Merge pull request #103 from Mastercard/feature/fix-parent-enc-node

Fixing issue where JWE parent encryption node isn't removed
Mastercard · Nov 21, 2024 · 10d312e · 10d312e
2 parents 7d36218 + 001a499
commit 10d312e
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 0 deletions.
diff --git a/src/main/java/com/mastercard/developer/encryption/JweEncryption.java b/src/main/java/com/mastercard/developer/encryption/JweEncryption.java
@@ -136,6 +136,14 @@ private static DocumentContext decryptPayloadPath(DocumentContext payloadContext
 
         // Remove the input
         JsonParser.deleteIfExists(payloadContext, jsonPathIn);
+
+        //Strip the parent node if empty
+        String jsonPathInStripped = jsonPathIn.replaceAll("." + config.getEncryptedValueFieldName() + "$", "");
+        Object inJsonObjectStripped = readJsonObject(payloadContext, jsonPathIn);
+        if (!jsonPathInStripped.equals("$") && !jsonPathInStripped.contains("[") && inJsonObjectStripped == null) {
+            JsonParser.deleteIfExists(payloadContext, jsonPathInStripped);
+        }
+
         return payloadContext;
     }
 

diff --git a/...test/java/com/mastercard/developer/encryption/JweEncryptionWithDefaultJsonEngineTest.java b/...test/java/com/mastercard/developer/encryption/JweEncryptionWithDefaultJsonEngineTest.java
@@ -115,4 +115,25 @@ public void testDecryptPayload_ShouldSupportPayloadWithEncryptedValueParent() th
         // THEN
         assertPayloadEquals("{\"data\": {}}", payload);
     }
+
+    @Test
+    public void testDecryptPayload_ShouldRemoveParentEncryptedFieldIfEmpty() throws Exception {
+
+        // GIVEN
+        String encryptedPayload = "{\n" +
+                "    \"encryptedDataParent\": {\n" +
+                "        \"encryptedData\": \"eyJraWQiOiI3NjFiMDAzYzFlYWRlM2E1NDkwZTUwMDBkMzc4ODdiYWE1ZTZlYzBlMjI2YzA3NzA2ZTU5OTQ1MWZjMDMyYTc5IiwiY3R5IjoiYXBwbGljYXRpb24vanNvbiIsImVuYyI6IkEyNTZHQ00iLCJhbGciOiJSU0EtT0FFUC0yNTYifQ.XVy1AR51sUvwT-AtcsogQDo_klFi1EMYW8Wz7qM0e1dA3jNX5nTa38JhRcVuyVK15OenTYfg7aaH_fLjPZI1Mukd0BBnTuonh8T9CX5tbAAYx_KGPxc7a7ekBO-xXEA762eRvIIQJDZgQ_C3U39kc-XoaxC-ZYx8Va_aPBsXI1uozAfj3j5XVDnSmGAVWc2N4STTlCKbL4EO6YXASl_PrAOIVVSUrhpYvNS7GnjrP9x49tlRmTS0Dx-_MhkIAJM6H25YAuUmO-LW3gikReOUgGeY9_JtOioDs2J4ncKqugPFKr8kYF1cKnMwFv0TS9p5qR0kiF20bxRMvhbazf_Q5Q.V2Uz5-YRNq9ZIJjhRsKYIw.jB1s8rczGEj2OjU.qs4zVUf2tHML02Rglq5ncw\"\n" +
+                "    }\n" +
+                "}";
+        JweConfig config = getTestJweConfigBuilder()
+                .withEncryptedValueFieldName("encryptedData")
+                .withDecryptionPath("$.encryptedDataParent.encryptedData", "$.unencrypted")
+                .build();
+
+        // WHEN
+        String payload = JweEncryption.decryptPayload(encryptedPayload, config);
+
+        // THEN
+        assertPayloadEquals("{\"unencrypted\":{\"data\": {}}}", payload);
+    }
 }