feat: documento encriptado na base de dados

fabiomsrs · Jul 16, 2021 · 7e35e09 · 7e35e09
1 parent bc129ca
commit 7e35e09
Show file tree

Hide file tree

Showing 6 changed files with 32 additions and 20 deletions.
diff --git a/src/main/java/br/com/zupacademy/fabiano/proposta/controller/PropostaController.java b/src/main/java/br/com/zupacademy/fabiano/proposta/controller/PropostaController.java
@@ -6,12 +6,15 @@
 import br.com.zupacademy.fabiano.proposta.modelo.Proposta;
 import br.com.zupacademy.fabiano.proposta.modelo.StatusProposta;
 import br.com.zupacademy.fabiano.proposta.repository.PropostaRepository;
-import io.opentracing.Span;
 import io.opentracing.Tracer;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.http.*;
-import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.crypto.encrypt.Encryptors;
+import org.springframework.security.crypto.encrypt.TextEncryptor;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.client.RestTemplate;
 import org.springframework.web.util.UriComponentsBuilder;
@@ -30,6 +33,8 @@ public class PropostaController {
 
     @Value("${solicitacao.host}")
     private String urlSistemaSolicitacao;
+    @Value("${encryptor.salt}")
+    private String salt;
 
     private final Tracer tracer;
 
@@ -40,12 +45,13 @@ public PropostaController(Tracer tracer) {
     @PostMapping
     public ResponseEntity<Proposta> criar(@RequestBody @Valid PropostaRegisterDto dto, UriComponentsBuilder uriBuilder){
         tracer.activeSpan();
-        Proposta proposta = dto.converter();
+        TextEncryptor encryptor = Encryptors.text("password", this.salt);
+        Proposta proposta = dto.converter(encryptor);
         repository.save(proposta);
         RestTemplate restTemplate = new RestTemplate();
 
         Map<String, Object> body = new HashMap<>();
-        body.put("documento", proposta.getDocumento());
+        body.put("documento", encryptor.decrypt(proposta.getDocumento()));
         body.put("nome", proposta.getNome());
         body.put("idProposta", proposta.getId());
 
@@ -68,13 +74,14 @@ public ResponseEntity<Proposta> criar(@RequestBody @Valid PropostaRegisterDto dt
 
     @GetMapping("/{id}")
     public ResponseEntity<?> detalheProposta(@PathVariable("id") String id){
+        TextEncryptor encryptor = Encryptors.text("password", this.salt);
         tracer.activeSpan();
         Optional<Proposta> optionalProposta = repository.findById(id);
 
         if(optionalProposta.isEmpty()){
             return ResponseEntity.notFound().build();
         }
 
-        return ResponseEntity.ok(new PropostaDetalheDto(optionalProposta.get()));
+        return ResponseEntity.ok(new PropostaDetalheDto(optionalProposta.get(), encryptor));
     }
 }
diff --git a/src/main/java/br/com/zupacademy/fabiano/proposta/dto/PropostaDetalheDto.java b/src/main/java/br/com/zupacademy/fabiano/proposta/dto/PropostaDetalheDto.java
@@ -3,13 +3,7 @@
 import br.com.zupacademy.fabiano.proposta.modelo.Cartao;
 import br.com.zupacademy.fabiano.proposta.modelo.Proposta;
 import br.com.zupacademy.fabiano.proposta.modelo.StatusProposta;
-import br.com.zupacademy.fabiano.proposta.validation.Documento;
-
-import javax.persistence.*;
-import javax.validation.constraints.Email;
-import javax.validation.constraints.NotEmpty;
-import javax.validation.constraints.NotNull;
-import javax.validation.constraints.Positive;
+import org.springframework.security.crypto.encrypt.TextEncryptor;
 
 public class PropostaDetalheDto {
     private String documento;
@@ -20,8 +14,8 @@ public class PropostaDetalheDto {
     private Double salario;
     Cartao cartao;
 
-    public PropostaDetalheDto(Proposta proposta) {
-        this.documento = proposta.getDocumento();
+    public PropostaDetalheDto(Proposta proposta, TextEncryptor encryptor) {
+        this.documento = encryptor.decrypt(proposta.getDocumento());
         this.email = proposta.getEmail();
         this.nome = proposta.getNome();
         this.endereco = proposta.getEndereco();

diff --git a/src/main/java/br/com/zupacademy/fabiano/proposta/dto/PropostaRegisterDto.java b/src/main/java/br/com/zupacademy/fabiano/proposta/dto/PropostaRegisterDto.java
@@ -3,6 +3,7 @@
 import br.com.zupacademy.fabiano.proposta.modelo.Proposta;
 import br.com.zupacademy.fabiano.proposta.validation.Documento;
 import br.com.zupacademy.fabiano.proposta.validation.ValorUnico;
+import org.springframework.security.crypto.encrypt.TextEncryptor;
 
 import javax.validation.constraints.Email;
 import javax.validation.constraints.NotEmpty;
@@ -42,7 +43,12 @@ public PropostaRegisterDto(@NotNull @NotEmpty @Documento String documento,
         this.salario = salario;
     }
 
-    public Proposta converter(){
-        return new Proposta(UUID.randomUUID().toString(), this.documento, this.email, this.nome, this.endereco, this.salario);
+    public Proposta converter(TextEncryptor encryptor){
+        return new Proposta(UUID.randomUUID().toString(),
+                encryptor.encrypt(this.documento),
+                this.email,
+                this.nome,
+                this.endereco,
+                this.salario);
     }
 }
diff --git a/src/main/java/br/com/zupacademy/fabiano/proposta/modelo/Proposta.java b/src/main/java/br/com/zupacademy/fabiano/proposta/modelo/Proposta.java
@@ -15,7 +15,6 @@ public class Proposta {
     private String id;
     @NotNull
     @NotEmpty
-    @Documento
     private String documento;
     @NotNull
     @NotEmpty
@@ -34,13 +33,13 @@ public class Proposta {
     private Double salario;
     @OneToOne
     @JoinColumn(unique = true)
-    Cartao cartao;
+    private Cartao cartao;
 
     public Proposta() {
     }
 
     public Proposta(@NotNull String id,
-                    @NotNull @NotEmpty @Documento String documento,
+                    @NotNull @NotEmpty String documento,
                     @NotNull @NotEmpty @Email String email,
                     @NotNull @NotEmpty String nome,
                     @NotNull @NotEmpty String endereco,

diff --git a/src/main/resources/application-prod.properties b/src/main/resources/application-prod.properties
@@ -5,6 +5,9 @@ spring.datasource.username=mysql
 spring.datasource.password=mysql
 spring.jpa.hibernate.ddl-auto=update
 
+#Encryptor
+encryptor.salt=5c0744940b5c369b
+
 ## Hibernate Properties
 # The SQL dialect makes Hibernate generate better SQL for the chosen database
 spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver

diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
@@ -10,6 +10,9 @@ spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.MySQL5InnoDBDial
 #Meu sistema
 sistema.nome=@project.name@
 
+#Encryptor
+encryptor.salt=5c0744940b5c369b
+
 #Prometheus
 management.endpoints.web.exposure.include=info,health,prometheus
 management.endpoints.prometheus.enabled=true