Add support for explicit field encryption.

We now support explicit field encryption using mapped entities through the `@ExplicitEncrypted` annotation.

class Person {
  ObjectId id;

  @ExplicitEncrypted(algorithm = AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic, altKeyName = "my-secret-key")
  String socialSecurityNumber;
}

Encryption is applied transparently to all mapped entities leveraging the existing converter infrastructure.

Original pull request: #4302
Closes: #4284

Author: christophstrobl

spring-data-mongodb/pom.xml

@@ -112,6 +112,13 @@
 			<optional>true</optional>
 		</dependency>
 
+		<dependency>
+			<groupId>org.mongodb</groupId>
+			<artifactId>mongodb-crypt</artifactId>
+			<version>1.6.1</version>
+			<optional>true</optional>
+		</dependency>
+
 		<dependency>
 			<groupId>io.projectreactor</groupId>
 			<artifactId>reactor-core</artifactId>

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/MongoExceptionTranslator.java

@@ -68,6 +68,8 @@ public class MongoExceptionTranslator implements PersistenceExceptionTranslator
 	private static final Set<String> DATA_INTEGRITY_EXCEPTIONS = new HashSet<>(
 			Arrays.asList("WriteConcernException", "MongoWriteException", "MongoBulkWriteException"));
 
+	private static final Set<String> SECURITY_EXCEPTIONS = Set.of("MongoCryptException");
+
 	@Nullable
 	public DataAccessException translateExceptionIfPossible(RuntimeException ex) {
 
@@ -131,6 +133,8 @@ public DataAccessException translateExceptionIfPossible(RuntimeException ex) {
 				return new ClientSessionException(ex.getMessage(), ex);
 			} else if (MongoDbErrorCodes.isTransactionFailureCode(code)) {
 				return new MongoTransactionException(ex.getMessage(), ex);
+			} else if(ex.getCause() != null && SECURITY_EXCEPTIONS.contains(ClassUtils.getShortName(ex.getCause().getClass()))) {
+				return new PermissionDeniedDataAccessException(ex.getMessage(), ex);
 			}
 
 			return new UncategorizedMongoDbException(ex.getMessage(), ex);

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/convert/MappingMongoConverter.java

@@ -331,7 +331,7 @@ private <R> R doReadProjection(ConversionContext context, Bson bson, EntityProje
 			PersistentPropertyAccessor<?> convertingAccessor = PropertyTranslatingPropertyAccessor
 					.create(new ConvertingPropertyAccessor<>(accessor, conversionService), propertyTranslator);
 			MongoDbPropertyValueProvider valueProvider = new MongoDbPropertyValueProvider(context, documentAccessor,
-					evaluator);
+					evaluator, spELContext);
 
 			readProperties(context, entity, convertingAccessor, documentAccessor, valueProvider, evaluator,
 					Predicates.isTrue());
@@ -367,7 +367,7 @@ String getFieldName(MongoPersistentProperty prop) {
 		populateProperties(context, mappedEntity, documentAccessor, evaluator, instance);
 
 		PersistentPropertyAccessor<?> convertingAccessor = new ConvertingPropertyAccessor<>(accessor, conversionService);
-		MongoDbPropertyValueProvider valueProvider = new MongoDbPropertyValueProvider(context, documentAccessor, evaluator);
+		MongoDbPropertyValueProvider valueProvider = new MongoDbPropertyValueProvider(context, documentAccessor, evaluator, spELContext);
 
 		readProperties(context, mappedEntity, convertingAccessor, documentAccessor, valueProvider, evaluator,
 				Predicates.isTrue());
@@ -529,7 +529,7 @@ private <S> S populateProperties(ConversionContext context, MongoPersistentEntit
 		ConversionContext contextToUse = context.withPath(currentPath);
 
 		MongoDbPropertyValueProvider valueProvider = new MongoDbPropertyValueProvider(contextToUse, documentAccessor,
-				evaluator);
+				evaluator, spELContext);
 
 		Predicate<MongoPersistentProperty> propertyFilter = isIdentifier(entity).or(isConstructorArgument(entity)).negate();
 		readProperties(contextToUse, entity, accessor, documentAccessor, valueProvider, evaluator, propertyFilter);
@@ -868,9 +868,9 @@ private void writeProperties(Bson bson, MongoPersistentEntity<?> entity, Persist
 					dbObjectAccessor.put(prop, null);
 				}
 			} else if (!conversions.isSimpleType(value.getClass())) {
-				writePropertyInternal(value, dbObjectAccessor, prop);
+				writePropertyInternal(value, dbObjectAccessor, prop, accessor);
 			} else {
-				writeSimpleInternal(value, bson, prop);
+				writeSimpleInternal(value, bson, prop, accessor);
 			}
 		}
 	}
@@ -887,11 +887,11 @@ private void writeAssociation(Association<MongoPersistentProperty> association,
 			return;
 		}
 
-		writePropertyInternal(value, dbObjectAccessor, inverseProp);
+		writePropertyInternal(value, dbObjectAccessor, inverseProp, accessor);
 	}
 
 	@SuppressWarnings({ "unchecked" })
-	protected void writePropertyInternal(@Nullable Object obj, DocumentAccessor accessor, MongoPersistentProperty prop) {
+	protected void writePropertyInternal(@Nullable Object obj, DocumentAccessor accessor, MongoPersistentProperty prop, PersistentPropertyAccessor<?> persistentPropertyAccessor) {
 
 		if (obj == null) {
 			return;
@@ -902,7 +902,13 @@ protected void writePropertyInternal(@Nullable Object obj, DocumentAccessor acce
 
 		if (conversions.hasValueConverter(prop)) {
 			accessor.put(prop, conversions.getPropertyValueConversions().getValueConverter(prop).write(obj,
-					new MongoConversionContext(prop, this)));
+					new MongoConversionContext(new PropertyValueProvider<MongoPersistentProperty>() {
+						@Nullable
+						@Override
+						public <T> T getPropertyValue(MongoPersistentProperty property) {
+							return (T) persistentPropertyAccessor.getProperty(property);
+						}
+					}, prop, this, spELContext)));
 			return;
 		}
 
@@ -1234,12 +1240,18 @@ private void writeSimpleInternal(@Nullable Object value, Bson bson, String key)
 		BsonUtils.addToMap(bson, key, getPotentiallyConvertedSimpleWrite(value, Object.class));
 	}
 
-	private void writeSimpleInternal(@Nullable Object value, Bson bson, MongoPersistentProperty property) {
+	private void writeSimpleInternal(@Nullable Object value, Bson bson, MongoPersistentProperty property, PersistentPropertyAccessor<?> persistentPropertyAccessor) {
 		DocumentAccessor accessor = new DocumentAccessor(bson);
 
 		if (conversions.hasValueConverter(property)) {
 			accessor.put(property, conversions.getPropertyValueConversions().getValueConverter(property).write(value,
-					new MongoConversionContext(property, this)));
+					new MongoConversionContext(new PropertyValueProvider<MongoPersistentProperty>() {
+						@Nullable
+						@Override
+						public <T> T getPropertyValue(MongoPersistentProperty property) {
+							return (T) persistentPropertyAccessor.getProperty(property);
+						}
+					}, property, this, spELContext)));
 			return;
 		}
 
@@ -1845,6 +1857,7 @@ static class MongoDbPropertyValueProvider implements PropertyValueProvider<Mongo
 		final ConversionContext context;
 		final DocumentAccessor accessor;
 		final SpELExpressionEvaluator evaluator;
+		final SpELContext spELContext;
 
 		/**
 		 * Creates a new {@link MongoDbPropertyValueProvider} for the given source, {@link SpELExpressionEvaluator} and
@@ -1855,7 +1868,7 @@ static class MongoDbPropertyValueProvider implements PropertyValueProvider<Mongo
 		 * @param evaluator must not be {@literal null}.
 		 */
 		MongoDbPropertyValueProvider(ConversionContext context, Bson source, SpELExpressionEvaluator evaluator) {
-			this(context, new DocumentAccessor(source), evaluator);
+			this(context, new DocumentAccessor(source), evaluator, null);
 		}
 
 		/**
@@ -1867,7 +1880,7 @@ static class MongoDbPropertyValueProvider implements PropertyValueProvider<Mongo
 		 * @param evaluator must not be {@literal null}.
 		 */
 		MongoDbPropertyValueProvider(ConversionContext context, DocumentAccessor accessor,
-				SpELExpressionEvaluator evaluator) {
+				SpELExpressionEvaluator evaluator, SpELContext spELContext) {
 
 			Assert.notNull(context, "ConversionContext must no be null");
 			Assert.notNull(accessor, "DocumentAccessor must no be null");
@@ -1876,6 +1889,7 @@ static class MongoDbPropertyValueProvider implements PropertyValueProvider<Mongo
 			this.context = context;
 			this.accessor = accessor;
 			this.evaluator = evaluator;
+			this.spELContext = spELContext;
 		}
 
 		@Nullable
@@ -1892,7 +1906,7 @@ public <T> T getPropertyValue(MongoPersistentProperty property) {
 			CustomConversions conversions = context.getCustomConversions();
 			if (conversions.hasValueConverter(property)) {
 				return (T) conversions.getPropertyValueConversions().getValueConverter(property).read(value,
-						new MongoConversionContext(property, context.getSourceConverter()));
+						new MongoConversionContext(this, property, context.getSourceConverter(), spELContext));
 			}
 
 			ConversionContext contextToUse = context.forProperty(property);
@@ -1902,7 +1916,7 @@ public <T> T getPropertyValue(MongoPersistentProperty property) {
 
 		public MongoDbPropertyValueProvider withContext(ConversionContext context) {
 
-			return context == this.context ? this : new MongoDbPropertyValueProvider(context, accessor, evaluator);
+			return context == this.context ? this : new MongoDbPropertyValueProvider(context, accessor, evaluator, spELContext);
 		}
 	}
 
@@ -1925,7 +1939,7 @@ class AssociationAwareMongoDbPropertyValueProvider extends MongoDbPropertyValueP
 		 */
 		AssociationAwareMongoDbPropertyValueProvider(ConversionContext context, DocumentAccessor source,
 				SpELExpressionEvaluator evaluator) {
-			super(context, source, evaluator);
+			super(context, source, evaluator, MappingMongoConverter.this.spELContext);
 		}
 
 		@Override

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/convert/MongoConversionContext.java

@@ -15,10 +15,17 @@
  */
 package org.springframework.data.mongodb.core.convert;
 
+import java.util.function.Supplier;
+
 import org.bson.conversions.Bson;
 import org.springframework.data.convert.ValueConversionContext;
+import org.springframework.data.mapping.PersistentPropertyAccessor;
+import org.springframework.data.mapping.model.PropertyValueProvider;
+import org.springframework.data.mapping.model.SpELContext;
+import org.springframework.data.mapping.model.SpELExpressionEvaluator;
 import org.springframework.data.mongodb.core.mapping.MongoPersistentProperty;
 import org.springframework.data.util.TypeInformation;
+import org.springframework.expression.EvaluationContext;
 import org.springframework.lang.Nullable;
 
 /**
@@ -29,20 +36,34 @@
  */
 public class MongoConversionContext implements ValueConversionContext<MongoPersistentProperty> {
 
+	private final PropertyValueProvider accessor; // TODO: generics
 	private final MongoPersistentProperty persistentProperty;
 	private final MongoConverter mongoConverter;
 
-	public MongoConversionContext(MongoPersistentProperty persistentProperty, MongoConverter mongoConverter) {
+	@Nullable
+	private final SpELContext spELContext;
+
+	public MongoConversionContext(PropertyValueProvider<?> accessor, MongoPersistentProperty persistentProperty, MongoConverter mongoConverter) {
+		this(accessor, persistentProperty, mongoConverter, null);
+	}
+
+	public MongoConversionContext(PropertyValueProvider<?> accessor, MongoPersistentProperty persistentProperty, MongoConverter mongoConverter, SpELContext spELContext) {
 
+		this.accessor = accessor;
 		this.persistentProperty = persistentProperty;
 		this.mongoConverter = mongoConverter;
+		this.spELContext = spELContext;
 	}
 
 	@Override
 	public MongoPersistentProperty getProperty() {
 		return persistentProperty;
 	}
 
+	public Object getValue(String propertyPath) {
+		return accessor.getPropertyValue(persistentProperty.getOwner().getRequiredPersistentProperty(propertyPath));
+	}
+
 	@Override
 	public <T> T write(@Nullable Object value, TypeInformation<T> target) {
 		return (T) mongoConverter.convertToMongoType(value, target);
@@ -53,4 +74,9 @@ public <T> T read(@Nullable Object value, TypeInformation<T> target) {
 		return value instanceof Bson ? mongoConverter.read(target.getType(), (Bson) value)
 				: ValueConversionContext.super.read(value, target);
 	}
+
+	@Nullable
+	public SpELContext getSpELContext() {
+		return spELContext;
+	}
 }

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/convert/QueryMapper.java

@@ -439,7 +439,7 @@ protected Object getMappedValue(Field documentField, Object sourceValue) {
 				&& converter.getCustomConversions().hasValueConverter(documentField.getProperty())) {
 			return converter.getCustomConversions().getPropertyValueConversions()
 					.getValueConverter(documentField.getProperty())
-					.write(value, new MongoConversionContext(documentField.getProperty(), converter));
+					.write(value, new MongoConversionContext(null, documentField.getProperty(), converter));
 		}
 
 		if (documentField.isIdField() && !documentField.isAssociation()) {

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/convert/encryption/EncryptingConverter.java

@@ -0,0 +1,66 @@
+/*
+ * Copyright 2023 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.data.mongodb.core.convert.encryption;
+
+import org.springframework.data.mongodb.core.convert.MongoConversionContext;
+import org.springframework.data.mongodb.core.convert.MongoValueConverter;
+import org.springframework.data.mongodb.core.encryption.EncryptionContext;
+
+/**
+ * A specialized {@link MongoValueConverter} for {@literal en-/decrypting} properties.
+ *
+ * @author Christoph Strobl
+ * @since 4.1
+ */
+public interface EncryptingConverter<S, T> extends MongoValueConverter<S, T> {
+
+	@Override
+	default S read(Object value, MongoConversionContext context) {
+		return decrypt(value, buildEncryptionContext(context));
+	}
+
+	@Override
+	default T write(Object value, MongoConversionContext context) {
+		return encrypt(value, buildEncryptionContext(context));
+	}
+
+	/**
+	 * Decrypt the given encrypted source value within the given {@link EncryptionContext context}.
+	 * 
+	 * @param encryptedValue the encrypted source.
+	 * @param context the context to operate in.
+	 * @return never {@literal null}.
+	 */
+	S decrypt(Object encryptedValue, EncryptionContext context);
+
+	/**
+	 * Encrypt the given raw source value within the given {@link EncryptionContext context}.
+	 *
+	 * @param value the encrypted source.
+	 * @param context the context to operate in.
+	 * @return never {@literal null}.
+	 */
+	T encrypt(Object value, EncryptionContext context);
+
+	/**
+	 * Obtain the {@link EncryptionContext} for a given {@link MongoConversionContext value conversion context}.
+	 *
+	 * @param context the current MongoDB specific {@link org.springframework.data.convert.ValueConversionContext}.
+	 * @return the {@link EncryptionContext} to operate in.
+	 * @see org.springframework.data.convert.ValueConversionContext
+	 */
+	EncryptionContext buildEncryptionContext(MongoConversionContext context);
+}

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/convert/encryption/ExplicitEncryptionContext.java

@@ -0,0 +1,70 @@
+/*
+ * Copyright 2023 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.data.mongodb.core.convert.encryption;
+
+import org.springframework.data.mongodb.core.convert.MongoConversionContext;
+import org.springframework.data.mongodb.core.encryption.EncryptionContext;
+import org.springframework.data.mongodb.core.mapping.MongoPersistentProperty;
+import org.springframework.data.util.TypeInformation;
+import org.springframework.expression.EvaluationContext;
+import org.springframework.lang.NonNull;
+import org.springframework.lang.Nullable;
+
+/**
+ * Default {@link EncryptionContext} implementation.
+ * 
+ * @author Christoph Strobl
+ * @since 4.1
+ */
+class ExplicitEncryptionContext implements EncryptionContext {
+
+	private final MongoConversionContext conversionContext;
+
+	public ExplicitEncryptionContext(MongoConversionContext conversionContext) {
+		this.conversionContext = conversionContext;
+	}
+
+	@Override
+	public MongoPersistentProperty getProperty() {
+		return conversionContext.getProperty();
+	}
+
+	@Nullable
+	@Override
+	public Object lookupValue(String path) {
+		return conversionContext.getValue(path);
+	}
+
+	@Override
+	public Object convertToMongoType(Object value) {
+		return conversionContext.write(value);
+	}
+
+	@Override
+	public EvaluationContext getEvaluationContext(Object source) {
+		return conversionContext.getSpELContext().getEvaluationContext(source);
+	}
+
+	@Override
+	public <T> T read(@Nullable Object value, TypeInformation<T> target) {
+		return conversionContext.read(value, target);
+	}
+
+	@Override
+	public <T> T write(@Nullable Object value, TypeInformation<T> target) {
+		return conversionContext.write(value, target);
+	}
+}