(improvement)(headless) Opt encrypt database password, avoid repeated decryption.(#1326) (#1562)

Co-authored-by: lxwcodemonkey

common/src/main/java/com/tencent/supersonic/common/util/AESEncryptionUtil.java

@@ -90,12 +90,16 @@ public class AESEncryptionUtil {
         return Base64.getEncoder().encodeToString(combined);
     }
 
-    public static String aesEncryptECB(String content) throws Exception {
-        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
-        SecretKeySpec secretKeySpec = new SecretKeySpec(hexStringToByteArray(KEY), "AES");
-        cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
-        byte[] encryptEncode = cipher.doFinal(content.getBytes(ENCODE));
-        return getStringFromBytes(encryptEncode);
+    public static String aesEncryptECB(String content) {
+        try {
+            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
+            SecretKeySpec secretKeySpec = new SecretKeySpec(hexStringToByteArray(KEY), "AES");
+            cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
+            byte[] encryptEncode = cipher.doFinal(content.getBytes(ENCODE));
+            return getStringFromBytes(encryptEncode);
+        } catch (Exception e) {
+            return content;
+        }
     }
 
     public static String aesDecryptECB(String encryptStr) {

headless/core/src/main/java/com/tencent/supersonic/headless/core/pojo/Database.java

@@ -46,7 +46,7 @@ public class Database extends RecordInfo {
     private List<String> viewers = Lists.newArrayList();
 
     public String passwordDecrypt() {
-        return AESEncryptionUtil.aesDecryptCBC(password);
+        return AESEncryptionUtil.aesDecryptECB(password);
     }
 
 }

headless/core/src/main/java/com/tencent/supersonic/headless/core/utils/SqlUtils.java

@@ -65,14 +65,13 @@ public class SqlUtils {
     }
 
     public SqlUtils init(Database database) {
-        //todo Password decryption
         return SqlUtilsBuilder
                 .getBuilder()
                 .withName(database.getId() + AT_SYMBOL + database.getName())
                 .withType(database.getType())
                 .withJdbcUrl(database.getUrl())
                 .withUsername(database.getUsername())
-                .withPassword(database.passwordDecrypt())
+                .withPassword(database.getPassword())
                 .withJdbcDataSource(this.jdbcDataSource)
                 .withResultLimit(this.resultLimit)
                 .withIsQueryLogEnable(this.isQueryLogEnable)

headless/server/src/main/java/com/tencent/supersonic/headless/server/service/impl/DatabaseServiceImpl.java

@@ -25,9 +25,6 @@ import com.tencent.supersonic.headless.server.service.DatabaseService;
 import com.tencent.supersonic.headless.server.service.ModelService;
 import com.tencent.supersonic.headless.server.utils.DatabaseConverter;
 import lombok.extern.slf4j.Slf4j;
-import net.sf.jsqlparser.parser.CCJSqlParserUtil;
-import net.sf.jsqlparser.statement.Statement;
-import net.sf.jsqlparser.util.TablesNamesFinder;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Service;
@@ -200,26 +197,6 @@ public class DatabaseServiceImpl extends ServiceImpl<DatabaseDOMapper, DatabaseD
         return dbColumns;
     }
 
-    public static void main(String[] args) {
-        try {
-            String sql = "SELECT * FROM mydatabase.mytable JOIN otherdatabase.othertable ON mytable.id = othertable.id";
-
-            // 解析SQL语句
-            Statement statement = CCJSqlParserUtil.parse(sql);
-
-            // 提取库表名
-            TablesNamesFinder tablesNamesFinder = new TablesNamesFinder();
-            List<String> tableNames = tablesNamesFinder.getTableList(statement);
-
-            // 打印库表名
-            for (String tableName : tableNames) {
-                System.out.println("Table Name: " + tableName);
-            }
-        } catch (Exception e) {
-            e.printStackTrace();
-        }
-    }
-
     private void checkPermission(DatabaseResp databaseResp, User user) {
         List<String> admins = databaseResp.getAdmins();
         List<String> viewers = databaseResp.getViewers();

headless/server/src/main/java/com/tencent/supersonic/headless/server/utils/DatabaseConverter.java

@@ -67,11 +67,12 @@ public class DatabaseConverter {
     }
 
     public static ConnectInfo getConnectInfo(DatabaseResp databaseResp) {
+        Database database = convert(databaseResp);
         ConnectInfo connectInfo = new ConnectInfo();
-        connectInfo.setUserName(databaseResp.getUsername());
-        connectInfo.setPassword(databaseResp.getPassword());
-        connectInfo.setUrl(databaseResp.getUrl());
-        connectInfo.setDatabase(databaseResp.getDatabase());
+        connectInfo.setUserName(database.getUsername());
+        connectInfo.setPassword(database.passwordDecrypt());
+        connectInfo.setUrl(database.getUrl());
+        connectInfo.setDatabase(database.getDatabase());
         return connectInfo;
     }
 

launchers/standalone/src/main/java/com/tencent/supersonic/demo/S2BaseDemo.java

@@ -8,6 +8,7 @@ import com.tencent.supersonic.chat.server.service.ChatManageService;
 import com.tencent.supersonic.chat.server.service.ChatQueryService;
 import com.tencent.supersonic.chat.server.service.PluginService;
 import com.tencent.supersonic.common.service.SystemConfigService;
+import com.tencent.supersonic.common.util.AESEncryptionUtil;
 import com.tencent.supersonic.headless.api.pojo.DataSetModelConfig;
 import com.tencent.supersonic.headless.api.pojo.DrillDownDimension;
 import com.tencent.supersonic.headless.api.pojo.RelateDimension;
@@ -122,7 +123,7 @@ public abstract class S2BaseDemo implements CommandLineRunner {
         }
         databaseReq.setUrl(url);
         databaseReq.setUsername(dataSourceProperties.getUsername());
-        databaseReq.setPassword(dataSourceProperties.getPassword());
+        databaseReq.setPassword(AESEncryptionUtil.aesEncryptECB(dataSourceProperties.getPassword()));
         return databaseService.createOrUpdateDatabase(databaseReq, user);
     }