Class DataProtectionInterceptor

java.lang.Object
io.fluxzero.sdk.publishing.dataprotection.DataProtectionInterceptor
All Implemented Interfaces:
DispatchInterceptor, HandlerDecorator, HandlerInterceptor
public class DataProtectionInterceptor extends Object implements DispatchInterceptor, HandlerInterceptor
A DispatchInterceptor and HandlerInterceptor that supports secure transmission of sensitive data fields by removing them from the payload before dispatch and restoring them during handling.

This interceptor works in two phases:

  • Dispatch phase:
    • Scans the payload for fields annotated with ProtectData.
    • Each such field is serialized and stored securely in a designated store, indexed by a generated key.
    • The payload is cloned and sensitive fields are removed (set to null).
    • The generated key references are stored in the message metadata under METADATA_KEY.
  • Handling phase:
    • Looks for protected data references in the message metadata.
    • If present, retrieves the original values from the store using the stored keys.
    • Injects the retrieved values back into the message payload before invocation.
    • If the target method is annotated with DropProtectedData, the stored entries are deleted after injection.

This strategy is useful for preventing sensitive or private data from being persisted to the message log, while still allowing handlers to receive full context during execution.

Example

public class MyHandler {
  @HandleCommand
  public void handle(@ProtectData String ssn, ...) {
    ...
  }

  @HandleCommand
  @DropProtectedData
  public void auditSensitive(@ProtectData String secretField, ...) {
    ...
    // After invocation, the secret is permanently removed
  }
}

Note: The payload is cloned via (de)serialization to ensure the original object remains unmodified.

See Also:

  • Field Details

    • METADATA_KEY

      public static String METADATA_KEY

  • Constructor Details

    • DataProtectionInterceptor

      public DataProtectionInterceptor()

  • Method Details

    • interceptDispatch

      public Message interceptDispatch(Message m, MessageType messageType, String topic)
      Description copied from interface: DispatchInterceptor
      Intercepts the dispatch of a message before it is serialized and published or locally handled.

      You may modify the message or return null to block dispatching. Throwing an exception also prevents dispatching.

      Specified by:
      interceptDispatch in interface DispatchInterceptor
      Parameters:
      m - the message to be dispatched
      messageType - the type of the message (e.g., COMMAND, EVENT, etc.)
      topic - the target topic or null if not applicable
      Returns:
      the modified message, the same message, or null to prevent dispatch

    • interceptHandling

      public Function<DeserializingMessage, Object> interceptHandling(Function<DeserializingMessage, Object> function, HandlerInvoker invoker)
      Description copied from interface: HandlerInterceptor
      Intercepts the message handling logic.

      The function parameter represents the next step in the handling chain— typically the actual message handler. The invoker provides metadata and invocation logic for the underlying handler method.

      Within this method, an interceptor may:

      • Modify the DeserializingMessage before passing it to the handler
      • Bypass the handler entirely and return a value directly
      • Wrap the result after the handler is invoked

      Note: Interceptors may return a different DeserializingMessage, but it must be compatible with a handler method in the same target class. If no suitable handler is found, an exception will be thrown.

      Specified by:
      interceptHandling in interface HandlerInterceptor
      Parameters:
      function - the next step in the handler chain (typically the handler itself)
      invoker - the metadata and execution strategy for the actual handler method
      Returns:
      a decorated function that wraps handling behavior