asgardeo
diff --git a/‎backend/cmd/server/main.go‎
Lines changed: 4 additions & 0 deletions b/‎backend/cmd/server/main.go‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎backend/cmd/server/repository/conf/deployment.yaml‎
Lines changed: 5 additions & 1 deletion b/‎backend/cmd/server/repository/conf/deployment.yaml‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎backend/cmd/server/repository/resources/conf/default.json‎
Lines changed: 6 additions & 2 deletions b/‎backend/cmd/server/repository/resources/conf/default.json‎
Lines changed: 6 additions & 2 deletions
diff --git a/‎backend/internal/notification/client_provider_test.go‎
Lines changed: 5 additions & 17 deletions b/‎backend/internal/notification/client_provider_test.go‎
Lines changed: 5 additions & 17 deletions
diff --git a/‎backend/internal/notification/init_test.go‎
Lines changed: 5 additions & 17 deletions b/‎backend/internal/notification/init_test.go‎
Lines changed: 5 additions & 17 deletions
diff --git a/‎backend/internal/notification/message/custom_client_test.go‎
Lines changed: 5 additions & 17 deletions b/‎backend/internal/notification/message/custom_client_test.go‎
Lines changed: 5 additions & 17 deletions
diff --git a/‎backend/internal/notification/message/twilio_client_test.go‎
Lines changed: 5 additions & 17 deletions b/‎backend/internal/notification/message/twilio_client_test.go‎
Lines changed: 5 additions & 17 deletions
diff --git a/‎backend/internal/notification/message/vonage_client_test.go‎
Lines changed: 5 additions & 17 deletions b/‎backend/internal/notification/message/vonage_client_test.go‎
Lines changed: 5 additions & 17 deletions
diff --git a/‎backend/internal/notification/message_handler_test.go‎
Lines changed: 5 additions & 17 deletions b/‎backend/internal/notification/message_handler_test.go‎
Lines changed: 5 additions & 17 deletions
diff --git a/‎backend/internal/notification/mgt_service_test.go‎
Lines changed: 5 additions & 17 deletions b/‎backend/internal/notification/mgt_service_test.go‎
Lines changed: 5 additions & 17 deletions
@@ -35,6 +35,7 @@ import (
 	"github.com/asgardeo/thunder/internal/system/cache"
 	"github.com/asgardeo/thunder/internal/system/cert"
 	"github.com/asgardeo/thunder/internal/system/config"
+	"github.com/asgardeo/thunder/internal/system/crypto/encrypt"
 	"github.com/asgardeo/thunder/internal/system/database/provider"
 	"github.com/asgardeo/thunder/internal/system/jwt"
 	"github.com/asgardeo/thunder/internal/system/log"
@@ -73,6 +74,9 @@ func main() {
 		logger.Fatal("Failed to load private key", log.Error(err))
 	}
 
+	// Load the encryption service.
+	encrypt.GetEncryptionService()
+
 	// Register the services.
 	registerServices(mux, jwtService)
 
 
@@ -5,7 +5,6 @@ server:
 security:
   cert_file: "repository/resources/security/server.cert"
   key_file: "repository/resources/security/server.key"
-  crypto_file: "repository/resources/security/crypto.key"
 
 database:
   identity:
@@ -32,6 +31,11 @@ database:
     max_idle_conns: 100
     conn_max_lifetime: 3600
 
+crypto:
+  encrypt:
+    # Encryption key for AES-GCM encryption (64 hex characters for 256-bit key)
+    # Set THUNDER_CRYPTO_ENC_KEY environment variable in production or use .env file for development
+    key: "$THUNDER_CRYPTO_ENC_KEY"
 
 cors:
   allowed_origins:
 
@@ -13,8 +13,7 @@
   },
   "security": {
     "cert_file": "repository/resources/security/server.cert",
-    "key_file": "repository/resources/security/server.key",
-    "crypto_file": "repository/resources/security/crypto.key"
+    "key_file": "repository/resources/security/server.key"
   },
   "database": {
     "identity": {
@@ -86,6 +85,11 @@
       "default_flow": "auth_flow_config_basic"
     }
   },
+  "crypto": {
+    "encrypt": {
+      "key": null
+    }
+  },
   "immutable_resources": {
     "enabled": false
   }
 
@@ -19,8 +19,6 @@
 package notification
 
 import (
-	"os"
-	"path/filepath"
 	"testing"
 
 	"github.com/stretchr/testify/suite"
@@ -40,24 +38,14 @@ func TestClientProviderTestSuite(t *testing.T) {
 }
 
 func (suite *ClientProviderTestSuite) SetupSuite() {
-	// Get the current working directory.
-	cwd, err := os.Getwd()
-	if err != nil {
-		suite.T().Fatalf("Failed to get working directory: %v", err)
-	}
-	suite.T().Logf("Current working directory: %s", cwd)
-	cryptoFile := filepath.Join(cwd, "..", "..", "tests", "resources", "testKey")
-
-	if _, err := os.Stat(cryptoFile); os.IsNotExist(err) {
-		suite.T().Fatalf("Crypto file not found at expected path: %s", cryptoFile)
-	}
-
 	testConfig := &config.Config{
-		Security: config.SecurityConfig{
-			CryptoFile: cryptoFile,
+		Crypto: config.CryptoConfig{
+			Encrypt: config.EncryptConfig{
+				Key: "b735c757d03c6496575f4c1eb5ba708ad3d06a635566d0fe0440802cf750b3f8",
+			},
 		},
 	}
-	err = config.InitializeThunderRuntime("", testConfig)
+	err := config.InitializeThunderRuntime("", testConfig)
 	if err != nil {
 		suite.T().Fatalf("Failed to initialize ThunderRuntime: %v", err)
 	}
 
@@ -21,8 +21,6 @@ package notification
 import (
 	"net/http"
 	"net/http/httptest"
-	"os"
-	"path/filepath"
 	"testing"
 
 	"github.com/stretchr/testify/suite"
@@ -42,28 +40,18 @@ func TestInitTestSuite(t *testing.T) {
 }
 
 func (suite *InitTestSuite) SetupSuite() {
-	// Get the current working directory.
-	cwd, err := os.Getwd()
-	if err != nil {
-		suite.T().Fatalf("Failed to get working directory: %v", err)
-	}
-	suite.T().Logf("Current working directory: %s", cwd)
-	cryptoFile := filepath.Join(cwd, "..", "..", "tests", "resources", "testKey")
-
-	if _, err := os.Stat(cryptoFile); os.IsNotExist(err) {
-		suite.T().Fatalf("Crypto file not found at expected path: %s", cryptoFile)
-	}
-
 	testConfig := &config.Config{
 		JWT: config.JWTConfig{
 			Issuer:         "test-issuer",
 			ValidityPeriod: 3600,
 		},
-		Security: config.SecurityConfig{
-			CryptoFile: cryptoFile,
+		Crypto: config.CryptoConfig{
+			Encrypt: config.EncryptConfig{
+				Key: "b735c757d03c6496575f4c1eb5ba708ad3d06a635566d0fe0440802cf750b3f8",
+			},
 		},
 	}
-	err = config.InitializeThunderRuntime("", testConfig)
+	err := config.InitializeThunderRuntime("", testConfig)
 	if err != nil {
 		suite.T().Fatalf("Failed to initialize ThunderRuntime: %v", err)
 	}
 
@@ -21,8 +21,6 @@ package message
 import (
 	"net/http"
 	"net/http/httptest"
-	"os"
-	"path/filepath"
 	"testing"
 
 	"github.com/stretchr/testify/suite"
@@ -41,24 +39,14 @@ func TestCustomClientTestSuite(t *testing.T) {
 }
 
 func (suite *CustomClientTestSuite) SetupSuite() {
-	// Get the current working directory.
-	cwd, err := os.Getwd()
-	if err != nil {
-		suite.T().Fatalf("Failed to get working directory: %v", err)
-	}
-	suite.T().Logf("Current working directory: %s", cwd)
-	cryptoFile := filepath.Join(cwd, "..", "..", "..", "tests", "resources", "testKey")
-
-	if _, err := os.Stat(cryptoFile); os.IsNotExist(err) {
-		suite.T().Fatalf("Crypto file not found at expected path: %s", cryptoFile)
-	}
-
 	testConfig := &config.Config{
-		Security: config.SecurityConfig{
-			CryptoFile: cryptoFile,
+		Crypto: config.CryptoConfig{
+			Encrypt: config.EncryptConfig{
+				Key: "b735c757d03c6496575f4c1eb5ba708ad3d06a635566d0fe0440802cf750b3f8",
+			},
 		},
 	}
-	err = config.InitializeThunderRuntime("", testConfig)
+	err := config.InitializeThunderRuntime("", testConfig)
 	if err != nil {
 		suite.T().Fatalf("Failed to initialize ThunderRuntime: %v", err)
 	}
 
@@ -21,8 +21,6 @@ package message
 import (
 	"net/http"
 	"net/http/httptest"
-	"os"
-	"path/filepath"
 	"testing"
 
 	"github.com/stretchr/testify/suite"
@@ -41,24 +39,14 @@ func TestTwilioClientTestSuite(t *testing.T) {
 }
 
 func (suite *TwilioClientTestSuite) SetupSuite() {
-	// Get the current working directory.
-	cwd, err := os.Getwd()
-	if err != nil {
-		suite.T().Fatalf("Failed to get working directory: %v", err)
-	}
-	suite.T().Logf("Current working directory: %s", cwd)
-	cryptoFile := filepath.Join(cwd, "..", "..", "..", "tests", "resources", "testKey")
-
-	if _, err := os.Stat(cryptoFile); os.IsNotExist(err) {
-		suite.T().Fatalf("Crypto file not found at expected path: %s", cryptoFile)
-	}
-
 	testConfig := &config.Config{
-		Security: config.SecurityConfig{
-			CryptoFile: cryptoFile,
+		Crypto: config.CryptoConfig{
+			Encrypt: config.EncryptConfig{
+				Key: "b735c757d03c6496575f4c1eb5ba708ad3d06a635566d0fe0440802cf750b3f8",
+			},
 		},
 	}
-	err = config.InitializeThunderRuntime("", testConfig)
+	err := config.InitializeThunderRuntime("", testConfig)
 	if err != nil {
 		suite.T().Fatalf("Failed to initialize ThunderRuntime: %v", err)
 	}
 
@@ -21,8 +21,6 @@ package message
 import (
 	"net/http"
 	"net/http/httptest"
-	"os"
-	"path/filepath"
 	"testing"
 
 	"github.com/stretchr/testify/suite"
@@ -41,24 +39,14 @@ func TestVonageClientTestSuite(t *testing.T) {
 }
 
 func (suite *VonageClientTestSuite) SetupSuite() {
-	// Get the current working directory.
-	cwd, err := os.Getwd()
-	if err != nil {
-		suite.T().Fatalf("Failed to get working directory: %v", err)
-	}
-	suite.T().Logf("Current working directory: %s", cwd)
-	cryptoFile := filepath.Join(cwd, "..", "..", "..", "tests", "resources", "testKey")
-
-	if _, err := os.Stat(cryptoFile); os.IsNotExist(err) {
-		suite.T().Fatalf("Crypto file not found at expected path: %s", cryptoFile)
-	}
-
 	testConfig := &config.Config{
-		Security: config.SecurityConfig{
-			CryptoFile: cryptoFile,
+		Crypto: config.CryptoConfig{
+			Encrypt: config.EncryptConfig{
+				Key: "b735c757d03c6496575f4c1eb5ba708ad3d06a635566d0fe0440802cf750b3f8",
+			},
 		},
 	}
-	err = config.InitializeThunderRuntime("", testConfig)
+	err := config.InitializeThunderRuntime("", testConfig)
 	if err != nil {
 		suite.T().Fatalf("Failed to initialize ThunderRuntime: %v", err)
 	}
 
@@ -24,8 +24,6 @@ import (
 	"io"
 	"net/http"
 	"net/http/httptest"
-	"os"
-	"path/filepath"
 	"testing"
 
 	"github.com/stretchr/testify/mock"
@@ -48,24 +46,14 @@ func TestMessageHandlerTestSuite(t *testing.T) {
 }
 
 func (suite *MessageHandlerTestSuite) SetupSuite() {
-	// Get the current working directory.
-	cwd, err := os.Getwd()
-	if err != nil {
-		suite.T().Fatalf("Failed to get working directory: %v", err)
-	}
-	suite.T().Logf("Current working directory: %s", cwd)
-	cryptoFile := filepath.Join(cwd, "..", "..", "tests", "resources", "testKey")
-
-	if _, err := os.Stat(cryptoFile); os.IsNotExist(err) {
-		suite.T().Fatalf("Crypto file not found at expected path: %s", cryptoFile)
-	}
-
 	testConfig := &config.Config{
-		Security: config.SecurityConfig{
-			CryptoFile: cryptoFile,
+		Crypto: config.CryptoConfig{
+			Encrypt: config.EncryptConfig{
+				Key: "b735c757d03c6496575f4c1eb5ba708ad3d06a635566d0fe0440802cf750b3f8",
+			},
 		},
 	}
-	err = config.InitializeThunderRuntime("", testConfig)
+	err := config.InitializeThunderRuntime("", testConfig)
 	if err != nil {
 		suite.T().Fatalf("Failed to initialize ThunderRuntime: %v", err)
 	}
 
@@ -20,8 +20,6 @@ package notification
 
 import (
 	"errors"
-	"os"
-	"path/filepath"
 	"testing"
 
 	"github.com/stretchr/testify/mock"
@@ -50,24 +48,14 @@ func TestNotificationSenderMgtServiceTestSuite(t *testing.T) {
 }
 
 func (suite *NotificationSenderMgtServiceTestSuite) SetupSuite() {
-	// Get the current working directory.
-	cwd, err := os.Getwd()
-	if err != nil {
-		suite.T().Fatalf("Failed to get working directory: %v", err)
-	}
-	suite.T().Logf("Current working directory: %s", cwd)
-	cryptoFile := filepath.Join(cwd, "..", "..", "tests", "resources", "testKey")
-
-	if _, err := os.Stat(cryptoFile); os.IsNotExist(err) {
-		suite.T().Fatalf("Crypto file not found at expected path: %s", cryptoFile)
-	}
-
 	testConfig := &config.Config{
-		Security: config.SecurityConfig{
-			CryptoFile: cryptoFile,
+		Crypto: config.CryptoConfig{
+			Encrypt: config.EncryptConfig{
+				Key: "b735c757d03c6496575f4c1eb5ba708ad3d06a635566d0fe0440802cf750b3f8",
+			},
 		},
 	}
-	err = config.InitializeThunderRuntime("", testConfig)
+	err := config.InitializeThunderRuntime("", testConfig)
 	if err != nil {
 		suite.T().Fatalf("Failed to initialize ThunderRuntime: %v", err)
 	}