org.springframework.security.crypto.password.DelegatingPasswordEncoder Java Examples

The following examples show how to use org.springframework.security.crypto.password.DelegatingPasswordEncoder. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: PasswordEncoderFactory.java    From authmore-framework with Apache License 2.0 6 votes vote down vote up
@SuppressWarnings("deprecation")
public static PasswordEncoder createDelegatingPasswordEncoder() {
    String encodingId = "pbkdf2";
    Map<String, PasswordEncoder> encoders = new HashMap<>();
    encoders.put(encodingId, new BCryptPasswordEncoder());
    encoders.put("ldap", new org.springframework.security.crypto.password.LdapShaPasswordEncoder());
    encoders.put("MD4", new org.springframework.security.crypto.password.Md4PasswordEncoder());
    encoders.put("MD5", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("MD5"));
    encoders.put("noop", org.springframework.security.crypto.password.NoOpPasswordEncoder.getInstance());
    encoders.put("pbkdf2", new Pbkdf2PasswordEncoder());
    encoders.put("scrypt", new SCryptPasswordEncoder());
    encoders.put("SHA-1", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1"));
    encoders.put("SHA-256", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256"));
    encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder());

    return new DelegatingPasswordEncoder(encodingId, encoders);
}
 
Example #2
Source File: SimpleUserDetailsServiceTest.java    From Spring with Apache License 2.0 6 votes vote down vote up
@Test
@SuppressWarnings("unchecked")
public void encode() throws Exception {
	String encodedPassword = this.passwordEncoder.encode("password");
	Assert.assertTrue(this.passwordEncoder.matches("password", encodedPassword));

	// is the ID in the encoded PW?
	Field idForEncode = fieldFor(DelegatingPasswordEncoder.class, "idForEncode");
	String id = String.class.cast(idForEncode.get(this.passwordEncoder));
	Assert.assertTrue(encodedPassword.contains(id));

	// is the default PasswordEncoder BCrypt?
	Field pwEncoderMapField = fieldFor(DelegatingPasswordEncoder.class,
			"idToPasswordEncoder");
	Map<String, PasswordEncoder> pwEncoderMap = (Map<String, PasswordEncoder>) pwEncoderMapField
			.get(this.passwordEncoder);
	Assert.assertTrue(pwEncoderMap.get(id) instanceof BCryptPasswordEncoder);
}
 
Example #3
Source File: GlobalSecurityConfig.java    From airsonic with GNU General Public License v3.0 6 votes vote down vote up
@Bean
public PasswordEncoder delegatingPasswordEncoder() {

    // Spring Security 5 require storing the encoder id alongside the encoded password
    // (e.g. "{md5}hash" for an MD5-encoded password hash), which differs from previous
    // versions.
    //
    // Airsonic unfortunately stores passwords in plain-text, which is why we are setting
    // the "no-op" (plain-text) password encoder as a default here. This default will be
    // used when no encoder id is present.
    //
    // This means that legacy Airsonic passwords (stored simply as "password" in the db)
    // will be matched like "{noop}password" and will be recognized successfully. In the
    // future password encoding updates will be done here.

    PasswordEncoder defaultEncoder = NoOpPasswordEncoder.getInstance();
    String defaultIdForEncode = "noop";

    Map<String, PasswordEncoder> encoders = new HashMap<>();
    encoders.put(defaultIdForEncode, defaultEncoder);
    DelegatingPasswordEncoder passworEncoder = new DelegatingPasswordEncoder(defaultIdForEncode, encoders);
    passworEncoder.setDefaultPasswordEncoderForMatches(defaultEncoder);

    return passworEncoder;
}
 
Example #4
Source File: INCEpTION.java    From inception with Apache License 2.0 5 votes vote down vote up
@Bean
public PasswordEncoder passwordEncoder()
{
    // Set up a DelegatingPasswordEncoder which decodes legacy passwords using the
    // StandardPasswordEncoder but encodes passwords using the modern BCryptPasswordEncoder 
    String encoderForEncoding = "bcrypt";
    Map<String, PasswordEncoder> encoders = new HashMap<>();
    encoders.put(encoderForEncoding, new BCryptPasswordEncoder());
    DelegatingPasswordEncoder delegatingEncoder = new DelegatingPasswordEncoder(
            encoderForEncoding, encoders);
    // Decode legacy passwords without encoder ID using the StandardPasswordEncoder
    delegatingEncoder.setDefaultPasswordEncoderForMatches(new StandardPasswordEncoder());
    return delegatingEncoder;
}
 
Example #5
Source File: WebSecurityConfig.java    From Spring-5.0-Projects with MIT License 5 votes vote down vote up
@Bean
public PasswordEncoder passwordEncoder() {
	
	  Map<String,PasswordEncoder> encoders = new HashMap<>();
	  encoders.put(PwdEncodingAlgo.BCrypt.getStatus(), new BCryptPasswordEncoder());
	  encoders.put(PwdEncodingAlgo.Pbkf2.getStatus(), new Pbkdf2PasswordEncoder());
	  encoders.put(PwdEncodingAlgo.SCrypt.getStatus(), new SCryptPasswordEncoder());
	 
	  return new DelegatingPasswordEncoder(PwdEncodingAlgo.BCrypt.getStatus(), encoders);
}
 
Example #6
Source File: IdmEngineAutoConfigurationTest.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
@Test
public void standaloneIdmEngineWithDelegatingPasswordEncoder() {
    contextRunner
        .withPropertyValues("flowable.idm.password-encoder=spring_delegating")
        .run(context -> {
            IdmEngine idmEngine = context.getBean(IdmEngine.class);

            assertThat(context).hasSingleBean(PasswordEncoder.class);

            org.flowable.idm.api.PasswordEncoder flowablePasswordEncoder = idmEngine.getIdmEngineConfiguration().getPasswordEncoder();
            PasswordEncoder passwordEncoder = context.getBean(PasswordEncoder.class);
            assertThat(flowablePasswordEncoder)
                .isInstanceOfSatisfying(SpringEncoder.class, springEncoder -> {
                    assertThat(springEncoder.getSpringEncodingProvider()).isEqualTo(passwordEncoder);
                });
            assertThat(passwordEncoder).isInstanceOf(DelegatingPasswordEncoder.class);

            assertThat(flowablePasswordEncoder.encode("test", null))
                .as("encoded password")
                .startsWith("{bcrypt}");

            assertThatThrownBy(() -> flowablePasswordEncoder.isMatches("test", "test", null))
                .as("encoder matches password")
                .isInstanceOf(IllegalArgumentException.class)
                .hasMessage("There is no PasswordEncoder mapped for the id \"null\"");
        });
}
 
Example #7
Source File: IdmEngineAutoConfigurationTest.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
@Test
public void standaloneIdmEngineWithDelegatingBCryptDefaultPasswordEncoder() {
    contextRunner
        .withPropertyValues("flowable.idm.password-encoder=spring_delegating_bcrypt")
        .run(context -> {
            IdmEngine idmEngine = context.getBean(IdmEngine.class);

            assertThat(context).hasSingleBean(PasswordEncoder.class);

            org.flowable.idm.api.PasswordEncoder flowablePasswordEncoder = idmEngine.getIdmEngineConfiguration().getPasswordEncoder();
            PasswordEncoder passwordEncoder = context.getBean(PasswordEncoder.class);
            assertThat(flowablePasswordEncoder)
                .isInstanceOfSatisfying(SpringEncoder.class, springEncoder -> {
                    assertThat(springEncoder.getSpringEncodingProvider()).isEqualTo(passwordEncoder);
                });
            assertThat(passwordEncoder).isInstanceOf(DelegatingPasswordEncoder.class);

            assertThat(flowablePasswordEncoder.encode("test", null))
                .as("encoded password")
                .startsWith("{bcrypt}");

            assertThat(flowablePasswordEncoder.isMatches("test", "test", null))
                .as("encoder matchers clear text password")
                .isFalse();

            assertThat(flowablePasswordEncoder.isMatches("test", new BCryptPasswordEncoder().encode("test"), null))
                .as("encoder matchers only bcrypt text password")
                .isTrue();
        });
}
 
Example #8
Source File: IdmEngineAutoConfigurationTest.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
@Test
public void standaloneIdmEngineWithDelegatingNoopDefaultPasswordEncoder() {
    contextRunner
        .withPropertyValues("flowable.idm.password-encoder=spring_delegating_noop")
        .run(context -> {
            IdmEngine idmEngine = context.getBean(IdmEngine.class);

            assertThat(context).hasSingleBean(PasswordEncoder.class);

            org.flowable.idm.api.PasswordEncoder flowablePasswordEncoder = idmEngine.getIdmEngineConfiguration().getPasswordEncoder();
            PasswordEncoder passwordEncoder = context.getBean(PasswordEncoder.class);
            assertThat(flowablePasswordEncoder)
                .isInstanceOfSatisfying(SpringEncoder.class, springEncoder -> {
                    assertThat(springEncoder.getSpringEncodingProvider()).isEqualTo(passwordEncoder);
                });
            assertThat(passwordEncoder).isInstanceOf(DelegatingPasswordEncoder.class);

            assertThat(flowablePasswordEncoder.encode("test", null))
                .as("encoded password")
                .startsWith("{bcrypt}");

            assertThat(flowablePasswordEncoder.isMatches("test", "test", null))
                .as("encoder matchers clear text password")
                .isTrue();

            assertThat(flowablePasswordEncoder.isMatches("test", new BCryptPasswordEncoder().encode("test"), null))
                .as("encoder matchers only bcrypt text password")
                .isFalse();
        });
}
 
Example #9
Source File: WebAnno.java    From webanno with Apache License 2.0 5 votes vote down vote up
@Bean
public PasswordEncoder passwordEncoder()
{
    // Set up a DelegatingPasswordEncoder which decodes legacy passwords using the
    // StandardPasswordEncoder but encodes passwords using the modern BCryptPasswordEncoder 
    String encoderForEncoding = "bcrypt";
    Map<String, PasswordEncoder> encoders = new HashMap<>();
    encoders.put(encoderForEncoding, new BCryptPasswordEncoder());
    DelegatingPasswordEncoder delegatingEncoder = new DelegatingPasswordEncoder(
            encoderForEncoding, encoders);
    // Decode legacy passwords without encoder ID using the StandardPasswordEncoder
    delegatingEncoder.setDefaultPasswordEncoderForMatches(new StandardPasswordEncoder());
    return delegatingEncoder;
}
 
Example #10
Source File: WebSecurityConfiguration.java    From Parrit with MIT License 5 votes vote down vote up
@Bean
public PasswordEncoder passwordEncoder() {
    Map<String, PasswordEncoder> encoders = new HashMap<>();
    encoders.put("bcrypt", new BCryptPasswordEncoder());
    encoders.put("sha256", new MessageDigestPasswordEncoder("SHA-256"));
    return new DelegatingPasswordEncoder("bcrypt", encoders);
}
 
Example #11
Source File: PasswordEncoderTests.java    From jakduk-api with MIT License 5 votes vote down vote up
@Test
public void 스프링시큐리티_암호_인코딩() {
	String password = passwordEncoder.encode("1111");

	Assert.assertFalse(passwordEncoder.matches("1112", password));
	Assert.assertTrue(passwordEncoder.matches("1111", password));

	DelegatingPasswordEncoder newPasswordEncoder = (DelegatingPasswordEncoder) PasswordEncoderFactories.createDelegatingPasswordEncoder();
	newPasswordEncoder.setDefaultPasswordEncoderForMatches(new StandardPasswordEncoder());
	System.out.println(newPasswordEncoder.encode("1111"));
	Assert.assertTrue(newPasswordEncoder.matches("1111", password));
}
 
Example #12
Source File: CustomAuthenticationApplication.java    From Spring with Apache License 2.0 4 votes vote down vote up
PasswordEncoder oldPasswordEncoder() {
	String md5 = "MD5";
	return new DelegatingPasswordEncoder(md5,
			Collections.singletonMap(md5, new MessageDigestPasswordEncoder(md5)));
}