implemented EncryptedClientService

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>

de.srsoftware.oidc.datastore.encrypted/src/main/java/de/srsoftware/oidc/datastore/encrypted/EncryptedClientService.java

@@ -0,0 +1,64 @@
+/* © SRSoftware 2024 */
+package de.srsoftware.oidc.datastore.encrypted;
+
+import static java.util.Optional.empty;
+
+import de.srsoftware.oidc.api.ClientService;
+import de.srsoftware.oidc.api.data.Client;
+import java.util.List;
+import java.util.Optional;
+import java.util.stream.Collectors;
+
+public class EncryptedClientService extends EncryptedConfig implements ClientService {
+	private final ClientService backend;
+
+	public EncryptedClientService(String key, String salt, ClientService backend) {
+		super(key, salt);
+		this.backend = backend;
+	}
+
+	public Client decrypt(Client client) {
+		var decryptedUrls = client.redirectUris().stream().map(this::decrypt).collect(Collectors.toSet());
+		return new Client(decrypt(client.id()), decrypt(client.name()), decrypt(client.secret()), decryptedUrls).landingPage(decrypt(client.landingPage()));
+	}
+
+	public Client encrypt(Client client) {
+		var encryptedUrls = client.redirectUris().stream().map(this::encrypt).collect(Collectors.toSet());
+		return new Client(encrypt(client.id()), encrypt(client.name()), encrypt(client.secret()), encryptedUrls).landingPage(encrypt(client.landingPage()));
+	}
+
+	@Override
+	public Optional<Client> getClient(String clientId) {
+		if (clientId == null || clientId.isBlank()) return empty();
+		for (var encrypted : backend.listClients()) {
+			var decrypted = decrypt(encrypted);
+			if (decrypted.id().equals(clientId)) return Optional.of(decrypted);
+		}
+		return empty();
+	}
+
+	@Override
+	public List<Client> listClients() {
+		return backend.listClients().stream().map(this::decrypt).toList();
+	}
+
+	@Override
+	public ClientService remove(String clientId) {
+		if (clientId == null || clientId.isBlank()) return this;
+		for (var encrypted : backend.listClients()) {
+			var decrypted = decrypt(encrypted);
+			if (decrypted.id().equals(clientId)) {
+				backend.remove(encrypted.id());
+				break;
+			}
+		}
+		return this;
+	}
+
+	@Override
+	public ClientService save(Client client) {
+		remove(client.id());
+		backend.save(encrypt(client));
+		return this;
+	}
+}

de.srsoftware.oidc.datastore.encrypted/src/test/java/EncryptedClientServiceTest.java

@@ -0,0 +1,55 @@
+/* © SRSoftware 2024 */
+import static de.srsoftware.utils.Optionals.nullable;
+import static de.srsoftware.utils.Strings.uuid;
+
+import de.srsoftware.oidc.api.ClientService;
+import de.srsoftware.oidc.api.ClientServiceTest;
+import de.srsoftware.oidc.api.data.Client;
+import de.srsoftware.oidc.datastore.encrypted.EncryptedClientService;
+import java.sql.SQLException;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Optional;
+import org.junit.jupiter.api.BeforeEach;
+
+public class EncryptedClientServiceTest extends ClientServiceTest {
+	private static class InMemoryClientService implements ClientService {
+		private HashMap<String, Client> clients = new HashMap<>();
+
+		@Override
+		public Optional<Client> getClient(String clientId) {
+			return nullable(clients.get(clientId));
+		}
+
+		@Override
+		public List<Client> listClients() {
+			return List.copyOf(clients.values());
+		}
+
+		@Override
+		public ClientService remove(String clientId) {
+			clients.remove(clientId);
+			return this;
+		}
+
+		@Override
+		public ClientService save(Client client) {
+			clients.put(client.id(), client);
+			return this;
+		}
+	}
+	private ClientService clientService;
+
+	@Override
+	protected ClientService clientService() {
+		return clientService;
+	}
+
+	@BeforeEach
+	public void setup() throws SQLException {
+		var secret    = uuid();
+		var salt      = uuid();
+		var backend   = new InMemoryClientService();
+		clientService = new EncryptedClientService(secret, salt, backend);
+	}
+}