Encryption in Mongodb #10575
Draft
Encryption in Mongodb #10575
+689
−116
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jhaeyaert
requested changes
Jan 30, 2025
...mongodb/src/main/java/io/gravitee/repository/mongodb/encryption/EncryptionConfiguration.java
Outdated
Show resolved
Hide resolved
...mongodb/src/main/java/io/gravitee/repository/mongodb/encryption/EncryptionConfiguration.java
Show resolved
Hide resolved
...ory-mongodb/src/main/java/io/gravitee/repository/mongodb/management/MongoUserRepository.java
Show resolved
Hide resolved
...ory-mongodb/src/main/java/io/gravitee/repository/mongodb/management/MongoUserRepository.java
Show resolved
Hide resolved
...e/repository/mongodb/management/upgrade/upgrader/index/__datakeys/DataKeysIndexUpgrader.java
Show resolved
Hide resolved
...y-mongodb/src/test/java/io/gravitee/repository/mongodb/MongoTestRepositoryConfiguration.java
Outdated
Show resolved
Hide resolved
jhaeyaert
reviewed
Jan 30, 2025
...mongodb/src/main/java/io/gravitee/repository/mongodb/encryption/EncryptionConfiguration.java
Outdated
Show resolved
Hide resolved
jhaeyaert
reviewed
Jan 30, 2025
...db/src/main/java/io/gravitee/repository/mongodb/management/internal/model/MetadataMongo.java
Show resolved
Hide resolved
phiz71
force-pushed
the
pii-encryption-in-mongodb
branch
6 times, most recently
from
abbffc5 to
8471199
Compare
phiz71
added
the
ready_to_test
phiz71
force-pushed
the
pii-encryption-in-mongodb
branch
2 times, most recently
from
4c10f07 to
35423f3
Compare
Allow to add new MongoConverters more easily
Allow to enable encryption mode in mongodb
License and Token
For Mongodb encryption to work, we need additional libraries. One of them is nearly 30Mb. As it is not yet an official support, we have decided to add them manually in the dev docker image only, instead of adding them in the mongodb repository plugin.
Encryption has been introduced in mongo repository plugin. As a consequence, the search method for users has to rely on encrypted field to be consistent. To order users by `name` (or another encrypted field), Lucene search engine has to be used (See io.gravitee.rest.api.service.impl.UserServiceImpl.search(ExecutionContext, String, Pageable))
phiz71
force-pushed
the
pii-encryption-in-mongodb
branch
from
35423f3 to
e7ca6a4
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue
N/A
Description
Enable encryption feature with mongodb and allow encryption of some sensitive data in User and Metadata
🏗️ Your changes can be tested here and will be available soon:
Console: https://pr.team-apim.gravitee.dev/10575/console
Portal: https://pr.team-apim.gravitee.dev/10575/portal
Management-api: https://pr.team-apim.gravitee.dev/10575/api/management
Gateway v4: https://pr.team-apim.gravitee.dev/10575
Gateway v3: https://pr.gateway-v3.team-apim.gravitee.dev/10575
📚 View the storybook of this branch here