Encrypting passwords for adyen-plugin

[brey...@squaretrade.com]

We are uploading configuration properties to the adyen-plugin via /1.0/kb/tenants/uploadPluginConfig/killbill-adyen and one of those properties is a password that we would like encoded.

For properties loaded from file via guice, we extended the KillbillGuiceListener class to decrypt any property w/ 'ENC(' as a prefix.

Is there a way that we can do a similar thing for plugin properties loaded on a per tenant basis, especially for the adyen-plugin?

Thanks.

[Pierre-Alexandre Meyer]

On Wed, Jan 31, 2018 at 11:25 AM, <brey...@squaretrade.com> wrote:

We are uploading configuration properties to the adyen-plugin via /1.0/kb/tenants/uploadPluginConfig/killbill-adyen and one of those properties is a password that we would like encoded.

For properties loaded from file via guice, we extended the KillbillGuiceListener class to decrypt any property w/ 'ENC(' as a prefix.

Indeed, I remember this. You talked about open-sourcing this piece (see https://github.com/killbill/killbill/issues/777), as having it in the core would be easier for maintenance. Is that still the plan?

Is there a way that we can do a similar thing for plugin properties loaded on a per tenant basis, especially for the adyen-plugin?

The code is here:

https://github.com/killbill/killbill-adyen-plugin/blob/5c8b1c09ed010af28b5e026c6b6e77f1d9fa2ab8/src/main/java/org/killbill/billing/plugin/adyen/core/AdyenConfigPropertiesConfigurationHandler.java#L41

You could probably fork the plugin as well and update the code as needed. Similarly though, it would be much easier to have it in the core:

https://github.com/killbill/killbill-plugin-framework-java/blob/5787de66d9d13ac79d1727b2cfc97944e58fdb09/src/main/java/org/killbill/billing/plugin/api/notification/PluginTenantConfigurableConfigurationHandler.java#L48-L58

 

--

Pierre