Fix schema generation for encrypted fields that are considered domain entities.

This commit makes sure to consider the encrypted annotation on fields that are considered domain type property values, encrypting the entire object if necessary.

Author: christophstrobl

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/MappingMongoJsonSchemaCreator.java

@@ -203,8 +203,9 @@ private JsonSchemaProperty computeSchemaForProperty(List<MongoPersistentProperty
 								target.properties(nestedProperties.toArray(new JsonSchemaProperty[0])), required));
 					}
 				}
-				return targetProperties.size() == 1 ? targetProperties.iterator().next()
+				JsonSchemaProperty schemaProperty = targetProperties.size() == 1 ? targetProperties.iterator().next()
 						: JsonSchemaProperty.merged(targetProperties);
+				return applyEncryptionDataIfNecessary(property, schemaProperty);
 			}
 		}
 

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/core/schema/IdentifiableJsonSchemaProperty.java

@@ -36,6 +36,7 @@
 import org.springframework.lang.Nullable;
 import org.springframework.util.Assert;
 import org.springframework.util.ObjectUtils;
+import org.springframework.util.StringUtils;
 
 /**
  * {@link JsonSchemaProperty} implementation.
@@ -1139,7 +1140,9 @@ public Document toDocument() {
 				enc.append("bsonType", type.toBsonType().value()); // TODO: no samples with type -> is it bson type all the way?
 			}
 
-			enc.append("algorithm", algorithm);
+			if(StringUtils.hasText(algorithm)) {
+				enc.append("algorithm", algorithm);
+			}
 
 			propertySpecification.append("encrypt", enc);
 

spring-data-mongodb/src/test/java/org/springframework/data/mongodb/core/MappingMongoJsonSchemaCreatorUnitTests.java

@@ -271,6 +271,17 @@ void bsonTypeVsJustTypeValueResolutionIsDoneByDefault() {
 				.containsEntry("properties.value", new Document("type", "string"));
 	}
 
+	@Test // GH-4454
+	void wrapEncryptedEntityTypeLikeProperty() {
+
+		MongoJsonSchema schema = MongoJsonSchemaCreator.create() //
+				.filter(MongoJsonSchemaCreator.encryptedOnly()) // filter non encrypted fields
+				.createSchemaFor(WithEncryptedEntityLikeProperty.class);
+
+		assertThat(schema.schemaDocument()) //
+				.containsEntry("properties.domainTypeValue", Document.parse("{'encrypt': {'bsonType': 'object' } }"));
+	}
+
 	// --> TYPES AND JSON
 
 	// --> ENUM
@@ -676,4 +687,9 @@ static class C extends A {
 	static class PropertyClashWithA {
 		Integer aNonEncrypted;
 	}
+
+	@Encrypted(algorithm = "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic")
+	static class WithEncryptedEntityLikeProperty {
+		@Encrypted SomeDomainType domainTypeValue;
+	}
 }