||||||
#spring.cloud.config.server.git.refresh-rate=10
|
#spring.cloud.config.server.git.refresh-rate=10
|
||||||
|
|
||||||
encrypt.key=toto
|
custom.encrypt.client.key=toto
|
||||||
encrypt.salt=deadbeef
|
custom.encrypt.client.salt=deadbeef
|
||||||
spring.cloud.config.server.encrypt.enabled=false
|
spring.cloud.config.server.encrypt.enabled=false
|
||||||
|
@ -1 +1,2 @@
|
|||||||
application.message={cipher}f91f7e4bd42a61803334bbf0fbd1e3e8e3c468542fa202317e3668d907dda3d6
|
#application.message={cipher}6df1fbfff94432322eff713b0a77c861e3165f0f1e5ac55b347a3a5ebbd8ae8953e47cd6e194d0fe59c960edbb1c3a7fbcab0ac03c7f1614c2f712112954027a
|
||||||
|
application.message={cipher}{key:client}0aa915c8a9262e16b1e55f30c500c2ffac6557b66f81cecdc91eff17f8045486
|
||||||
|
Loading…
Reference in New Issue
Block a user