Class EncryptionMigrationTask
- All Implemented Interfaces:
liquibase.change.custom.CustomChange
,liquibase.change.custom.CustomTaskChange
Runs as a Liquibase change set. Migrates encrypted data for OAuth Client Secrets in
JpaOAuthClientRegistration
. Reads existing data encrypted with the old configuration and
re-encrypts with the new configuration.
The trick here is getting the secret key. The secret key is read from a Spring property source,
(AuthClientProviderEncryptionProperties.encodedKey
). However, this class is not a bean
and runs before the context is completely setup. Therefore, there is a static SecretKey on this
class that is set from our LiquibaseConfiguration,
(OAuthClientProviderEncryptionConfiguration.MigrationLiquibaseConfiguration
). With that
key, this class is able to instantiate an EncryptedFieldConverter
to utilize the same
logic for encrypting and decrypting that is used during normal operations.
- Author:
- Cade Rea (cade-rea)
-
Field Summary
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
execute
(liquibase.database.Database database) void
setFileOpener
(liquibase.resource.ResourceAccessor resourceAccessor) static void
setSecretKey
(SecretKey secretKey) void
setUp()
liquibase.exception.ValidationErrors
validate
(liquibase.database.Database database)
-
Field Details
-
BATCH_SIZE
protected static final int BATCH_SIZE- See Also:
-
-
Constructor Details
-
EncryptionMigrationTask
public EncryptionMigrationTask()
-
-
Method Details
-
setSecretKey
-
execute
public void execute(liquibase.database.Database database) throws liquibase.exception.CustomChangeException - Specified by:
execute
in interfaceliquibase.change.custom.CustomTaskChange
- Throws:
liquibase.exception.CustomChangeException
-
getConfirmationMessage
- Specified by:
getConfirmationMessage
in interfaceliquibase.change.custom.CustomChange
-
setUp
public void setUp() throws liquibase.exception.SetupException- Specified by:
setUp
in interfaceliquibase.change.custom.CustomChange
- Throws:
liquibase.exception.SetupException
-
setFileOpener
public void setFileOpener(liquibase.resource.ResourceAccessor resourceAccessor) - Specified by:
setFileOpener
in interfaceliquibase.change.custom.CustomChange
-
validate
public liquibase.exception.ValidationErrors validate(liquibase.database.Database database) - Specified by:
validate
in interfaceliquibase.change.custom.CustomChange
-