001    /**
002     * Licensed to the Apache Software Foundation (ASF) under one or more
003     * contributor license agreements.  See the NOTICE file distributed with
004     * this work for additional information regarding copyright ownership.
005     * The ASF licenses this file to You under the Apache License, Version 2.0
006     * (the "License"); you may not use this file except in compliance with
007     * the License.  You may obtain a copy of the License at
008     *
009     *      http://www.apache.org/licenses/LICENSE-2.0
010     *
011     * Unless required by applicable law or agreed to in writing, software
012     * distributed under the License is distributed on an "AS IS" BASIS,
013     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     * See the License for the specific language governing permissions and
015     * limitations under the License.
016     */
017    package org.apache.camel.component.jasypt;
018    
019    import org.apache.camel.component.properties.DefaultPropertiesParser;
020    import org.apache.camel.util.ObjectHelper;
021    import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
022    
023    /**
024     * A {@link org.apache.camel.component.properties.PropertiesParser} which is using
025     * <a href="http://www.jasypt.org/">Jasypt</a> to decrypt any encrypted values.
026     * <p/>
027     * The values must be enclosed in the prefix and suffix token.
028     *
029     * @version $Revision$
030     */
031    public class JasyptPropertiesParser extends DefaultPropertiesParser {
032    
033        public static final String JASYPT_PREFIX_TOKEN = "ENC(";
034        public static final String JASYPT_SUFFIX_TOKEN = ")";
035    
036        // TODO: A JasyptComponent we can leverage instead of directly from here
037        private StandardPBEStringEncryptor encryptor;
038        private String password;
039        private String algorithm;
040    
041        public String getPassword() {
042            return password;
043        }
044    
045        public void setPassword(String password) {
046            // lookup password as either environment or JVM system property
047            if (password.startsWith("sysenv:")) {
048                password = System.getenv(ObjectHelper.after(password, "sysenv:"));
049            }
050            if (password.startsWith("sys:")) {
051                password = System.getProperty(ObjectHelper.after(password, "sys:"));
052            }
053            this.password = password;
054        }
055    
056        public String getAlgorithm() {
057            return algorithm;
058        }
059    
060        public void setAlgorithm(String algorithm) {
061            this.algorithm = algorithm;
062        }
063    
064        public synchronized StandardPBEStringEncryptor getEncryptor() {
065            if (encryptor == null) {
066                // password is mandatory
067                ObjectHelper.notEmpty("password", getPassword());
068    
069                encryptor = new StandardPBEStringEncryptor();
070                encryptor.setPassword(getPassword());
071                if (algorithm != null) {
072                    encryptor.setAlgorithm(getAlgorithm());
073                }
074            }
075            return encryptor;
076        }
077    
078        @Override
079        public String parsePropertyValue(String value) {
080            // check if the value is using the tokens
081            String text = ObjectHelper.between(value, JASYPT_PREFIX_TOKEN, JASYPT_SUFFIX_TOKEN);
082            if (text == null) {
083                // not encrypted
084                return value;
085            } else {
086                // do not log the decrypted text as it could be sensitive information such as a password
087                return getEncryptor().decrypt(text);
088            }
089        }
090    
091    }