Avoid schema keyId uuid representation errors.

christophstrobl · mp911de · commit a3861b607a07 · 2022-01-13T15:26:58.000+01:00
To avoid driver configuration specific UUID representation format errors (binary subtype 3 vs. subtype 4) we now directly convert the given key into its subtype 4 format. Resolves: #3929 Original pull request: #3931.
diff --git a/spring-data-mongodb/src/main/java/org/springframework/data/mongodb/util/encryption/EncryptionUtils.java b/spring-data-mongodb/src/main/java/org/springframework/data/mongodb/util/encryption/EncryptionUtils.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2021 the original author or authors.
+ * Copyright 2021-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,11 +18,15 @@
 import java.util.UUID;
 import java.util.function.Supplier;
 
+import org.bson.BsonBinary;
+import org.bson.BsonBinarySubType;
+import org.bson.types.Binary;
 import org.springframework.data.mongodb.util.spel.ExpressionUtils;
 import org.springframework.expression.EvaluationContext;
 import org.springframework.expression.Expression;
 import org.springframework.lang.Nullable;
 import org.springframework.util.Assert;
+import org.springframework.util.Base64Utils;
 
 /**
  * Internal utility class for dealing with encryption related matters.
@@ -35,8 +39,8 @@ public final class EncryptionUtils {
 	/**
 	 * Resolve a given plain {@link String} value into the store native {@literal keyId} format, considering potential
 	 * {@link Expression expressions}. <br />
-	 * The potential keyId is probed against an {@link UUID#fromString(String) UUID value} and the {@literal base64}
-	 * encoded {@code $binary} representation.
+	 * The potential keyId is probed against an {@link UUID#fromString(String) UUID value} or decoded from the
+	 * {@literal base64} representation prior to conversion into its {@link Binary} format.
 	 *
 	 * @param value the source value to resolve the keyId for. Must not be {@literal null}.
 	 * @param evaluationContext a {@link Supplier} used to provide the {@link EvaluationContext} in case an
@@ -57,11 +61,13 @@ public static Object resolveKeyId(String value, Supplier<EvaluationContext> eval
 				return potentialKeyId;
 			}
 		}
+
 		try {
-			return UUID.fromString(potentialKeyId.toString());
+			return new Binary(BsonBinarySubType.UUID_STANDARD,
+					new BsonBinary(UUID.fromString(potentialKeyId.toString())).getData());
 		} catch (IllegalArgumentException e) {
-			return org.bson.Document.parse("{ val : { $binary : { base64 : '" + potentialKeyId + "', subType : '04'} } }")
-					.get("val");
+
+			return new Binary(BsonBinarySubType.UUID_STANDARD, Base64Utils.decodeFromString(potentialKeyId.toString()));
 		}
 	}
 }
diff --git a/spring-data-mongodb/src/test/java/org/springframework/data/mongodb/core/MappingMongoJsonSchemaCreatorUnitTests.java b/spring-data-mongodb/src/test/java/org/springframework/data/mongodb/core/MappingMongoJsonSchemaCreatorUnitTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2019-2021 the original author or authors.
+ * Copyright 2019-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -23,6 +23,7 @@
 import java.util.List;
 import java.util.Map;
 
+import org.bson.BsonDocument;
 import org.bson.Document;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@@ -107,7 +108,7 @@ public void converterRegistered() {
 				.createSchemaFor(Patient.class);
 
 		Document targetSchema = schema.schemaDocument();
-		assertThat(targetSchema).isEqualTo(Document.parse(PATIENT));
+		assertThat(targetSchema.toBsonDocument()).isEqualTo(BsonDocument.parse(PATIENT));
 	}
 
 	@Test // GH-3800
@@ -136,7 +137,7 @@ public void csfleWithKeyFromProperties() {
 				.filter(MongoJsonSchemaCreator.encryptedOnly()) //
 				.createSchemaFor(EncryptionMetadataFromProperty.class);
 
-		assertThat(schema.schemaDocument()).isEqualTo(Document.parse(ENC_FROM_PROPERTY_SCHEMA));
+		assertThat(schema.schemaDocument().toBsonDocument()).isEqualTo(BsonDocument.parse(ENC_FROM_PROPERTY_SCHEMA));
 	}
 
 	@Test // GH-3800
@@ -154,7 +155,7 @@ public void csfleWithKeyFromMethod() {
 				.filter(MongoJsonSchemaCreator.encryptedOnly()) //
 				.createSchemaFor(EncryptionMetadataFromMethod.class);
 
-		assertThat(schema.schemaDocument()).isEqualTo(Document.parse(ENC_FROM_METHOD_SCHEMA));
+		assertThat(schema.schemaDocument().toBsonDocument()).isEqualTo(BsonDocument.parse(ENC_FROM_METHOD_SCHEMA));
 	}
 
 	// --> TYPES AND JSON
@@ -392,7 +393,7 @@ static class Insurance {
 	}
 
 	static final String ENC_FROM_PROPERTY_ENTITY_KEY = "C5a5aMB7Ttq4wSJTFeRn8g==";
-	static final String ENC_FROM_PROPERTY_PROPOERTY_KEY = "Mw6mdTVPQfm4quqSCLVB3g=";
+	static final String ENC_FROM_PROPERTY_PROPOERTY_KEY = "Mw6mdTVPQfm4quqSCLVB3g==";
 	static final String ENC_FROM_PROPERTY_SCHEMA = "{" + //
 			"  'encryptMetadata': {" + //
 			"    'keyId': [" + //
