Polishing.

Remove caching variant of MongoClientEncryption. Rename types for consistent key alt name scheme. Rename annotation to ExplicitEncrypted.

Add package-info. Improve documentation wording. Reduce visibility of KeyId and KeyAltName to package-private.

Original pull request: #4302
See: #4284

Author: mp911de

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/convert/MappingMongoConverter.java

@@ -17,16 +17,7 @@
 
 import java.lang.reflect.Constructor;
 import java.lang.reflect.Method;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.LinkedHashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Optional;
-import java.util.Set;
+import java.util.*;
 import java.util.function.Predicate;
 import java.util.stream.Collectors;
 
@@ -39,7 +30,6 @@
 import org.bson.conversions.Bson;
 import org.bson.json.JsonReader;
 import org.bson.types.ObjectId;
-
 import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.BeanClassLoaderAware;
 import org.springframework.context.ApplicationContext;
@@ -51,16 +41,7 @@
 import org.springframework.data.annotation.Reference;
 import org.springframework.data.convert.CustomConversions;
 import org.springframework.data.convert.TypeMapper;
-import org.springframework.data.mapping.AccessOptions;
-import org.springframework.data.mapping.Association;
-import org.springframework.data.mapping.InstanceCreatorMetadata;
-import org.springframework.data.mapping.MappingException;
-import org.springframework.data.mapping.Parameter;
-import org.springframework.data.mapping.PersistentEntity;
-import org.springframework.data.mapping.PersistentProperty;
-import org.springframework.data.mapping.PersistentPropertyAccessor;
-import org.springframework.data.mapping.PersistentPropertyPath;
-import org.springframework.data.mapping.PersistentPropertyPathAccessor;
+import org.springframework.data.mapping.*;
 import org.springframework.data.mapping.callback.EntityCallbacks;
 import org.springframework.data.mapping.context.MappingContext;
 import org.springframework.data.mapping.model.ConvertingPropertyAccessor;
@@ -902,7 +883,7 @@ protected void writePropertyInternal(@Nullable Object obj, DocumentAccessor acce
 
 		if (conversions.hasValueConverter(prop)) {
 			accessor.put(prop, conversions.getPropertyValueConversions().getValueConverter(prop).write(obj,
-					new MongoConversionContext(new PropertyValueProvider<MongoPersistentProperty>() {
+					new MongoConversionContext(new PropertyValueProvider<>() {
 						@Nullable
 						@Override
 						public <T> T getPropertyValue(MongoPersistentProperty property) {
@@ -1245,7 +1226,7 @@ private void writeSimpleInternal(@Nullable Object value, Bson bson, MongoPersist
 
 		if (conversions.hasValueConverter(property)) {
 			accessor.put(property, conversions.getPropertyValueConversions().getValueConverter(property).write(value,
-					new MongoConversionContext(new PropertyValueProvider<MongoPersistentProperty>() {
+					new MongoConversionContext(new PropertyValueProvider<>() {
 						@Nullable
 						@Override
 						public <T> T getPropertyValue(MongoPersistentProperty property) {

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/convert/MongoConversionContext.java

@@ -15,17 +15,12 @@
  */
 package org.springframework.data.mongodb.core.convert;
 
-import java.util.function.Supplier;
-
 import org.bson.conversions.Bson;
 import org.springframework.data.convert.ValueConversionContext;
-import org.springframework.data.mapping.PersistentPropertyAccessor;
 import org.springframework.data.mapping.model.PropertyValueProvider;
 import org.springframework.data.mapping.model.SpELContext;
-import org.springframework.data.mapping.model.SpELExpressionEvaluator;
 import org.springframework.data.mongodb.core.mapping.MongoPersistentProperty;
 import org.springframework.data.util.TypeInformation;
-import org.springframework.expression.EvaluationContext;
 import org.springframework.lang.Nullable;
 
 /**
@@ -36,18 +31,20 @@
  */
 public class MongoConversionContext implements ValueConversionContext<MongoPersistentProperty> {
 
-	private final PropertyValueProvider accessor; // TODO: generics
+	private final PropertyValueProvider<MongoPersistentProperty> accessor; // TODO: generics
 	private final MongoPersistentProperty persistentProperty;
 	private final MongoConverter mongoConverter;
 
 	@Nullable
 	private final SpELContext spELContext;
 
-	public MongoConversionContext(PropertyValueProvider<?> accessor, MongoPersistentProperty persistentProperty, MongoConverter mongoConverter) {
+	public MongoConversionContext(PropertyValueProvider<MongoPersistentProperty> accessor,
+			MongoPersistentProperty persistentProperty, MongoConverter mongoConverter) {
 		this(accessor, persistentProperty, mongoConverter, null);
 	}
 
-	public MongoConversionContext(PropertyValueProvider<?> accessor, MongoPersistentProperty persistentProperty, MongoConverter mongoConverter, SpELContext spELContext) {
+	public MongoConversionContext(PropertyValueProvider<MongoPersistentProperty> accessor,
+			MongoPersistentProperty persistentProperty, MongoConverter mongoConverter, @Nullable SpELContext spELContext) {
 
 		this.accessor = accessor;
 		this.persistentProperty = persistentProperty;
@@ -60,11 +57,13 @@ public MongoPersistentProperty getProperty() {
 		return persistentProperty;
 	}
 
+	@Nullable
 	public Object getValue(String propertyPath) {
 		return accessor.getPropertyValue(persistentProperty.getOwner().getRequiredPersistentProperty(propertyPath));
 	}
 
 	@Override
+	@SuppressWarnings("unchecked")
 	public <T> T write(@Nullable Object value, TypeInformation<T> target) {
 		return (T) mongoConverter.convertToMongoType(value, target);
 	}

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/convert/encryption/EncryptingConverter.java

@@ -20,7 +20,7 @@
 import org.springframework.data.mongodb.core.encryption.EncryptionContext;
 
 /**
- * A specialized {@link MongoValueConverter} for {@literal en-/decrypting} properties.
+ * A specialized {@link MongoValueConverter} for {@literal encryptiong} and {@literal decrypting} properties.
  *
  * @author Christoph Strobl
  * @since 4.1
@@ -32,20 +32,20 @@ default S read(Object value, MongoConversionContext context) {
 		return decrypt(value, buildEncryptionContext(context));
 	}
 
-	@Override
-	default T write(Object value, MongoConversionContext context) {
-		return encrypt(value, buildEncryptionContext(context));
-	}
-
 	/**
 	 * Decrypt the given encrypted source value within the given {@link EncryptionContext context}.
-	 * 
+	 *
 	 * @param encryptedValue the encrypted source.
 	 * @param context the context to operate in.
 	 * @return never {@literal null}.
 	 */
 	S decrypt(Object encryptedValue, EncryptionContext context);
 
+	@Override
+	default T write(Object value, MongoConversionContext context) {
+		return encrypt(value, buildEncryptionContext(context));
+	}
+
 	/**
 	 * Encrypt the given raw source value within the given {@link EncryptionContext context}.
 	 *

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/convert/encryption/MongoEncryptionConverter.java

@@ -39,14 +39,17 @@
 import org.springframework.util.ObjectUtils;
 
 /**
+ * Default implementation of {@link EncryptingConverter}. Properties used with this converter must be annotated with
+ * {@link Encrypted @Encrypted} to provide key and algorithm metadata.
+ *
  * @author Christoph Strobl
  * @since 4.1
  */
 public class MongoEncryptionConverter implements EncryptingConverter<Object, Object> {
 
 	private static final Log LOGGER = LogFactory.getLog(MongoEncryptionConverter.class);
 
-	private Encryption<BsonValue, BsonBinary> encryption;
+	private final Encryption<BsonValue, BsonBinary> encryption;
 	private final EncryptionKeyResolver keyResolver;
 
 	public MongoEncryptionConverter(Encryption<BsonValue, BsonBinary> encryption, EncryptionKeyResolver keyResolver) {
@@ -70,7 +73,7 @@ public Object decrypt(Object encryptedValue, EncryptionContext context) {
 		if (encryptedValue instanceof Binary || encryptedValue instanceof BsonBinary) {
 
 			if (LOGGER.isDebugEnabled()) {
-				LOGGER.debug(String.format("Decrypting %s.%s.",  getProperty(context).getOwner().getName(),
+				LOGGER.debug(String.format("Decrypting %s.%s.", getProperty(context).getOwner().getName(),
 						getProperty(context).getName()));
 			}
 
@@ -83,18 +86,20 @@ public Object decrypt(Object encryptedValue, EncryptionContext context) {
 			}
 		}
 
-		MongoPersistentProperty persistentProperty =  getProperty(context);
+		MongoPersistentProperty persistentProperty = getProperty(context);
 
 		if (getProperty(context).isCollectionLike() && decryptedValue instanceof Iterable<?> iterable) {
+
+			int size = iterable instanceof Collection<?> c ? c.size() : 10;
+
 			if (!persistentProperty.isEntity()) {
-				Collection<Object> collection = CollectionFactory.createCollection(persistentProperty.getType(), 10);
+				Collection<Object> collection = CollectionFactory.createCollection(persistentProperty.getType(), size);
 				iterable.forEach(it -> collection.add(BsonUtils.toJavaType((BsonValue) it)));
 				return collection;
 			} else {
-				Collection<Object> collection = CollectionFactory.createCollection(persistentProperty.getType(), 10);
+				Collection<Object> collection = CollectionFactory.createCollection(persistentProperty.getType(), size);
 				iterable.forEach(it -> {
-					collection.add(context.read(BsonUtils.toJavaType((BsonValue) it),
-							persistentProperty.getActualType()));
+					collection.add(context.read(BsonUtils.toJavaType((BsonValue) it), persistentProperty.getActualType()));
 				});
 				return collection;
 			}
@@ -109,17 +114,12 @@ public Object decrypt(Object encryptedValue, EncryptionContext context) {
 		}
 
 		if (persistentProperty.isEntity() && decryptedValue instanceof BsonDocument bsonDocument) {
-			return context.read(BsonUtils.toJavaType(bsonDocument),
-					persistentProperty.getTypeInformation().getType());
+			return context.read(BsonUtils.toJavaType(bsonDocument), persistentProperty.getTypeInformation().getType());
 		}
 
 		return decryptedValue;
 	}
 
-	private MongoPersistentProperty getProperty(EncryptionContext context) {
-		return context.getProperty();
-	}
-
 	@Override
 	public Object encrypt(Object value, EncryptionContext context) {
 
@@ -128,15 +128,19 @@ public Object encrypt(Object value, EncryptionContext context) {
 					getProperty(context).getName()));
 		}
 
-		MongoPersistentProperty persistentProperty =  getProperty(context);
+		MongoPersistentProperty persistentProperty = getProperty(context);
 
 		Encrypted annotation = persistentProperty.findAnnotation(Encrypted.class);
-		if(annotation == null) {
+		if (annotation == null) {
 			annotation = persistentProperty.getOwner().findAnnotation(Encrypted.class);
 		}
 
-		EncryptionOptions encryptionOptions = new EncryptionOptions(annotation.algorithm());
-		encryptionOptions.setKey(keyResolver.getKey(context));
+		if (annotation == null) {
+			throw new IllegalStateException(String.format("Property %s.%s is not annotated with @Encrypted",
+					getProperty(context).getOwner().getName(), getProperty(context).getName()));
+		}
+
+		EncryptionOptions encryptionOptions = new EncryptionOptions(annotation.algorithm(), keyResolver.getKey(context));
 
 		if (!persistentProperty.isEntity()) {
 
@@ -162,36 +166,44 @@ public Object encrypt(Object value, EncryptionContext context) {
 		return encryption.encrypt(BsonUtils.simpleToBsonValue(write), encryptionOptions);
 	}
 
-	public BsonValue collectionLikeToBsonValue(Object value, MongoPersistentProperty property,
+	private BsonValue collectionLikeToBsonValue(Object value, MongoPersistentProperty property,
 			EncryptionContext context) {
 
 		BsonArray bsonArray = new BsonArray();
-		if (!property.isEntity()) {
-			if (value instanceof Collection values) {
-				values.forEach(it -> bsonArray.add(BsonUtils.simpleToBsonValue(it)));
-			} else if (ObjectUtils.isArray(value)) {
-				for (Object o : ObjectUtils.toObjectArray(value)) {
-					bsonArray.add(BsonUtils.simpleToBsonValue(o));
+		boolean isEntity = property.isEntity();
+
+		if (value instanceof Collection<?> values) {
+			values.forEach(it -> {
+
+				if (isEntity) {
+					Document document = (Document) context.write(it, property.getTypeInformation());
+					bsonArray.add(document == null ? null : document.toBsonDocument());
+				} else {
+					bsonArray.add(BsonUtils.simpleToBsonValue(it));
 				}
-			}
-			return bsonArray;
-		} else {
-			if (value instanceof Collection values) {
-				values.forEach(it -> {
-					Document write = (Document) context.write(it, property.getTypeInformation());
-					bsonArray.add(write.toBsonDocument());
-				});
-			} else if (ObjectUtils.isArray(value)) {
-				for (Object o : ObjectUtils.toObjectArray(value)) {
-					Document write = (Document) context.write(o, property.getTypeInformation());
-					bsonArray.add(write.toBsonDocument());
+			});
+		} else if (ObjectUtils.isArray(value)) {
+
+			for (Object o : ObjectUtils.toObjectArray(value)) {
+
+				if (isEntity) {
+					Document document = (Document) context.write(o, property.getTypeInformation());
+					bsonArray.add(document == null ? null : document.toBsonDocument());
+				} else {
+					bsonArray.add(BsonUtils.simpleToBsonValue(o));
 				}
 			}
-			return bsonArray;
 		}
+
+		return bsonArray;
 	}
 
+	@Override
 	public EncryptionContext buildEncryptionContext(MongoConversionContext context) {
 		return new ExplicitEncryptionContext(context);
 	}
+
+	protected MongoPersistentProperty getProperty(EncryptionContext context) {
+		return context.getProperty();
+	}
 }

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/convert/encryption/package-info.java

@@ -0,0 +1,7 @@
+/**
+ * Converters integrating with
+ * <a href="https://www.mongodb.com/docs/manual/core/csfle/fundamentals/manual-encryption/">explicit encryption
+ * mechanism of Client-Side Field Level Encryption</a>.
+ */
+@org.springframework.lang.NonNullApi
+package org.springframework.data.mongodb.core.convert.encryption;

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/encryption/Encryption.java

@@ -16,7 +16,7 @@
 package org.springframework.data.mongodb.core.encryption;
 
 /**
- * Component responsible for en-/decrypting values.
+ * Component responsible for encrypting and decrypting values.
  *
  * @author Christoph Strobl
  * @since 4.1

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/encryption/EncryptionContext.java

@@ -15,15 +15,17 @@
  */
 package org.springframework.data.mongodb.core.encryption;
 
-import org.springframework.data.convert.ValueConversionContext;
 import org.springframework.data.mapping.PersistentProperty;
 import org.springframework.data.mongodb.core.mapping.MongoPersistentProperty;
 import org.springframework.data.util.TypeInformation;
 import org.springframework.expression.EvaluationContext;
 import org.springframework.lang.Nullable;
 
 /**
+ * Context to encapsulate encryption for a specific {@link MongoPersistentProperty}.
+ *
  * @author Christoph Strobl
+ * @since 4.1
  */
 public interface EncryptionContext {
 
@@ -36,7 +38,7 @@ public interface EncryptionContext {
 
 	/**
 	 * Shortcut for converting a given {@literal value} into its store representation using the root
-	 * {@link ValueConversionContext}.
+	 * {@code ValueConversionContext}.
 	 *
 	 * @param value
 	 * @return