org.springframework.security.crypto.password.PasswordEncoder Java Examples

The following examples show how to use org.springframework.security.crypto.password.PasswordEncoder. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: DefaultCalendarService.java    From Spring-Security-Third-Edition with MIT License 6 votes vote down vote up
@Autowired
public DefaultCalendarService(final EventDao eventDao,
                              final CalendarUserDao userDao,
                              final CalendarUserRepository userRepository,
                              final PasswordEncoder passwordEncoder) {
    if (eventDao == null) {
        throw new IllegalArgumentException("eventDao cannot be null");
    }
    if (userDao == null) {
        throw new IllegalArgumentException("userDao cannot be null");
    }
    if (userRepository == null) {
        throw new IllegalArgumentException("userRepository cannot be null");
    }
    if (passwordEncoder == null) {
        throw new IllegalArgumentException("passwordEncoder cannot be null");
    }
    this.eventDao = eventDao;
    this.userDao = userDao;
    this.passwordEncoder = passwordEncoder;
}
 
Example #2
Source File: DefaultCalendarService.java    From Spring-Security-Third-Edition with MIT License 6 votes vote down vote up
@Autowired
public DefaultCalendarService(final EventDao eventDao,
                              final CalendarUserDao userDao,
                              final CalendarUserRepository userRepository,
                              final PasswordEncoder passwordEncoder) {
    if (eventDao == null) {
        throw new IllegalArgumentException("eventDao cannot be null");
    }
    if (userDao == null) {
        throw new IllegalArgumentException("userDao cannot be null");
    }
    if (userRepository == null) {
        throw new IllegalArgumentException("userRepository cannot be null");
    }
    if (passwordEncoder == null) {
        throw new IllegalArgumentException("passwordEncoder cannot be null");
    }
    this.eventDao = eventDao;
    this.userDao = userDao;
    this.passwordEncoder = passwordEncoder;
}
 
Example #3
Source File: DefaultCalendarService.java    From Spring-Security-Third-Edition with MIT License 6 votes vote down vote up
@Autowired
public DefaultCalendarService(final EventDao eventDao,
                              final CalendarUserDao userDao,
                              final PasswordEncoder passwordEncoder) {
    if (eventDao == null) {
        throw new IllegalArgumentException("eventDao cannot be null");
    }
    if (userDao == null) {
        throw new IllegalArgumentException("userDao cannot be null");
    }
    if (passwordEncoder == null) {
        throw new IllegalArgumentException("passwordEncoder cannot be null");
    }
    this.eventDao = eventDao;
    this.userDao = userDao;
    this.passwordEncoder = passwordEncoder;
}
 
Example #4
Source File: SecurityConfig.java    From Spring-Security-Third-Edition with MIT License 6 votes vote down vote up
/**
     * The PreAuthenticatedAuthenticationProvider does not process the {@link RolesAllowed} annotation.
     * @ param authenticationUserDetailsService
     * @return
     */
//    @Description("PreAuthenticatedAuthenticationProvider will return the existing Authentication token from the authenticate method")
//    @Bean
//    public PreAuthenticatedAuthenticationProvider preAuthAuthenticationProvider(final AuthenticationUserDetailsService authenticationUserDetailsService){
//        return new PreAuthenticatedAuthenticationProvider(){{
//            setPreAuthenticatedUserDetailsService(authenticationUserDetailsService);
//        }};
//    }

    @Description("AuthenticationMnager that will generate an authentication token unlike {@link PreAuthenticatedAuthenticationProvider}")
    @Bean @DependsOn({"defaultCalendarService"})
    public CalendarUserAuthenticationProvider calendarUserAuthenticationProvider(
            CalendarService calendarService,
            PasswordEncoder passwordEncoder){
        return new CalendarUserAuthenticationProvider(calendarService, passwordEncoder);
    }
 
Example #5
Source File: DefaultCalendarService.java    From Spring-Security-Third-Edition with MIT License 6 votes vote down vote up
@Autowired
public DefaultCalendarService(final EventDao eventDao,
                              final CalendarUserDao userDao,
                              final CalendarUserRepository userRepository,
                              final PasswordEncoder passwordEncoder) {
    if (eventDao == null) {
        throw new IllegalArgumentException("eventDao cannot be null");
    }
    if (userDao == null) {
        throw new IllegalArgumentException("userDao cannot be null");
    }
    if (userRepository == null) {
        throw new IllegalArgumentException("userRepository cannot be null");
    }
    if (passwordEncoder == null) {
        throw new IllegalArgumentException("passwordEncoder cannot be null");
    }
    this.eventDao = eventDao;
    this.userDao = userDao;
    this.passwordEncoder = passwordEncoder;
}
 
Example #6
Source File: SecurityConfiguration.java    From Hands-On-Reactive-Programming-in-Spring-5 with MIT License 6 votes vote down vote up
@Bean
public MapReactiveUserDetailsService reactiveUserDetailsService(
    ObjectProvider<PasswordEncoder> passwordEncoder
) {

    return new MapReactiveUserDetailsService(
        User.withUsername("user")
            .password("user")
            .passwordEncoder(p -> getOrDeducePassword(p, passwordEncoder.getIfAvailable()))
            .roles("USER")
            .build(),
        User.withUsername("admin")
            .password("admin")
            .passwordEncoder(p -> getOrDeducePassword(p, passwordEncoder.getIfAvailable()))
            .roles("USER", "ADMIN")
            .build()
    );
}
 
Example #7
Source File: UserActionAdmin.java    From ExamStack with GNU General Public License v2.0 5 votes vote down vote up
/**
 * 添加用户
 * 
 * @param user
 * @param groupId
 *            如果添加的用户为学员,必须指定groupId。如果添加的用户为教师,则groupId为任意数字
 * @return
 */
@RequestMapping(value = { "/admin/add-user-{authority}-{groupId}" }, method = RequestMethod.POST)
public @ResponseBody Message addUser(@RequestBody User user, @PathVariable String authority,
		@PathVariable Integer groupId) {
	UserInfo userInfo = (UserInfo) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
	user.setCreateTime(new Date()); 
	String password = user.getPassword() + "{" + user.getUserName().toLowerCase() + "}";
	PasswordEncoder passwordEncoder = new StandardPasswordEncoderForSha1();
	String resultPassword = passwordEncoder.encode(password);
	user.setPassword(resultPassword);
	user.setEnabled(true);
	user.setCreateBy(userInfo.getUserid());
	user.setUserName(user.getUserName().toLowerCase());
	Message message = new Message();
	try {
		userService.addUser(user, authority, groupId, userInfo.getRoleMap());
	} catch (Exception e) {
		// TODO Auto-generated catch block

		if(e.getMessage().contains(user.getUserName())){
			message.setResult("duplicate-username");
			message.setMessageInfo("重复的用户名");
		} else if(e.getMessage().contains(user.getNationalId())){
			message.setResult("duplicate-national-id");
			message.setMessageInfo("重复的身份证");
		} else if(e.getMessage().contains(user.getEmail())){
			message.setResult("duplicate-email");
			message.setMessageInfo("重复的邮箱");
		} else if(e.getMessage().contains(user.getPhoneNum())){
			message.setResult("duplicate-phone");
			message.setMessageInfo("重复的电话");
		} else{
			message.setResult(e.getCause().getMessage());
			e.printStackTrace();
		}
	}
	return message;
}
 
Example #8
Source File: CalendarUserAuthenticationProvider.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
@Autowired
public CalendarUserAuthenticationProvider(final CalendarService calendarService,
                                          final PasswordEncoder passwordEncoder) {
    if (calendarService == null) {
        throw new IllegalArgumentException("calendarService cannot be null");
    }
    if (passwordEncoder == null) {
        throw new IllegalArgumentException("passwordEncoder cannot be null");
    }

    this.calendarService = calendarService;
    this.passwordEncoder = passwordEncoder;
}
 
Example #9
Source File: UserDAOIntegrationTest.java    From entando-core with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
protected void setUp() throws Exception {
    super.setUp();
    DataSource dataSource = (DataSource) this.getApplicationContext().getBean("servDataSource");
    PasswordEncoder passwordEncoder = (PasswordEncoder) this.getApplicationContext().getBean("compatiblePasswordEncoder");
    UserDAO dao = new UserDAO();
    dao.setDataSource(dataSource);
    dao.setPasswordEncoder(passwordEncoder);
    this.userDao = dao;
}
 
Example #10
Source File: PasswordResetTokenRepositoryImpl.java    From molgenis with GNU Lesser General Public License v3.0 5 votes vote down vote up
PasswordResetTokenRepositoryImpl(
    PasswordResetTokenFactory passwordResetTokenFactory,
    PasswordEncoder passwordEncoder,
    DataService dataService) {
  this.passwordResetTokenFactory = requireNonNull(passwordResetTokenFactory);
  this.passwordEncoder = requireNonNull(passwordEncoder);
  this.dataService = requireNonNull(dataService);
  this.tokenGenerator = new TokenGenerator();
}
 
Example #11
Source File: WebAnno.java    From webanno with Apache License 2.0 5 votes vote down vote up
@Bean
public PasswordEncoder passwordEncoder()
{
    // Set up a DelegatingPasswordEncoder which decodes legacy passwords using the
    // StandardPasswordEncoder but encodes passwords using the modern BCryptPasswordEncoder 
    String encoderForEncoding = "bcrypt";
    Map<String, PasswordEncoder> encoders = new HashMap<>();
    encoders.put(encoderForEncoding, new BCryptPasswordEncoder());
    DelegatingPasswordEncoder delegatingEncoder = new DelegatingPasswordEncoder(
            encoderForEncoding, encoders);
    // Decode legacy passwords without encoder ID using the StandardPasswordEncoder
    delegatingEncoder.setDefaultPasswordEncoderForMatches(new StandardPasswordEncoder());
    return delegatingEncoder;
}
 
Example #12
Source File: PasswordEncoderTest.java    From spring-boot-start-current with Apache License 2.0 5 votes vote down vote up
@Test
public void name () throws Exception {
	PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();


	for ( int i = 0 ; i < 10 ; i++ ) {
		System.err.println( passwordEncoder.encode( "123456" ) );
	}
}
 
Example #13
Source File: TokenPasswordTokenIssuer.java    From authmore-framework with Apache License 2.0 5 votes vote down vote up
public TokenPasswordTokenIssuer(
        UserDetailsRepository users,
        PasswordEncoder passwordEncoder,
        TokenManager tokenManager) {
    this.users = users;
    this.passwordEncoder = passwordEncoder;
    this.tokenManager = tokenManager;
}
 
Example #14
Source File: UserAction.java    From ExamStack with GNU General Public License v2.0 5 votes vote down vote up
@RequestMapping(value = { "/secure/update-user" }, method = RequestMethod.POST)
public @ResponseBody Message updateUser(@RequestBody User user) {
	//UserInfo userInfo = (UserInfo) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
	user.setCreateTime(new Date());
	String password = user.getPassword() + "{" + user.getUserName() + "}";
	PasswordEncoder passwordEncoder = new StandardPasswordEncoderForSha1();
	String resultPassword = "";
	if(user.getPassword() != null)
		resultPassword = "".equals(user.getPassword().trim()) ? "" : passwordEncoder.encode(password);
	user.setPassword(resultPassword);
	user.setEnabled(true);
	Message message = new Message();
	try {
		userService.updateUser(user, null);
	} catch (Exception e) {
		// TODO Auto-generated catch block

		if(e.getMessage().contains(user.getUserName())){
			message.setResult("duplicate-username");
			message.setMessageInfo("重复的用户名");
		} else if(e.getMessage().contains(user.getNationalId())){
			message.setResult("duplicate-national-id");
			message.setMessageInfo("重复的身份证");
		} else if(e.getMessage().contains(user.getEmail())){
			message.setResult("duplicate-email");
			message.setMessageInfo("重复的邮箱");
		} else if(e.getMessage().contains(user.getPhoneNum())){
			message.setResult("duplicate-phone");
			message.setMessageInfo("重复的电话");
		} else{
			message.setResult(e.getCause().getMessage());
			e.printStackTrace();
		}
	}
	return message;
}
 
Example #15
Source File: UserAction.java    From ExamStack with GNU General Public License v2.0 5 votes vote down vote up
/**
 * 添加用户
 * 
 * @param user
 * @param groupId
 *            如果添加的用户为学员,必须指定groupId。如果添加的用户为教师,则groupId为任意数字
 * @return
 */
@RequestMapping(value = { "/add-user" }, method = RequestMethod.POST)
public @ResponseBody Message addUser(@RequestBody User user) {
	user.setCreateTime(new Date());
	
	String password = user.getPassword() + "{" + user.getUserName().toLowerCase() + "}";
	PasswordEncoder passwordEncoder = new StandardPasswordEncoderForSha1();
	String resultPassword = passwordEncoder.encode(password);
	user.setPassword(resultPassword);
	user.setEnabled(true);
	user.setCreateBy(-1);
	user.setUserName(user.getUserName().toLowerCase());
	Message message = new Message();
	try {
		userService.addUser(user, "ROLE_STUDENT", 0, userService.getRoleMap());
	} catch (Exception e) {
		// TODO Auto-generated catch block

		if(e.getMessage().contains(user.getUserName())){
			message.setResult("duplicate-username");
			message.setMessageInfo("重复的用户名");
		} else if(e.getMessage().contains(user.getNationalId())){
			message.setResult("duplicate-national-id");
			message.setMessageInfo("重复的身份证");
		} else if(e.getMessage().contains(user.getEmail())){
			message.setResult("duplicate-email");
			message.setMessageInfo("重复的邮箱");
		} else if(e.getMessage().contains(user.getPhoneNum())){
			message.setResult("duplicate-phone");
			message.setMessageInfo("重复的电话");
		} else{
			message.setResult(e.getCause().getMessage());
			e.printStackTrace();
		}
	}
	return message;
}
 
Example #16
Source File: LayoutManagementService.java    From abixen-platform with GNU Lesser General Public License v2.1 5 votes vote down vote up
@PreAuthorize("hasPermission(#id, '" + AclClassName.Values.LAYOUT + "', '" + PermissionName.Values.LAYOUT_EDIT + "')")
public LayoutDto changeLayoutIcon(final Long id, final MultipartFile iconFile) throws IOException {
    log.debug("changeLayoutIcon() - id: {}, iconFile: {}", id, iconFile);

    final Layout layout = layoutService.find(id);
    //FIXME - rename to thumbnail
    final File currentThumbnailFile = new File(platformResourceConfigurationProperties.getImageLibraryDirectory() + "/layout-miniature/" + layout.getIconFileName());

    if (currentThumbnailFile.exists()) {
        if (!currentThumbnailFile.delete()) {
            throw new FileExistsException();
        }
    }

    final PasswordEncoder encoder = new BCryptPasswordEncoder();
    final String newIconFileName = encoder.encode(iconFile.getName() + new Date().getTime()).replaceAll("\"", "s").replaceAll("/", "a").replace(".", "sde");
    final File newIconFile = new File(platformResourceConfigurationProperties.getImageLibraryDirectory() + "/layout-miniature/" + newIconFileName);

    final FileOutputStream out = new FileOutputStream(newIconFile);
    out.write(iconFile.getBytes());
    out.close();

    layout.changeIconFileName(newIconFileName);
    final Layout updatedLayout = layoutService.update(layout);

    return layoutToLayoutDtoConverter.convert(updatedLayout);
}
 
Example #17
Source File: WebAnnoSecurity.java    From webanno with Apache License 2.0 5 votes vote down vote up
@Autowired
public WebAnnoSecurity(PasswordEncoder aPasswordEncoder,
        @Lazy AuthenticationManager aAuthenticationManager,
        @Lazy AuthenticationProvider aAuthenticationProvider, DataSource aDataSource,
        UserDao aUserRepository)
{
    passwordEncoder = aPasswordEncoder;
    authenticationManager = aAuthenticationManager;
    authenticationProvider = aAuthenticationProvider;
    dataSource = aDataSource;
    userRepository = aUserRepository;
}
 
Example #18
Source File: IdmEngineAutoConfigurationTest.java    From flowable-engine with Apache License 2.0 5 votes vote down vote up
@Test
public void standaloneIdmEngineWithDelegatingBCryptDefaultPasswordEncoder() {
    contextRunner
        .withPropertyValues("flowable.idm.password-encoder=spring_delegating_bcrypt")
        .run(context -> {
            IdmEngine idmEngine = context.getBean(IdmEngine.class);

            assertThat(context).hasSingleBean(PasswordEncoder.class);

            org.flowable.idm.api.PasswordEncoder flowablePasswordEncoder = idmEngine.getIdmEngineConfiguration().getPasswordEncoder();
            PasswordEncoder passwordEncoder = context.getBean(PasswordEncoder.class);
            assertThat(flowablePasswordEncoder)
                .isInstanceOfSatisfying(SpringEncoder.class, springEncoder -> {
                    assertThat(springEncoder.getSpringEncodingProvider()).isEqualTo(passwordEncoder);
                });
            assertThat(passwordEncoder).isInstanceOf(DelegatingPasswordEncoder.class);

            assertThat(flowablePasswordEncoder.encode("test", null))
                .as("encoded password")
                .startsWith("{bcrypt}");

            assertThat(flowablePasswordEncoder.isMatches("test", "test", null))
                .as("encoder matchers clear text password")
                .isFalse();

            assertThat(flowablePasswordEncoder.isMatches("test", new BCryptPasswordEncoder().encode("test"), null))
                .as("encoder matchers only bcrypt text password")
                .isTrue();
        });
}
 
Example #19
Source File: User.java    From abixen-platform with GNU Lesser General Public License v2.1 5 votes vote down vote up
public void changePassword(String currentPassword, String newPassword) {
    final PasswordEncoder encoder = new BCryptPasswordEncoder();
    if (!encoder.matches(currentPassword, getPassword())) {
        throw new UsernameNotFoundException("Wrong username and / or password.");
    }

    setPassword(encoder.encode(newPassword));
}
 
Example #20
Source File: WebSecurityConfig.java    From spring-boot-vue-admin with Apache License 2.0 4 votes vote down vote up
/** 使用随机加盐哈希算法对密码进行加密 */
@Bean
public PasswordEncoder passwordEncoder() {
  // 默认强度10,可以指定 4 到 31 之间的强度
  return new BCryptPasswordEncoder();
}
 
Example #21
Source File: SecurityConfig.java    From spring-in-action-5-samples with Apache License 2.0 4 votes vote down vote up
@Bean
  public PasswordEncoder encoder() {
//    return new StandardPasswordEncoder("53cr3t");
    return NoOpPasswordEncoder.getInstance();
  }
 
Example #22
Source File: SecurityConfiguration.java    From jhipster-microservices-example with Apache License 2.0 4 votes vote down vote up
@Bean
public PasswordEncoder passwordEncoder() {
    return new BCryptPasswordEncoder();
}
 
Example #23
Source File: SecurityConfig.java    From Spring-Security-Third-Edition with MIT License 4 votes vote down vote up
/**
 * BCryptPasswordEncoder password encoder
 * @return
 */
@Description("Standard PasswordEncoder")
@Bean
public PasswordEncoder passwordEncoder(){
    return new BCryptPasswordEncoder(4);
}
 
Example #24
Source File: JdbcClientDetailsServiceConfig.java    From syhthems-platform with MIT License 4 votes vote down vote up
public JdbcClientDetailsServiceConfig(PasswordEncoder passwordEncoder, DataSource dataSource) {
    this.passwordEncoder = passwordEncoder;
    this.dataSource = dataSource;
}
 
Example #25
Source File: UserService.java    From cubeai with Apache License 2.0 4 votes vote down vote up
public UserService(UserRepository userRepository, PasswordEncoder passwordEncoder, AuthorityRepository authorityRepository, CacheManager cacheManager) {
    this.userRepository = userRepository;
    this.passwordEncoder = passwordEncoder;
    this.authorityRepository = authorityRepository;
    this.cacheManager = cacheManager;
}
 
Example #26
Source File: ApplicationSecurityConfig.java    From sample-boot-micro with MIT License 4 votes vote down vote up
/** パスワード用のハッシュ(BCrypt)エンコーダー。 */
@Bean
PasswordEncoder passwordEncoder() {
    //low: きちんとやるのであれば、strengthやSecureRandom使うなど外部切り出し含めて検討してください
    return new BCryptPasswordEncoder();
}
 
Example #27
Source File: DevelopmentConfig.java    From spring-in-action-5-samples with Apache License 2.0 4 votes vote down vote up
@Bean
public CommandLineRunner dataLoader(IngredientRepository repo,
      UserRepository userRepo, PasswordEncoder encoder, TacoRepository tacoRepo) { // user repo for ease of testing with a built-in user
  return new CommandLineRunner() {
    @Override
    public void run(String... args) throws Exception {
      Ingredient flourTortilla = new Ingredient("FLTO", "Flour Tortilla", Type.WRAP);
      Ingredient cornTortilla = new Ingredient("COTO", "Corn Tortilla", Type.WRAP);
      Ingredient groundBeef = new Ingredient("GRBF", "Ground Beef", Type.PROTEIN);
      Ingredient carnitas = new Ingredient("CARN", "Carnitas", Type.PROTEIN);
      Ingredient tomatoes = new Ingredient("TMTO", "Diced Tomatoes", Type.VEGGIES);
      Ingredient lettuce = new Ingredient("LETC", "Lettuce", Type.VEGGIES);
      Ingredient cheddar = new Ingredient("CHED", "Cheddar", Type.CHEESE);
      Ingredient jack = new Ingredient("JACK", "Monterrey Jack", Type.CHEESE);
      Ingredient salsa = new Ingredient("SLSA", "Salsa", Type.SAUCE);
      Ingredient sourCream = new Ingredient("SRCR", "Sour Cream", Type.SAUCE);
      repo.save(flourTortilla);
      repo.save(cornTortilla);
      repo.save(groundBeef);
      repo.save(carnitas);
      repo.save(tomatoes);
      repo.save(lettuce);
      repo.save(cheddar);
      repo.save(jack);
      repo.save(salsa);
      repo.save(sourCream);
      
      
      userRepo.save(new User("habuma", encoder.encode("password"), 
          "Craig Walls", "123 North Street", "Cross Roads", "TX", 
          "76227", "123-123-1234"));
      
      Taco taco1 = new Taco();
      taco1.setName("Carnivore");
      taco1.setIngredients(Arrays.asList(flourTortilla, groundBeef, carnitas, sourCream, salsa, cheddar));
      tacoRepo.save(taco1);

      Taco taco2 = new Taco();
      taco2.setName("Bovine Bounty");
      taco2.setIngredients(Arrays.asList(cornTortilla, groundBeef, cheddar, jack, sourCream));
      tacoRepo.save(taco2);

      Taco taco3 = new Taco();
      taco3.setName("Veg-Out");
      taco3.setIngredients(Arrays.asList(flourTortilla, cornTortilla, tomatoes, lettuce, salsa));
      tacoRepo.save(taco3);

    }
  };
}
 
Example #28
Source File: SecurityConfig.java    From microservice-integration with MIT License 4 votes vote down vote up
@Bean
public PasswordEncoder passwordEncoder() {
    return NoOpPasswordEncoder.getInstance();
}
 
Example #29
Source File: GatewayApplication.java    From Spring5Tutorial with GNU Lesser General Public License v3.0 4 votes vote down vote up
@Bean
public PasswordEncoder passwordEncoder() {
    return new BCryptPasswordEncoder();
}
 
Example #30
Source File: SecurityConfiguration.java    From forum with MIT License 4 votes vote down vote up
@Bean
public PasswordEncoder passwordEncoder() {
    return new BCryptPasswordEncoder();
}