Examples with PasswordEncoder org.springframework.security.crypto.password.PasswordEncoder used on opensource projects

Example 26 with PasswordEncoder

use of org.springframework.security.crypto.password.PasswordEncoder in project webofneeds by researchstudio-sat.

the class RestUserController method registerUser.

/**
 * Registers the specified user with password and an opional role.
 * Assumes values have already been checked for syntactic validity.
 * @param email
 * @param password
 * @param role
 * @throws UserAlreadyExistsException
 */
private void registerUser(String email, String password, String role) throws UserAlreadyExistsException {
    User user = userRepository.findByUsername(email);
    if (user != null) {
        throw new UserAlreadyExistsException();
    }
    try {
        PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
        user = new User(email, passwordEncoder.encode(password), role);
        user.setEmail(email);
        KeystorePasswordHolder keystorePassword = new KeystorePasswordHolder();
        // generate a password for the keystore and save it in the database, encrypted with a symmetric key
        // derived from the user's password
        keystorePassword.setPassword(KeystorePasswordUtils.generatePassword(KeystorePasswordUtils.KEYSTORE_PASSWORD_BYTES), password);
        // keystorePassword = keystorePasswordRepository.save(keystorePassword);
        // generate the keystore for the user
        KeystoreHolder keystoreHolder = new KeystoreHolder();
        try {
            // create the keystore if it doesnt exist yet
            keystoreHolder.getKeystore(keystorePassword.getPassword(password));
        } catch (Exception e) {
            throw new IllegalStateException("could not create keystore for user " + email);
        }
        // keystoreHolder = keystoreHolderRepository.save(keystoreHolder);
        user.setKeystorePasswordHolder(keystorePassword);
        user.setKeystoreHolder(keystoreHolder);
        userRepository.save(user);
    } catch (DataIntegrityViolationException e) {
        // username is already in database
        throw new UserAlreadyExistsException();
    }
}

Example 27 with PasswordEncoder

use of org.springframework.security.crypto.password.PasswordEncoder in project pac4j by pac4j.

the class SpringEncoderBuilder method tryCreatePasswordEncoder.

public void tryCreatePasswordEncoder(final Map<String, org.pac4j.core.credentials.password.PasswordEncoder> encoders) {
    for (int i = 0; i <= MAX_NUM_ENCODERS; i++) {
        final String type = getProperty(SPRING_ENCODER_TYPE, i);
        if (isNotBlank(type)) {
            final PasswordEncoder encoder;
            if (SpringEncoderType.NOOP.toString().equalsIgnoreCase(type)) {
                encoder = NoOpPasswordEncoder.getInstance();
            } else if (SpringEncoderType.BCRYPT.toString().equalsIgnoreCase(type)) {
                if (containsProperty(SPRING_ENCODER_BCRYPT_LENGTH, i)) {
                    encoder = new BCryptPasswordEncoder(getPropertyAsInteger(SPRING_ENCODER_BCRYPT_LENGTH, i));
                } else {
                    encoder = new BCryptPasswordEncoder();
                }
            } else if (SpringEncoderType.PBKDF2.toString().equalsIgnoreCase(type)) {
                if (containsProperty(SPRING_ENCODER_PBKDF2_SECRET, i)) {
                    final String secret = getProperty(SPRING_ENCODER_PBKDF2_SECRET, i);
                    if (containsProperty(SPRING_ENCODER_PBKDF2_ITERATIONS, i) && containsProperty(SPRING_ENCODER_PBKDF2_HASH_WIDTH, i)) {
                        encoder = new Pbkdf2PasswordEncoder(secret, getPropertyAsInteger(SPRING_ENCODER_PBKDF2_ITERATIONS, i), getPropertyAsInteger(SPRING_ENCODER_PBKDF2_HASH_WIDTH, i));
                    } else {
                        encoder = new Pbkdf2PasswordEncoder(secret);
                    }
                } else {
                    encoder = new Pbkdf2PasswordEncoder();
                }
            } else if (SpringEncoderType.SCRYPT.toString().equalsIgnoreCase(type)) {
                if (containsProperty(SPRING_ENCODER_SCRYPT_CPU_COST, i) && containsProperty(SPRING_ENCODER_SCRYPT_MEMORY_COST, i) && containsProperty(SPRING_ENCODER_SCRYPT_PARALLELIZATION, i) && containsProperty(SPRING_ENCODER_SCRYPT_KEY_LENGTH, i) && containsProperty(SPRING_ENCODER_SCRYPT_SALT_LENGTH, i)) {
                    encoder = new SCryptPasswordEncoder(getPropertyAsInteger(SPRING_ENCODER_SCRYPT_CPU_COST, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_MEMORY_COST, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_PARALLELIZATION, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_KEY_LENGTH, i), getPropertyAsInteger(SPRING_ENCODER_SCRYPT_SALT_LENGTH, i));
                } else {
                    encoder = new SCryptPasswordEncoder();
                }
            } else if (SpringEncoderType.STANDARD.toString().equalsIgnoreCase(type)) {
                if (containsProperty(SPRING_ENCODER_STANDARD_SECRET, i)) {
                    encoder = new StandardPasswordEncoder(getProperty(SPRING_ENCODER_STANDARD_SECRET, i));
                } else {
                    encoder = new StandardPasswordEncoder();
                }
            } else {
                throw new TechnicalException("Unsupported spring encoder type: " + type);
            }
            encoders.put(concat(SPRING_ENCODER, i), new SpringSecurityPasswordEncoder(encoder));
        }
    }
}

Example 28 with PasswordEncoder

use of org.springframework.security.crypto.password.PasswordEncoder in project vaadin-jsf-integration by alejandro-du.

the class StartupListener method contextInitialized.

/**
 * {@inheritDoc}
 */
@SuppressWarnings("unchecked")
public void contextInitialized(ServletContextEvent event) {
    log.debug("Initializing context...");
    ServletContext context = event.getServletContext();
    // Orion starts Servlets before Listeners, so check if the config
    // object already exists
    Map<String, Object> config = (HashMap<String, Object>) context.getAttribute(Constants.CONFIG);
    if (config == null) {
        config = new HashMap<>();
    }
    ApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(context);
    PasswordEncoder passwordEncoder = null;
    try {
        ProviderManager provider = (ProviderManager) ctx.getBean("org.springframework.security.authentication.ProviderManager#0");
        for (Object o : provider.getProviders()) {
            AuthenticationProvider p = (AuthenticationProvider) o;
            if (p instanceof RememberMeAuthenticationProvider) {
                config.put("rememberMeEnabled", Boolean.TRUE);
            } else if (ctx.getBean("passwordEncoder") != null) {
                passwordEncoder = (PasswordEncoder) ctx.getBean("passwordEncoder");
            }
        }
    } catch (NoSuchBeanDefinitionException n) {
        log.debug("authenticationManager bean not found, assuming test and ignoring...");
    // ignore, should only happen when testing
    }
    context.setAttribute(Constants.CONFIG, config);
    // output the retrieved values for the Init and Context Parameters
    if (log.isDebugEnabled()) {
        log.debug("Remember Me Enabled? " + config.get("rememberMeEnabled"));
        if (passwordEncoder != null) {
            log.debug("Password Encoder: " + passwordEncoder.getClass().getSimpleName());
        }
        log.debug("Populating drop-downs...");
    }
    setupContext(context);
    // Determine version number for CSS and JS Assets
    String appVersion = null;
    try {
        InputStream is = context.getResourceAsStream("/META-INF/MANIFEST.MF");
        if (is == null) {
            log.warn("META-INF/MANIFEST.MF not found.");
        } else {
            Manifest mf = new Manifest();
            mf.read(is);
            Attributes atts = mf.getMainAttributes();
            appVersion = atts.getValue("Implementation-Version");
        }
    } catch (IOException e) {
        log.error("I/O Exception reading manifest: " + e.getMessage());
    }
    // their browser cache.
    if (appVersion == null || appVersion.contains("SNAPSHOT")) {
        appVersion = "" + new Random().nextInt(100000);
    }
    log.info("Application version set to: " + appVersion);
    context.setAttribute(Constants.ASSETS_VERSION, appVersion);
}

Example 29 with PasswordEncoder

use of org.springframework.security.crypto.password.PasswordEncoder in project hub-alert by blackducksoftware.

the class PasswordEncoderSample method testEncodePassword.

@Test
public void testEncodePassword() {
    PasswordEncoder encoder = new BCryptPasswordEncoder(16);
    String encodedString = encoder.encode("replace_me_with_a_password_to_get_encoded_value");
    logger.debug("Encoded String: {}", encodedString);
}

Example 30 with PasswordEncoder

use of org.springframework.security.crypto.password.PasswordEncoder in project webofneeds by researchstudio-sat.

the class UserService method useRecoveryKey.

/**
 * Uses the recoveryKey to unlock the keystore password, then generates a new
 * keystore password and if that all works, changes the user's password and
 * deletes the recovery key.
 */
@Transactional(propagation = Propagation.REQUIRED)
public User useRecoveryKey(String username, String newPassword, String recoveryKey) throws UserNotFoundException, KeyStoreIOException, IncorrectPasswordException {
    logger.debug("using recoery key to reset password for user {}", username);
    PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
    User user = getByUsernameWithKeystorePassword(username);
    if (user == null) {
        throw new UserNotFoundException("cannot change password: user not found");
    }
    KeystorePasswordHolder keystorePasswordHolder = user.getRecoverableKeystorePasswordHolder();
    String oldKeystorePassword = keystorePasswordHolder.getPassword(recoveryKey);
    logger.debug("re-encrypting keystore for user {} with new keystore password", username);
    String newKeystorePassword = changeKeystorePassword(user, oldKeystorePassword);
    user.setKeystorePasswordHolder(keystorePasswordHolder);
    user.getKeystorePasswordHolder().setPassword(newKeystorePassword, newPassword);
    // everything has worked so far, now we can also change the user's password
    user.setPassword(passwordEncoder.encode(newPassword));
    // we delete the recoverable keystore key as it will no longer work
    user.setRecoverableKeystorePasswordHolder(null);
    save(user);
    logger.debug("password changed for user {}", username);
    // persistent logins won't work any more as we changed the keystore password, so
    // let's delete them
    persistentLoginRepository.deleteByUsername(username);
    return user;
}