Fixes #269. Add LoggingInterceptor so we can see how to implement it …

…without exposing secret keys.
smallrye · Apr 16, 2020 · a47b43e · a47b43e
1 parent cd22f7d
commit a47b43e
Show file tree

Hide file tree

Showing 9 changed files with 86 additions and 49 deletions.
diff --git a/implementation/src/main/java/io/smallrye/config/ConfigSourceInterceptorContext.java b/implementation/src/main/java/io/smallrye/config/ConfigSourceInterceptorContext.java
@@ -14,4 +14,6 @@ public interface ConfigSourceInterceptorContext extends Serializable {
      * @return a {@link ConfigValue} with information about the key, lookup value and source ConfigSource.
      */
     ConfigValue proceed(String name);
+
+    SecretKeys getSecretKeys();
 }
diff --git a/implementation/src/main/java/io/smallrye/config/LoggingConfigSourceInterceptor.java b/implementation/src/main/java/io/smallrye/config/LoggingConfigSourceInterceptor.java
@@ -0,0 +1,26 @@
+package io.smallrye.config;
+
+import org.jboss.logging.Logger;
+
+public class LoggingConfigSourceInterceptor implements ConfigSourceInterceptor {
+    private static final Logger LOG = Logger.getLogger("io.smallrye.config");
+
+    @Override
+    public ConfigValue getValue(final ConfigSourceInterceptorContext context, final String name) {
+        final ConfigValue configValue = context.proceed(name);
+        if (context.getSecretKeys().isSecret(name)) {
+            return configValue;
+        }
+
+        if (configValue != null) {
+            final String value = configValue.getValue();
+            final String configLocation = configValue.getConfigSourceName() + ":" + configValue.getLineNumber();
+
+            LOG.infov("The config {0} was loaded from {1} with the value {2}", name, configLocation, value);
+        } else {
+            LOG.infov("The config {0} was not found", name);
+        }
+
+        return configValue;
+    }
+}
diff --git a/implementation/src/main/java/io/smallrye/config/SmallRyeConfig.java b/implementation/src/main/java/io/smallrye/config/SmallRyeConfig.java
@@ -168,18 +168,19 @@ private ConfigSourceInterceptorContext buildInterceptorChain(final SmallRyeConfi
                         }
                     }
                     return null;
-                }, null);
+                }, null, secretKeys);
 
         // Security interceptor to prevent access to secret keys
         current = new SmallRyeConfigSourceInterceptorContext((ConfigSourceInterceptor) (context, name) -> {
             if (!secretKeys.isSecretAccessible(name)) {
                 throw new SecurityException("Not allowed to access secret key " + name);
             }
             return context.proceed(name);
-        }, current);
+        }, current, secretKeys);
 
         for (int i = interceptors.size() - 1; i >= 0; i--) {
-            current = new SmallRyeConfigSourceInterceptorContext(interceptors.get(i).getInterceptor(current), current);
+            current = new SmallRyeConfigSourceInterceptorContext(
+                    interceptors.get(i).getInterceptor(current), current, secretKeys);
         }
 
         return current;

diff --git a/implementation/src/main/java/io/smallrye/config/SmallRyeConfigSourceInterceptorContext.java b/implementation/src/main/java/io/smallrye/config/SmallRyeConfigSourceInterceptorContext.java
@@ -3,16 +3,24 @@
 class SmallRyeConfigSourceInterceptorContext implements ConfigSourceInterceptorContext {
     private ConfigSourceInterceptor interceptor;
     private SmallRyeConfigSourceInterceptorContext next;
+    private SecretKeys secretKeys;
 
     SmallRyeConfigSourceInterceptorContext(
             final ConfigSourceInterceptor interceptor,
-            final SmallRyeConfigSourceInterceptorContext next) {
+            final SmallRyeConfigSourceInterceptorContext next,
+            final SecretKeys secretKeys) {
         this.interceptor = interceptor;
         this.next = next;
+        this.secretKeys = secretKeys;
     }
 
     @Override
     public ConfigValue proceed(final String name) {
         return interceptor.getValue(next, name);
     }
+
+    @Override
+    public SecretKeys getSecretKeys() {
+        return secretKeys;
+    }
 }
diff --git a/implementation/src/test/java/io/smallrye/config/ConfigSourceLoggingInterceptorTest.java b/implementation/src/test/java/io/smallrye/config/ConfigSourceLoggingInterceptorTest.java
diff --git a/implementation/src/test/java/io/smallrye/config/LoggingConfigSourceInterceptorTest.java b/implementation/src/test/java/io/smallrye/config/LoggingConfigSourceInterceptorTest.java
@@ -0,0 +1,33 @@
+package io.smallrye.config;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertThrows;
+
+import java.util.NoSuchElementException;
+
+import org.eclipse.microprofile.config.Config;
+import org.junit.Test;
+
+public class LoggingConfigSourceInterceptorTest {
+    @Test
+    public void interceptor() throws Exception {
+        SmallRyeConfig config = (SmallRyeConfig) buildConfig();
+
+        assertEquals("abc", config.getValue("my.prop", String.class));
+        assertThrows(SecurityException.class, () -> config.getValue("secret", String.class));
+        assertThrows(NoSuchElementException.class, () -> config.getValue("not.found", String.class));
+
+        // This would log the secret:
+        config.getSecretKeys().accessSecret(() -> config.getRawValue("secret"));
+    }
+
+    private static Config buildConfig() throws Exception {
+        return new SmallRyeConfigBuilder()
+                .addDefaultSources()
+                .withSources(new ConfigValuePropertiesConfigSource(
+                        LoggingConfigSourceInterceptorTest.class.getResource("/config-values.properties")))
+                .withInterceptors(new LoggingConfigSourceInterceptor())
+                .withSecretKeys("secret")
+                .build();
+    }
+}
diff --git a/implementation/src/test/java/io/smallrye/config/inject/ConfigInjectionTest.java b/implementation/src/test/java/io/smallrye/config/inject/ConfigInjectionTest.java
@@ -50,6 +50,7 @@ public void afterClass() {
     @Test
     public void inject() {
         assertEquals("value", configBean.getConfig());
+        assertEquals("value", configBean.getExpansion());
         assertEquals("12345678", configBean.getSecret());
     }
 
@@ -59,14 +60,21 @@ public static class ConfigBean {
         @ConfigProperty(name = "config")
         private String config;
         @Inject
+        @ConfigProperty(name = "expansion")
+        private String expansion;
+        @Inject
         @ConfigProperty(name = "secret")
         private String secret;
 
-        public String getConfig() {
+        String getConfig() {
             return config;
         }
 
-        public String getSecret() {
+        String getExpansion() {
+            return expansion;
+        }
+
+        String getSecret() {
             return secret;
         }
     }

diff --git a/implementation/src/test/java/io/smallrye/config/inject/ConfigInjectionTestConfigFactory.java b/implementation/src/test/java/io/smallrye/config/inject/ConfigInjectionTestConfigFactory.java
@@ -12,7 +12,7 @@ public SmallRyeConfig getConfigFor(
         return configProviderResolver.getBuilder().forClassLoader(classLoader)
                 .addDefaultSources()
                 .addDefaultInterceptors()
-                .withSources(KeyValuesConfigSource.config("config", "value", "secret", "12345678"))
+                .withSources(KeyValuesConfigSource.config("config", "value", "expansion", "${config}", "secret", "12345678"))
                 .withSecretKeys("secret")
                 .build();
     }

diff --git a/implementation/src/test/resources/config-values.properties b/implementation/src/test/resources/config-values.properties
@@ -7,7 +7,7 @@ my.prop=abc
 
 
 
-
+secret=secret