secrets provider: fixed implementation for serialization/deserializat…

…ion of protected data type with provider/key support

infra/prism-api/src/main/java/com/evolveum/midpoint/prism/crypto/ProtectedData.java

@@ -7,6 +7,7 @@
 package com.evolveum.midpoint.prism.crypto;
 
 import com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType;
+import com.evolveum.prism.xml.ns._public.types_3.ExternalDataType;
 import com.evolveum.prism.xml.ns._public.types_3.HashedDataType;
 
 /**
@@ -30,6 +31,10 @@ public interface ProtectedData<T> {
 
     void setEncryptedData(EncryptedDataType encryptedDataType);
 
+    ExternalDataType getExternalData();
+
+    void setExternalData(ExternalDataType externalDataType);
+
     boolean isEncrypted();
 
     HashedDataType getHashedDataType();
@@ -39,12 +44,4 @@ public interface ProtectedData<T> {
     boolean isHashed();
 
     boolean canSupportType(Class<?> type);
-
-    String getProvider();
-
-    void setProvider(String provider);
-
-    String getKey();
-
-    void setKey(String key);
 }

infra/prism-api/src/main/java/com/evolveum/prism/xml/ns/_public/types_3/ExternalDataType.java

@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) 2010-2018 Evolveum and contributors
+ *
+ * This work is dual-licensed under the Apache License 2.0
+ * and European Union Public License. See LICENSE file for details.
+ */
+
+//
+// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.4
+// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
+// Any modifications to this file will be lost upon recompilation of the source schema.
+// Generated on: 2014.02.04 at 01:34:24 PM CET
+//
+
+package com.evolveum.prism.xml.ns._public.types_3;
+
+import java.io.Serializable;
+import java.util.Objects;
+
+import jakarta.xml.bind.annotation.XmlAccessType;
+import jakarta.xml.bind.annotation.XmlAccessorType;
+import jakarta.xml.bind.annotation.XmlType;
+
+import com.evolveum.midpoint.prism.JaxbVisitable;
+import com.evolveum.midpoint.prism.JaxbVisitor;
+
+@XmlAccessorType(XmlAccessType.FIELD)
+@XmlType(name = "ExternalDataType", propOrder = {
+        "provider",
+        "key",
+})
+public class ExternalDataType implements Serializable, Cloneable, JaxbVisitable {
+
+    protected String provider;
+    protected String key;
+
+    public String getProvider() {
+        return provider;
+    }
+
+    public void setProvider(String value) {
+        this.provider = value;
+    }
+
+    public String getKey() {
+        return key;
+    }
+
+    public void setKey(String value) {
+        this.key = value;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {return true;}
+        if (o == null || getClass() != o.getClass()) {return false;}
+        ExternalDataType that = (ExternalDataType) o;
+        return Objects.equals(provider, that.provider) && Objects.equals(key, that.key);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(provider, key);
+    }
+
+    @Override
+    public String toString() {
+        return "ExternalDataType(provider=" + provider + ", key=" + key + ")";
+    }
+
+    @Override
+    public ExternalDataType clone() {
+        ExternalDataType cloned = new ExternalDataType();
+        cloned.setProvider(getProvider());
+        cloned.setKey(getKey());
+        return cloned;
+    }
+
+    @Override
+    public void accept(JaxbVisitor visitor) {
+        visitor.visit(this);
+    }
+}

infra/prism-api/src/main/java/com/evolveum/prism/xml/ns/_public/types_3/ProtectedDataType.java

@@ -40,14 +40,11 @@
 public abstract class ProtectedDataType<T> implements ProtectedData<T>, PlainStructured.WithoutStrategy, JaxbVisitable {
     private static final long serialVersionUID = 1L;
 
-    public static final String NS_TYPES = "http://prism.evolveum.com/xml/ns/public/types-3";
-
     public static final QName COMPLEX_TYPE = new QName("http://prism.evolveum.com/xml/ns/public/types-3", "ProtectedDataType");
     public static final QName F_ENCRYPTED_DATA = new QName("http://prism.evolveum.com/xml/ns/public/types-3", "encryptedData");
     public static final QName F_HASHED_DATA = new QName("http://prism.evolveum.com/xml/ns/public/types-3", "hashedData");
+    public static final QName F_EXTERNAL_DATA = new QName("http://prism.evolveum.com/xml/ns/public/types-3", "externalData");
     public static final QName F_CLEAR_VALUE = new QName("http://prism.evolveum.com/xml/ns/public/types-3", "clearValue");
-    public static final QName F_PROVIDER = new QName(NS_TYPES, "provider");
-    public static final QName F_KEY = new QName(NS_TYPES, "key");
 
     public static final String NS_XML_ENC = "http://www.w3.org/2001/04/xmlenc#";
     public static final String NS_XML_DSIG = "http://www.w3.org/2000/09/xmldsig#";
@@ -66,6 +63,9 @@ public abstract class ProtectedDataType<T> implements ProtectedData<T>, PlainStr
     @XmlTransient
     private HashedDataType hashedDataType;
 
+    @XmlTransient
+    private ExternalDataType externalDataType;
+
     @XmlTransient
     private T clearValue;
 
@@ -74,10 +74,6 @@ public abstract class ProtectedDataType<T> implements ProtectedData<T>, PlainStr
     @XmlAnyElement(lax = true)
     protected List<Object> content;
 
-    private String provider;
-
-    private String key;
-
     /**
      * TODO
      * May be either encrypted or hashed or provided in the clear (e.g. for debugging).
@@ -114,6 +110,16 @@ public List<Object> getContent() {
         return this.content;
     }
 
+    @Override
+    public ExternalDataType getExternalData() {
+        return externalDataType;
+    }
+
+    @Override
+    public void setExternalData(ExternalDataType externalDataType) {
+        this.externalDataType = externalDataType;
+    }
+
     @Override
     public EncryptedDataType getEncryptedDataType() {
         return encryptedDataType;
@@ -159,36 +165,6 @@ public ProtectedDataType<T> clearValue(T clearValue) {
         return this;
     }
 
-    @Override
-    public String getProvider() {
-        return provider;
-    }
-
-    @Override
-    public void setProvider(String provider) {
-        this.provider = provider;
-    }
-
-    public ProtectedDataType<T> provider(String provider) {
-        setProvider(provider);
-        return this;
-    }
-
-    @Override
-    public String getKey() {
-        return key;
-    }
-
-    @Override
-    public void setKey(String key) {
-        this.key = key;
-    }
-
-    public ProtectedDataType<T> key(String key) {
-        setKey(key);
-        return this;
-    }
-
     @Override
     public boolean canGetCleartext() {
         return clearValue != null || encryptedDataType != null;
@@ -208,10 +184,15 @@ private JAXBElement<HashedDataType> toJaxbElement(HashedDataType hashedDataType)
         return new JAXBElement<>(F_ENCRYPTED_DATA, HashedDataType.class, hashedDataType);
     }
 
+    private JAXBElement<ExternalDataType> toJaxbElement(ExternalDataType externalDataType) {
+        return new JAXBElement<>(F_EXTERNAL_DATA, ExternalDataType.class, externalDataType);
+    }
+
     public void clear() {
         clearValue = null;
         encryptedDataType = null;
         hashedDataType = null;
+        externalDataType = null;
     }
 
     private boolean addContent(Object newObject) {
@@ -282,12 +263,12 @@ private EncryptedDataType convertXmlEncToEncryptedDate(Element eEncryptedData) {
     }
 
     public boolean isEmpty() {
-        return encryptedDataType == null && hashedDataType == null && clearValue == null && provider == null && key == null;
+        return encryptedDataType == null && hashedDataType == null && externalDataType == null && clearValue == null;
     }
 
     @Override
     public int hashCode() {
-        return Objects.hash(encryptedDataType, hashedDataType, clearValue, provider, key);
+        return Objects.hash(encryptedDataType, hashedDataType, externalDataType, clearValue);
     }
 
     /**
@@ -317,8 +298,7 @@ public boolean equals(Object o) {
         return Objects.equals(encryptedDataType, that.encryptedDataType)
                 && Objects.equals(hashedDataType, that.hashedDataType)
                 && Objects.equals(clearValue, that.clearValue)
-                && Objects.equals(provider, that.provider)
-                && Objects.equals(key, that.key);
+                && Objects.equals(externalDataType, that.externalDataType);
     }
 
     @Override
@@ -337,6 +317,10 @@ public String toString() {
             sb.append("clearValue=");
             sb.append(clearValue);
         }
+        if (externalDataType != null) {
+            sb.append("external=");
+            sb.append(externalDataType);
+        }
         sb.append(")");
         return sb.toString();
     }
@@ -345,6 +329,7 @@ protected void cloneTo(ProtectedDataType<T> cloned) {
         cloned.clearValue = CloneUtil.clone(clearValue);
         cloned.encryptedDataType = CloneUtil.clone(encryptedDataType);
         cloned.hashedDataType = CloneUtil.clone(hashedDataType);
+        cloned.externalDataType = externalDataType;
 
         // content is virtual, there is no point in copying it
     }
@@ -356,7 +341,7 @@ class ContentList implements List<Object>, Serializable {
 
         @Override
         public int size() {
-            if (encryptedDataType != null || hashedDataType != null) {
+            if (encryptedDataType != null || hashedDataType != null || externalDataType != null) {
                 return 1;
             } else {
                 return 0;
@@ -365,7 +350,7 @@ public int size() {
 
         @Override
         public boolean isEmpty() {
-            return encryptedDataType == null && hashedDataType == null;
+            return encryptedDataType == null && hashedDataType == null && externalDataType == null;
         }
 
         @Override
@@ -376,7 +361,7 @@ public boolean contains(Object o) {
 
         @Override
         public @NotNull Iterator<Object> iterator() {
-            return new Iterator<Object>() {
+            return new Iterator<>() {
                 private int index = 0;
 
                 @Override
@@ -388,10 +373,12 @@ public boolean hasNext() {
                 public Object next() {
                     if (index == 0) {
                         index++;
-                        if (encryptedDataType == null) {
+                        if (encryptedDataType != null) {
+                            return toJaxbElement(encryptedDataType);
+                        } else if (hashedDataType != null) {
                             return toJaxbElement(hashedDataType);
                         } else {
-                            return toJaxbElement(encryptedDataType);
+                            return toJaxbElement(externalDataType);
                         }
                     } else {
                         return null;
@@ -415,7 +402,7 @@ public Object[] toArray() {
                     a[0] = toJaxbElement(hashedDataType);
                 } else {
                     a[0] = toJaxbElement(encryptedDataType);
-                }
+            }
                 return a;
             }
         }

infra/prism-impl/src/main/java/com/evolveum/midpoint/prism/impl/marshaller/BeanMarshaller.java

@@ -659,6 +659,10 @@ public <T> MapXNodeImpl marshalProtectedDataType(Object o, SerializationContext
             QName type = XsdTypeMapper.toXsdType(protectedType.getClearValue().getClass());
             PrimitiveXNodeImpl<?> xClearValue = createPrimitiveXNode(protectedType.getClearValue(), type, false, sc);
             xmap.put(ProtectedDataType.F_CLEAR_VALUE, xClearValue);
+        } else if (protectedType.getExternalData() != null) {
+            ExternalDataType externalDataType = protectedType.getExternalData();
+            MapXNodeImpl xExternalDataType = (MapXNodeImpl) marshall(externalDataType);
+            xmap.put(ProtectedDataType.F_EXTERNAL_DATA, xExternalDataType);
         }
         // TODO: clearValue
         return xmap;

infra/prism-impl/src/main/java/com/evolveum/midpoint/prism/impl/marshaller/XNodeProcessorUtil.java

@@ -9,6 +9,8 @@
 
 import java.lang.reflect.Field;
 
+import com.evolveum.prism.xml.ns._public.types_3.*;
+
 import jakarta.xml.bind.annotation.XmlValue;
 import javax.xml.namespace.QName;
 
@@ -24,10 +26,6 @@
 import com.evolveum.midpoint.prism.crypto.Protector;
 import com.evolveum.midpoint.util.DOMUtil;
 import com.evolveum.midpoint.util.exception.SchemaException;
-import com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType;
-import com.evolveum.prism.xml.ns._public.types_3.HashedDataType;
-import com.evolveum.prism.xml.ns._public.types_3.ProtectedDataType;
-import com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType;
 
 public class XNodeProcessorUtil {
 
@@ -71,6 +69,14 @@ public static <T> void parseProtectedType(ProtectedDataType<T> protectedType, Ma
             HashedDataType hashedDataType = prismContext.parserFor(xHashedData).context(pc).parseRealValue(HashedDataType.class);
             protectedType.setHashedData(hashedDataType);
         }
+        RootXNodeImpl xExternalData = xmap.getEntryAsRoot(ProtectedDataType.F_EXTERNAL_DATA);
+        if (xExternalData != null) {
+            if (!(xExternalData.getSubnode() instanceof MapXNodeImpl)) {
+                throw new SchemaException("Cannot parse externalData from "+xExternalData);
+            }
+            ExternalDataType externalDataType = prismContext.parserFor(xExternalData).context(pc).parseRealValue(ExternalDataType.class);
+            protectedType.setExternalData(externalDataType);
+        }
         // protected data empty..check for clear value
         if (protectedType.isEmpty()){
             XNodeImpl xClearValue = xmap.get(ProtectedDataType.F_CLEAR_VALUE);