Class CompositePasswordEncoder


  • public class CompositePasswordEncoder
    extends Object
    A configurable password encoding that delegates the encoding to a Map of configured encoders.
    Author:
    Gethin James
    • Constructor Detail

      • CompositePasswordEncoder

        public CompositePasswordEncoder()
    • Method Detail

      • getPreferredEncoding

        public String getPreferredEncoding()
      • setPreferredEncoding

        public void setPreferredEncoding​(String preferredEncoding)
      • setEncoders

        public void setEncoders​(Map<String,​Object> encoders)
      • lastEncodingIsPreferred

        public boolean lastEncodingIsPreferred​(List<String> hashIndicator)
        Is the preferred encoding the last encoding to be used.
        Parameters:
        hashIndicator - representing the encoding
        Returns:
        true if is correct
      • isSafeToEncodeChain

        public boolean isSafeToEncodeChain​(List<String> encodingChain)
        Determines if its safe to encode the encoding chain. This applies particularly to double-hashing. BCRYPT uses its own internal salt so its NOT safe to use it more than once in an encoding chain (because the result will be different each time.) BCRYPT CAN BE USED successfully as the last element in an encoding chain. Anything that implements springframework PasswordEncoder is considered "unsafe" (because the method takes no salt param).
        Parameters:
        encodingChain - mandatory encoding chain
        Returns:
        true if it is okay to encode this chain.
      • init

        public void init()
        Basic init method for checking mandatory properties
      • encodePassword

        public String encodePassword​(String rawPassword,
                                     Object salt,
                                     List<String> encodingChain)
        Encode a password
        Parameters:
        rawPassword - mandatory password
        salt - optional salt
        encodingChain - mandatory encoding chain
        Returns:
        the encoded password
      • encodePreferred

        public String encodePreferred​(String rawPassword,
                                      Object salt)
        Encodes a password in the preferred encoding.
        Parameters:
        rawPassword - mandatory password
        salt - optional salt
        Returns:
        Encoded password
      • encode

        protected String encode​(String encoderKey,
                                String rawPassword,
                                Object salt)
        Encode a password using the specified encoderKey
        Parameters:
        encoderKey - the encoder to use
        rawPassword - mandatory password
        salt - optional salt
        Returns:
        the encoded password
      • matchesPassword

        public boolean matchesPassword​(String rawPassword,
                                       String encodedPassword,
                                       Object salt,
                                       List<String> encodingChain)
        Does the password match?
        Parameters:
        rawPassword - mandatory password
        encodedPassword - mandatory hashed version
        salt - optional salt
        encodingChain - mandatory encoding chain
        Returns:
        true if they match
      • matches

        protected boolean matches​(String encoderKey,
                                  String rawPassword,
                                  String encodedPassword,
                                  Object salt)
        Does the password match?
        Parameters:
        encoderKey - the encoder to use
        rawPassword - mandatory password
        encodedPassword - mandatory hashed version
        salt - optional salt
        Returns:
        true if they match