Package com.broadleafcommerce.auth.client.provider.jpa.service

Class EncryptionMigrationTask

java.lang.Object

com.broadleafcommerce.auth.client.provider.jpa.service.EncryptionMigrationTask

All Implemented Interfaces:

liquibase.change.custom.CustomChange, liquibase.change.custom.CustomTaskChange

public class EncryptionMigrationTask
extends Object
implements liquibase.change.custom.CustomTaskChange

Runs as a Liquibase change set. Migrates encrypted data for OAuth Client Secrets in JpaOAuthClientRegistration. Reads existing data encrypted with the old configuration and re-encrypts with the new configuration.

The trick here is getting the secret key. The secret key is read from a Spring property source, (AuthClientProviderEncryptionProperties.encodedKey). However, this class is not a bean and runs before the context is completely setup. Therefore, there is a static SecretKey on this class that is set from our LiquibaseConfiguration, (OAuthClientProviderEncryptionConfiguration.MigrationLiquibaseConfiguration). With that key, this class is able to instantiate an EncryptedFieldConverter to utilize the same logic for encrypting and decrypting that is used during normal operations.

Author:

Cade Rea (cade-rea)

Field Summary

Fields

Modifier and Type	Field	Description
protected static final int	BATCH_SIZE

Constructor Summary

Constructors

Constructor	Description
EncryptionMigrationTask()

Method Summary

Modifier and Type	Method	Description
void	execute(liquibase.database.Database database)
String	getConfirmationMessage()
void	setFileOpener(liquibase.resource.ResourceAccessor resourceAccessor)
static void	setSecretKey(SecretKey secretKey)
void	setUp()
liquibase.exception.ValidationErrors	validate(liquibase.database.Database database)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

BATCH_SIZE

protected static final int BATCH_SIZE

See Also:

• Constant Field Values

Constructor Details

EncryptionMigrationTask

public EncryptionMigrationTask()

Method Details

setSecretKey

public static void setSecretKey(SecretKey secretKey)

execute

public void execute(liquibase.database.Database database)
             throws liquibase.exception.CustomChangeException

Specified by:

execute in interface liquibase.change.custom.CustomTaskChange

Throws:

liquibase.exception.CustomChangeException

getConfirmationMessage

public String getConfirmationMessage()

Specified by:

getConfirmationMessage in interface liquibase.change.custom.CustomChange

setUp

public void setUp()
           throws liquibase.exception.SetupException

Specified by:

setUp in interface liquibase.change.custom.CustomChange

Throws:

liquibase.exception.SetupException

setFileOpener

public void setFileOpener(liquibase.resource.ResourceAccessor resourceAccessor)

Specified by:

setFileOpener in interface liquibase.change.custom.CustomChange

validate

public liquibase.exception.ValidationErrors validate(liquibase.database.Database database)

Specified by:

validate in interface liquibase.change.custom.CustomChange