You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by jo...@apache.org on 2022/05/09 17:58:54 UTC

[nifi] 12/16: NIFI-9988 Corrected Property Decryption for Authorizers and Providers

This is an automated email from the ASF dual-hosted git repository.

joewitt pushed a commit to branch support/nifi-1.16
in repository https://gitbox.apache.org/repos/asf/nifi.git

commit 409566c97d69837c73bd4318a35f21d495e7e629
Author: exceptionfactory <ex...@apache.org>
AuthorDate: Wed May 4 12:48:34 2022 -0500

    NIFI-9988 Corrected Property Decryption for Authorizers and Providers
    
    - Updated Protection Scheme Resolver to support both Name matching and Path matching
    
    Signed-off-by: Nathan Gough <th...@gmail.com>
    
    This closes #6017.
---
 .../nifi/properties/scheme/StandardProtectionSchemeResolver.java | 4 +++-
 .../properties/scheme/StandardProtectionSchemeResolverTest.java  | 9 +++++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/nifi-commons/nifi-property-protection-factory/src/main/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolver.java b/nifi-commons/nifi-property-protection-factory/src/main/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolver.java
index 0c797b3b93..44557963e4 100644
--- a/nifi-commons/nifi-property-protection-factory/src/main/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolver.java
+++ b/nifi-commons/nifi-property-protection-factory/src/main/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolver.java
@@ -37,7 +37,9 @@ public class StandardProtectionSchemeResolver implements ProtectionSchemeResolve
     public ProtectionScheme getProtectionScheme(final String scheme) {
         Objects.requireNonNull(scheme, "Scheme required");
         return Arrays.stream(PropertyProtectionScheme.values())
-                .filter(propertyProtectionScheme -> propertyProtectionScheme.name().equals(scheme))
+                .filter(propertyProtectionScheme ->
+                        propertyProtectionScheme.name().equals(scheme) || scheme.startsWith(propertyProtectionScheme.getPath())
+                )
                 .findFirst()
                 .orElseThrow(() -> new SensitivePropertyProtectionException(String.format("Protection Scheme [%s] not supported", scheme)));
     }
diff --git a/nifi-commons/nifi-property-protection-factory/src/test/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolverTest.java b/nifi-commons/nifi-property-protection-factory/src/test/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolverTest.java
index 9cfc4994f7..c8893b2231 100644
--- a/nifi-commons/nifi-property-protection-factory/src/test/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolverTest.java
+++ b/nifi-commons/nifi-property-protection-factory/src/test/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolverTest.java
@@ -30,6 +30,8 @@ public class StandardProtectionSchemeResolverTest {
 
     private static final String AES_GCM_PATH = "aes/gcm";
 
+    private static final String AES_GCM_256_PATH = "aes/gcm/256";
+
     private static final String UNKNOWN = "UNKNOWN";
 
     private StandardProtectionSchemeResolver resolver;
@@ -46,6 +48,13 @@ public class StandardProtectionSchemeResolverTest {
         assertEquals(AES_GCM_PATH, protectionScheme.getPath());
     }
 
+    @Test
+    public void getProtectionSchemeAesGcm256Found() {
+        final ProtectionScheme protectionScheme = resolver.getProtectionScheme(AES_GCM_256_PATH);
+        assertNotNull(protectionScheme);
+        assertEquals(AES_GCM_PATH, protectionScheme.getPath());
+    }
+
     @Test
     public void getProtectionSchemeUnknownNotFound() {
         final SensitivePropertyProtectionException exception = assertThrows(SensitivePropertyProtectionException.class, () -> resolver.getProtectionScheme(UNKNOWN));