org.springframework.security.crypto.password.StandardPasswordEncoder Java Examples

The following examples show how to use org.springframework.security.crypto.password.StandardPasswordEncoder. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: PasswordEncoderTest.java    From onetwo with Apache License 2.0 7 votes vote down vote up
@Test
public void testBcrypt(){
	String pwd = "jfish";
	StandardPasswordEncoder def = new StandardPasswordEncoder();
	BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
	
	TimeCounter time = new TimeCounter("sha");
	int times = 1;
	time.start();
	LangOps.ntimesRun(times, ()->{
		def.encode(pwd);
	});
	time.stop();
	
	time.restart("bcrypt");
	LangOps.ntimesRun(times, ()->{
		String str = encoder.encode(pwd);
		System.out.println("BCrypt "+str.length()+":"+str);
	});
	time.stop();
}
 
Example #2
Source File: PasswordEncoderTests.java    From jakduk-api with MIT License 5 votes vote down vote up
@Test
public void 스프링시큐리티_암호_인코딩() {
	String password = passwordEncoder.encode("1111");

	Assert.assertFalse(passwordEncoder.matches("1112", password));
	Assert.assertTrue(passwordEncoder.matches("1111", password));

	DelegatingPasswordEncoder newPasswordEncoder = (DelegatingPasswordEncoder) PasswordEncoderFactories.createDelegatingPasswordEncoder();
	newPasswordEncoder.setDefaultPasswordEncoderForMatches(new StandardPasswordEncoder());
	System.out.println(newPasswordEncoder.encode("1111"));
	Assert.assertTrue(newPasswordEncoder.matches("1111", password));
}
 
Example #3
Source File: INCEpTION.java    From inception with Apache License 2.0 5 votes vote down vote up
@Bean
public PasswordEncoder passwordEncoder()
{
    // Set up a DelegatingPasswordEncoder which decodes legacy passwords using the
    // StandardPasswordEncoder but encodes passwords using the modern BCryptPasswordEncoder 
    String encoderForEncoding = "bcrypt";
    Map<String, PasswordEncoder> encoders = new HashMap<>();
    encoders.put(encoderForEncoding, new BCryptPasswordEncoder());
    DelegatingPasswordEncoder delegatingEncoder = new DelegatingPasswordEncoder(
            encoderForEncoding, encoders);
    // Decode legacy passwords without encoder ID using the StandardPasswordEncoder
    delegatingEncoder.setDefaultPasswordEncoderForMatches(new StandardPasswordEncoder());
    return delegatingEncoder;
}
 
Example #4
Source File: SecurityConfiguration.java    From activiti6-boot2 with Apache License 2.0 5 votes vote down vote up
@Bean
public PasswordEncoder passwordEncoder() {
    if (passwordEncoderOverride != null) {
        return passwordEncoderOverride.createPasswordEncoder();
    }
    
    return new StandardPasswordEncoder();
}
 
Example #5
Source File: WallRideSecurityConfiguration.java    From wallride with Apache License 2.0 5 votes vote down vote up
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
	// @formatter:off
	auth
		.userDetailsService(authorizedUserDetailsService())
		.passwordEncoder(new StandardPasswordEncoder());
	// @formatter:on
}
 
Example #6
Source File: PasswordEncoderTest.java    From web-qq with Apache License 2.0 5 votes vote down vote up
@Test
public void testStandardPasswordEncoder(){
    PasswordEncoder passwordEncoder = new StandardPasswordEncoder("web_qq");
    String password1 = passwordEncoder.encode("12345");
    String password2 = passwordEncoder.encode("mingguobin4");
    System.out.println("password1:"+password1);
    System.out.println("password2:"+password2);
    System.out.println(passwordEncoder.matches("mingguobin4",password1));
}
 
Example #7
Source File: UserService.java    From wallride with Apache License 2.0 5 votes vote down vote up
@CacheEvict(value = WallRideCacheConfiguration.USER_CACHE, allEntries = true)
public User updatePassword(PasswordUpdateRequest request, AuthorizedUser updatedBy) {
	User user = userRepository.findOneForUpdateById(request.getUserId());
	if (user == null) {
		throw new IllegalArgumentException("The user does not exist");
	}
	PasswordEncoder passwordEncoder = new StandardPasswordEncoder();
	user.setLoginPassword(passwordEncoder.encode(request.getPassword()));
	user.setUpdatedAt(LocalDateTime.now());
	user.setUpdatedBy(updatedBy.toString());
	return userRepository.saveAndFlush(user);
}
 
Example #8
Source File: PasswordUpdateController.java    From wallride with Apache License 2.0 5 votes vote down vote up
@RequestMapping(method = RequestMethod.PUT)
public String update(
		@Validated @ModelAttribute(FORM_MODEL_KEY) PasswordUpdateForm form,
		BindingResult errors,
		AuthorizedUser authorizedUser,
		RedirectAttributes redirectAttributes) {
	redirectAttributes.addFlashAttribute(FORM_MODEL_KEY, form);
	redirectAttributes.addFlashAttribute(ERRORS_MODEL_KEY, errors);

	if (!errors.hasFieldErrors("newPassword")) {
		if (!ObjectUtils.nullSafeEquals(form.getNewPassword(), form.getNewPasswordRetype())) {
			errors.rejectValue("newPasswordRetype", "MatchRetype");
		}
	}

	if (!errors.hasErrors()) {
		User user = userService.getUserById(authorizedUser.getId());
		PasswordEncoder passwordEncoder = new StandardPasswordEncoder();
		if (!passwordEncoder.matches(form.getCurrentPassword(), user.getLoginPassword())) {
			errors.rejectValue("currentPassword", "MatchCurrentPassword");
		}
	}

	if (errors.hasErrors()) {
		return "redirect:/settings/password?step.edit";
	}

	PasswordUpdateRequest request = new PasswordUpdateRequest()
			.withUserId(authorizedUser.getId())
			.withPassword(form.getNewPassword());
	userService.updatePassword(request, authorizedUser);

	redirectAttributes.getFlashAttributes().clear();
	redirectAttributes.addFlashAttribute("updatedPassword", true);
	return "redirect:/settings/password";
}
 
Example #9
Source File: WebAnno.java    From webanno with Apache License 2.0 5 votes vote down vote up
@Bean
public PasswordEncoder passwordEncoder()
{
    // Set up a DelegatingPasswordEncoder which decodes legacy passwords using the
    // StandardPasswordEncoder but encodes passwords using the modern BCryptPasswordEncoder 
    String encoderForEncoding = "bcrypt";
    Map<String, PasswordEncoder> encoders = new HashMap<>();
    encoders.put(encoderForEncoding, new BCryptPasswordEncoder());
    DelegatingPasswordEncoder delegatingEncoder = new DelegatingPasswordEncoder(
            encoderForEncoding, encoders);
    // Decode legacy passwords without encoder ID using the StandardPasswordEncoder
    delegatingEncoder.setDefaultPasswordEncoderForMatches(new StandardPasswordEncoder());
    return delegatingEncoder;
}
 
Example #10
Source File: SpringPasswordEncoderTest.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
@Test
public void testSpringPasswordEncoderInstance() {
    PasswordEncoder passwordEncoder = autoWiredIdmIdmEngineConfiguration.getPasswordEncoder();

    autoWiredIdmIdmEngineConfiguration.setPasswordEncoder(new SpringEncoder(new StandardPasswordEncoder()));
    validatePassword();

    autoWiredIdmIdmEngineConfiguration.setPasswordEncoder(passwordEncoder);
}
 
Example #11
Source File: CryptoSha256PasswordEncoderMain.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
public static String encode(String password) {
    StandardPasswordEncoder encoder = new StandardPasswordEncoder();
    String encodedPassword = encoder.encode(password);
    return encodedPassword;
}
 
Example #12
Source File: CryptoSha256PasswordEncoderMain.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
public static String encode(String password) {
    StandardPasswordEncoder encoder = new StandardPasswordEncoder();
    String encodedPassword = encoder.encode(password);
    return encodedPassword;
}
 
Example #13
Source File: CryptoSha256PasswordEncoderMain.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
public static String encode(String password) {
    StandardPasswordEncoder encoder = new StandardPasswordEncoder();
    String encodedPassword = encoder.encode(password);
    return encodedPassword;
}
 
Example #14
Source File: CryptoSha256PasswordEncoderMain.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
public static String encode(String password) {
    StandardPasswordEncoder encoder = new StandardPasswordEncoder();
    String encodedPassword = encoder.encode(password);
    return encodedPassword;
}
 
Example #15
Source File: CryptoSha256PasswordEncoderMain.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
public static String encode(String password) {
    StandardPasswordEncoder encoder = new StandardPasswordEncoder();
    String encodedPassword = encoder.encode(password);
    return encodedPassword;
}
 
Example #16
Source File: PdfEncryptor.java    From website with GNU Affero General Public License v3.0 4 votes vote down vote up
public static String generatedOwnerPassword() {
	PasswordEncoder passwordEncoder = new StandardPasswordEncoder();
	String password = "" + DateTime.now().getMillis(); 
	return passwordEncoder.encode(password);
}
 
Example #17
Source File: SignupService.java    From wallride with Apache License 2.0 4 votes vote down vote up
@CacheEvict(value = WallRideCacheConfiguration.USER_CACHE, allEntries = true)
	public AuthorizedUser signup(SignupRequest request, User.Role role, String token) throws ServiceException {
		UserInvitation invitation = null;
		if (token != null) {
			invitation = userInvitationRepository.findOneForUpdateByToken(token);
			if (invitation == null) {
				throw new HttpForbiddenException();
			}
			if (!validateInvitation(invitation)) {
				throw new HttpForbiddenException();
			}
		}

		User duplicate;
		duplicate = userRepository.findOneByLoginId(request.getLoginId());
		if (duplicate != null) {
			throw new DuplicateLoginIdException(request.getLoginId());
		}
		duplicate = userRepository.findOneByEmail(request.getEmail());
		if (duplicate != null) {
			throw new DuplicateEmailException(request.getEmail());
		}

		LocalDateTime now = LocalDateTime.now();
		if (invitation != null) {
			invitation.setAccepted(true);
			invitation.setAcceptedAt(now);
			userInvitationRepository.saveAndFlush(invitation);
		}

		User user = new User();
		user.setLoginId(request.getLoginId());
		StandardPasswordEncoder passwordEncoder = new StandardPasswordEncoder();
		user.setLoginPassword(passwordEncoder.encode(request.getLoginPassword()));
		user.getName().setFirstName(request.getName().getFirstName());
		user.getName().setLastName(request.getName().getLastName());
		user.setEmail(request.getEmail());
		user.getRoles().add(role);
		user.setCreatedAt(now);
		user.setUpdatedAt(now);
		user = userRepository.saveAndFlush(user);

		AuthorizedUser authorizedUser = new AuthorizedUser(user);
//		Authentication auth = new UsernamePasswordAuthenticationToken(authorizedUser, null, authorizedUser.getAuthorities());
//		SecurityContextHolder.getContext().setAuthentication(auth);

		return authorizedUser;
	}
 
Example #18
Source File: SetupService.java    From wallride with Apache License 2.0 4 votes vote down vote up
@CacheEvict(value = {WallRideCacheConfiguration.USER_CACHE, WallRideCacheConfiguration.BLOG_CACHE}, allEntries = true)
public User setup(SetupRequest request) {
	LocalDateTime now = LocalDateTime.now();

	User user = new User();
	user.setLoginId(request.getLoginId());

	StandardPasswordEncoder passwordEncoder = new StandardPasswordEncoder();
	user.setLoginPassword(passwordEncoder.encode(request.getLoginPassword()));

	user.getName().setFirstName(request.getName().getFirstName());
	user.getName().setLastName(request.getName().getLastName());
	user.setEmail(request.getEmail());

	user.getRoles().add(User.Role.ADMIN);

	user.setCreatedAt(now);
	user.setUpdatedAt(now);

	user = userRepository.saveAndFlush(user);

	Blog blog = new Blog();
	blog.setCode("default");
	blog.setDefaultLanguage(request.getDefaultLanguage());
	blog.setCreatedAt(now);
	blog.setCreatedBy(user.toString());
	blog.setUpdatedAt(now);
	blog.setUpdatedBy(user.toString());

	BlogLanguage defaultLanguage = new BlogLanguage();
	defaultLanguage.setBlog(blog);
	defaultLanguage.setLanguage(request.getDefaultLanguage());
	defaultLanguage.setTitle(request.getWebsiteTitle());
	defaultLanguage.setCreatedAt(now);
	defaultLanguage.setCreatedBy(user.toString());
	defaultLanguage.setUpdatedAt(now);
	defaultLanguage.setUpdatedBy(user.toString());

	Set<BlogLanguage> blogLanguages = new HashSet<>();
	blogLanguages.add(defaultLanguage);

	for (String language : request.getLanguages()) {
		BlogLanguage blogLanguage = new BlogLanguage();
		blogLanguage.setBlog(blog);
		blogLanguage.setLanguage(language);
		blogLanguage.setTitle(request.getWebsiteTitle());
		blogLanguage.setCreatedAt(now);
		blogLanguage.setCreatedBy(user.toString());
		blogLanguage.setUpdatedAt(now);
		blogLanguage.setUpdatedBy(user.toString());

		blogLanguages.add(blogLanguage);
	}
	blog.setLanguages(blogLanguages);

	blogRepository.saveAndFlush(blog);

	return user;
}
 
Example #19
Source File: UserService.java    From wallride with Apache License 2.0 4 votes vote down vote up
@CacheEvict(value = WallRideCacheConfiguration.USER_CACHE, allEntries = true)
public User updatePassword(PasswordUpdateRequest request, PasswordResetToken passwordResetToken) {
	User user = userRepository.findOneForUpdateById(request.getUserId());
	if (user == null) {
		throw new IllegalArgumentException("The user does not exist");
	}
	PasswordEncoder passwordEncoder = new StandardPasswordEncoder();
	user.setLoginPassword(passwordEncoder.encode(request.getPassword()));
	user.setUpdatedAt(LocalDateTime.now());
	user.setUpdatedBy(passwordResetToken.getUser().toString());
	user = userRepository.saveAndFlush(user);

	passwordResetTokenRepository.delete(passwordResetToken);

	try {
		Blog blog = blogService.getBlogById(Blog.DEFAULT_ID);
		String blogTitle = blog.getTitle(LocaleContextHolder.getLocale().getLanguage());

		ServletUriComponentsBuilder builder = ServletUriComponentsBuilder.fromCurrentContextPath();
		if (blog.isMultiLanguage()) {
			builder.path("/{language}");
		}
		builder.path("/login");

		Map<String, Object> urlVariables = new LinkedHashMap<>();
		urlVariables.put("language", request.getLanguage());
		urlVariables.put("token", passwordResetToken.getToken());
		String loginLink = builder.buildAndExpand(urlVariables).toString();

		Context ctx = new Context(LocaleContextHolder.getLocale());
		ctx.setVariable("passwordResetToken", passwordResetToken);
		ctx.setVariable("resetLink", loginLink);

		MimeMessage mimeMessage = mailSender.createMimeMessage();
		MimeMessageHelper message = new MimeMessageHelper(mimeMessage, true, "UTF-8"); // true = multipart
		message.setSubject(MessageFormat.format(
				messageSourceAccessor.getMessage("PasswordChangedSubject", LocaleContextHolder.getLocale()),
				blogTitle));
		message.setFrom(mailProperties.getProperties().get("mail.from"));
		message.setTo(passwordResetToken.getEmail());

		String htmlContent = templateEngine.process("password-changed", ctx);
		message.setText(htmlContent, true); // true = isHtml

		mailSender.send(mimeMessage);
	} catch (MessagingException e) {
		throw new ServiceException(e);
	}

	return user;
}
 
Example #20
Source File: CryptoSha256PasswordEncoderMain.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
public static String encode(String password) {
    StandardPasswordEncoder encoder = new StandardPasswordEncoder();
    String encodedPassword = encoder.encode(password);
    return encodedPassword;
}
 
Example #21
Source File: SecurityConfig.java    From spring-in-action-5-samples with Apache License 2.0 4 votes vote down vote up
@Bean
public PasswordEncoder encoder() {
  return new StandardPasswordEncoder("53cr3t");
}
 
Example #22
Source File: WebSecurityConfig.java    From web-qq with Apache License 2.0 4 votes vote down vote up
@Bean
@Primary
public PasswordEncoder getPasswordEncoder(){
    return new StandardPasswordEncoder(salt);
}
 
Example #23
Source File: AppPasswordEncoder.java    From Spring-5.0-Cookbook with MIT License 4 votes vote down vote up
public String standardEncoder(String password) {
    StandardPasswordEncoder standardPasswordEncoder = new StandardPasswordEncoder();
    String encoded = standardPasswordEncoder.encode(password);
    return encoded;
}
 
Example #24
Source File: AppPasswordEncoder.java    From Spring-5.0-Cookbook with MIT License 4 votes vote down vote up
public String standardEncoder(String password) {
    StandardPasswordEncoder standardPasswordEncoder = new StandardPasswordEncoder();
    String encoded = standardPasswordEncoder.encode(password);
    return encoded;
}
 
Example #25
Source File: UserDetailsAuthenticationProviderImpl.java    From spring-backend-boilerplate with Apache License 2.0 4 votes vote down vote up
protected void doAfterPropertiesSet() throws Exception {
	Assert.notNull(this.userDetailsService, "A UserDetailsService must be set");
	Assert.notNull(this.passwordSaltProvider, "A PasswordSaltProvider must be set");

	passwordEncoder = new StandardPasswordEncoder(passwordSaltProvider.getSalt());
}
 
Example #26
Source File: UserAccountServiceImpl.java    From spring-backend-boilerplate with Apache License 2.0 4 votes vote down vote up
@Override
public void afterPropertiesSet() throws Exception {
	this.passwordEncoder = new StandardPasswordEncoder(accountConfigurationProperties.getSalt());
}
 
Example #27
Source File: CryptoSha256PasswordEncoderMain.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
public static String encode(String password) {
    StandardPasswordEncoder encoder = new StandardPasswordEncoder();
    String encodedPassword = encoder.encode(password);
    return encodedPassword;
}
 
Example #28
Source File: CryptoSha256PasswordEncoderMain.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
public static String encode(String password) {
    StandardPasswordEncoder encoder = new StandardPasswordEncoder();
    String encodedPassword = encoder.encode(password);
    return encodedPassword;
}
 
Example #29
Source File: SecurityConfig.java    From spring-in-action-5-samples with Apache License 2.0 4 votes vote down vote up
@Bean
public PasswordEncoder encoder() {
  return new StandardPasswordEncoder("53cr3t");
}
 
Example #30
Source File: CryptoSha256PasswordEncoderMain.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
public static String encode(String password) {
    StandardPasswordEncoder encoder = new StandardPasswordEncoder();
    String encodedPassword = encoder.encode(password);
    return encodedPassword;
}