From d4cb711469e3b68d04ff850aa31e6d20700175c5 Mon Sep 17 00:00:00 2001
From: RouxAntoine <antoinroux@hotmail.fr>
Date: Mon, 17 Apr 2023 01:42:38 +0200
Subject: [PATCH] feature: encrypted cloud config server

---
 Makefile                                      | 13 +++++++++++-
 .../springcloudconfig/SpringApplication.java  |  4 +++-
 .../src/main/resources/application.properties |  2 ++
 .../client/development/application.properties |  1 -
 .../SpringCloudConfigServerApplication.java   |  5 +++--
 .../configurations/Security.java              | 20 +++++++++++++++++++
 .../src/main/resources/application.properties |  6 +++++-
 .../client/development/application.properties |  1 +
 8 files changed, 46 insertions(+), 6 deletions(-)
 delete mode 100644 server/config-repo/client/development/application.properties
 create mode 100644 server/src/main/java/tk/antoine/roux/springcloudconfig/configurations/Security.java
 create mode 100644 server/src/main/resources/config-repo/client/development/application.properties

diff --git a/Makefile b/Makefile
index f831b2f..1734626 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,8 @@
 .PHONY: build test
 
 GRADLE_BIN=./gradlew
+BASIC_AUTH="user:b3956c50-2e1e-4426-aaca-6b09f7cc4808"
+SERVER_CONFIG=localhost:8090
 
 build:
 	# build without executing test
@@ -16,7 +18,16 @@ run-server:
 	$(GRADLE_BIN) server:bootRun
 
 curl-server:
-	curl -s -u "user:b3956c50-2e1e-4426-aaca-6b09f7cc4808" localhost:8090/client/development |jq
+	curl -s -u $(BASIC_AUTH) $(SERVER_CONFIG)/client/development |jq
+
+encrypt-server:
+	curl -s -u $(BASIC_AUTH) $(SERVER_CONFIG)/encrypt/client/development --data-urlencode "Hello world 2"
+
+client-development-refresh:
+	curl -s -u $(BASIC_AUTH) $(SERVER_CONFIG)/client/development/refresh |jq
 
 curl-client:
 	curl -s localhost:8080/v1/message
+
+client-env:
+	curl -s localhost:8080/env
diff --git a/client/src/main/java/tk/antoine/roux/springcloudconfig/SpringApplication.java b/client/src/main/java/tk/antoine/roux/springcloudconfig/SpringApplication.java
index 05f387e..eaf9a4c 100644
--- a/client/src/main/java/tk/antoine/roux/springcloudconfig/SpringApplication.java
+++ b/client/src/main/java/tk/antoine/roux/springcloudconfig/SpringApplication.java
@@ -2,11 +2,13 @@ package tk.antoine.roux.springcloudconfig;
 
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 
+import static org.springframework.boot.SpringApplication.run;
+
 @SpringBootApplication
 public class SpringApplication {
 
 	public static void main(String[] args) {
-		org.springframework.boot.SpringApplication.run(SpringApplication.class, args);
+		run(SpringApplication.class, args);
 	}
 
 }
diff --git a/client/src/main/resources/application.properties b/client/src/main/resources/application.properties
index 90ae793..6c3ea5e 100644
--- a/client/src/main/resources/application.properties
+++ b/client/src/main/resources/application.properties
@@ -1,3 +1,5 @@
 spring.application.name=client
 spring.profiles.active=development
 spring.config.import=configserver:http://user:b3956c50-2e1e-4426-aaca-6b09f7cc4808@localhost:8090
+
+encrypt.key=toto
diff --git a/server/config-repo/client/development/application.properties b/server/config-repo/client/development/application.properties
deleted file mode 100644
index 4059b82..0000000
--- a/server/config-repo/client/development/application.properties
+++ /dev/null
@@ -1 +0,0 @@
-application.message=Hello world
diff --git a/server/src/main/java/tk/antoine/roux/springcloudconfig/SpringCloudConfigServerApplication.java b/server/src/main/java/tk/antoine/roux/springcloudconfig/SpringCloudConfigServerApplication.java
index 512fbb7..af8236c 100644
--- a/server/src/main/java/tk/antoine/roux/springcloudconfig/SpringCloudConfigServerApplication.java
+++ b/server/src/main/java/tk/antoine/roux/springcloudconfig/SpringCloudConfigServerApplication.java
@@ -1,14 +1,15 @@
 package tk.antoine.roux.springcloudconfig;
 
-import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.cloud.config.server.EnableConfigServer;
 
+import static org.springframework.boot.SpringApplication.run;
+
 @EnableConfigServer
 @SpringBootApplication
 public class SpringCloudConfigServerApplication {
 
     public static void main(String[] args) {
-        SpringApplication.run(SpringCloudConfigServerApplication.class, args);
+        run(SpringCloudConfigServerApplication.class, args);
     }
 }
diff --git a/server/src/main/java/tk/antoine/roux/springcloudconfig/configurations/Security.java b/server/src/main/java/tk/antoine/roux/springcloudconfig/configurations/Security.java
new file mode 100644
index 0000000..27725b8
--- /dev/null
+++ b/server/src/main/java/tk/antoine/roux/springcloudconfig/configurations/Security.java
@@ -0,0 +1,20 @@
+package tk.antoine.roux.springcloudconfig.configurations;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration(proxyBeanMethods = false)
+public class Security {
+
+    @Bean
+    public SecurityFilterChain configure(HttpSecurity http) throws Exception {
+        return http.csrf()
+            .disable()
+            .httpBasic()
+            .and()
+            .build();
+    }
+
+}
diff --git a/server/src/main/resources/application.properties b/server/src/main/resources/application.properties
index 842d2da..5a17cb8 100644
--- a/server/src/main/resources/application.properties
+++ b/server/src/main/resources/application.properties
@@ -1,6 +1,6 @@
 server.port=8090
 spring.profiles.active=native
-spring.cloud.config.server.native.search-locations=file:./config-repo/{application}/{profile}
+spring.cloud.config.server.native.search-locations=classpath:config-repo/{application}/{profile}
 
 spring.security.user.name=user
 spring.security.user.password=b3956c50-2e1e-4426-aaca-6b09f7cc4808
@@ -8,3 +8,7 @@ spring.security.user.password=b3956c50-2e1e-4426-aaca-6b09f7cc4808
 #spring.cloud.config.server.git.uri=file://${user.home}/config-repo
 #spring.cloud.config.server.git.search-paths='{application}/{profile}'
 #spring.cloud.config.server.git.refresh-rate=10
+
+encrypt.key=toto
+encrypt.salt=deadbeef
+spring.cloud.config.server.encrypt.enabled=false
diff --git a/server/src/main/resources/config-repo/client/development/application.properties b/server/src/main/resources/config-repo/client/development/application.properties
new file mode 100644
index 0000000..cc5e729
--- /dev/null
+++ b/server/src/main/resources/config-repo/client/development/application.properties
@@ -0,0 +1 @@
+application.message={cipher}f91f7e4bd42a61803334bbf0fbd1e3e8e3c468542fa202317e3668d907dda3d6