Encrypt for Database password

[amoszhou]

Encrypt for Database password below Datasource property

For English only, other languages will not accept.

Please pay attention on issues you submitted, because we maybe need more details. If no response more than 7 days and we cannot make decision by current information, we will close it.

Please answer these questions before submitting your issue. Thanks!

Is your feature request related to a problem?

yes

Describe the feature you would like.

Almostly, We have to encrypt the dabase password In the online system, I think All of us ,need it .
But there is no space for it . And the io.shardingsphere.jdbc.spring.boot.SpringBootConfiguration has no piece for custom. of course , I can implment it use reflection, but it is not graceful~

Now I should do like below :

`

@Component @EnableConfigurationProperties({SpringBootShardingRuleConfigurationProperties.class, SpringBootMasterSlaveRuleConfigurationProperties.class}) public class PasswordDecryptor implements BeanPostProcessor, EnvironmentAware {

private final Map<String, DataSource> dataSourceMap = new LinkedHashMap<>();

@Override
public Object postProcessBeforeInitialization(Object o, String s) throws BeansException {
    return o;
}

@Override
public Object postProcessAfterInitialization(Object o, String s) throws BeansException {
    if (o instanceof io.shardingsphere.jdbc.spring.boot.SpringBootConfiguration) {
        SpringBootConfiguration datasourceConfig = (SpringBootConfiguration) o;
        try {
            Field dataSourceMapFiled = ClassUtils.getUserClass(datasourceConfig.getClass()).getDeclaredField("dataSourceMap");
            dataSourceMapFiled.setAccessible(true);
            dataSourceMapFiled.set(o, dataSourceMap);
        } catch (NoSuchFieldException e) {
            e.printStackTrace();
        } catch (IllegalAccessException e) {
            e.printStackTrace();
        }
    }
    return o;
}

private void overrideDatasource(final Environment environment) {
    String prefix = "sharding.jdbc.datasource.";
    String dataSources = environment.getProperty(prefix + "names");
    for (String each : dataSources.split(",")) {
        try {
            Map<String, Object> dataSourceProps = mapCopy(PropertyUtil.handle(environment, prefix + each, Map.class));
            Preconditions.checkState(!dataSourceProps.isEmpty(), "Wrong datasource properties!");

            String desPassword = doDecrypt(dataSourceProps.get("password").toString());
            //对数据库连接串进行解密
            dataSourceProps.put("password", desPassword);
            DataSource dataSource = DataSourceUtil.getDataSource(dataSourceProps.get("type").toString(), dataSourceProps);
            dataSourceMap.put(each, dataSource);
        } catch (final ReflectiveOperationException ex) {
            throw new ShardingException("Can't find datasource type!", ex);
        }
    }
}

private Map<String, Object> mapCopy(Map<String, Object> source) {
    Map<String, Object> dest = new HashMap<>(source.size());
    Iterator it = source.entrySet().iterator();
    while (it.hasNext()) {
        Map.Entry<String,Object> entry = (Map.Entry) it.next();
        String key = entry.getKey();
        if (key != null && source.get(key) != null) {
            dest.put(key, source.get(key));
        }
    }
    return dest;
}

protected String doDecrypt(String source) {
    return EncryptUtils.aesDecrypt(source);
}

@Override
public void setEnvironment(Environment environment) {
    overrideDatasource(environment);
}

`

[yanickxia]

try jasypt with spring, maybe it's use placeholder to store password.

jasypt-spring-boot-samples-yaml

[amoszhou]

try jasypt with spring, maybe it's use placeholder to store password.

jasypt-spring-boot-samples-yaml

OK~ I will have a try ~

[terrymanu]

This feature is not ShardingSphere's scope, I just close it.