@Bean public PasswordEncoder passwordEncoder() { return new StandardPasswordEncoder(); }
encoders.put("SHA-1", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1")); encoders.put("SHA-256", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256")); encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder());
encoders.put("SHA-1", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1")); encoders.put("SHA-256", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256")); encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder());
@Configuration @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Bean public PasswordEncoder getPasswordEncoder(@Value(value="${password.secret}") String secret) { return new StandardPasswordEncoder(secret); } }
@Bean public PasswordEncoder passwordEncoder() { return new StandardPasswordEncoder(); }
@Bean @Primary public PasswordEncoder getPasswordEncoder(){ return new StandardPasswordEncoder(salt); }
StandardPasswordEncoder encoder = new StandardPasswordEncoder("secret"); String result = encoder.encode("myPassword"); now your result is equal to `9e7e3a73a40871d4b489adb746c31ace280d28206dded9665bac40eabfe6ffdc32a8c5c416b5878f` String passworddb = getPasswordFromDB(); passworddb from daabase is `9e7e3a73a40871d4b489adb746c31ace280d28206dded9665bac40eabfe6ffdc32a8c5c416b5878f` assertTrue(encoder.matches(passworddb, result)); then passworddb and result are equal.
class PasswordEncoderComposite implements PasswordEncoder { private Pattern BCRYPT_PATTERN = Pattern.compile("\\A\\$2a?\\$\\d\\d\\$[./0-9A-Za-z]{53}"); public String encode(CharSequence rawPassword) { if (BCRYPT_PATTERN.matcher(encodedPassword).matches()) { return new BCryptPasswordEncoder().encode(rawPassword); } else { return new StandardPasswordEncoder().encode(rawPassword); } } public boolean matches(CharSequence rawPassword, String encodedPassword) { if (BCRYPT_PATTERN.matcher(encodedPassword).matches()) { return new BCryptPasswordEncoder().matches(rawPassword, encodedPassword); } else { return new StandardPasswordEncoder().matches(rawPassword, encodedPassword); } } }
/** * Encodes a given raw password with random salt via Spring {@link StandardPasswordEncoder}. * * @param rawPassword plaintext password * * @return encoded password */ public static String encodePassword(String rawPassword) { /** * TODO: Think about to use a better password encoder * * Comment within StandardPasswordEncoder: * * If you are developing a new system, * {@link org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder} is * a better choice both in terms of security and interoperability with other languages. */ StandardPasswordEncoder encoder = new StandardPasswordEncoder(); return encoder.encode(rawPassword); } }
@Bean public PasswordEncoder passwordEncoder() { // set up the list of supported encoders and their prefixes PasswordEncoder defaultEncoder = new StandardPasswordEncoder(); Map<String, PasswordEncoder> encoders = new HashMap<>(); encoders.put("bcrypt", new BCryptPasswordEncoder()); encoders.put("scrypt", new SCryptPasswordEncoder()); encoders.put("noop", NoOpPasswordEncoder.getInstance()); DelegatingPasswordEncoder passwordEncoder = new DelegatingPasswordEncoder("bcrypt", encoders); passwordEncoder.setDefaultPasswordEncoderForMatches(defaultEncoder); return passwordEncoder; }
@Override public Authentication authenticate(Authentication authentication) { StandardPasswordEncoder encoder = new StandardPasswordEncoder(); String username = authentication.getName(); String rawPassword = authentication.getCredentials().toString(); Optional<Person> userOptional = personService.getPersonByLogin(username); if (!userOptional.isPresent()) { LOG.info("No user found for username '" + username + "'"); throw new UsernameNotFoundException("No authentication possible for user = " + username); } Person person = userOptional.get(); if (person.hasRole(Role.INACTIVE)) { LOG.info("User '" + username + "' has been deactivated and can not sign in therefore"); throw new DisabledException("User '" + username + "' has been deactivated"); } Collection<Role> permissions = person.getPermissions(); Collection<GrantedAuthority> grantedAuthorities = permissions.stream().map((role) -> new SimpleGrantedAuthority(role.name())).collect(Collectors.toList()); String userPassword = person.getPassword(); if (encoder.matches(rawPassword, userPassword)) { LOG.info("User '" + username + "' has signed in with roles: " + grantedAuthorities); return new UsernamePasswordAuthenticationToken(username, userPassword, grantedAuthorities); } else { LOG.info("User '" + username + "' has tried to sign in with a wrong password"); throw new BadCredentialsException("The provided password is wrong"); } }
encoders.put("SHA-1", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1")); encoders.put("SHA-256", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256")); encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder());
encoders.put("SHA-1", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1")); encoders.put("SHA-256", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256")); encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder());
encoders.put("SHA-1", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1")); encoders.put("SHA-256", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256")); encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder());
case STANDARD: LOGGER.debug("Creating standard password encoder with the secret defined in the configuration"); return new StandardPasswordEncoder(properties.getSecret()); case BCRYPT: LOGGER.debug("Creating BCRYPT password encoder given the strength [{}] and secret in the configuration",
encoder = new StandardPasswordEncoder(getProperty(SPRING_ENCODER_STANDARD_SECRET, i)); } else { encoder = new StandardPasswordEncoder();