Example 1 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project cas by apereo.
the class Beans method newPasswordEncoder.
/**
* New password encoder password encoder.
*
* @param properties the properties
* @return the password encoder
*/
public static PasswordEncoder newPasswordEncoder(final PasswordEncoderProperties properties) {
final String type = properties.getType();
if (StringUtils.isBlank(type)) {
LOGGER.debug("No password encoder type is defined, and so none shall be created");
return NoOpPasswordEncoder.getInstance();
}
if (type.contains(".")) {
try {
LOGGER.debug("Configuration indicates use of a custom password encoder [{}]", type);
final Class<PasswordEncoder> clazz = (Class<PasswordEncoder>) Class.forName(type);
return clazz.newInstance();
} catch (final Exception e) {
LOGGER.error("Falling back to a no-op password encoder as CAS has failed to create " + "an instance of the custom password encoder class " + type, e);
return NoOpPasswordEncoder.getInstance();
}
}
final PasswordEncoderProperties.PasswordEncoderTypes encoderType = PasswordEncoderProperties.PasswordEncoderTypes.valueOf(type);
switch(encoderType) {
case DEFAULT:
LOGGER.debug("Creating default password encoder with encoding alg [{}] and character encoding [{}]", properties.getEncodingAlgorithm(), properties.getCharacterEncoding());
return new DefaultPasswordEncoder(properties.getEncodingAlgorithm(), properties.getCharacterEncoding());
case STANDARD:
LOGGER.debug("Creating standard password encoder with the secret defined in the configuration");
return new StandardPasswordEncoder(properties.getSecret());
case BCRYPT:
LOGGER.debug("Creating BCRYPT password encoder given the strength [{}] and secret in the configuration", properties.getStrength());
if (StringUtils.isBlank(properties.getSecret())) {
LOGGER.debug("Creating BCRYPT encoder without secret");
return new BCryptPasswordEncoder(properties.getStrength());
}
LOGGER.debug("Creating BCRYPT encoder with secret");
return new BCryptPasswordEncoder(properties.getStrength(), new SecureRandom(properties.getSecret().getBytes(StandardCharsets.UTF_8)));
case SCRYPT:
LOGGER.debug("Creating SCRYPT encoder");
return new SCryptPasswordEncoder();
case PBKDF2:
if (StringUtils.isBlank(properties.getSecret())) {
LOGGER.debug("Creating PBKDF2 encoder without secret");
return new Pbkdf2PasswordEncoder();
}
final int hashWidth = 256;
return new Pbkdf2PasswordEncoder(properties.getSecret(), properties.getStrength(), hashWidth);
case NONE:
default:
LOGGER.debug("No password encoder shall be created given the requested encoder type [{}]", type);
return NoOpPasswordEncoder.getInstance();
}
}
Also used :
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
DefaultPasswordEncoder(org.apereo.cas.util.crypto.DefaultPasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
Pbkdf2PasswordEncoder(org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)
NoOpPasswordEncoder(org.springframework.security.crypto.password.NoOpPasswordEncoder)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
SecureRandom(java.security.SecureRandom)
Pbkdf2PasswordEncoder(org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)
BeanCreationException(org.springframework.beans.factory.BeanCreationException)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
PasswordEncoderProperties(org.apereo.cas.configuration.model.core.authentication.PasswordEncoderProperties)
DefaultPasswordEncoder(org.apereo.cas.util.crypto.DefaultPasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Example 2 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project WebTemplate by lucapompei.
the class TestPasswordEncoder method testBCryptPasswordEncoding.
/**
* Test the BCrypt password encoder
*/
@Test
public void testBCryptPasswordEncoding() {
String password = "password";
String encodedPassword = new BCryptPasswordEncoder().encode(password);
System.out.println("Original: " + password);
System.out.println("Encoded: " + encodedPassword);
}
Also used :
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Test(org.junit.Test)
Example 3 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project vft-capture by videofirst.
the class VftCapture method checkCreatePassword.
/**
* Create password if first command arg is `-pwd`.
*/
private static void checkCreatePassword(String[] args) {
// Check to see if we're trying to change password
if ((args.length == 1 || args.length == 2) && "-pwd".equals(args[0])) {
System.out.println("=====================");
System.out.println("VFT CAPTURE - ENCODER");
System.out.println("=====================");
PasswordEncoder passwordEncoder = new BCryptPasswordEncoder(SecurityConfiguration.BCRYPT_STRENGTH);
if (args.length == 2) {
System.out.println("\nEncoded output [ " + passwordEncoder.encode(args[1]) + " ]\n");
System.exit(0);
}
while (true) {
try {
System.out.print("\nPlease enter password (or q to exit): - ");
System.out.flush();
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
String input = br.readLine();
if ("q".equalsIgnoreCase(input)) {
System.exit(0);
}
System.out.println("\nEncoded output [ " + passwordEncoder.encode(input) + " ]\n");
} catch (IOException e) {
System.out.println("Error reading line " + e.getMessage());
}
}
}
}
Also used :
InputStreamReader(java.io.InputStreamReader)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
BufferedReader(java.io.BufferedReader)
IOException(java.io.IOException)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Example 4 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project fw-cloud-framework by liuweijw.
the class UserController method addUser.
/**
* 添加用户
*/
@RequestMapping(value = "/addUser", method = RequestMethod.POST)
@PrePermissions(value = Functional.ADD)
public R<Boolean> addUser(HttpServletRequest request, @RequestBody UserForm userForm) {
if (null == userForm.getRoleId())
return new R<Boolean>().failure("请选择角色");
User user = new User();
user.setCreateTime(new Date());
user.setStatu(0);
user.setPassword(new BCryptPasswordEncoder().encode(userForm.getPassword().trim()));
user.setUpdateTime(new Date());
user.setUsername(userForm.getUsername());
boolean r = this.userService.addUserAndRole(user, userForm.getRoleId());
return new R<Boolean>().data(r);
}
Also used :
R(com.github.liuweijw.core.utils.R)
User(com.github.liuweijw.business.admin.domain.User)
AuthUser(com.github.liuweijw.core.beans.system.AuthUser)
Date(java.util.Date)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
PrePermissions(com.github.liuweijw.business.commons.web.aop.PrePermissions)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 5 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project entando-core by entando.
the class OAuthConsumerDAO method fillStatement.
private int fillStatement(ConsumerRecordVO consumer, int index, boolean add, PreparedStatement stat) throws SQLException {
int idx = index;
if (add || !StringUtils.isBlank(consumer.getSecret())) {
String encoded = new BCryptPasswordEncoder().encode(consumer.getSecret());
stat.setString(idx++, "{bcrypt}" + encoded);
}
stat.setString(idx++, consumer.getName());
stat.setString(idx++, consumer.getDescription());
stat.setString(idx++, consumer.getCallbackUrl());
stat.setString(idx++, consumer.getScope());
stat.setString(idx++, consumer.getAuthorizedGrantTypes());
if (null != consumer.getExpirationDate()) {
stat.setTimestamp(idx++, new Timestamp(consumer.getExpirationDate().getTime()));
} else {
stat.setNull(idx++, Types.TIMESTAMP);
}
if (add) {
Date now = new Date();
consumer.setIssuedDate(now);
stat.setTimestamp(idx++, new Timestamp(now.getTime()));
}
return idx;
}
Also used :
Timestamp(java.sql.Timestamp)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Date(java.util.Date)
Aggregations
BCryptPasswordEncoder (org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)45
PasswordEncoder (org.springframework.security.crypto.password.PasswordEncoder)17
Test (org.junit.jupiter.api.Test)7
KeystorePasswordHolder (won.owner.model.KeystorePasswordHolder)7
User (won.owner.model.User)7
SCryptPasswordEncoder (org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)6
NoOpPasswordEncoder (org.springframework.security.crypto.password.NoOpPasswordEncoder)5
Pbkdf2PasswordEncoder (org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)5
DelegatingPasswordEncoder (org.springframework.security.crypto.password.DelegatingPasswordEncoder)4
StandardPasswordEncoder (org.springframework.security.crypto.password.StandardPasswordEncoder)4
KeystoreHolder (won.owner.model.KeystoreHolder)4
ExpensiveSecureRandomString (won.protocol.util.ExpensiveSecureRandomString)4
HashMap (java.util.HashMap)3
lombok.val (lombok.val)3
Bean (org.springframework.context.annotation.Bean)3
DataIntegrityViolationException (org.springframework.dao.DataIntegrityViolationException)3
Transactional (org.springframework.transaction.annotation.Transactional)3
Test (org.testng.annotations.Test)3
User (com.github.liuweijw.business.admin.domain.User)2
PrePermissions (com.github.liuweijw.business.commons.web.aop.PrePermissions)2
