Spring Cloud: Get configuration from config server

Salad Lam - Jun 7 - - Dev Community

Following library is used

  • Java 17
  • Spring Framework 6.1.6
  • Spring Cloud Common 4.1.2
  • Spring Cloud Config Client 4.1.2

The minimum entries of configuration is



spring.application.name=example-application
spring.config.import=configserver:https://localhost:8888


Enter fullscreen mode Exit fullscreen mode

When the application starts, first retrieve the configuration from https://localhost:8888/example-application/default. The response content type must be application/json. Following is an example of the response.



HTTP/1.1 200
Content-Type: application/json
Transfer-Encoding: chunked
Date: Tue, 21 May 2024 10:00:00 GMT

{"name":"example-application","profiles":["default"],"label":null,"version":null,"state":null,"propertySources":[{"name":"file:/C:/work/temp/config/example-application-default.properties","source":{"a.b.c":"d"}},{"name":"file:/C:/work/temp/config/example-application.properties","source":{"a.b":"c","a.a":"b","message":"Hello world!"}}]}


Enter fullscreen mode Exit fullscreen mode

The retrieve logic is defined in org.springframework.cloud.config.client.ConfigServerConfigDataLoader#getRemoteEnvironment and the configuration class is org.springframework.cloud.config.client.ConfigClientProperties.

The basic HTTP authentication can be specified by



spring.application.name=example-application
spring.config.import=configserver:https://localhost:8888
spring.cloud.config.username=user
spring.cloud.config.password=pass


Enter fullscreen mode Exit fullscreen mode

After configuration is retrieved, two entries are inserted into the PropertySources list in ApplicationContext.

PropertySources

Decrypt encrypted secret

Property value in configuration can be encrypted. Encoded value has a prefix {cipher}.



message={cipher}0123456789abcfef0123456789abcfef


Enter fullscreen mode Exit fullscreen mode

Decryption is done in org.springframework.cloud.bootstrap.encrypt.DecryptEnvironmentPostProcessor#postProcessEnvironment.

The default algorithm is AES/CBC/PKCS5Padding. Property of encrypt.key is a string password, then a 256 bits key is generated by PBKDF2 hash function (Java implementation is com.sun.crypto.provider.PBKDF2KeyImpl).



encrypt.key=any_string_is_ok


Enter fullscreen mode Exit fullscreen mode

After decryption, a SystemEnvironmentPropertySource of name decrypted is inserted into the PropertySources list in ApplicationContext.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Terabox Video Player