use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project webanno by webanno.
the class WebAnno method passwordEncoder.
// The WebAnno User model class picks this bean up by name!
@Bean
public PasswordEncoder passwordEncoder() {
// Set up a DelegatingPasswordEncoder which decodes legacy passwords using the
// StandardPasswordEncoder but encodes passwords using the modern BCryptPasswordEncoder
String encoderForEncoding = "bcrypt";
Map<String, PasswordEncoder> encoders = new HashMap<>();
encoders.put(encoderForEncoding, new BCryptPasswordEncoder());
DelegatingPasswordEncoder delegatingEncoder = new DelegatingPasswordEncoder(encoderForEncoding, encoders);
// Decode legacy passwords without encoder ID using the StandardPasswordEncoder
delegatingEncoder.setDefaultPasswordEncoderForMatches(new StandardPasswordEncoder());
return delegatingEncoder;
}
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project webofneeds by researchstudio-sat.
the class RestUserController method registerUser.
/**
* Registers the specified user with password and an opional role.
* Assumes values have already been checked for syntactic validity.
* @param email
* @param password
* @param role
* @throws UserAlreadyExistsException
*/
private void registerUser(String email, String password, String role) throws UserAlreadyExistsException {
User user = userRepository.findByUsername(email);
if (user != null) {
throw new UserAlreadyExistsException();
}
try {
PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
user = new User(email, passwordEncoder.encode(password), role);
user.setEmail(email);
KeystorePasswordHolder keystorePassword = new KeystorePasswordHolder();
// generate a password for the keystore and save it in the database, encrypted with a symmetric key
// derived from the user's password
keystorePassword.setPassword(KeystorePasswordUtils.generatePassword(KeystorePasswordUtils.KEYSTORE_PASSWORD_BYTES), password);
// keystorePassword = keystorePasswordRepository.save(keystorePassword);
// generate the keystore for the user
KeystoreHolder keystoreHolder = new KeystoreHolder();
try {
// create the keystore if it doesnt exist yet
keystoreHolder.getKeystore(keystorePassword.getPassword(password));
} catch (Exception e) {
throw new IllegalStateException("could not create keystore for user " + email);
}
// keystoreHolder = keystoreHolderRepository.save(keystoreHolder);
user.setKeystorePasswordHolder(keystorePassword);
user.setKeystoreHolder(keystoreHolder);
userRepository.save(user);
} catch (DataIntegrityViolationException e) {
// username is already in database
throw new UserAlreadyExistsException();
}
}
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project pac4j by pac4j.
the class SpringEncoderBuilder method tryCreatePasswordEncoder.
public void tryCreatePasswordEncoder(final Map<String, org.pac4j.core.credentials.password.PasswordEncoder> encoders) {
for (int i = 0; i <= MAX_NUM_ENCODERS; i++) {
final String type = getProperty(SPRING_ENCODER_TYPE, i);
if (isNotBlank(type)) {
final PasswordEncoder encoder;
if (SpringEncoderType.NOOP.toString().equalsIgnoreCase(type)) {
encoder = NoOpPasswordEncoder.getInstance();
} else if (SpringEncoderType.BCRYPT.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_BCRYPT_LENGTH, i)) {
encoder = new BCryptPasswordEncoder(getPropertyAsInteger(SPRING_ENCODER_BCRYPT_LENGTH, i));
} else {
encoder = new BCryptPasswordEncoder();
}
} else if (SpringEncoderType.PBKDF2.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_PBKDF2_SECRET, i)) {
final String secret = getProperty(SPRING_ENCODER_PBKDF2_SECRET, i);
if (containsProperty(SPRING_ENCODER_PBKDF2_ITERATIONS, i) && containsProperty(SPRING_ENCODER_PBKDF2_HASH_WIDTH, i)) {
encoder = new Pbkdf2PasswordEncoder(secret, getPropertyAsInteger(SPRING_ENCODER_PBKDF2_ITERATIONS, i), getPropertyAsInteger(SPRING_ENCODER_PBKDF2_HASH_WIDTH, i));
} else {
encoder = new Pbkdf2PasswordEncoder(secret);
}
} else {
encoder = new Pbkdf2PasswordEncoder();
}
} else if (SpringEncoderType.SCRYPT.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_SCRYPT_CPU_COST, i) && containsProperty(SPRING_ENCODER_SCRYPT_MEMORY_COST, i) && containsProperty(SPRING_ENCODER_SCRYPT_PARALLELIZATION, i) && containsProperty(SPRING_ENCODER_SCRYPT_KEY_LENGTH, i) && containsProperty(SPRING_ENCODER_SCRYPT_SALT_LENGTH, i)) {
encoder = new SCryptPasswordEncoder(getPropertyAsInteger(SPRING_ENCODER_SCRYPT_CPU_COST, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_MEMORY_COST, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_PARALLELIZATION, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_KEY_LENGTH, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_SALT_LENGTH, i));
} else {
encoder = new SCryptPasswordEncoder();
}
} else if (SpringEncoderType.STANDARD.toString().equalsIgnoreCase(type)) {
if (containsProperty(SPRING_ENCODER_STANDARD_SECRET, i)) {
encoder = new StandardPasswordEncoder(getProperty(SPRING_ENCODER_STANDARD_SECRET, i));
} else {
encoder = new StandardPasswordEncoder();
}
} else {
throw new TechnicalException("Unsupported spring encoder type: " + type);
}
encoders.put(concat(SPRING_ENCODER, i), new SpringSecurityPasswordEncoder(encoder));
}
}
}
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project FP-PSP-SERVER by FundacionParaguaya.
the class UserServiceImpl method addUserWithRoleAndApplication.
@Override
public UserDTO addUserWithRoleAndApplication(UserRoleApplicationDTO userRoleApplicationDTO, UserDetailsDTO userDetails) {
userRepository.findOneByUsername(userRoleApplicationDTO.getUsername()).ifPresent(user -> {
throw new CustomParameterizedException("User already exists.", new ImmutableMultimap.Builder<String, String>().put("username", user.getUsername()).build().asMap());
});
UserEntity user = new UserEntity();
user.setUsername(userRoleApplicationDTO.getUsername());
user.setEmail(userRoleApplicationDTO.getEmail());
user.setPass(new BCryptPasswordEncoder().encode(userRoleApplicationDTO.getPass()));
user.setActive(true);
UserEntity newUser = userRepository.save(user);
if (userRoleApplicationDTO.getRole() != null) {
createUserRole(newUser, userRoleApplicationDTO.getRole());
}
if (userRoleApplicationDTO.getOrganizationId() != null) {
createUserOrganization(newUser, userRoleApplicationDTO);
} else if (userRoleApplicationDTO.getApplicationId() != null) {
createUserApplication(newUser, userRoleApplicationDTO);
}
return userMapper.entityToDto(newUser);
}
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project FP-PSP-SERVER by FundacionParaguaya.
the class AuthServerOAuth2Config method main.
public static void main(String[] args) {
// Use this to generate passwords
String password = "";
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
String hashedPassword = passwordEncoder.encode(password);
System.out.println(hashedPassword);
}
Aggregations