Fix for environment variables not decrypting in Spring 3.5

jasypt-spring-boot-starter/pom.xml

@@ -50,7 +50,7 @@
         <dependency>
             <groupId>uk.org.webcompere</groupId>
             <artifactId>system-stubs-jupiter</artifactId>
-            <version>2.0.1</version>
+            <version>2.1.8</version>
             <scope>test</scope>
         </dependency>
         <dependency>

jasypt-spring-boot/src/main/java/com/ulisesbocchio/jasyptspringboot/wrapper/EncryptableSystemEnvironmentPropertySourceWrapper.java

@@ -1,5 +1,10 @@
 package com.ulisesbocchio.jasyptspringboot.wrapper;
 
+import java.util.AbstractMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
 import com.ulisesbocchio.jasyptspringboot.EncryptablePropertyFilter;
 import com.ulisesbocchio.jasyptspringboot.EncryptablePropertyResolver;
 import com.ulisesbocchio.jasyptspringboot.EncryptablePropertySource;
@@ -9,8 +14,6 @@
 import org.springframework.core.env.PropertySource;
 import org.springframework.core.env.SystemEnvironmentPropertySource;
 
-import java.util.Map;
-
 /**
  * <p>EncryptableSystemEnvironmentPropertySourceWrapper class.</p>
  *
@@ -19,6 +22,51 @@
  */
 public class EncryptableSystemEnvironmentPropertySourceWrapper extends SystemEnvironmentPropertySource implements EncryptablePropertySource<Map<String, Object>> {
 
+
+    /**
+     * A map that will wrap the System environment variables map and decrypt them.
+     */
+    private static class DecryptingMap extends AbstractMap<String, Object> {
+
+        final CachingDelegateEncryptablePropertySource<Map<String, Object>> encryptableDelegate;
+
+
+        DecryptingMap(SystemEnvironmentPropertySource delegate, EncryptablePropertyResolver resolver, EncryptablePropertyFilter filter) {
+            encryptableDelegate = new CachingDelegateEncryptablePropertySource<>(delegate, resolver, filter);
+        }
+
+        @Override
+        public int size() {
+            return encryptableDelegate.getSource().size();
+        }
+
+        @Override
+        public boolean isEmpty() {
+            return encryptableDelegate.getSource().isEmpty();
+        }
+
+        @Override
+        public Set<String> keySet() {
+            return encryptableDelegate.getSource().keySet();
+        }
+
+        @Override
+        public boolean containsKey(Object key) {
+            return encryptableDelegate.getSource().containsKey(key);
+        }
+
+        @Override
+        public Set<Entry<String, Object>> entrySet() {
+            HashSet<Entry<String, Object>> entries = new HashSet<>();
+            Set<String> keys = encryptableDelegate.getSource().keySet();
+            for (String key : keys) {
+                entries.add(new AbstractMap.SimpleEntry<>(key, encryptableDelegate.getProperty(key)));
+            }
+            return entries;
+        }
+
+    }
+
     private final CachingDelegateEncryptablePropertySource<Map<String, Object>> encryptableDelegate;
 
     /**
@@ -29,8 +77,8 @@ public class EncryptableSystemEnvironmentPropertySourceWrapper extends SystemEnv
      * @param filter a {@link com.ulisesbocchio.jasyptspringboot.EncryptablePropertyFilter} object
      */
     public EncryptableSystemEnvironmentPropertySourceWrapper(SystemEnvironmentPropertySource delegate, EncryptablePropertyResolver resolver, EncryptablePropertyFilter filter) {
-        super(delegate.getName(), delegate.getSource());
-        encryptableDelegate = new CachingDelegateEncryptablePropertySource<>(delegate, resolver, filter);
+        super(delegate.getName(), new DecryptingMap(delegate, resolver, filter));
+        encryptableDelegate = ((DecryptingMap) getSource()).encryptableDelegate;
     }
 
     /** {@inheritDoc} */

jasypt-spring-boot/src/test/java/com/ulisesbocchio/jasyptspringboot/wrapper/EncryptableSystemEnvironmentPropertySourceWrapperTest.java

@@ -0,0 +1,55 @@
+package com.ulisesbocchio.jasyptspringboot.wrapper;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+import java.util.HashMap;
+import java.util.List;
+
+import javax.crypto.spec.SecretKeySpec;
+
+import com.ulisesbocchio.jasyptspringboot.EncryptablePropertyFilter;
+import com.ulisesbocchio.jasyptspringboot.EncryptablePropertyResolver;
+import com.ulisesbocchio.jasyptspringboot.encryptor.SimpleGCMConfig;
+import com.ulisesbocchio.jasyptspringboot.encryptor.SimpleGCMStringEncryptor;
+import com.ulisesbocchio.jasyptspringboot.filter.DefaultLazyPropertyFilter;
+import com.ulisesbocchio.jasyptspringboot.filter.DefaultPropertyFilter;
+import com.ulisesbocchio.jasyptspringboot.resolver.DefaultPropertyResolver;
+import org.jasypt.encryption.StringEncryptor;
+import org.junit.jupiter.api.Test;
+import org.springframework.boot.context.properties.source.ConfigurationProperty;
+import org.springframework.boot.context.properties.source.ConfigurationPropertyName;
+import org.springframework.boot.context.properties.source.ConfigurationPropertySource;
+import org.springframework.core.env.StandardEnvironment;
+import org.springframework.core.env.SystemEnvironmentPropertySource;
+import org.springframework.mock.env.MockEnvironment;
+
+class EncryptableSystemEnvironmentPropertySourceWrapperTest {
+
+  @Test
+  void environmentVariablesAreDecrypted() {
+    SimpleGCMConfig simpleGCMConfig = new SimpleGCMConfig();
+    simpleGCMConfig.setActualKey(new SecretKeySpec(new byte[] { 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31 },"AES"));
+    StringEncryptor stringEncryptor = new SimpleGCMStringEncryptor(simpleGCMConfig);
+
+    MockEnvironment environment = new MockEnvironment();
+
+    HashMap<String,Object> map = new HashMap<>();
+    map.put("TEST_KEY_PLAIN", "PLAIN_VALUE");
+    map.put("TEST_KEY_ENCRYPTED", "ENC(" + stringEncryptor.encrypt("ENCRYPTED_VALUE") + ")");
+
+    SystemEnvironmentPropertySource delegate = new SystemEnvironmentPropertySource(StandardEnvironment.SYSTEM_ENVIRONMENT_PROPERTY_SOURCE_NAME, map);
+    EncryptablePropertyResolver resolver = new DefaultPropertyResolver(stringEncryptor,environment);
+    EncryptablePropertyFilter filter = new DefaultLazyPropertyFilter(environment);
+
+    EncryptableSystemEnvironmentPropertySourceWrapper wrapper = new EncryptableSystemEnvironmentPropertySourceWrapper(delegate, resolver, filter);
+
+    ConfigurationPropertySource configurationPropertySource = ConfigurationPropertySource.from(wrapper);
+
+    ConfigurationProperty value = configurationPropertySource.getConfigurationProperty(ConfigurationPropertyName.of("test.key.plain"));
+    assertEquals("PLAIN_VALUE", value.getValue());
+
+    value = configurationPropertySource.getConfigurationProperty(ConfigurationPropertyName.of("test.key.encrypted"));
+    assertEquals("ENCRYPTED_VALUE", value.getValue());
+  }
+
+}

pom.xml

@@ -13,7 +13,7 @@
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <java.version>1.8</java.version>
-        <spring.boot.version>2.7.6</spring.boot.version>
+        <spring.boot.version>3.5.8</spring.boot.version>
         <spring.cloud.version>2021.0.5</spring.cloud.version>
         <jasypt.version>1.9.3</jasypt.version>
         <maven.compiler.version>3.10.1</maven.compiler.version>