Examples with Secret io.hops.hopsworks.common.security.utils.Secret used on opensource projects

Example 6 with Secret

use of io.hops.hopsworks.common.security.utils.Secret in project hopsworks by logicalclocks.

the class AuthController method validatePassword.

/**
 * Validates password and update account audit.
 *
 * @param user
 * @param password
 * @return
 */
public boolean validatePassword(Users user, String password) {
    validateUser(user);
    String userPwdHash = user.getPassword();
    Secret secret = new Secret(password, user.getSalt());
    if (!userPwdHash.equals(secret.getSha256HexDigest())) {
        registerFalseLogin(user);
        LOGGER.log(Level.FINEST, "False login attempt by user: {0}", user.getEmail());
        return false;
    }
    resetFalseLogin(user);
    return true;
}

Example 7 with Secret

use of io.hops.hopsworks.common.security.utils.Secret in project hopsworks by logicalclocks.

the class ApiKeyController method createNewKey.

/**
 * Create new key for the give user with the given key name and scopes.
 * @param user
 * @param keyName
 * @param scopes
 * @throws UserException
 * @throws ApiKeyException
 * @return
 */
public String createNewKey(Users user, String keyName, Set<ApiScope> scopes, Boolean reserved) throws UserException, ApiKeyException {
    if (user == null) {
        throw new UserException(RESTCodes.UserErrorCode.USER_WAS_NOT_FOUND, Level.FINE);
    }
    if (keyName == null || keyName.isEmpty()) {
        throw new ApiKeyException(RESTCodes.ApiKeyErrorCode.KEY_NAME_NOT_SPECIFIED, Level.FINE);
    }
    if (keyName.length() > 45) {
        throw new ApiKeyException(RESTCodes.ApiKeyErrorCode.KEY_NAME_NOT_VALID, Level.FINE);
    }
    if (scopes == null || scopes.isEmpty()) {
        throw new ApiKeyException(RESTCodes.ApiKeyErrorCode.KEY_SCOPE_NOT_SPECIFIED, Level.FINE);
    }
    ApiKey apiKey = apiKeyFacade.findByUserAndName(user, keyName);
    if (apiKey != null) {
        throw new ApiKeyException(RESTCodes.ApiKeyErrorCode.KEY_NAME_EXIST, Level.FINE);
    }
    Secret secret = generateApiKey();
    Date date = new Date();
    apiKey = new ApiKey(user, secret.getPrefix(), secret.getSha256HexDigest(), secret.getSalt(), date, date, keyName, reserved);
    List<ApiKeyScope> keyScopes = getKeyScopes(scopes, apiKey);
    apiKey.setApiKeyScopeCollection(keyScopes);
    apiKeyFacade.save(apiKey);
    // run create handlers
    ApiKeyHandler.runApiKeyCreateHandlers(apiKeyHandlers, apiKey);
    sendCreatedEmail(user, keyName, date, scopes);
    return secret.getPrefixPlusSecret();
}

Example 8 with Secret

use of io.hops.hopsworks.common.security.utils.Secret in project hopsworks by logicalclocks.

the class UsersController method changePasswordAsAdmin.

private void changePasswordAsAdmin(Users user, String newPassword) throws UserException {
    try {
        Secret secret = securityUtils.generateSecret(newPassword);
        authController.changeUserPasswordAsAdmin(user, secret);
    } catch (Exception ex) {
        throw new UserException(RESTCodes.UserErrorCode.PASSWORD_RESET_UNSUCCESSFUL, Level.SEVERE, null, ex.getMessage(), ex);
    }
}