Test

awspring · Oct 10, 2024 · 399cc3c · 399cc3c
1 parent 6265023
commit 399cc3c
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 34 deletions.
diff --git a/...s-autoconfigure/src/main/java/io/awspring/cloud/autoconfigure/s3/S3AutoConfiguration.java b/...s-autoconfigure/src/main/java/io/awspring/cloud/autoconfigure/s3/S3AutoConfiguration.java
@@ -52,6 +52,8 @@
 import software.amazon.awssdk.services.s3.S3ClientBuilder;
 import software.amazon.awssdk.services.s3.presigner.S3Presigner;
 import software.amazon.encryption.s3.S3EncryptionClient;
+import software.amazon.encryption.s3.materials.AesKeyring;
+import software.amazon.encryption.s3.materials.DefaultCryptoMaterialsManager;
 
 /**
  * {@link EnableAutoConfiguration} for {@link S3Client} and {@link S3ProtocolResolver}.
@@ -105,15 +107,19 @@ S3EncryptionClient.Builder s3EncrpytionClientBuilder(AwsClientBuilderConfigurer
 									ObjectProvider<AwsClientCustomizer<S3EncryptionClient.Builder>> configurer,
 									ObjectProvider<AwsConnectionDetails> connectionDetails,
 									ObjectProvider<S3EncryptionClientCustomizer> s3ClientCustomizers,
-									ObjectProvider<AwsSyncClientCustomizer> awsSyncClientCustomizers) {
+									ObjectProvider<AwsSyncClientCustomizer> awsSyncClientCustomizers,
+								ObjectProvider<S3RsaProvider> rsaProvider, ObjectProvider<S3AesProvider> aesProvider) {
 		S3EncryptionClient.Builder builder = awsClientBuilderConfigurer.configureSyncClient(S3EncryptionClient.builder(), this.properties,
 			connectionDetails.getIfAvailable(), configurer. getIfAvailable(), s3ClientCustomizers.orderedStream(),
 			awsSyncClientCustomizers.orderedStream());
+
 		Optional.ofNullable(this.properties.getCrossRegionEnabled()).ifPresent(builder::crossRegionAccessEnabled);
 		builder.serviceConfiguration(this.properties.toS3Configuration());
+
+		configureEncryptionProperties(rsaProvider, aesProvider, builder);
 		return builder;
 	}
-	
+
 	@Bean
 	@ConditionalOnMissingBean(S3Operations.class)
 	@ConditionalOnBean(S3ObjectConverter.class)
@@ -152,29 +158,8 @@ S3Client s3Client(S3Properties properties, S3ClientBuilder s3ClientBuilder) {
 	@Bean
 	@ConditionalOnMissingBean
 	@ConditionalOnClass(name = {"software.amazon.encryption.s3.S3EncryptionClient"})
-	S3Client s3EncryptionClient(S3Properties properties,S3EncryptionClient.Builder s3EncryptionBuilder, S3ClientBuilder s3ClientBuilder,
-			ObjectProvider<S3RsaProvider> rsaProvider, ObjectProvider<S3AesProvider> aesProvider) {
-		PropertyMapper propertyMapper = PropertyMapper.get();
-		S3EncryptionProperties encryptionProperties = properties.getEncryption();
-
+	S3Client s3EncryptionClient(S3EncryptionClient.Builder s3EncryptionBuilder, S3ClientBuilder s3ClientBuilder) {
 		s3EncryptionBuilder.wrappedClient(s3ClientBuilder.build());
-		propertyMapper.from(encryptionProperties::isEnableDelayedAuthenticationMode)
-				.to(s3EncryptionBuilder::enableDelayedAuthenticationMode);
-		propertyMapper.from(encryptionProperties::isEnableLegacyUnauthenticatedModes)
-				.to(s3EncryptionBuilder::enableLegacyUnauthenticatedModes);
-		propertyMapper.from(encryptionProperties::isEnableMultipartPutObject)
-				.to(s3EncryptionBuilder::enableMultipartPutObject);
-
-		if (!StringUtils.hasText(encryptionProperties.getKeyId())) {
-			if (aesProvider.getIfAvailable() != null) {
-				s3EncryptionBuilder.aesKey(aesProvider.getObject().generateSecretKey());
-			}
-			else {
-				s3EncryptionBuilder.rsaKeyPair(rsaProvider.getObject().generateKeyPair());
-			}
-			return s3EncryptionBuilder.build();
-		}
-		propertyMapper.from(encryptionProperties::getKeyId).to(s3EncryptionBuilder::kmsKeyId);
 		return s3EncryptionBuilder.build();
 	}
 
@@ -197,4 +182,28 @@ S3OutputStreamProvider inMemoryBufferingS3StreamProvider(S3Client s3Client,
 				contentTypeResolver.orElseGet(PropertiesS3ObjectContentTypeResolver::new));
 	}
 
+
+	private void configureEncryptionProperties(ObjectProvider<S3RsaProvider> rsaProvider, ObjectProvider<S3AesProvider> aesProvider, S3EncryptionClient.Builder builder) {
+		PropertyMapper propertyMapper = PropertyMapper.get();
+		var encryptionProperties = properties.getEncryption();
+
+		propertyMapper.from(encryptionProperties::isEnableDelayedAuthenticationMode)
+			.to(builder::enableDelayedAuthenticationMode);
+		propertyMapper.from(encryptionProperties::isEnableLegacyUnauthenticatedModes)
+			.to(builder::enableLegacyUnauthenticatedModes);
+		propertyMapper.from(encryptionProperties::isEnableMultipartPutObject)
+			.to(builder::enableMultipartPutObject);
+
+		if (!StringUtils.hasText(properties.getEncryption().getKeyId())) {
+			if (aesProvider.getIfAvailable() != null) {
+				builder.aesKey(aesProvider.getObject().generateSecretKey());
+				}
+			else {
+				builder.rsaKeyPair(rsaProvider.getObject().generateKeyPair());
+			}
+		} else {
+			propertyMapper.from(encryptionProperties::getKeyId).to(builder::kmsKeyId);
+		}
+	}
+
 }
diff --git a/...oconfigure/src/test/java/io/awspring/cloud/autoconfigure/s3/S3AutoConfigurationTests.java b/...oconfigure/src/test/java/io/awspring/cloud/autoconfigure/s3/S3AutoConfigurationTests.java
@@ -36,8 +36,11 @@
 import io.awspring.cloud.s3.S3Template;
 import java.io.IOException;
 import java.net.URI;
+import java.security.KeyPair;
 import java.time.Duration;
 import java.util.Objects;
+
+import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
 import org.springframework.boot.autoconfigure.AutoConfigurations;
@@ -137,7 +140,7 @@ void autoconfigurationIsNotTriggeredWhenS3ModuleIsNotOnClasspath() {
 	class S3ClientTests {
 		@Test
 		void s3ClientCanBeOverwritten() {
-			contextRunnerEncryption.withUserConfiguration(CustomS3ClientConfiguration.class).run(context -> {
+			contextRunnerEncryption.withPropertyValues("spring.cloud.aws.s3.encryption.keyId:234abcd-12ab-34cd-56ef-1234567890ab").withUserConfiguration(CustomS3ClientConfiguration.class).run(context -> {
 				assertThat(context).hasSingleBean(S3Client.class);
 			});
 		}
@@ -150,15 +153,6 @@ void createsStandardClientWhenCrossRegionAndEncryptionModuleIsNotInClasspath() {
 			});
 		}
 
-		@Test
-		void createsEncryptionClientWhenCrossRegionModuleIsNotInClasspath() {
-			contextRunnerEncryption
-					.withPropertyValues("spring.cloud.aws.s3.encryption.keyId:234abcd-12ab-34cd-56ef-1234567890ab")
-					.run(context -> {
-						assertThat(context).hasSingleBean(S3EncryptionClient.class);
-					});
-		}
-
 		@Test
 		void createsEncryptionClientBackedByRsa() {
 			contextRunnerEncryption.withPropertyValues().withUserConfiguration(CustomRsaProvider.class).run(context -> {