Example 31 with PasswordEncoder
use of org.springframework.security.crypto.password.PasswordEncoder in project webofneeds by researchstudio-sat.
the class UserService method transferUser.
/**
* Transfers the specific user to a non existant new user with password and an
* optional role.
*
* @param newEmail
* @param newPassword
* @param privateUsername
* @param privatePassword
* @param role
* @throws UserAlreadyExistsException when the new User already exists
* @throws won.owner.service.impl.UserNotFoundException when the private User is
* not found
*/
public User transferUser(String newEmail, String newPassword, String privateUsername, String privatePassword, String role) throws UserAlreadyExistsException, UserNotFoundException {
User user = getByUsername(newEmail);
if (user != null) {
throw new UserAlreadyExistsException();
}
try {
PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
User privateUser = getByUsernameWithKeystorePassword(privateUsername);
if (privateUser == null) {
throw new UserNotFoundException();
}
// change the username/email and keystorpw holder
privateUser.setUsername(newEmail);
privateUser.setPassword(passwordEncoder.encode(newPassword));
privateUser.setEmail(newEmail);
privateUser.setEmailVerified(false);
privateUser.setPrivateId(null);
// transfer only available when flag is set therefore we can
privateUser.setAcceptedTermsOfService(true);
// this to true (i think)
if (role != null) {
privateUser.setRole(role);
}
KeystorePasswordHolder privateKeystorePassword = privateUser.getKeystorePasswordHolder();
String keystorePassword = privateKeystorePassword.getPassword(privatePassword);
// ************************************************
KeystorePasswordHolder newKeystorePassword = new KeystorePasswordHolder();
// generate a newPassword for the keystore and save it in the database,
// encrypted with a symmetric key
// derived from the user's new password
newKeystorePassword.setPassword(keystorePassword, newPassword);
privateUser.setKeystorePasswordHolder(newKeystorePassword);
// we delete the recoverable keystore key as it will no longer work
privateUser.setRecoverableKeystorePasswordHolder(null);
save(privateUser);
return privateUser;
} catch (DataIntegrityViolationException e) {
throw new UserAlreadyExistsException();
}
}
Also used :
User(won.owner.model.User)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
ExpensiveSecureRandomString(won.protocol.util.ExpensiveSecureRandomString)
KeystorePasswordHolder(won.owner.model.KeystorePasswordHolder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
DataIntegrityViolationException(org.springframework.dao.DataIntegrityViolationException)
Example 32 with PasswordEncoder
use of org.springframework.security.crypto.password.PasswordEncoder in project webofneeds by researchstudio-sat.
the class OwnerPersistenceTest method createUserWithAtom.
private void createUserWithAtom(URI atomUri, String email) {
UserAtom a = new UserAtom();
a.setUri(atomUri);
a = userAtomRepository.save(a);
String password = "password";
String role = "SOMEROLE";
PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
User user = new User(email, passwordEncoder.encode(password), role);
user.setEmail(email);
// transfer only available when flag is set therefore we can just set
user.setAcceptedTermsOfService(true);
// this
// to true (i think)
KeystorePasswordHolder keystorePassword = new KeystorePasswordHolder();
// generate a password for the keystore and save it in the database, encrypted
// with a symmetric key
// derived from the user's password
keystorePassword.setPassword(KeystorePasswordUtils.generatePassword(KeystorePasswordUtils.KEYSTORE_PASSWORD_BYTES), password);
// keystorePassword = keystorePasswordRepository.save(keystorePassword);
// generate the keystore for the user
KeystoreHolder keystoreHolder = new KeystoreHolder();
try {
// create the keystore if it doesnt exist yet
keystoreHolder.getKeystore(keystorePassword.getPassword(password));
} catch (Exception e) {
throw new IllegalStateException("could not create keystore for user " + email);
}
// keystoreHolder = keystoreHolderRepository.save(keystoreHolder);
user.setKeystorePasswordHolder(keystorePassword);
user.setKeystoreHolder(keystoreHolder);
user = userRepository.save(user);
user.addUserAtom(a);
user = userRepository.save(user);
}
Also used :
UserAtom(won.owner.model.UserAtom)
User(won.owner.model.User)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
KeystoreHolder(won.owner.model.KeystoreHolder)
KeystorePasswordHolder(won.owner.model.KeystorePasswordHolder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
DataIntegrityViolationException(org.springframework.dao.DataIntegrityViolationException)
Example 33 with PasswordEncoder
use of org.springframework.security.crypto.password.PasswordEncoder in project Activiti by Activiti.
the class DemoApplicationConfiguration method myUserDetailsService.
@Bean
public UserDetailsService myUserDetailsService() {
InMemoryUserDetailsManager inMemoryUserDetailsManager = new InMemoryUserDetailsManager();
String[][] usersGroupsAndRoles = { { "bob", "password", "ROLE_ACTIVITI_USER", "GROUP_activitiTeam" }, { "john", "password", "ROLE_ACTIVITI_USER", "GROUP_activitiTeam" }, { "hannah", "password", "ROLE_ACTIVITI_USER", "GROUP_activitiTeam" }, { "other", "password", "ROLE_ACTIVITI_USER", "GROUP_otherTeam" }, { "admin", "password", "ROLE_ACTIVITI_ADMIN" } };
for (String[] user : usersGroupsAndRoles) {
List<String> authoritiesStrings = asList(Arrays.copyOfRange(user, 2, user.length));
logger.info("> Registering new user: " + user[0] + " with the following Authorities[" + authoritiesStrings + "]");
inMemoryUserDetailsManager.createUser(new User(user[0], passwordEncoder().encode(user[1]), authoritiesStrings.stream().map(s -> new SimpleGrantedAuthority(s)).collect(Collectors.toList())));
}
return inMemoryUserDetailsManager;
}
Also used :
Arrays(java.util.Arrays)
Logger(org.slf4j.Logger)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
LoggerFactory(org.slf4j.LoggerFactory)
UserDetailsService(org.springframework.security.core.userdetails.UserDetailsService)
Autowired(org.springframework.beans.factory.annotation.Autowired)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
User(org.springframework.security.core.userdetails.User)
HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity)
Collectors(java.util.stream.Collectors)
Configuration(org.springframework.context.annotation.Configuration)
WebSecurityConfigurerAdapter(org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter)
AuthenticationManagerBuilder(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder)
List(java.util.List)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
EnableWebSecurity(org.springframework.security.config.annotation.web.configuration.EnableWebSecurity)
InMemoryUserDetailsManager(org.springframework.security.provisioning.InMemoryUserDetailsManager)
Arrays.asList(java.util.Arrays.asList)
Bean(org.springframework.context.annotation.Bean)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
User(org.springframework.security.core.userdetails.User)
InMemoryUserDetailsManager(org.springframework.security.provisioning.InMemoryUserDetailsManager)
Bean(org.springframework.context.annotation.Bean)
Example 34 with PasswordEncoder
use of org.springframework.security.crypto.password.PasswordEncoder in project tutorials by eugenp.
the class PasswordStorageWebSecurityConfigurer method passwordEncoder.
@Bean
public PasswordEncoder passwordEncoder() {
// set up the list of supported encoders and their prefixes
PasswordEncoder defaultEncoder = new StandardPasswordEncoder();
Map<String, PasswordEncoder> encoders = new HashMap<>();
encoders.put("bcrypt", new BCryptPasswordEncoder());
encoders.put("scrypt", new SCryptPasswordEncoder());
encoders.put("noop", NoOpPasswordEncoder.getInstance());
DelegatingPasswordEncoder passwordEncoder = new DelegatingPasswordEncoder("bcrypt", encoders);
passwordEncoder.setDefaultPasswordEncoderForMatches(defaultEncoder);
return passwordEncoder;
}
Also used :
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
DelegatingPasswordEncoder(org.springframework.security.crypto.password.DelegatingPasswordEncoder)
StandardPasswordEncoder(org.springframework.security.crypto.password.StandardPasswordEncoder)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
NoOpPasswordEncoder(org.springframework.security.crypto.password.NoOpPasswordEncoder)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
HashMap(java.util.HashMap)
SCryptPasswordEncoder(org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)
DelegatingPasswordEncoder(org.springframework.security.crypto.password.DelegatingPasswordEncoder)
BCryptPasswordEncoder(org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)
Bean(org.springframework.context.annotation.Bean)
Example 35 with PasswordEncoder
use of org.springframework.security.crypto.password.PasswordEncoder in project irida by phac-nml.
the class UserServiceImplTest method setUp.
@Before
public void setUp() {
validator = mock(Validator.class);
userRepository = mock(UserRepository.class);
passwordEncoder = mock(PasswordEncoder.class);
pujRepository = mock(ProjectUserJoinRepository.class);
userService = new UserServiceImpl(userRepository, pujRepository, passwordEncoder, validator);
}
Also used :
UserRepository(ca.corefacility.bioinformatics.irida.repositories.user.UserRepository)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
UserServiceImpl(ca.corefacility.bioinformatics.irida.service.impl.user.UserServiceImpl)
ProjectUserJoinRepository(ca.corefacility.bioinformatics.irida.repositories.joins.project.ProjectUserJoinRepository)
Validator(javax.validation.Validator)
Before(org.junit.Before)
Aggregations
PasswordEncoder (org.springframework.security.crypto.password.PasswordEncoder)44
BCryptPasswordEncoder (org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder)24
NoOpPasswordEncoder (org.springframework.security.crypto.password.NoOpPasswordEncoder)10
Test (org.junit.jupiter.api.Test)9
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)7
KeystorePasswordHolder (won.owner.model.KeystorePasswordHolder)7
User (won.owner.model.User)7
SCryptPasswordEncoder (org.springframework.security.crypto.scrypt.SCryptPasswordEncoder)5
HashMap (java.util.HashMap)4
KeystoreHolder (won.owner.model.KeystoreHolder)4
ExpensiveSecureRandomString (won.protocol.util.ExpensiveSecureRandomString)4
IOException (java.io.IOException)3
Test (org.junit.Test)3
DataIntegrityViolationException (org.springframework.dao.DataIntegrityViolationException)3
UserDetails (org.springframework.security.core.userdetails.UserDetails)3
UserDetailsPasswordService (org.springframework.security.core.userdetails.UserDetailsPasswordService)3
UserDetailsService (org.springframework.security.core.userdetails.UserDetailsService)3
UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)3
Pbkdf2PasswordEncoder (org.springframework.security.crypto.password.Pbkdf2PasswordEncoder)3
UserEntity (com.zavada.entity.UserEntity)2
