SecretTransformer.java

/*
 * Copyright (C) 2015 Square, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package keywhiz.service.crypto;

import javax.inject.Inject;
import keywhiz.api.model.Secret;
import keywhiz.api.model.SecretContent;
import keywhiz.api.model.SecretSeries;
import keywhiz.api.model.SecretSeriesAndContent;

import static com.google.common.base.Preconditions.checkNotNull;

/**
 * Transforms DB content to Secret model, performing crypto when needed.
 */
public class SecretTransformer {
  private final ContentCryptographer cryptographer;

  @Inject public SecretTransformer(ContentCryptographer cryptographer) {
    this.cryptographer = cryptographer;
  }

  /**
   * Transform DB content to a Secret model.
   */
  public Secret transform(SecretSeriesAndContent seriesAndContent) {
    checkNotNull(seriesAndContent);
    SecretSeries series = seriesAndContent.series();
    SecretContent content = seriesAndContent.content();

    return new Secret(
        series.id(),
        series.name(),
        series.description(),
        () -> cryptographer.decrypt(content.encryptedContent()),
        content.hmac(),
        series.createdAt(),
        series.createdBy(),
        series.updatedAt(),
        series.updatedBy(),
        content.metadata(),
        series.type().orElse(null),
        series.generationOptions(),
        content.expiry(),
        series.currentVersion().orElse(null));
  }
}