Merge pull request #33 from yodamad/dev

1.6

Author: yodamad

pom.xml

@@ -4,7 +4,7 @@
 
     <groupId>fr.yodamad.svn2git</groupId>
     <artifactId>svn-2-git</artifactId>
-    <version>1.5</version>
+    <version>1.6</version>
     <packaging>war</packaging>
     <name>Svn 2 GitLab</name>
 

src/main/java/fr/yodamad/svn2git/domain/Migration.java

@@ -1,6 +1,7 @@
 package fr.yodamad.svn2git.domain;
 
 import fr.yodamad.svn2git.domain.enumeration.StatusEnum;
+import fr.yodamad.svn2git.security.PasswordConverter;
 
 import javax.persistence.*;
 import javax.validation.constraints.NotNull;
@@ -60,6 +61,7 @@ public class Migration implements Serializable {
     private String gitlabUrl;
 
     @Column(name = "gitlab_token")
+    @Convert(converter = PasswordConverter.class)
     private String gitlabToken;
 
     @Column(name = "svn_url")
@@ -69,6 +71,7 @@ public class Migration implements Serializable {
     private String svnUser;
 
     @Column(name = "svn_password")
+    @Convert(converter = PasswordConverter.class)
     private String svnPassword;
 
     @OneToMany(mappedBy = "migration")

src/main/java/fr/yodamad/svn2git/security/CipherMaker.java

@@ -0,0 +1,50 @@
+package fr.yodamad.svn2git.security;
+
+import javax.crypto.Cipher;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.*;
+import java.security.spec.AlgorithmParameterSpec;
+
+/**
+ * Utility class to generate an instance of {@link javax.crypto.Cipher}
+ *
+ * @author Sunit Katkar, sunitkatkar@gmail.com
+ * @since ver 1.0 (Apr 2018)
+ * @version 1.0
+ */
+public class CipherMaker {
+
+    private static final String CIPHER_INSTANCE_NAME = "AES/CBC/PKCS5Padding";
+    private static final String SECRET_KEY_ALGORITHM = "AES";
+
+    /**
+     * @param encryptionMode
+     *            - decides whether to ecrypt or decrypt data. Values accepted:
+     *            {@link Cipher#ENCRYPT_MODE} for encryption and
+     *            {@link Cipher#DECRYPT_MODE} for decryption.
+     * @param key
+     *            - the key to use for encrypting or decrypting data. This can be a
+     *            simple String like "MySecretKey" or a more complex, hard to guess
+     *            longer string
+     * @return
+     * @throws NoSuchPaddingException
+     * @throws NoSuchAlgorithmException
+     */
+    public Cipher configureAndGetInstance(int encryptionMode, String key)
+        throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException {
+
+        Cipher cipher = Cipher.getInstance(CIPHER_INSTANCE_NAME);
+        byte[] bytesOfMessage = key.getBytes();
+        MessageDigest md = MessageDigest.getInstance("SHA-256");
+        byte[] b = md.digest(bytesOfMessage);
+        Key secretKey = new SecretKeySpec(b, SECRET_KEY_ALGORITHM);
+
+        byte[] ivBytes = new byte[cipher.getBlockSize()];
+        AlgorithmParameterSpec algorithmParameters = new IvParameterSpec(ivBytes);
+
+        cipher.init(encryptionMode, secretKey, algorithmParameters);
+        return cipher;
+    }
+}

src/main/java/fr/yodamad/svn2git/security/PasswordConverter.java

@@ -0,0 +1,157 @@
+package fr.yodamad.svn2git.security;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Configurable;
+import org.springframework.core.env.Environment;
+import org.springframework.stereotype.Component;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.persistence.AttributeConverter;
+import javax.persistence.Converter;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Base64;
+
+/**
+ * Concrete implementation of the {@link AttributeConverter}
+ * abstract class to encrypt/decrypt an entity attribute of type
+ * {@link java.lang.String} <br/>
+ * Note: This is the class where the {@literal @}Converter annotation is applied
+ *
+ * @author Sunit Katkar, sunitkatkar@gmail.com
+ * @since ver 1.0 (Apr 2018)
+ * @version 1.0 *
+ */
+@Component
+@Configurable
+@Converter(autoApply = false)
+public class PasswordConverter implements AttributeConverter<String, String> {
+
+    /** Spring env to retrieve secret. */
+    private static Environment env;
+
+    @Autowired
+    public void initEnv(Environment en){
+        PasswordConverter.env = en;
+    }
+
+    /** CipherMaker is needed to configure and create instance of Cipher */
+    private CipherMaker cipherMaker;
+
+    /**
+     * Default constructor initializes with an instance of the
+     * {@link CipherMaker} crypto class to get a {@link javax.crypto.Cipher}
+     * instance
+     */
+    public PasswordConverter() {
+        this(new CipherMaker());
+    }
+
+    /**
+     * Constructor
+     *
+     * @param cipherMaker
+     */
+    public PasswordConverter(CipherMaker cipherMaker) {
+        this.cipherMaker = cipherMaker;
+    }
+
+    /*
+     * (non-Javadoc)
+     *
+     * @see
+     * javax.persistence.AttributeConverter#convertToDatabaseColumn(java.lang.
+     * Object)
+     */
+    @Override
+    public String convertToDatabaseColumn(String attribute) {
+        String secret = env.getProperty("password.cipher");
+        if (!StringUtils.isEmpty(secret) && !StringUtils.isEmpty(attribute)) {
+            try {
+                Cipher cipher = cipherMaker.configureAndGetInstance(Cipher.ENCRYPT_MODE, secret);
+                return encryptData(cipher, attribute);
+            } catch (NoSuchAlgorithmException
+                | InvalidKeyException
+                | InvalidAlgorithmParameterException
+                | BadPaddingException
+                | NoSuchPaddingException
+                | IllegalBlockSizeException e) {
+                throw new RuntimeException(e);
+            }
+        }
+        return convertEntityAttributeToString(attribute);
+    }
+
+    /*
+     * (non-Javadoc)
+     *
+     * @see
+     * javax.persistence.AttributeConverter#convertToEntityAttribute(java.lang.
+     * Object)
+     */
+    @Override
+    public String convertToEntityAttribute(String dbData) {
+        String secret = env.getProperty("password.cipher");
+        if (!StringUtils.isEmpty(secret) && !StringUtils.isEmpty(dbData)) {
+            try {
+                Cipher cipher = cipherMaker.configureAndGetInstance(Cipher.DECRYPT_MODE, secret);
+                return decryptData(cipher, dbData);
+            } catch (NoSuchAlgorithmException
+                | InvalidAlgorithmParameterException
+                | InvalidKeyException
+                | BadPaddingException
+                | NoSuchPaddingException
+                | IllegalBlockSizeException e) {
+                throw new RuntimeException(e);
+            }
+        }
+        return convertStringToEntityAttribute(dbData);
+    }
+
+    private String convertStringToEntityAttribute(String dbData) {
+        // the input is a string and output is a string
+        return dbData;
+    }
+
+    private String convertEntityAttributeToString(String attribute) {
+        // Here too the input is a string and output is a string
+        return attribute;
+    }
+
+    /**
+     * Helper method to encrypt data
+     *
+     * @param cipher
+     * @param attribute
+     * @return
+     * @throws IllegalBlockSizeException
+     * @throws BadPaddingException
+     */
+    private String encryptData(Cipher cipher, String attribute)
+        throws IllegalBlockSizeException, BadPaddingException {
+        byte[] bytesToEncrypt = convertEntityAttributeToString(attribute).getBytes();
+        byte[] encryptedBytes = cipher.doFinal(bytesToEncrypt);
+        return Base64.getEncoder().encodeToString(encryptedBytes);
+    }
+
+    /**
+     * Helper method to decrypt data
+     *
+     * @param cipher
+     * @param dbData
+     * @return
+     * @throws IllegalBlockSizeException
+     * @throws BadPaddingException
+     */
+    private String decryptData(Cipher cipher, String dbData)
+        throws IllegalBlockSizeException, BadPaddingException {
+        byte[] bytesToDecrypt = Base64.getDecoder().decode(dbData);
+        byte[] decryptedBytes = cipher.doFinal(bytesToDecrypt);
+        return convertStringToEntityAttribute(new String(decryptedBytes));
+    }
+}

src/main/java/fr/yodamad/svn2git/service/MigrationChecker.java

@@ -2,6 +2,8 @@
 
 import fr.yodamad.svn2git.domain.enumeration.StatusEnum;
 import fr.yodamad.svn2git.repository.MigrationRepository;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.context.annotation.DependsOn;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Service;
@@ -16,6 +18,8 @@
 @Lazy(false)
 public class MigrationChecker {
 
+    private static final Logger LOG = LoggerFactory.getLogger(MigrationChecker.class);
+
     /** Migration manager. */
     private final MigrationManager manager;
     /** Migration repo. */
@@ -34,12 +38,21 @@ public MigrationChecker(MigrationManager migrationManager,
     @PostConstruct
     @DependsOn("asyncConfiguration")
     public void checkDb() {
-        // Start waiting migrations
-        repository.findAllByStatusOrderByDateDesc(StatusEnum.WAITING).stream().forEach(mig -> manager.startMigration(mig.getId()));
-        // Fail running migrations
-        repository.findAllByStatusOrderByDateDesc(StatusEnum.RUNNING).stream().forEach(mig -> {
-            mig.status(StatusEnum.FAILED);
-            repository.save(mig);
-        });
+        try {
+            // Start waiting migrations
+            repository.findAllByStatusOrderByDateDesc(StatusEnum.WAITING).stream().forEach(mig -> manager.startMigration(mig.getId()));
+            // Fail running migrations
+            repository.findAllByStatusOrderByDateDesc(StatusEnum.RUNNING).stream().forEach(mig -> {
+                mig.status(StatusEnum.FAILED);
+                repository.save(mig);
+            });
+        } catch (Exception exc) {
+            LOG.error("Failed to check migration on startup", exc);
+            // Fail running migrations
+            repository.findAllByStatusOrderByDateDesc(StatusEnum.RUNNING).stream().forEach(mig -> {
+                mig.status(StatusEnum.FAILED);
+                repository.save(mig);
+            });
+        }
     }
 }

src/main/resources/.h2.server.properties

@@ -112,6 +112,8 @@ svn:
     user:
     password:
 
+password.cipher: svn2git
+
 # ===================================================================
 # Application specific properties
 # Add your own application properties here, see the ApplicationProperties class

src/main/resources/config/application.yml

@@ -2,9 +2,9 @@
 <div>
     <span jhiTranslate="global.search-by" style="margin-right: 20px">SearchBy</span>
     <form [formGroup]="searchFormGroup">
-        <mat-form-field><input matInput type="text" placeholder="user login" formControlName="userCriteria" /></mat-form-field>
+        <mat-form-field><input matInput type="text" placeholder="{{'svn2GitApp.migration.login' | translate}}" formControlName="userCriteria" /></mat-form-field>
         <span jhiTranslate="global.or" style="margin: 0 20px">Or</span>
-        <mat-form-field><input matInput type="text" placeholder="project group name" formControlName="groupCriteria"/></mat-form-field>
+        <mat-form-field><input matInput type="text" placeholder="{{'svn2GitApp.migration.svnGroup' | translate}}" formControlName="groupCriteria"/></mat-form-field>
         <button mat-raised-button type="submit" color="primary" style="margin-left: 20px" (click)="search()"><span jhiTranslate="global.search">Search</span></button>
     </form>
     <mat-divider></mat-divider>