Copy Sha1 implementationo
parent
df88b7d0ff
commit
2a485b71db
|
@ -19,21 +19,37 @@
|
||||||
package com.wisemapping.security;
|
package com.wisemapping.security;
|
||||||
|
|
||||||
import org.apache.log4j.Logger;
|
import org.apache.log4j.Logger;
|
||||||
|
import org.springframework.security.crypto.codec.Base64;
|
||||||
|
import org.springframework.security.crypto.codec.Hex;
|
||||||
|
import org.springframework.security.crypto.codec.Utf8;
|
||||||
import org.springframework.security.crypto.password.MessageDigestPasswordEncoder;
|
import org.springframework.security.crypto.password.MessageDigestPasswordEncoder;
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
import org.springframework.util.Assert;
|
||||||
|
|
||||||
|
import java.security.MessageDigest;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
|
||||||
|
import java.io.UnsupportedEncodingException;
|
||||||
|
import java.security.MessageDigest;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
|
||||||
|
import org.springframework.security.crypto.codec.Base64;
|
||||||
|
import org.springframework.security.crypto.codec.Hex;
|
||||||
|
import org.springframework.security.crypto.codec.Utf8;
|
||||||
|
import org.springframework.util.Assert;
|
||||||
|
|
||||||
|
|
||||||
@SuppressWarnings("deprecation")
|
|
||||||
public class LegacyPasswordEncoder implements PasswordEncoder {
|
public class LegacyPasswordEncoder implements PasswordEncoder {
|
||||||
final private static Logger logger = Logger.getLogger("com.wisemapping.security.LegacyPasswordEncoder");
|
final private static Logger logger = Logger.getLogger("com.wisemapping.security.LegacyPasswordEncoder");
|
||||||
|
|
||||||
private static final String ENC_PREFIX = "ENC:";
|
private static final String ENC_PREFIX = "ENC:";
|
||||||
private static final PasswordEncoder sha1Encoder = new MessageDigestPasswordEncoder("SHA-1");
|
private final ShaPasswordEncoder sha1Encoder = new ShaPasswordEncoder();
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String encode(CharSequence rawPassword) {
|
public String encode(CharSequence rawPassword) {
|
||||||
|
|
||||||
logger.info("LegacyPasswordEncoder encode executed.");
|
logger.info("LegacyPasswordEncoder encode executed.");
|
||||||
return ENC_PREFIX + sha1Encoder.encode(rawPassword);
|
return ENC_PREFIX + sha1Encoder.encode(rawPassword.toString(), "");
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -41,7 +57,101 @@ public class LegacyPasswordEncoder implements PasswordEncoder {
|
||||||
public boolean matches(CharSequence rawPassword, String encodedPassword) {
|
public boolean matches(CharSequence rawPassword, String encodedPassword) {
|
||||||
|
|
||||||
final String encode = encode(rawPassword);
|
final String encode = encode(rawPassword);
|
||||||
logger.info("LegacyPasswordEncoder encode executed ->" + encode + ":" + encodedPassword);
|
|
||||||
return encode.equals(encodedPassword);
|
return encode.equals(encodedPassword);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Just copied to keep compatibility with Spring 3.
|
||||||
|
*/
|
||||||
|
class ShaPasswordEncoder {
|
||||||
|
|
||||||
|
private final String algorithm;
|
||||||
|
private boolean encodeHashAsBase64;
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The digest algorithm to use
|
||||||
|
* Supports the named <a href="http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#AppA">
|
||||||
|
* Message Digest Algorithms</a> in the Java environment.
|
||||||
|
**/
|
||||||
|
ShaPasswordEncoder() {
|
||||||
|
|
||||||
|
this("SHA-1", false);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Convenience constructor for specifying the algorithm and whether or not to enable base64 encoding
|
||||||
|
*
|
||||||
|
* @param algorithm
|
||||||
|
* @param encodeHashAsBase64
|
||||||
|
* @throws IllegalArgumentException if an unknown
|
||||||
|
*/
|
||||||
|
private ShaPasswordEncoder(String algorithm, boolean encodeHashAsBase64) throws IllegalArgumentException {
|
||||||
|
this.algorithm = algorithm;
|
||||||
|
this.encodeHashAsBase64 = encodeHashAsBase64;
|
||||||
|
getMessageDigest();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Encodes the rawPass using a MessageDigest.
|
||||||
|
* If a salt is specified it will be merged with the password before encoding.
|
||||||
|
*
|
||||||
|
* @param rawPass The plain text password
|
||||||
|
* @param salt The salt to sprinkle
|
||||||
|
* @return Hex string of password digest (or base64 encoded string if encodeHashAsBase64 is enabled.
|
||||||
|
*/
|
||||||
|
public String encode(String rawPass, Object salt) {
|
||||||
|
String saltedPass = mergePasswordAndSalt(rawPass, salt, false);
|
||||||
|
|
||||||
|
MessageDigest messageDigest = getMessageDigest();
|
||||||
|
|
||||||
|
byte[] digest = messageDigest.digest(Utf8.encode(saltedPass));
|
||||||
|
|
||||||
|
if (getEncodeHashAsBase64()) {
|
||||||
|
return Utf8.decode(Base64.encode(digest));
|
||||||
|
} else {
|
||||||
|
return new String(Hex.encode(digest));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get a MessageDigest instance for the given algorithm.
|
||||||
|
* Throws an IllegalArgumentException if <i>algorithm</i> is unknown
|
||||||
|
*
|
||||||
|
* @return MessageDigest instance
|
||||||
|
* @throws IllegalArgumentException if NoSuchAlgorithmException is thrown
|
||||||
|
*/
|
||||||
|
private final MessageDigest getMessageDigest() throws IllegalArgumentException {
|
||||||
|
try {
|
||||||
|
return MessageDigest.getInstance(algorithm);
|
||||||
|
} catch (NoSuchAlgorithmException e) {
|
||||||
|
throw new IllegalArgumentException("No such algorithm [" + algorithm + "]");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
//~ Methods ========================================================================================================
|
||||||
|
|
||||||
|
private boolean getEncodeHashAsBase64() {
|
||||||
|
return encodeHashAsBase64;
|
||||||
|
}
|
||||||
|
|
||||||
|
private String mergePasswordAndSalt(String password, Object salt, boolean strict) {
|
||||||
|
if (password == null) {
|
||||||
|
password = "";
|
||||||
|
}
|
||||||
|
|
||||||
|
if (strict && (salt != null)) {
|
||||||
|
if ((salt.toString().lastIndexOf("{") != -1)
|
||||||
|
|| (salt.toString().lastIndexOf("}") != -1)) {
|
||||||
|
throw new IllegalArgumentException("Cannot use { or } in salt.toString()");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ((salt == null) || "".equals(salt)) {
|
||||||
|
return password;
|
||||||
|
} else {
|
||||||
|
return password + "{" + salt.toString() + "}";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue