MigrateEncryptedData.java example

Explorer
ORCID-Source-master
/**
 * =============================================================================
 *
 * ORCID (R) Open Source
 * http://orcid.org
 *
 * Copyright (c) 2012-2014 ORCID, Inc.
 * Licensed under an MIT-Style License (MIT)
 * http://orcid.org/open-source-license
 *
 * This copyright and license information (including a link to the full license)
 * shall be included in its entirety in all copies or substantial portion of
 * the software.
 *
 * =============================================================================
 */
package org.orcid.core.cli;

import java.util.Collections;
import java.util.Date;
import java.util.List;

import org.orcid.core.manager.EncryptionManager;
import org.orcid.persistence.dao.ClientDetailsDao;
import org.orcid.persistence.dao.ProfileDao;
import org.orcid.persistence.jpa.entities.ClientDetailsEntity;
import org.orcid.persistence.jpa.entities.ProfileEntity;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.transaction.TransactionStatus;
import org.springframework.transaction.support.TransactionCallbackWithoutResult;
import org.springframework.transaction.support.TransactionTemplate;

/**
 * 
 * @author Will Simpson
 * 
 */
public class MigrateEncryptedData {

    private ProfileDao profileDao;
    private EncryptionManager encryptionManager;
    private ClientDetailsDao clientDetailsDao;
    private TransactionTemplate transactionTemplate;
    private static Logger LOG = LoggerFactory.getLogger(MigrateEncryptedData.class);
    private static final int CHUNK_SIZE = 1000;

    public static void main(String... args) {
        new MigrateEncryptedData().migrate();
    }

    private void migrate() {
        init();
        migrateProfiles();
        migrateClientDetails();
    }

    private void migrateProfiles() {
        Date start = new Date();
        @SuppressWarnings("unchecked")
        List<ProfileEntity> profiles = Collections.EMPTY_LIST;
        do {
            profiles = profileDao.findLastModifiedBefore(start, CHUNK_SIZE);
            for (ProfileEntity profileEntity : profiles) {
                LOG.info("Migrating encrypted data for profile: {}", profileEntity.getId());
                fixSecurityAnswer(profileEntity);
                fixVerificationCode(profileEntity);
                profileEntity.setLastModified(new Date());
                profileDao.merge(profileEntity);
            }
        } while (!profiles.isEmpty());
    }

    private void fixVerificationCode(ProfileEntity profileEntity) {
        String encryptedVerificationCode = profileEntity.getEncryptedVerificationCode();
        if (encryptedVerificationCode != null) {
            String decryptedVerificationCode = encryptionManager.legacyDecryptForInternalUse(encryptedVerificationCode);
            String reEncryptedVerificationCode = encryptionManager.encryptForInternalUse(decryptedVerificationCode);
            profileEntity.setEncryptedVerificationCode(reEncryptedVerificationCode);
        }
    }

    private void fixSecurityAnswer(ProfileEntity profileEntity) {
        String encryptedSecurityAnswer = profileEntity.getEncryptedSecurityAnswer();
        if (encryptedSecurityAnswer != null) {
            String decryptedSecurityAnswer = encryptionManager.legacyDecryptForInternalUse(encryptedSecurityAnswer);
            String reEncryptedSecurityAnswer = encryptionManager.encryptForInternalUse(decryptedSecurityAnswer);
            profileEntity.setEncryptedSecurityAnswer(reEncryptedSecurityAnswer);
        }
    }

    private void migrateClientDetails() {
        Date start = new Date();
        @SuppressWarnings("unchecked")
        List<ClientDetailsEntity> clientDetailsEntities = Collections.EMPTY_LIST;
        do {
            clientDetailsEntities = clientDetailsDao.findLastModifiedBefore(start, CHUNK_SIZE);
            for (final ClientDetailsEntity clientDetails : clientDetailsEntities) {
                LOG.info("Migrating secret for client: {}", clientDetails.getClientId());
                transactionTemplate.execute(new TransactionCallbackWithoutResult() {
                    @Override
                    protected void doInTransactionWithoutResult(TransactionStatus status) {
                        ClientDetailsEntity retrievedClientDetails = clientDetailsDao.find(clientDetails.getClientId());
                        String unencryptedClientSecret = retrievedClientDetails.getClientSecret();
                        String encryptedClientSecret = encryptionManager.encryptForInternalUse(unencryptedClientSecret);
                        retrievedClientDetails.setClientSecretForJpa(encryptedClientSecret);
                        retrievedClientDetails.setLastModified(new Date());
                        clientDetailsDao.merge(retrievedClientDetails);
                    }
                });

            }
        } while (!clientDetailsEntities.isEmpty());
    }

    @SuppressWarnings("resource")
    private ProfileDao init() {
        ApplicationContext context = new ClassPathXmlApplicationContext("orcid-core-context.xml");
        profileDao = (ProfileDao) context.getBean("profileDao");
        encryptionManager = (EncryptionManager) context.getBean("encryptionManager");
        clientDetailsDao = (ClientDetailsDao) context.getBean("clientDetailsDao");
        transactionTemplate = (TransactionTemplate) context.getBean("transactionTemplate");
        return profileDao;
    }

}