org.springframework.security.crypto.password.DelegatingPasswordEncoder Java Examples
The following examples show how to use
org.springframework.security.crypto.password.DelegatingPasswordEncoder.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: PasswordEncoderFactory.java From authmore-framework with Apache License 2.0 | 6 votes |
|
@SuppressWarnings("deprecation")
public static PasswordEncoder createDelegatingPasswordEncoder() {
String encodingId = "pbkdf2";
Map<String, PasswordEncoder> encoders = new HashMap<>();
encoders.put(encodingId, new BCryptPasswordEncoder());
encoders.put("ldap", new org.springframework.security.crypto.password.LdapShaPasswordEncoder());
encoders.put("MD4", new org.springframework.security.crypto.password.Md4PasswordEncoder());
encoders.put("MD5", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("MD5"));
encoders.put("noop", org.springframework.security.crypto.password.NoOpPasswordEncoder.getInstance());
encoders.put("pbkdf2", new Pbkdf2PasswordEncoder());
encoders.put("scrypt", new SCryptPasswordEncoder());
encoders.put("SHA-1", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1"));
encoders.put("SHA-256", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256"));
encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder());
return new DelegatingPasswordEncoder(encodingId, encoders);
}
Example #2
| Source File: SimpleUserDetailsServiceTest.java From Spring with Apache License 2.0 | 6 votes |
|
@Test
@SuppressWarnings("unchecked")
public void encode() throws Exception {
String encodedPassword = this.passwordEncoder.encode("password");
Assert.assertTrue(this.passwordEncoder.matches("password", encodedPassword));
// is the ID in the encoded PW?
Field idForEncode = fieldFor(DelegatingPasswordEncoder.class, "idForEncode");
String id = String.class.cast(idForEncode.get(this.passwordEncoder));
Assert.assertTrue(encodedPassword.contains(id));
// is the default PasswordEncoder BCrypt?
Field pwEncoderMapField = fieldFor(DelegatingPasswordEncoder.class,
"idToPasswordEncoder");
Map<String, PasswordEncoder> pwEncoderMap = (Map<String, PasswordEncoder>) pwEncoderMapField
.get(this.passwordEncoder);
Assert.assertTrue(pwEncoderMap.get(id) instanceof BCryptPasswordEncoder);
}
Example #3
| Source File: GlobalSecurityConfig.java From airsonic with GNU General Public License v3.0 | 6 votes |
|
@Bean
public PasswordEncoder delegatingPasswordEncoder() {
// Spring Security 5 require storing the encoder id alongside the encoded password
// (e.g. "{md5}hash" for an MD5-encoded password hash), which differs from previous
// versions.
//
// Airsonic unfortunately stores passwords in plain-text, which is why we are setting
// the "no-op" (plain-text) password encoder as a default here. This default will be
// used when no encoder id is present.
//
// This means that legacy Airsonic passwords (stored simply as "password" in the db)
// will be matched like "{noop}password" and will be recognized successfully. In the
// future password encoding updates will be done here.
PasswordEncoder defaultEncoder = NoOpPasswordEncoder.getInstance();
String defaultIdForEncode = "noop";
Map<String, PasswordEncoder> encoders = new HashMap<>();
encoders.put(defaultIdForEncode, defaultEncoder);
DelegatingPasswordEncoder passworEncoder = new DelegatingPasswordEncoder(defaultIdForEncode, encoders);
passworEncoder.setDefaultPasswordEncoderForMatches(defaultEncoder);
return passworEncoder;
}
Example #4
| Source File: INCEpTION.java From inception with Apache License 2.0 | 5 votes |
|
@Bean
public PasswordEncoder passwordEncoder()
{
// Set up a DelegatingPasswordEncoder which decodes legacy passwords using the
// StandardPasswordEncoder but encodes passwords using the modern BCryptPasswordEncoder
String encoderForEncoding = "bcrypt";
Map<String, PasswordEncoder> encoders = new HashMap<>();
encoders.put(encoderForEncoding, new BCryptPasswordEncoder());
DelegatingPasswordEncoder delegatingEncoder = new DelegatingPasswordEncoder(
encoderForEncoding, encoders);
// Decode legacy passwords without encoder ID using the StandardPasswordEncoder
delegatingEncoder.setDefaultPasswordEncoderForMatches(new StandardPasswordEncoder());
return delegatingEncoder;
}
Example #5
| Source File: WebSecurityConfig.java From Spring-5.0-Projects with MIT License | 5 votes |
|
@Bean
public PasswordEncoder passwordEncoder() {
Map<String,PasswordEncoder> encoders = new HashMap<>();
encoders.put(PwdEncodingAlgo.BCrypt.getStatus(), new BCryptPasswordEncoder());
encoders.put(PwdEncodingAlgo.Pbkf2.getStatus(), new Pbkdf2PasswordEncoder());
encoders.put(PwdEncodingAlgo.SCrypt.getStatus(), new SCryptPasswordEncoder());
return new DelegatingPasswordEncoder(PwdEncodingAlgo.BCrypt.getStatus(), encoders);
}
Example #6
| Source File: IdmEngineAutoConfigurationTest.java From flowable-engine with Apache License 2.0 | 5 votes |
|
@Test
public void standaloneIdmEngineWithDelegatingPasswordEncoder() {
contextRunner
.withPropertyValues("flowable.idm.password-encoder=spring_delegating")
.run(context -> {
IdmEngine idmEngine = context.getBean(IdmEngine.class);
assertThat(context).hasSingleBean(PasswordEncoder.class);
org.flowable.idm.api.PasswordEncoder flowablePasswordEncoder = idmEngine.getIdmEngineConfiguration().getPasswordEncoder();
PasswordEncoder passwordEncoder = context.getBean(PasswordEncoder.class);
assertThat(flowablePasswordEncoder)
.isInstanceOfSatisfying(SpringEncoder.class, springEncoder -> {
assertThat(springEncoder.getSpringEncodingProvider()).isEqualTo(passwordEncoder);
});
assertThat(passwordEncoder).isInstanceOf(DelegatingPasswordEncoder.class);
assertThat(flowablePasswordEncoder.encode("test", null))
.as("encoded password")
.startsWith("{bcrypt}");
assertThatThrownBy(() -> flowablePasswordEncoder.isMatches("test", "test", null))
.as("encoder matches password")
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("There is no PasswordEncoder mapped for the id \"null\"");
});
}
Example #7
| Source File: IdmEngineAutoConfigurationTest.java From flowable-engine with Apache License 2.0 | 5 votes |
|
@Test
public void standaloneIdmEngineWithDelegatingBCryptDefaultPasswordEncoder() {
contextRunner
.withPropertyValues("flowable.idm.password-encoder=spring_delegating_bcrypt")
.run(context -> {
IdmEngine idmEngine = context.getBean(IdmEngine.class);
assertThat(context).hasSingleBean(PasswordEncoder.class);
org.flowable.idm.api.PasswordEncoder flowablePasswordEncoder = idmEngine.getIdmEngineConfiguration().getPasswordEncoder();
PasswordEncoder passwordEncoder = context.getBean(PasswordEncoder.class);
assertThat(flowablePasswordEncoder)
.isInstanceOfSatisfying(SpringEncoder.class, springEncoder -> {
assertThat(springEncoder.getSpringEncodingProvider()).isEqualTo(passwordEncoder);
});
assertThat(passwordEncoder).isInstanceOf(DelegatingPasswordEncoder.class);
assertThat(flowablePasswordEncoder.encode("test", null))
.as("encoded password")
.startsWith("{bcrypt}");
assertThat(flowablePasswordEncoder.isMatches("test", "test", null))
.as("encoder matchers clear text password")
.isFalse();
assertThat(flowablePasswordEncoder.isMatches("test", new BCryptPasswordEncoder().encode("test"), null))
.as("encoder matchers only bcrypt text password")
.isTrue();
});
}
Example #8
| Source File: IdmEngineAutoConfigurationTest.java From flowable-engine with Apache License 2.0 | 5 votes |
|
@Test
public void standaloneIdmEngineWithDelegatingNoopDefaultPasswordEncoder() {
contextRunner
.withPropertyValues("flowable.idm.password-encoder=spring_delegating_noop")
.run(context -> {
IdmEngine idmEngine = context.getBean(IdmEngine.class);
assertThat(context).hasSingleBean(PasswordEncoder.class);
org.flowable.idm.api.PasswordEncoder flowablePasswordEncoder = idmEngine.getIdmEngineConfiguration().getPasswordEncoder();
PasswordEncoder passwordEncoder = context.getBean(PasswordEncoder.class);
assertThat(flowablePasswordEncoder)
.isInstanceOfSatisfying(SpringEncoder.class, springEncoder -> {
assertThat(springEncoder.getSpringEncodingProvider()).isEqualTo(passwordEncoder);
});
assertThat(passwordEncoder).isInstanceOf(DelegatingPasswordEncoder.class);
assertThat(flowablePasswordEncoder.encode("test", null))
.as("encoded password")
.startsWith("{bcrypt}");
assertThat(flowablePasswordEncoder.isMatches("test", "test", null))
.as("encoder matchers clear text password")
.isTrue();
assertThat(flowablePasswordEncoder.isMatches("test", new BCryptPasswordEncoder().encode("test"), null))
.as("encoder matchers only bcrypt text password")
.isFalse();
});
}
Example #9
| Source File: WebAnno.java From webanno with Apache License 2.0 | 5 votes |
|
@Bean
public PasswordEncoder passwordEncoder()
{
// Set up a DelegatingPasswordEncoder which decodes legacy passwords using the
// StandardPasswordEncoder but encodes passwords using the modern BCryptPasswordEncoder
String encoderForEncoding = "bcrypt";
Map<String, PasswordEncoder> encoders = new HashMap<>();
encoders.put(encoderForEncoding, new BCryptPasswordEncoder());
DelegatingPasswordEncoder delegatingEncoder = new DelegatingPasswordEncoder(
encoderForEncoding, encoders);
// Decode legacy passwords without encoder ID using the StandardPasswordEncoder
delegatingEncoder.setDefaultPasswordEncoderForMatches(new StandardPasswordEncoder());
return delegatingEncoder;
}
Example #10
| Source File: WebSecurityConfiguration.java From Parrit with MIT License | 5 votes |
|
@Bean
public PasswordEncoder passwordEncoder() {
Map<String, PasswordEncoder> encoders = new HashMap<>();
encoders.put("bcrypt", new BCryptPasswordEncoder());
encoders.put("sha256", new MessageDigestPasswordEncoder("SHA-256"));
return new DelegatingPasswordEncoder("bcrypt", encoders);
}
Example #11
| Source File: PasswordEncoderTests.java From jakduk-api with MIT License | 5 votes |
|
@Test
public void 스프링시큐리티_암호_인코딩() {
String password = passwordEncoder.encode("1111");
Assert.assertFalse(passwordEncoder.matches("1112", password));
Assert.assertTrue(passwordEncoder.matches("1111", password));
DelegatingPasswordEncoder newPasswordEncoder = (DelegatingPasswordEncoder) PasswordEncoderFactories.createDelegatingPasswordEncoder();
newPasswordEncoder.setDefaultPasswordEncoderForMatches(new StandardPasswordEncoder());
System.out.println(newPasswordEncoder.encode("1111"));
Assert.assertTrue(newPasswordEncoder.matches("1111", password));
}
Example #12
| Source File: CustomAuthenticationApplication.java From Spring with Apache License 2.0 | 4 votes |
|
PasswordEncoder oldPasswordEncoder() {
String md5 = "MD5";
return new DelegatingPasswordEncoder(md5,
Collections.singletonMap(md5, new MessageDigestPasswordEncoder(md5)));
}
