#11473 Network handler secure properties support

plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/net/DBWHandlerConfiguration.java

@@ -44,11 +44,13 @@ public class DBWHandlerConfiguration {
     private String password;
     private boolean savePassword = true;
     private final Map<String, Object> properties;
+    private final Map<String, String> secureProperties;
 
     public DBWHandlerConfiguration(@NotNull DBWHandlerDescriptor descriptor, DBPDataSourceContainer dataSource) {
         this.descriptor = descriptor;
         this.dataSource = dataSource;
         this.properties = new HashMap<>();
+        this.secureProperties = new HashMap<>();
     }
 
     public DBWHandlerConfiguration(@NotNull DBWHandlerConfiguration configuration) {
@@ -59,6 +61,7 @@ public class DBWHandlerConfiguration {
         this.password = configuration.password;
         this.savePassword = configuration.savePassword;
         this.properties = new HashMap<>(configuration.properties);
+        this.secureProperties = new HashMap<>(configuration.secureProperties);
     }
 
     @NotNull
@@ -175,6 +178,25 @@ public class DBWHandlerConfiguration {
         this.properties.putAll(properties);
     }
 
+    @Nullable
+    public String getSecureProperty(@NotNull String name) {
+        return secureProperties.get(name);
+    }
+
+    @NotNull
+    public Map<String, String> getSecureProperties() {
+        return secureProperties;
+    }
+
+    public void setSecureProperty(@NotNull String name, @Nullable String value) {
+        secureProperties.put(name, value);
+    }
+
+    public void setSecureProperties(@NotNull Map<String, String> secureProperties) {
+        this.secureProperties.clear();
+        this.secureProperties.putAll(secureProperties);
+    }
+
     @Override
     public boolean equals(Object obj) {
         if (!(obj instanceof DBWHandlerConfiguration)) {
@@ -188,16 +210,21 @@ public class DBWHandlerConfiguration {
                 CommonUtils.equalObjects(this.userName, source.userName) &&
                 CommonUtils.equalObjects(this.password, source.password) &&
                 this.savePassword == source.savePassword &&
-                CommonUtils.equalObjects(this.properties, source.properties);
+                CommonUtils.equalObjects(this.properties, source.properties) &&
+                CommonUtils.equalObjects(this.secureProperties, source.secureProperties);
     }
 
     public void resolveDynamicVariables(IVariableResolver variableResolver) {
         userName = GeneralUtils.replaceVariables(userName, variableResolver);
         password = GeneralUtils.replaceVariables(password, variableResolver);
-        for (String prop : this.properties.keySet()) {
-            Object value = this.properties.get(prop);
-            if (value instanceof String && !CommonUtils.isEmpty((String)value)) {
-                this.properties.put(prop, GeneralUtils.replaceVariables((String)value, variableResolver));
+        for (Map.Entry<String, Object> prop : properties.entrySet()) {
+            if (prop.getValue() instanceof String && CommonUtils.isNotEmpty((String) prop.getValue())) {
+                prop.setValue(GeneralUtils.replaceVariables((String) prop.getValue(), variableResolver));
+            }
+        }
+        for (Map.Entry<String, String> prop : secureProperties.entrySet()) {
+            if (CommonUtils.isNotEmpty(prop.getValue())) {
+                prop.setValue(GeneralUtils.replaceVariables(prop.getValue(), variableResolver));
             }
         }
     }
@@ -205,7 +232,8 @@ public class DBWHandlerConfiguration {
     public boolean hasValuableInfo() {
         return !CommonUtils.isEmpty(userName) ||
             !CommonUtils.isEmpty(password) ||
-            !CommonUtils.isEmpty(properties);
+            !CommonUtils.isEmpty(properties) ||
+            !CommonUtils.isEmpty(secureProperties);
     }
 
     @Override

plugins/org.jkiss.dbeaver.registry/src/org/jkiss/dbeaver/registry/DataSourceSerializerModern.java

@@ -700,6 +700,9 @@ class DataSourceSerializerModern implements DataSourceSerializer
                 if (curNetworkHandler.isSavePassword()) {
                     curNetworkHandler.setPassword(creds.getUserPassword());
                 }
+                if (creds.getProperties() != null) {
+                    curNetworkHandler.setSecureProperties(creds.getProperties());
+                }
             }
             {
                 // Still try to read credentials directly from configuration (#6564)
@@ -947,11 +950,13 @@ class DataSourceSerializerModern implements DataSourceSerializer
         JSONUtils.field(json, RegistryConstants.ATTR_ENABLED, configuration.isEnabled());
         JSONUtils.field(json, RegistryConstants.ATTR_SAVE_PASSWORD, configuration.isSavePassword());
         if (!CommonUtils.isEmpty(configuration.getUserName()) || !CommonUtils.isEmpty(configuration.getPassword())) {
+            final SecureCredentials credentials = new SecureCredentials(configuration);
+            credentials.setProperties(configuration.getSecureProperties());
             saveSecuredCredentials(
                 dataSource,
                 profile,
                 "network/" + configuration.getId() + (profile == null ? "" : "/profile/" + profile.getProfileName()),
-                new SecureCredentials(configuration));
+                credentials);
         }
         JSONUtils.serializeProperties(json, RegistryConstants.TAG_PROPERTIES, configuration.getProperties());
         json.endObject();

plugins/org.jkiss.dbeaver.registry/src/org/jkiss/dbeaver/registry/SecureCredentials.java

@@ -22,6 +22,7 @@ import org.jkiss.dbeaver.model.DBPDataSourceContainer;
 import org.jkiss.dbeaver.model.access.DBAAuthProfile;
 import org.jkiss.dbeaver.model.net.DBWHandlerConfiguration;
 
+import java.util.HashMap;
 import java.util.LinkedHashMap;
 import java.util.Map;
 
@@ -76,8 +77,13 @@ class SecureCredentials {
         return properties;
     }
 
-    public void setProperties(@Nullable Map<String, String> properties) {
-        this.properties = properties;
+    public void setProperties(@NotNull Map<String, String> properties) {
+        if (this.properties != null) {
+            this.properties.clear();
+            this.properties.putAll(properties);
+        } else {
+            this.properties = new HashMap<>(properties);
+        }
     }
 
     public void setSecureProp(String key, String value) {