use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project mots by motech-implementations.
the class UserService method changeUserPassword.
/**
* Updates user's password.
*
* @param username of user which password is about to change.
* @param newPassword is new password value for user.
* @param currentPassword is current user's password.
*/
public void changeUserPassword(String username, String newPassword, String currentPassword) {
User user = getUserByUserName(username);
if (!passwordsMatch(currentPassword, user.getPassword())) {
throw new IllegalArgumentException("Current password is incorrect.");
}
String newPasswordEncoded = new BCryptPasswordEncoder().encode(newPassword);
user.setPassword(newPasswordEncoded);
userRepository.save(user);
}
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project cas by apereo.
the class QueryDatabaseAuthenticationHandlerTests method verifyBCryptFail.
/**
* This test proves that in case BCRYPT is used authentication using encoded password always fail
* with FailedLoginException
*/
@Test
public void verifyBCryptFail() {
val encoder = new BCryptPasswordEncoder(8, RandomUtils.getNativeInstance());
val sql = SQL.replace("*", '\'' + encoder.encode("pswbc1") + "' password");
val properties = new QueryJdbcAuthenticationProperties().setSql(sql).setFieldPassword(PASSWORD_FIELD);
val q = new QueryDatabaseAuthenticationHandler(properties, null, PrincipalFactoryUtils.newPrincipalFactory(), this.dataSource, new HashMap<>(0));
q.setPasswordEncoder(encoder);
assertThrows(FailedLoginException.class, () -> q.authenticate(CoreAuthenticationTestUtils.getCredentialsWithDifferentUsernameAndPassword("user0", "pswbc1")));
}
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project spring-boot-starter-kit by tripsta.
the class SecurityConfiguration method configure.
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
auth.inMemoryAuthentication().withUser(userRoleUsername).password(encoder.encode(userRolePassword)).roles(ROLE_USER).and().withUser(adminRoleUsername).password(encoder.encode(adminRolePassword)).roles(ROLE_USER, ROLE_ADMIN);
}
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project hub-alert by blackducksoftware.
the class PasswordEncoderSample method testEncodePassword.
@Test
public void testEncodePassword() {
PasswordEncoder encoder = new BCryptPasswordEncoder(16);
String encodedString = encoder.encode("replace_me_with_a_password_to_get_encoded_value");
logger.debug("Encoded String: {}", encodedString);
}
use of org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder in project CzechIdMng by bcvsolutions.
the class DefaultIdmPasswordHistoryService method checkHistory.
@Override
public boolean checkHistory(UUID identityId, int countOfIteration, GuardedString newPassword) {
Assert.notNull(identityId, "Identity id can't be null.");
Assert.notNull(newPassword, "New password can't be null.");
//
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(12);
//
for (IdmPasswordHistoryDto passwordHistory : getPasswordHistoryForIdentity(identityId, countOfIteration)) {
boolean matches = encoder.matches(newPassword.asString(), passwordHistory.getPassword());
if (matches) {
return true;
}
}
return false;
}
Aggregations