/** * Creates a salted hash for a password using the BCrypt hash function. * <p> * Invokes {@link #encodeBCrypt(String, int)} using 10 as strength. * * @param password The clear text password. * @return The hash value as defined by * <a href="https://www.eclipse.org/hono/api/credentials-api/#hashed-password">Hono's Credentials API</a>. * @throws NullPointerException if password is {@code null}. */ public static String encodeBCrypt(final String password) { return encodeBCrypt(password, 10); }
/** * Creates an instance from the {Base64(salt)}password formatted String. * * @param formattedPassword Password in the {Base64(salt)}password format */ public ClearTextPassword(final String formattedPassword) { parse(formattedPassword); }
/** * Creates a hash for a clear text password. * * @param rawPassword The password to hash. The password may also (optionally) be prefixed * by <em>salt</em> that should be used for computing the hash value. * If given, the salt needs to be provided in the form of the Base64 encoding * of the salt bytes wrapped in curly braces: * <em>{Base64(salt)}password</em>. * @return The Base64 encoding of the bytes resulting from applying the hash function to * the byte array consisting of the salt bytes (if a salt is used) and the UTF-8 * encoding of the clear text password. */ @Override public String encode(final CharSequence rawPassword) { // parse given string into (optional) salt and password final ClearTextPassword password = new ClearTextPassword(rawPassword.toString()); return Base64.getEncoder().encodeToString(digest(password.salt, password.password)); }
/** * Creates a salted hash for a password using a SHA based hash function. * <p> * This method supports the following algorithms: * <ul> * <li>sha-256</li> * <li>sha-512</li> * </ul> * * @param hashFunction The hash function to use. * @param salt Salt in the form of byte array (may be {@code null}). * @param password The clear text password. * @return The salted hash as defined by * <a href="https://www.eclipse.org/hono/api/credentials-api/#hashed-password">Hono's Credentials API</a>. */ public static String encode(final String hashFunction, final byte[] salt, final String password) { Objects.requireNonNull(hashFunction); Objects.requireNonNull(password); final PasswordEncoder encoder = new MessageDigestPasswordEncoder(hashFunction); final StringBuilder passwordToEncode = new StringBuilder(); // Prepare password in the "{salt}password" format as that's expected by MessageDigestPasswordEncoder class append(salt, passwordToEncode); passwordToEncode.append(password); return encoder.encode(passwordToEncode.toString()); }
@Override public void get(final String tenantId, final String type, final String authId, final JsonObject clientContext, final Handler<AsyncResult<CredentialsResult<JsonObject>>> resultHandler) { final JsonObject result = JsonObject.mapFrom(CredentialsObject.fromHashedPassword( authId, authId, ClearTextPassword.encode(CredentialsConstants.HASH_FUNCTION_SHA256, null, "hono-secret"), CredentialsConstants.HASH_FUNCTION_SHA256, null, null, null)); resultHandler.handle(Future.succeededFuture( CredentialsResult.from(HttpURLConnection.HTTP_OK, JsonObject.mapFrom(result), CacheDirective.noCacheDirective()))); }