Examples with PasswordEncoder org.springframework.security.crypto.password.PasswordEncoder used on opensource projects

Search in sources :

Example 16 with PasswordEncoder

use of org.springframework.security.crypto.password.PasswordEncoder in project spring-security by spring-projects.

the class DaoAuthenticationProviderTests method authenticateWhenSuccessAndPasswordManagerThenUpdates.

@Test
public void authenticateWhenSuccessAndPasswordManagerThenUpdates() {
    String password = "password";
    String encodedPassword = "encoded";
    UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("user", password);
    PasswordEncoder encoder = mock(PasswordEncoder.class);
    UserDetailsService userDetailsService = mock(UserDetailsService.class);
    UserDetailsPasswordService passwordManager = mock(UserDetailsPasswordService.class);
    DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
    provider.setPasswordEncoder(encoder);
    provider.setUserDetailsService(userDetailsService);
    provider.setUserDetailsPasswordService(passwordManager);
    UserDetails user = PasswordEncodedUser.user();
    given(encoder.matches(any(), any())).willReturn(true);
    given(encoder.upgradeEncoding(any())).willReturn(true);
    given(encoder.encode(any())).willReturn(encodedPassword);
    given(userDetailsService.loadUserByUsername(any())).willReturn(user);
    given(passwordManager.updatePassword(any(), any())).willReturn(user);
    Authentication result = provider.authenticate(token);
    verify(encoder).encode(password);
    verify(passwordManager).updatePassword(eq(user), eq(encodedPassword));
}
Also used : UserDetails(org.springframework.security.core.userdetails.UserDetails) BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder) PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder) NoOpPasswordEncoder(org.springframework.security.crypto.password.NoOpPasswordEncoder) Authentication(org.springframework.security.core.Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) UserDetailsService(org.springframework.security.core.userdetails.UserDetailsService) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) UserDetailsPasswordService(org.springframework.security.core.userdetails.UserDetailsPasswordService) Test(org.junit.jupiter.api.Test)

Example 17 with PasswordEncoder

use of org.springframework.security.crypto.password.PasswordEncoder in project spring-security by spring-projects.

the class DaoAuthenticationProviderTests method authenticateWhenNotUpgradeAndPasswordManagerThenNoUpdate.

@Test
public void authenticateWhenNotUpgradeAndPasswordManagerThenNoUpdate() {
    UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("user", "password");
    PasswordEncoder encoder = mock(PasswordEncoder.class);
    UserDetailsService userDetailsService = mock(UserDetailsService.class);
    UserDetailsPasswordService passwordManager = mock(UserDetailsPasswordService.class);
    DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
    provider.setPasswordEncoder(encoder);
    provider.setUserDetailsService(userDetailsService);
    provider.setUserDetailsPasswordService(passwordManager);
    UserDetails user = PasswordEncodedUser.user();
    given(encoder.matches(any(), any())).willReturn(true);
    given(encoder.upgradeEncoding(any())).willReturn(false);
    given(userDetailsService.loadUserByUsername(any())).willReturn(user);
    Authentication result = provider.authenticate(token);
    verifyZeroInteractions(passwordManager);
}
Also used : UserDetails(org.springframework.security.core.userdetails.UserDetails) BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder) PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder) NoOpPasswordEncoder(org.springframework.security.crypto.password.NoOpPasswordEncoder) Authentication(org.springframework.security.core.Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) UserDetailsService(org.springframework.security.core.userdetails.UserDetailsService) UserDetailsPasswordService(org.springframework.security.core.userdetails.UserDetailsPasswordService) Test(org.junit.jupiter.api.Test)

Example 18 with PasswordEncoder

use of org.springframework.security.crypto.password.PasswordEncoder in project spring-security by spring-projects.

the class DaoAuthenticationProviderTests method testUserNotFoundBCryptPasswordEncoder.

@Test
public void testUserNotFoundBCryptPasswordEncoder() {
    UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("missing", "koala");
    PasswordEncoder encoder = new BCryptPasswordEncoder();
    DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
    provider.setHideUserNotFoundExceptions(false);
    provider.setPasswordEncoder(encoder);
    MockUserDetailsServiceUserRod userDetailsService = new MockUserDetailsServiceUserRod();
    userDetailsService.password = encoder.encode((CharSequence) token.getCredentials());
    provider.setUserDetailsService(userDetailsService);
    assertThatExceptionOfType(UsernameNotFoundException.class).isThrownBy(() -> provider.authenticate(token));
}
Also used : UsernameNotFoundException(org.springframework.security.core.userdetails.UsernameNotFoundException) BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder) PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder) NoOpPasswordEncoder(org.springframework.security.crypto.password.NoOpPasswordEncoder) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder) Test(org.junit.jupiter.api.Test)

Example 19 with PasswordEncoder

use of org.springframework.security.crypto.password.PasswordEncoder in project spring-security by spring-projects.

the class DaoAuthenticationProviderTests method authenticateWhenBadCredentialsAndPasswordManagerThenNoUpdate.

@Test
public void authenticateWhenBadCredentialsAndPasswordManagerThenNoUpdate() {
    UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("user", "password");
    PasswordEncoder encoder = mock(PasswordEncoder.class);
    UserDetailsService userDetailsService = mock(UserDetailsService.class);
    UserDetailsPasswordService passwordManager = mock(UserDetailsPasswordService.class);
    DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
    provider.setPasswordEncoder(encoder);
    provider.setUserDetailsService(userDetailsService);
    provider.setUserDetailsPasswordService(passwordManager);
    UserDetails user = PasswordEncodedUser.user();
    given(encoder.matches(any(), any())).willReturn(false);
    given(userDetailsService.loadUserByUsername(any())).willReturn(user);
    assertThatExceptionOfType(BadCredentialsException.class).isThrownBy(() -> provider.authenticate(token));
    verifyZeroInteractions(passwordManager);
}
Also used : UserDetails(org.springframework.security.core.userdetails.UserDetails) BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder) PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder) NoOpPasswordEncoder(org.springframework.security.crypto.password.NoOpPasswordEncoder) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) UserDetailsService(org.springframework.security.core.userdetails.UserDetailsService) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) UserDetailsPasswordService(org.springframework.security.core.userdetails.UserDetailsPasswordService) Test(org.junit.jupiter.api.Test)

Example 20 with PasswordEncoder

use of org.springframework.security.crypto.password.PasswordEncoder in project cas by apereo.

the class AcceptUsersAuthenticationHandlerTests method verifyPasswordTransform.

@Test
public void verifyPasswordTransform() {
    val handler = new AcceptUsersAuthenticationHandler(StringUtils.EMPTY, null, PrincipalFactoryUtils.newPrincipalFactory(), null, Map.of("another", "another"));
    handler.setPasswordEncoder(new PasswordEncoder() {

        @Override
        public String encode(final CharSequence charSequence) {
            return null;
        }

        @Override
        public boolean matches(final CharSequence charSequence, final String s) {
            return true;
        }
    });
    assertThrows(AccountNotFoundException.class, () -> handler.authenticate(CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword("another")));
}
Also used : lombok.val(lombok.val) PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder) Test(org.junit.jupiter.api.Test)

Aggregations

PasswordEncoder (org.springframework.security.crypto.password.PasswordEncoder)44 BCryptPasswordEncoder (org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)24 NoOpPasswordEncoder (org.springframework.security.crypto.password.NoOpPasswordEncoder)10 Test (org.junit.jupiter.api.Test)9 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)7 KeystorePasswordHolder (won.owner.model.KeystorePasswordHolder)7 User (won.owner.model.User)7 SCryptPasswordEncoder (org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)5 HashMap (java.util.HashMap)4 KeystoreHolder (won.owner.model.KeystoreHolder)4 ExpensiveSecureRandomString (won.protocol.util.ExpensiveSecureRandomString)4 IOException (java.io.IOException)3 Test (org.junit.Test)3 DataIntegrityViolationException (org.springframework.dao.DataIntegrityViolationException)3 UserDetails (org.springframework.security.core.userdetails.UserDetails)3 UserDetailsPasswordService (org.springframework.security.core.userdetails.UserDetailsPasswordService)3 UserDetailsService (org.springframework.security.core.userdetails.UserDetailsService)3 UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)3 Pbkdf2PasswordEncoder (org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)3 UserEntity (com.zavada.entity.UserEntity)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial