Examples with Salt edu.stanford.bmir.protege.web.shared.auth.Salt used on opensource projects

Example 1 with Salt

use of edu.stanford.bmir.protege.web.shared.auth.Salt in project webprotege by protegeproject.

the class ResetPasswordActionHandler method execute.

@Nonnull
@Override
public ResetPasswordResult execute(@Nonnull ResetPasswordAction action, @Nonnull ExecutionContext executionContext) {
    final String emailAddress = action.getResetPasswordData().getEmailAddress();
    try {
        Optional<UserId> userId = userDetailsManager.getUserByUserIdOrEmail(emailAddress);
        if (!userId.isPresent()) {
            return new ResetPasswordResult(INVALID_EMAIL_ADDRESS);
        }
        Optional<UserDetails> userDetails = userDetailsManager.getUserDetails(userId.get());
        if (!userDetails.isPresent()) {
            return new ResetPasswordResult(INVALID_EMAIL_ADDRESS);
        }
        if (!userDetails.get().getEmailAddress().isPresent()) {
            return new ResetPasswordResult(INVALID_EMAIL_ADDRESS);
        }
        if (!userDetails.get().getEmailAddress().get().equalsIgnoreCase(emailAddress)) {
            return new ResetPasswordResult(INVALID_EMAIL_ADDRESS);
        }
        String pwd = IdUtil.getBase62UUID();
        Salt salt = saltProvider.get();
        SaltedPasswordDigest saltedPasswordDigest = passwordDigestAlgorithm.getDigestOfSaltedPassword(pwd, salt);
        authenticationManager.setDigestedPassword(userId.get(), saltedPasswordDigest, salt);
        mailer.sendEmail(userId.get(), emailAddress, pwd, ex -> {
            throw new RuntimeException(ex);
        });
        logger.info("The password for {} has been reset.  " + "An email has been sent to {} that contains the new password.", userId.get().getUserName(), emailAddress);
        return new ResetPasswordResult(SUCCESS);
    } catch (Exception e) {
        logger.error("Could not reset the user password " + "associated with the email " + "address {}.  The following " + "error occurred: {}.", emailAddress, e.getMessage(), e);
        return new ResetPasswordResult(INTERNAL_ERROR);
    }
}

Example 2 with Salt

use of edu.stanford.bmir.protege.web.shared.auth.Salt in project webprotege by protegeproject.

the class GetChapSessionActionHandler method execute.

@Nonnull
@Override
public GetChapSessionResult execute(@Nonnull GetChapSessionAction action, @Nonnull ExecutionContext executionContext) {
    UserId userId = action.getUserId();
    if (userId.isGuest()) {
        logger.info("Attempt at authenticating guest user");
        return new GetChapSessionResult(Optional.empty());
    }
    Optional<Salt> salt = authenticationManager.getSalt(userId);
    if (!salt.isPresent()) {
        logger.info("Attempt to authenticate non-existing user: {}", userId);
        return new GetChapSessionResult(Optional.empty());
    }
    ChapSession challengeMessage = chapSessionManager.getSession(salt.get());
    return new GetChapSessionResult(Optional.of(challengeMessage));
}

Example 3 with Salt

use of edu.stanford.bmir.protege.web.shared.auth.Salt in project webprotege by protegeproject.

the class DigestedPassword_TestCase method shouldGenerateSameDigestedPassword.

@Test
public void shouldGenerateSameDigestedPassword() {
    PasswordDigestAlgorithm passwordDigestAlgorithm = new PasswordDigestAlgorithm(new Md5DigestAlgorithmProvider());
    Salt salt = new Salt(BaseEncoding.base16().lowerCase().decode(SALT));
    SaltedPasswordDigest digest = passwordDigestAlgorithm.getDigestOfSaltedPassword("password", salt);
    assertThat(digest.getBytes(), is(BaseEncoding.base16().lowerCase().decode(DIGESTED_PASSWORD)));
}

Example 4 with Salt

use of edu.stanford.bmir.protege.web.shared.auth.Salt in project webprotege by protegeproject.

the class CreateUserAccountExecutor method execute.

public void execute(UserId userId, EmailAddress emailAddress, String clearTextPassword, DispatchServiceCallback<CreateUserAccountResult> callback) {
    Salt salt = saltProvider.get();
    SaltedPasswordDigest saltedPasswordDigest = passwordDigestAlgorithm.getDigestOfSaltedPassword(clearTextPassword, salt);
    dispatchServiceManager.execute(new CreateUserAccountAction(userId, emailAddress, saltedPasswordDigest, salt), callback);
}

Example 5 with Salt

use of edu.stanford.bmir.protege.web.shared.auth.Salt in project webprotege by protegeproject.

the class UserRecordConverter method fromDocument.

@Override
public UserRecord fromDocument(@Nonnull Document document) {
    String userId = document.getString(USER_ID);
    String realName = document.getString(REAL_NAME);
    String email = orEmptyString(document.getString(EMAIL_ADDRESS));
    String avatar = orEmptyString(document.getString(AVATAR_URL));
    Salt salt = new SaltReadConverter().convert(document.getString(SALT));
    SaltedPasswordDigest password = new SaltedPasswordDigestReadConverter().convert(document.getString(SALTED_PASSWORD_DIGEST));
    return new UserRecord(UserId.getUserId(userId), realName, email, avatar, salt, password);
}