[JAVA-4861] ClientEncryptions.create throws NPE if the key vault client settings are not specified Created: 31/Jan/23  Updated: 28/Oct/23  Resolved: 22/Feb/23

Status: Closed
Project: Java Driver
Component/s: Client Side Encryption
Affects Version/s: None
Fix Version/s: 4.10.0

Type: Bug Priority: Minor - P4
Reporter: Valentin Kavalenka Assignee: Jeffrey Yemin
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Minor Change
Documentation Changes: Not Needed
Documentation Changes Summary:

1. What would you like to communicate to the user about this feature?
2. Would you like the user to see examples of the syntax and/or executable code and its output?
3. Which versions of the driver/connector does this apply to?


 Description   

Users are not required to specify the key vault client settings via ClientEncryptionSettings. Moreover, the documentation of ClientEncryptionSettings.getKeyVaultMongoClientSettings says "May be null to indicate that the same MongoClient should be used to access the key vault collection as is used for the rest of the application". In practice, we have this:

java.lang.IllegalArgumentException: settings can not be null
 
	at com.mongodb.assertions.Assertions.notNull(Assertions.java:48)
	at com.mongodb.client.internal.MongoClientImpl.createCluster(MongoClientImpl.java:227)
	at com.mongodb.client.internal.MongoClientImpl.<init>(MongoClientImpl.java:72)
	at com.mongodb.client.MongoClients.create(MongoClients.java:108)
	at com.mongodb.client.MongoClients.create(MongoClients.java:50)
	at com.mongodb.client.internal.ClientEncryptionImpl.<init>(ClientEncryptionImpl.java:69)
	at com.mongodb.client.vault.ClientEncryptions.create(ClientEncryptions.java:37)

When this ticket is done, we should do the changes necessary to get rid of the following SpotBugs exclusions in mongo-java-driver/config/spotbugs/exclude.xml

<Match>
    <Class name="com.mongodb.client.internal.ClientEncryptionImpl"/>
    <Method name="createEncryptedCollection"/>
    <Bug pattern="RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE"/>
</Match>
<Match>
    <Class name="com.mongodb.reactivestreams.client.internal.vault.ClientEncryptionImpl"/>
    <Method name="~.*createEncryptedCollection.*"/>
    <Bug pattern="RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE"/>
</Match>



 Comments   
Comment by Githook User [ 22/Feb/23 ]

Author:

{'name': 'Jeff Yemin', 'email': 'jeff.yemin@mongodb.com', 'username': 'jyemin'}

Message: Make ClientEncryptionSettings#keyVaultMongoClientSettings non-nullable (#1087)

  • Update Javadoc
  • Add notNull assertion in ClientEncryptionSettings constructor
  • Remove unnecessary null checks and corresponding SpotBugs exclusions for them

JAVA-4861
Branch: master
https://github.com/mongodb/mongo-java-driver/commit/a19fad2b3d93ee818132f14377e42cfaa268e8ee

Comment by Jeffrey Yemin [ 14/Feb/23 ]

The documentation is wrong. I think it happened because it was copied from AutoEncryptionSettings, where is it correct. In that case, there is a MongoClientSettings that contains the AutoEncryptionSettings, but there is no such thing for ClientEncryptionSettings.

I think we can fix the Javadoc in a minor release because it never worked as specified.

Generated at Thu Feb 08 09:03:09 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.