use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project molgenis by molgenis.
the class MolgenisPasswordEncoderTest method matches_noMatch.
@Test
public void matches_noMatch() {
String password = "password";
String encodedPassword = "encoded-password";
BCryptPasswordEncoder bCryptPasswordEncoder = mock(BCryptPasswordEncoder.class);
when(bCryptPasswordEncoder.matches(password, encodedPassword)).thenReturn(true);
assertFalse(new MolgenisPasswordEncoder(bCryptPasswordEncoder).matches("invalid-password", encodedPassword));
}
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project molgenis by molgenis.
the class MolgenisPasswordEncoderTest method matches.
@Test
public void matches() {
String password = "password";
String encodedPassword = "encoded-password";
BCryptPasswordEncoder bCryptPasswordEncoder = mock(BCryptPasswordEncoder.class);
when(bCryptPasswordEncoder.matches(password, encodedPassword)).thenReturn(true);
assertTrue(new MolgenisPasswordEncoder(bCryptPasswordEncoder).matches(password, encodedPassword));
}
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project spring-security by spring-projects.
the class PasswordEncoderFactories method createDelegatingPasswordEncoder.
/**
* Creates a {@link DelegatingPasswordEncoder} with default mappings. Additional
* mappings may be added and the encoding will be updated to conform with best
* practices. However, due to the nature of {@link DelegatingPasswordEncoder} the
* updates should not impact users. The mappings current are:
*
* <ul>
* <li>bcrypt - {@link BCryptPasswordEncoder} (Also used for encoding)</li>
* <li>ldap -
* {@link org.springframework.security.crypto.password.LdapShaPasswordEncoder}</li>
* <li>MD4 -
* {@link org.springframework.security.crypto.password.Md4PasswordEncoder}</li>
* <li>MD5 - {@code new MessageDigestPasswordEncoder("MD5")}</li>
* <li>noop -
* {@link org.springframework.security.crypto.password.NoOpPasswordEncoder}</li>
* <li>pbkdf2 - {@link Pbkdf2PasswordEncoder}</li>
* <li>scrypt - {@link SCryptPasswordEncoder}</li>
* <li>SHA-1 - {@code new MessageDigestPasswordEncoder("SHA-1")}</li>
* <li>SHA-256 - {@code new MessageDigestPasswordEncoder("SHA-256")}</li>
* <li>sha256 -
* {@link org.springframework.security.crypto.password.StandardPasswordEncoder}</li>
* <li>argon2 - {@link Argon2PasswordEncoder}</li>
* </ul>
* @return the {@link PasswordEncoder} to use
*/
@SuppressWarnings("deprecation")
public static PasswordEncoder createDelegatingPasswordEncoder() {
String encodingId = "bcrypt";
Map<String, PasswordEncoder> encoders = new HashMap<>();
encoders.put(encodingId, new BCryptPasswordEncoder());
encoders.put("ldap", new org.springframework.security.crypto.password.LdapShaPasswordEncoder());
encoders.put("MD4", new org.springframework.security.crypto.password.Md4PasswordEncoder());
encoders.put("MD5", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("MD5"));
encoders.put("noop", org.springframework.security.crypto.password.NoOpPasswordEncoder.getInstance());
encoders.put("pbkdf2", new Pbkdf2PasswordEncoder());
encoders.put("scrypt", new SCryptPasswordEncoder());
encoders.put("SHA-1", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1"));
encoders.put("SHA-256", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256"));
encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder());
encoders.put("argon2", new Argon2PasswordEncoder());
return new DelegatingPasswordEncoder(encodingId, encoders);
}
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project spring-security by spring-projects.
the class DaoAuthenticationProviderTests method testUserNotFoundBCryptPasswordEncoder.
@Test
public void testUserNotFoundBCryptPasswordEncoder() {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("missing", "koala");
PasswordEncoder encoder = new BCryptPasswordEncoder();
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
provider.setHideUserNotFoundExceptions(false);
provider.setPasswordEncoder(encoder);
MockUserDetailsServiceUserRod userDetailsService = new MockUserDetailsServiceUserRod();
userDetailsService.password = encoder.encode((CharSequence) token.getCredentials());
provider.setUserDetailsService(userDetailsService);
assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy(() -> provider.authenticate(token));
}
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project spring-boot by spring-projects.
the class EncodePasswordCommandTests method encodeWithBCryptShouldUseBCrypt.
@Test
void encodeWithBCryptShouldUseBCrypt() throws Exception {
EncodePasswordCommand command = new EncodePasswordCommand();
ExitStatus status = command.run("-a", "bcrypt", "boot");
then(this.log).should().info(this.message.capture());
assertThat(this.message.getValue()).doesNotStartWith("{");
assertThat(new BCryptPasswordEncoder().matches("boot", this.message.getValue())).isTrue();
assertThat(status).isEqualTo(ExitStatus.OK);
}
Aggregations