Example 1 with PasswordEncoder
use of org.springframework.security.crypto.password.PasswordEncoder in project cas by apereo.
the class Beans method newPasswordEncoder.
/**
* New password encoder password encoder.
*
* @param properties the properties
* @return the password encoder
*/
public static PasswordEncoder newPasswordEncoder(final PasswordEncoderProperties properties) {
final String type = properties.getType();
if (StringUtils.isBlank(type)) {
LOGGER.debug("No password encoder type is defined, and so none shall be created");
return NoOpPasswordEncoder.getInstance();
}
if (type.contains(".")) {
try {
LOGGER.debug("Configuration indicates use of a custom password encoder [{}]", type);
final Class<PasswordEncoder> clazz = (Class<PasswordEncoder>) Class.forName(type);
return clazz.newInstance();
} catch (final Exception e) {
LOGGER.error("Falling back to a no-op password encoder as CAS has failed to create " + "an instance of the custom password encoder class " + type, e);
return NoOpPasswordEncoder.getInstance();
}
}
final PasswordEncoderProperties.PasswordEncoderTypes encoderType = PasswordEncoderProperties.PasswordEncoderTypes.valueOf(type);
switch(encoderType) {
case DEFAULT:
LOGGER.debug("Creating default password encoder with encoding alg [{}] and character encoding [{}]", properties.getEncodingAlgorithm(), properties.getCharacterEncoding());
return new DefaultPasswordEncoder(properties.getEncodingAlgorithm(), properties.getCharacterEncoding());
case STANDARD:
LOGGER.debug("Creating standard password encoder with the secret defined in the configuration");
return new StandardPasswordEncoder(properties.getSecret());
case BCRYPT:
LOGGER.debug("Creating BCRYPT password encoder given the strength [{}] and secret in the configuration", properties.getStrength());
if (StringUtils.isBlank(properties.getSecret())) {
LOGGER.debug("Creating BCRYPT encoder without secret");
return new BCryptPasswordEncoder(properties.getStrength());
}
LOGGER.debug("Creating BCRYPT encoder with secret");
return new BCryptPasswordEncoder(properties.getStrength(), new SecureRandom(properties.getSecret().getBytes(StandardCharsets.UTF_8)));
case SCRYPT:
LOGGER.debug("Creating SCRYPT encoder");
return new SCryptPasswordEncoder();
case PBKDF2:
if (StringUtils.isBlank(properties.getSecret())) {
LOGGER.debug("Creating PBKDF2 encoder without secret");
return new Pbkdf2PasswordEncoder();
}
final int hashWidth = 256;
return new Pbkdf2PasswordEncoder(properties.getSecret(), properties.getStrength(), hashWidth);
case NONE:
default:
LOGGER.debug("No password encoder shall be created given the requested encoder type [{}]", type);
return NoOpPasswordEncoder.getInstance();
}
}
Also used :
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
DefaultPasswordEncoder(org.apereo.cas.util.crypto.DefaultPasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
Pbkdf2PasswordEncoder(org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)
NoOpPasswordEncoder(org.springframework.security.crypto.password.NoOpPasswordEncoder)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
SecureRandom(java.security.SecureRandom)
Pbkdf2PasswordEncoder(org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)
BeanCreationException(org.springframework.beans.factory.BeanCreationException)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
PasswordEncoderProperties(org.apereo.cas.configuration.model.core.authentication.PasswordEncoderProperties)
DefaultPasswordEncoder(org.apereo.cas.util.crypto.DefaultPasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Example 2 with PasswordEncoder
use of org.springframework.security.crypto.password.PasswordEncoder in project spring-security-oauth by spring-projects.
the class JdbcClientDetailsServiceTests method testUpdateClientSecret.
@Test
public void testUpdateClientSecret() {
BaseClientDetails clientDetails = new BaseClientDetails();
clientDetails.setClientId("newClientIdWithNoDetails");
service.setPasswordEncoder(new PasswordEncoder() {
public boolean matches(CharSequence rawPassword, String encodedPassword) {
return true;
}
public String encode(CharSequence rawPassword) {
return "BAR";
}
});
service.addClientDetails(clientDetails);
service.updateClientSecret(clientDetails.getClientId(), "foo");
Map<String, Object> map = jdbcTemplate.queryForMap(SELECT_SQL, "newClientIdWithNoDetails");
assertEquals("newClientIdWithNoDetails", map.get("client_id"));
assertTrue(map.containsKey("client_secret"));
assertEquals("BAR", map.get("client_secret"));
}
Also used :
BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
Test(org.junit.Test)
Example 3 with PasswordEncoder
use of org.springframework.security.crypto.password.PasswordEncoder in project vft-capture by videofirst.
the class VftCapture method checkCreatePassword.
/**
* Create password if first command arg is `-pwd`.
*/
private static void checkCreatePassword(String[] args) {
// Check to see if we're trying to change password
if ((args.length == 1 || args.length == 2) && "-pwd".equals(args[0])) {
System.out.println("=====================");
System.out.println("VFT CAPTURE - ENCODER");
System.out.println("=====================");
PasswordEncoder passwordEncoder = new BCryptPasswordEncoder(SecurityConfiguration.BCRYPT_STRENGTH);
if (args.length == 2) {
System.out.println("\nEncoded output [ " + passwordEncoder.encode(args[1]) + " ]\n");
System.exit(0);
}
while (true) {
try {
System.out.print("\nPlease enter password (or q to exit): - ");
System.out.flush();
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
String input = br.readLine();
if ("q".equalsIgnoreCase(input)) {
System.exit(0);
}
System.out.println("\nEncoded output [ " + passwordEncoder.encode(input) + " ]\n");
} catch (IOException e) {
System.out.println("Error reading line " + e.getMessage());
}
}
}
}
Also used :
InputStreamReader(java.io.InputStreamReader)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
BufferedReader(java.io.BufferedReader)
IOException(java.io.IOException)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Example 4 with PasswordEncoder
use of org.springframework.security.crypto.password.PasswordEncoder in project cas by apereo.
the class JdbcPasswordManagementService method changeInternal.
@Override
public boolean changeInternal(final Credential credential, final PasswordChangeBean bean) {
final UsernamePasswordCredential c = (UsernamePasswordCredential) credential;
final PasswordEncoder encoder = PasswordEncoderUtils.newPasswordEncoder(properties.getJdbc().getPasswordEncoder());
final String password = encoder.encode(bean.getPassword());
final int count = this.jdbcTemplate.update(properties.getJdbc().getSqlChangePassword(), password, c.getId());
return count > 0;
}
Also used :
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
UsernamePasswordCredential(org.apereo.cas.authentication.UsernamePasswordCredential)
Example 5 with PasswordEncoder
use of org.springframework.security.crypto.password.PasswordEncoder in project Logos_Materials_October_2017 by VolodymyrZavada.
the class SpringBootConsulttionTestProjectApplication method addAdmin.
static void addAdmin(ConfigurableApplicationContext context) {
String adminEmail = "admin@gmail.com";
String adminPassword = "123";
UserRepository userRepository = context.getBean(UserRepository.class);
UserEntity entity = userRepository.findUserByEmail(adminEmail);
if (entity == null) {
PasswordEncoder encoder = context.getBean(PasswordEncoder.class);
entity = new UserEntity();
entity.setEmail(adminEmail);
entity.setPassword(encoder.encode(adminPassword));
entity.setRole(Role.ROLE_ADMIN);
userRepository.save(entity);
}
}
Also used :
UserRepository(com.zavada.repository.UserRepository)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
UserEntity(com.zavada.entity.UserEntity)
Aggregations
PasswordEncoder (org.springframework.security.crypto.password.PasswordEncoder)31
BCryptPasswordEncoder (org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)17
NoOpPasswordEncoder (org.springframework.security.crypto.password.NoOpPasswordEncoder)10
Test (org.junit.jupiter.api.Test)9
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)7
UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)4
SCryptPasswordEncoder (org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)4
IOException (java.io.IOException)3
HashMap (java.util.HashMap)3
NoSuchBeanDefinitionException (org.springframework.beans.factory.NoSuchBeanDefinitionException)3
UserDetails (org.springframework.security.core.userdetails.UserDetails)3
UserDetailsPasswordService (org.springframework.security.core.userdetails.UserDetailsPasswordService)3
UserDetailsService (org.springframework.security.core.userdetails.UserDetailsService)3
StandardPasswordEncoder (org.springframework.security.crypto.password.StandardPasswordEncoder)3
UserEntity (com.zavada.entity.UserEntity)2
UserRepository (com.zavada.repository.UserRepository)2
BufferedReader (java.io.BufferedReader)2
InputStreamReader (java.io.InputStreamReader)2
SecureRandom (java.security.SecureRandom)2
PostConstruct (javax.annotation.PostConstruct)2
