Example 26 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project webanno by webanno.
the class WebAnno method passwordEncoder.
// The WebAnno User model class picks this bean up by name!
@Bean
public PasswordEncoder passwordEncoder() {
// Set up a DelegatingPasswordEncoder which decodes legacy passwords using the
// StandardPasswordEncoder but encodes passwords using the modern BCryptPasswordEncoder
String encoderForEncoding = "bcrypt";
Map<String, PasswordEncoder> encoders = new HashMap<>();
encoders.put(encoderForEncoding, new BCryptPasswordEncoder());
DelegatingPasswordEncoder delegatingEncoder = new DelegatingPasswordEncoder(encoderForEncoding, encoders);
// Decode legacy passwords without encoder ID using the StandardPasswordEncoder
delegatingEncoder.setDefaultPasswordEncoderForMatches(new StandardPasswordEncoder());
return delegatingEncoder;
}
Also used :
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
DelegatingPasswordEncoder(org.springframework.security.crypto.password.DelegatingPasswordEncoder)
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
HashMap(java.util.HashMap)
DelegatingPasswordEncoder(org.springframework.security.crypto.password.DelegatingPasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Bean(org.springframework.context.annotation.Bean)
Example 27 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project webofneeds by researchstudio-sat.
the class RestUserController method registerUser.
/**
* Registers the specified user with password and an opional role.
* Assumes values have already been checked for syntactic validity.
* @param email
* @param password
* @param role
* @throws UserAlreadyExistsException
*/
private void registerUser(String email, String password, String role) throws UserAlreadyExistsException {
User user = userRepository.findByUsername(email);
if (user != null) {
throw new UserAlreadyExistsException();
}
try {
PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
user = new User(email, passwordEncoder.encode(password), role);
user.setEmail(email);
KeystorePasswordHolder keystorePassword = new KeystorePasswordHolder();
// generate a password for the keystore and save it in the database, encrypted with a symmetric key
// derived from the user's password
keystorePassword.setPassword(KeystorePasswordUtils.generatePassword(KeystorePasswordUtils.KEYSTORE_PASSWORD_BYTES), password);
// keystorePassword = keystorePasswordRepository.save(keystorePassword);
// generate the keystore for the user
KeystoreHolder keystoreHolder = new KeystoreHolder();
try {
// create the keystore if it doesnt exist yet
keystoreHolder.getKeystore(keystorePassword.getPassword(password));
} catch (Exception e) {
throw new IllegalStateException("could not create keystore for user " + email);
}
// keystoreHolder = keystoreHolderRepository.save(keystoreHolder);
user.setKeystorePasswordHolder(keystorePassword);
user.setKeystoreHolder(keystoreHolder);
userRepository.save(user);
} catch (DataIntegrityViolationException e) {
// username is already in database
throw new UserAlreadyExistsException();
}
}
Also used :
User(won.owner.model.User)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
KeystoreHolder(won.owner.model.KeystoreHolder)
UserAlreadyExistsException(won.owner.service.impl.UserAlreadyExistsException)
KeystorePasswordHolder(won.owner.model.KeystorePasswordHolder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
URISyntaxException(java.net.URISyntaxException)
DataIntegrityViolationException(org.springframework.dao.DataIntegrityViolationException)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
UserAlreadyExistsException(won.owner.service.impl.UserAlreadyExistsException)
DataIntegrityViolationException(org.springframework.dao.DataIntegrityViolationException)
Example 28 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project pac4j by pac4j.
the class SpringEncoderBuilder method tryCreatePasswordEncoder.
public void tryCreatePasswordEncoder(final Map<String, org.pac4j.core.credentials.password.PasswordEncoder> encoders) {
for (int i = 0; i <= MAX_NUM_ENCODERS; i++) {
final String type = getProperty(SPRING_ENCODER_TYPE, i);
if (isNotBlank(type)) {
final PasswordEncoder encoder;
if (SpringEncoderType.NOOP.toString().equalsIgnoreCase(type)) {
encoder = NoOpPasswordEncoder.getInstance();
} else if (SpringEncoderType.BCRYPT.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_BCRYPT_LENGTH, i)) {
encoder = new BCryptPasswordEncoder(getPropertyAsInteger(SPRING_ENCODER_BCRYPT_LENGTH, i));
} else {
encoder = new BCryptPasswordEncoder();
}
} else if (SpringEncoderType.PBKDF2.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_PBKDF2_SECRET, i)) {
final String secret = getProperty(SPRING_ENCODER_PBKDF2_SECRET, i);
if (containsProperty(SPRING_ENCODER_PBKDF2_ITERATIONS, i) && containsProperty(SPRING_ENCODER_PBKDF2_HASH_WIDTH, i)) {
encoder = new Pbkdf2PasswordEncoder(secret, getPropertyAsInteger(SPRING_ENCODER_PBKDF2_ITERATIONS, i), getPropertyAsInteger(SPRING_ENCODER_PBKDF2_HASH_WIDTH, i));
} else {
encoder = new Pbkdf2PasswordEncoder(secret);
}
} else {
encoder = new Pbkdf2PasswordEncoder();
}
} else if (SpringEncoderType.SCRYPT.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_SCRYPT_CPU_COST, i) && containsProperty(SPRING_ENCODER_SCRYPT_MEMORY_COST, i) && containsProperty(SPRING_ENCODER_SCRYPT_PARALLELIZATION, i) && containsProperty(SPRING_ENCODER_SCRYPT_KEY_LENGTH, i) && containsProperty(SPRING_ENCODER_SCRYPT_SALT_LENGTH, i)) {
encoder = new SCryptPasswordEncoder(getPropertyAsInteger(SPRING_ENCODER_SCRYPT_CPU_COST, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_MEMORY_COST, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_PARALLELIZATION, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_KEY_LENGTH, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_SALT_LENGTH, i));
} else {
encoder = new SCryptPasswordEncoder();
}
} else if (SpringEncoderType.STANDARD.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_STANDARD_SECRET, i)) {
encoder = new StandardPasswordEncoder(getProperty(SPRING_ENCODER_STANDARD_SECRET, i));
} else {
encoder = new StandardPasswordEncoder();
}
} else {
throw new TechnicalException("Unsupported spring encoder type: " + type);
}
encoders.put(concat(SPRING_ENCODER, i), new SpringSecurityPasswordEncoder(encoder));
}
}
}
Also used :
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
TechnicalException(org.pac4j.core.exception.TechnicalException)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
Pbkdf2PasswordEncoder(org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)
SpringSecurityPasswordEncoder(org.pac4j.core.credentials.password.SpringSecurityPasswordEncoder)
NoOpPasswordEncoder(org.springframework.security.crypto.password.NoOpPasswordEncoder)
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
SpringSecurityPasswordEncoder(org.pac4j.core.credentials.password.SpringSecurityPasswordEncoder)
Pbkdf2PasswordEncoder(org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Example 29 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project FP-PSP-SERVER by FundacionParaguaya.
the class UserServiceImpl method addUserWithRoleAndApplication.
@Override
public UserDTO addUserWithRoleAndApplication(UserRoleApplicationDTO userRoleApplicationDTO, UserDetailsDTO userDetails) {
userRepository.findOneByUsername(userRoleApplicationDTO.getUsername()).ifPresent(user -> {
throw new CustomParameterizedException("User already exists.", new ImmutableMultimap.Builder<String, String>().put("username", user.getUsername()).build().asMap());
});
UserEntity user = new UserEntity();
user.setUsername(userRoleApplicationDTO.getUsername());
user.setEmail(userRoleApplicationDTO.getEmail());
user.setPass(new BCryptPasswordEncoder().encode(userRoleApplicationDTO.getPass()));
user.setActive(true);
UserEntity newUser = userRepository.save(user);
if (userRoleApplicationDTO.getRole() != null) {
createUserRole(newUser, userRoleApplicationDTO.getRole());
}
if (userRoleApplicationDTO.getOrganizationId() != null) {
createUserOrganization(newUser, userRoleApplicationDTO);
} else if (userRoleApplicationDTO.getApplicationId() != null) {
createUserApplication(newUser, userRoleApplicationDTO);
}
return userMapper.entityToDto(newUser);
}
Also used :
CustomParameterizedException(py.org.fundacionparaguaya.pspserver.common.exceptions.CustomParameterizedException)
UserEntity(py.org.fundacionparaguaya.pspserver.security.entities.UserEntity)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Example 30 with BCryptPasswordEncoder
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project FP-PSP-SERVER by FundacionParaguaya.
the class AuthServerOAuth2Config method main.
public static void main(String[] args) {
// Use this to generate passwords
String password = "";
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
String hashedPassword = passwordEncoder.encode(password);
System.out.println(hashedPassword);
}
Also used :
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Aggregations
BCryptPasswordEncoder (org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)48
PasswordEncoder (org.springframework.security.crypto.password.PasswordEncoder)18
Test (org.junit.jupiter.api.Test)7
KeystorePasswordHolder (won.owner.model.KeystorePasswordHolder)7
User (won.owner.model.User)7
SCryptPasswordEncoder (org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)6
DelegatingPasswordEncoder (org.springframework.security.crypto.password.DelegatingPasswordEncoder)5
NoOpPasswordEncoder (org.springframework.security.crypto.password.NoOpPasswordEncoder)5
Pbkdf2PasswordEncoder (org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)5
StandardPasswordEncoder (org.springframework.security.crypto.password.StandardPasswordEncoder)5
User (com.github.liuweijw.business.admin.domain.User)4
HashMap (java.util.HashMap)4
Transactional (org.springframework.transaction.annotation.Transactional)4
KeystoreHolder (won.owner.model.KeystoreHolder)4
ExpensiveSecureRandomString (won.protocol.util.ExpensiveSecureRandomString)4
PrePermissions (com.github.liuweijw.business.commons.web.aop.PrePermissions)3
Date (java.util.Date)3
lombok.val (lombok.val)3
Bean (org.springframework.context.annotation.Bean)3
DataIntegrityViolationException (org.springframework.dao.DataIntegrityViolationException)3
