Java Code Examples for org.springframework.security.crypto.bcrypt.BCrypt#checkpw()

The following examples show how to use org.springframework.security.crypto.bcrypt.BCrypt#checkpw() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ChoerodonBcryptPasswordEncoder.java    From oauth-server with Apache License 2.0 6 votes vote down vote up
@Override
public boolean matches(CharSequence rawPassword, String encodedPassword) {
    if (encodedPassword == null || encodedPassword.length() == 0) {
        log.warn("Empty encoded password");
        return false;
    }
    if (BCRYPT_PATTERN.matcher(encodedPassword).matches()) {
        // 匹配不到先加密再匹配
        return BCrypt.checkpw(rawPassword.toString(), encodedPassword);
    } else {
        String ep = this.encode(encodedPassword);
        if (BCRYPT_PATTERN.matcher(this.encode(ep)).matches()) {
            return BCrypt.checkpw(rawPassword.toString(), ep);
        }
        log.warn("Encoded password does not look like BCrypt");
        return false;
    }

}
 
Example 2
Source File: UserDao.java    From atlas with Apache License 2.0 6 votes vote down vote up
private static boolean checkPasswordBCrypt(String password, String encryptedPwd) {
    if (LOG.isDebugEnabled()) {
        LOG.debug("checkPasswordBCrypt()");
    }

    boolean ret = false;

    try {
        ret = BCrypt.checkpw(password, encryptedPwd);
    } catch (Throwable excp) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("checkPasswordBCrypt(): failed", excp);
        }
    }

    return ret;
}
 
Example 3
Source File: ApplicationUserServiceImpl.java    From ReCiter with Apache License 2.0 6 votes vote down vote up
@Override
public boolean authenticateUser(ApplicationUser appUser) {
	if(appUser.getId() != null
			&& !appUser.getId().isEmpty()
			&& appUser.getPassword() != null
			&& !appUser.getPassword().isEmpty()) {
		ApplicationUser validUser = applicationUserRepository.findById(appUser.getId().trim()).orElseGet(null);
		if(validUser == null) {
			return false;
		}
		if(validUser != null) {
			if(BCrypt.checkpw(appUser.getPassword(), validUser.getPassword())) {
				return true;
			}
		}
	}
	return false;
}
 
Example 4
Source File: Encryptor.java    From syncope with Apache License 2.0 6 votes vote down vote up
public boolean verify(final String value, final CipherAlgorithm cipherAlgorithm, final String encoded) {
    boolean verified = false;

    try {
        if (value != null) {
            if (cipherAlgorithm == null || cipherAlgorithm == CipherAlgorithm.AES) {
                verified = encode(value, cipherAlgorithm).equals(encoded);
            } else if (cipherAlgorithm == CipherAlgorithm.BCRYPT) {
                verified = BCrypt.checkpw(value, encoded);
            } else {
                verified = getDigester(cipherAlgorithm).matches(value, encoded);
            }
        }
    } catch (Exception e) {
        LOG.error("Could not verify encoded value", e);
    }

    return verified;
}
 
Example 5
Source File: TomlAuth.java    From besu with Apache License 2.0 5 votes vote down vote up
private void checkPasswordHash(
    final String password,
    final String passwordHash,
    final Handler<AsyncResult<Void>> resultHandler) {
  boolean passwordMatches = BCrypt.checkpw(password, passwordHash);
  if (passwordMatches) {
    resultHandler.handle(Future.succeededFuture());
  } else {
    resultHandler.handle(Future.failedFuture("Invalid password"));
  }
}
 
Example 6
Source File: UserManager.java    From Much-Assembly-Required with GNU General Public License v3.0 5 votes vote down vote up
/**
 * Validate a username/password combo
 * @param username username
 * @param password plain password
 * @return true if combo is valid
 */
public boolean validateUser(String username, String password) {

    Document where = new Document();
    where.put("_id", username);

    Document user = userCollection.find(where).first();
    return user != null && BCrypt.checkpw(password, (String) user.get("password"));
}
 
Example 7
Source File: CustomUserDetailsService.java    From NFVO with Apache License 2.0 5 votes vote down vote up
@Override
public void changePassword(String oldPassword, String newPassword) {
  Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
  String currentUserName = authentication.getName();
  log.debug("Changing password of user: " + currentUserName);
  User user = userRepository.findFirstByUsername(currentUserName);
  if (!BCrypt.checkpw(oldPassword, user.getPassword())) {
    throw new UnauthorizedUserException("Old password is wrong.");
  }
  if (!(authentication instanceof AnonymousAuthenticationToken)) { // TODO is this line needed?
    user.setPassword(BCrypt.hashpw(newPassword, BCrypt.gensalt(12)));
    userRepository.save(user);
    log.debug("Password of user " + currentUserName + " has been changed successfully.");
  }
}
 
Example 8
Source File: CryptoUtil.java    From personal_book_library_web_project with MIT License 4 votes vote down vote up
public static boolean checkPassword(String passwordFromDb, String passwordFromClient) {
	return BCrypt.checkpw(passwordFromDb, passwordFromClient);
}
 
Example 9
Source File: CustomPasswordEncoder.java    From webFluxTemplate with MIT License 4 votes vote down vote up
@Override
public boolean matches(CharSequence rawPassword, String encodedPassword) {
    String decodedString  = new String(Base64.getDecoder().decode(rawPassword.toString()));
    return BCrypt.checkpw(decodedString, encodedPassword);
}
 
Example 10
Source File: StrongPasswordEncoder.java    From vics with MIT License 4 votes vote down vote up
@Override
public boolean matches(CharSequence rawPassword, String encodedPassword) {
    return BCrypt.checkpw(rawPassword.toString(), encodedPassword);
}
 
Example 11
Source File: CustomPasswordEncoder.java    From spring-microservice-boilerplate with MIT License 2 votes vote down vote up
/**
 * Matches raw password and encoded password.
 *
 * @param rawPassword     raw password
 * @param encodedPassword encoded password
 * @return match or not
 */
@Override public boolean matches(CharSequence rawPassword, String encodedPassword) {
  String rawPwd = (String) rawPassword;
  return BCrypt.checkpw(rawPwd, encodedPassword);
}