From f00bfe4fc3249e48082e15ae887bb174f8277144 Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Tue, 24 Oct 2023 11:54:31 +0200
Subject: [PATCH] OZG-3961 decode secret content

---
 .../operator/keycloak/user/UserSecretReader.java   | 14 +++++++++++++-
 .../keycloak/user/UserSecretReaderTest.java        | 10 +++++++++-
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretReader.java b/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretReader.java
index cd4953f..f82e19b 100644
--- a/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretReader.java
+++ b/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretReader.java
@@ -24,6 +24,9 @@
 
 package de.ozgcloud.operator.keycloak.user;
 
+import java.io.IOException;
+
+import org.keycloak.common.util.Base64;
 import org.springframework.stereotype.Component;
 
 import io.fabric8.kubernetes.api.model.Secret;
@@ -32,6 +35,15 @@ import io.fabric8.kubernetes.api.model.Secret;
 class UserSecretReader {
 
 	public String getPasswortFromSecret(Secret secret) {
-		return secret.getStringData().get(UserSecretBuilder.SECRET_PASSWORD_FIELD);
+		String encodedPassword = secret.getData().get(UserSecretBuilder.SECRET_PASSWORD_FIELD);
+		return decode(encodedPassword, secret);
+	}
+
+	private String decode(String encodedPassword, Secret secret) {
+		try {
+			return new String(Base64.decode(encodedPassword));
+		} catch (IOException e) {
+			throw new RuntimeException("Could not decode content from secret (base64) for secret " + secret.getFullResourceName());
+		}
 	}
 }
diff --git a/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretReaderTest.java b/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretReaderTest.java
index 80053a5..96079af 100644
--- a/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretReaderTest.java
+++ b/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretReaderTest.java
@@ -26,6 +26,7 @@ package de.ozgcloud.operator.keycloak.user;
 
 import static org.assertj.core.api.Assertions.*;
 
+import java.util.Base64;
 import java.util.Map;
 
 import org.junit.jupiter.api.Test;
@@ -49,6 +50,13 @@ class UserSecretReaderTest {
 	}
 
 	private Secret buildSecret() {
-		return new SecretBuilder().addToStringData(Map.of(UserSecretBuilder.SECRET_PASSWORD_FIELD, SecretTestFactory.PASSWORD)).build();
+		return new SecretBuilder()
+				.addToData(Map.of(UserSecretBuilder.SECRET_PASSWORD_FIELD,
+						encodeStringBase64(SecretTestFactory.PASSWORD)))
+				.build();
+	}
+
+	private String encodeStringBase64(String string) {
+		return Base64.getEncoder().encodeToString(string.getBytes());
 	}
 }
-- 
GitLab