From a742f34e8a8c96b3f0c9730a8713e78cfe6b010b Mon Sep 17 00:00:00 2001
From: Jaeyoung Lee <kkang090@gmail.com>
Date: Mon, 1 Jul 2024 09:53:43 +0900
Subject: [PATCH] =?UTF-8?q?jasypt=20config=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 pom.xml                                       |  7 ++
 .../com/interplug/qcast/QCastApplication.java |  3 +
 .../qcast/config/jasypt/JasyptConfig.java     | 70 +++++++++++++++++++
 src/main/resources/config/application.yml     |  4 +-
 .../qcast/config/jasypt/JasyptConfigTest.java | 14 ++++
 5 files changed, 96 insertions(+), 2 deletions(-)
 create mode 100644 src/main/java/com/interplug/qcast/config/jasypt/JasyptConfig.java
 create mode 100644 src/test/java/com/interplug/qcast/config/jasypt/JasyptConfigTest.java

diff --git a/pom.xml b/pom.xml
index dc8ffaed..5ac52c73 100644
--- a/pom.xml
+++ b/pom.xml
@@ -74,6 +74,13 @@
             <version>1.16</version>
         </dependency>
 
+        <!-- https://mvnrepository.com/artifact/com.github.ulisesbocchio/jasypt-spring-boot-starter -->
+        <dependency>
+            <groupId>com.github.ulisesbocchio</groupId>
+            <artifactId>jasypt-spring-boot-starter</artifactId>
+            <version>3.0.5</version>
+        </dependency>
+
         <dependency>
             <groupId>com.microsoft.sqlserver</groupId>
             <artifactId>mssql-jdbc</artifactId>
diff --git a/src/main/java/com/interplug/qcast/QCastApplication.java b/src/main/java/com/interplug/qcast/QCastApplication.java
index c524a7ef..bebb8462 100644
--- a/src/main/java/com/interplug/qcast/QCastApplication.java
+++ b/src/main/java/com/interplug/qcast/QCastApplication.java
@@ -1,10 +1,13 @@
 package com.interplug.qcast;
 
+import com.interplug.qcast.config.jasypt.JasyptConfig;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
+import org.springframework.context.annotation.Import;
 
 @SpringBootApplication(exclude = {DataSourceAutoConfiguration.class})
+@Import({JasyptConfig.class})
 public class QCastApplication {
 
   public static void main(String[] args) {
diff --git a/src/main/java/com/interplug/qcast/config/jasypt/JasyptConfig.java b/src/main/java/com/interplug/qcast/config/jasypt/JasyptConfig.java
new file mode 100644
index 00000000..f323be58
--- /dev/null
+++ b/src/main/java/com/interplug/qcast/config/jasypt/JasyptConfig.java
@@ -0,0 +1,70 @@
+package com.interplug.qcast.config.jasypt;
+
+import org.jasypt.encryption.StringEncryptor;
+import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
+import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
+import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
+import org.springframework.beans.factory.annotation.Configurable;
+import org.springframework.context.annotation.Bean;
+
+/**
+ *
+ *
+ * <pre>
+ * 설정파일(yml or properties)에 있는 password 를 암호화
+ * </pre>
+ *
+ * @author KimYoungHyun (youngh.kim@kt.com)
+ */
+@Configurable
+public class JasyptConfig {
+
+  private static final String KEY = "qcast_jasypt_key";
+  private static final String ALGORITHM = "PBEWithMD5AndDES";
+
+  /**
+   *
+   *
+   * <pre>
+   * jasyptEncryptor 설정
+   * </pre>
+   *
+   * @author KimYoungHyun (youngh.kim@kt.com)
+   * @return StringEncryptor
+   */
+  @Bean(name = "jasyptStringEncryptor")
+  public StringEncryptor jasyptEncryptor() {
+    PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
+    SimpleStringPBEConfig config = new SimpleStringPBEConfig();
+
+    config.setPassword(KEY);
+    config.setAlgorithm(ALGORITHM);
+    config.setKeyObtentionIterations("1000");
+    config.setPoolSize("1");
+    config.setProviderName("SunJCE");
+    config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
+    config.setStringOutputType("base64");
+    encryptor.setConfig(config);
+
+    return encryptor;
+  }
+
+  /**
+   *
+   *
+   * <pre>
+   * 평문을 암호화한다.
+   * </pre>
+   *
+   * @author KimYoungHyun (youngh.kim@kt.com)
+   * @param value
+   * @return String
+   */
+  public static String encrypt(String value) {
+    StandardPBEStringEncryptor pbeEnc = new StandardPBEStringEncryptor();
+    pbeEnc.setAlgorithm(ALGORITHM);
+    pbeEnc.setPassword(KEY);
+
+    return pbeEnc.encrypt(value);
+  }
+}
diff --git a/src/main/resources/config/application.yml b/src/main/resources/config/application.yml
index ef6ff2ca..3d8c0e9d 100644
--- a/src/main/resources/config/application.yml
+++ b/src/main/resources/config/application.yml
@@ -16,7 +16,7 @@ spring:
       driver-class-name: net.sf.log4jdbc.sql.jdbcapi.DriverSpy
       jdbc-url: jdbc:log4jdbc:sqlserver://localhost:1433;databaseName=qcastdb;encrypt=true;trustServerCertificate=true
       username: qcast
-      password: qcast1234!
+      password: ENC(rg8lFosEDRzKrg3WQjFrrbUDlzLnbsMa)
       maximum-pool-size: 4
       pool-name: Master-HikariPool
       #      connection-test-query: SELECT 1
@@ -24,7 +24,7 @@ spring:
       driver-class-name: net.sf.log4jdbc.sql.jdbcapi.DriverSpy
       jdbc-url: jdbc:log4jdbc:sqlserver://localhost:1433;databaseName=qcastdb;encrypt=true;trustServerCertificate=true
       username: qcast
-      password: qcast1234!
+      password: ENC(rg8lFosEDRzKrg3WQjFrrbUDlzLnbsMa)
       maximum-pool-size: 4
       pool-name: Read-HikariPool
   #      connection-test-query: SELECT 2
diff --git a/src/test/java/com/interplug/qcast/config/jasypt/JasyptConfigTest.java b/src/test/java/com/interplug/qcast/config/jasypt/JasyptConfigTest.java
new file mode 100644
index 00000000..8dc7c000
--- /dev/null
+++ b/src/test/java/com/interplug/qcast/config/jasypt/JasyptConfigTest.java
@@ -0,0 +1,14 @@
+package com.interplug.qcast.config.jasypt;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+import lombok.extern.slf4j.Slf4j;
+import org.junit.jupiter.api.Test;
+
+@Slf4j
+class JasyptConfigTest {
+  @Test
+  void test() {
+    log.info(JasyptConfig.encrypt("qcast1234!"));
+  }
+}