Search in sources :

Example 1 with HashRequest

use of org.apache.shiro.crypto.hash.HashRequest in project cas by apereo.

the class QueryAndEncodeDatabaseAuthenticationHandler method digestEncodedPassword.

/**
     * Digest encoded password.
     *
     * @param encodedPassword the encoded password
     * @param values          the values retrieved from database
     * @return the digested password
     */
protected String digestEncodedPassword(final String encodedPassword, final Map<String, Object> values) {
    final ConfigurableHashService hashService = new DefaultHashService();
    if (StringUtils.isNotBlank(this.staticSalt)) {
        hashService.setPrivateSalt(ByteSource.Util.bytes(this.staticSalt));
    }
    hashService.setHashAlgorithmName(this.algorithmName);
    Long numOfIterations = this.numberOfIterations;
    if (values.containsKey(this.numberOfIterationsFieldName)) {
        final String longAsStr = values.get(this.numberOfIterationsFieldName).toString();
        numOfIterations = Long.valueOf(longAsStr);
    }
    hashService.setHashIterations(numOfIterations.intValue());
    if (!values.containsKey(this.saltFieldName)) {
        throw new RuntimeException("Specified field name for salt does not exist in the results");
    }
    final String dynaSalt = values.get(this.saltFieldName).toString();
    final HashRequest request = new HashRequest.Builder().setSalt(dynaSalt).setSource(encodedPassword).build();
    return hashService.computeHash(request).toHex();
}
Also used : HashRequest(org.apache.shiro.crypto.hash.HashRequest) DefaultHashService(org.apache.shiro.crypto.hash.DefaultHashService) ConfigurableHashService(org.apache.shiro.crypto.hash.ConfigurableHashService)

Aggregations

ConfigurableHashService (org.apache.shiro.crypto.hash.ConfigurableHashService)1 DefaultHashService (org.apache.shiro.crypto.hash.DefaultHashService)1 HashRequest (org.apache.shiro.crypto.hash.HashRequest)1