Class CompositePasswordEncoder


  • public class CompositePasswordEncoder
    extends java.lang.Object
    A configurable password encoding that delegates the encoding to a Map of configured encoders.
    Author:
    Gethin James
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.util.List<java.lang.String> MD4  
      static java.lang.String MD4_KEY  
      static java.util.List<java.lang.String> SHA256  
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected java.lang.String encode​(java.lang.String encoderKey, java.lang.String rawPassword, java.lang.Object salt)
      Encode a password using the specified encoderKey
      java.lang.String encodePassword​(java.lang.String rawPassword, java.lang.Object salt, java.util.List<java.lang.String> encodingChain)
      Encode a password
      java.lang.String encodePreferred​(java.lang.String rawPassword, java.lang.Object salt)
      Encodes a password in the preferred encoding.
      java.lang.String getPreferredEncoding()  
      void init()
      Basic init method for checking mandatory properties
      boolean isSafeToEncodeChain​(java.util.List<java.lang.String> encodingChain)
      Determines if its safe to encode the encoding chain.
      boolean lastEncodingIsPreferred​(java.util.List<java.lang.String> hashIndicator)
      Is the preferred encoding the last encoding to be used.
      protected boolean matches​(java.lang.String encoderKey, java.lang.String rawPassword, java.lang.String encodedPassword, java.lang.Object salt)
      Does the password match?
      boolean matchesPassword​(java.lang.String rawPassword, java.lang.String encodedPassword, java.lang.Object salt, java.util.List<java.lang.String> encodingChain)
      Does the password match?
      void setEncoders​(java.util.Map<java.lang.String,​java.lang.Object> encoders)  
      void setPreferredEncoding​(java.lang.String preferredEncoding)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • SHA256

        public static final java.util.List<java.lang.String> SHA256
      • MD4

        public static final java.util.List<java.lang.String> MD4
    • Constructor Detail

      • CompositePasswordEncoder

        public CompositePasswordEncoder()
    • Method Detail

      • getPreferredEncoding

        public java.lang.String getPreferredEncoding()
      • setPreferredEncoding

        public void setPreferredEncoding​(java.lang.String preferredEncoding)
      • setEncoders

        public void setEncoders​(java.util.Map<java.lang.String,​java.lang.Object> encoders)
      • lastEncodingIsPreferred

        public boolean lastEncodingIsPreferred​(java.util.List<java.lang.String> hashIndicator)
        Is the preferred encoding the last encoding to be used.
        Parameters:
        hashIndicator - representing the encoding
        Returns:
        true if is correct
      • isSafeToEncodeChain

        public boolean isSafeToEncodeChain​(java.util.List<java.lang.String> encodingChain)
        Determines if its safe to encode the encoding chain. This applies particularly to double-hashing. BCRYPT uses its own internal salt so its NOT safe to use it more than once in an encoding chain (because the result will be different each time.) BCRYPT CAN BE USED successfully as the last element in an encoding chain. Anything that implements springframework PasswordEncoder is considered "unsafe" (because the method takes no salt param).
        Parameters:
        encodingChain - mandatory encoding chain
        Returns:
        true if it is okay to encode this chain.
      • init

        public void init()
        Basic init method for checking mandatory properties
      • encodePassword

        public java.lang.String encodePassword​(java.lang.String rawPassword,
                                               java.lang.Object salt,
                                               java.util.List<java.lang.String> encodingChain)
        Encode a password
        Parameters:
        rawPassword - mandatory password
        salt - optional salt
        encodingChain - mandatory encoding chain
        Returns:
        the encoded password
      • encodePreferred

        public java.lang.String encodePreferred​(java.lang.String rawPassword,
                                                java.lang.Object salt)
        Encodes a password in the preferred encoding.
        Parameters:
        rawPassword - mandatory password
        salt - optional salt
        Returns:
        Encoded password
      • encode

        protected java.lang.String encode​(java.lang.String encoderKey,
                                          java.lang.String rawPassword,
                                          java.lang.Object salt)
        Encode a password using the specified encoderKey
        Parameters:
        encoderKey - the encoder to use
        rawPassword - mandatory password
        salt - optional salt
        Returns:
        the encoded password
      • matchesPassword

        public boolean matchesPassword​(java.lang.String rawPassword,
                                       java.lang.String encodedPassword,
                                       java.lang.Object salt,
                                       java.util.List<java.lang.String> encodingChain)
        Does the password match?
        Parameters:
        rawPassword - mandatory password
        encodedPassword - mandatory hashed version
        salt - optional salt
        encodingChain - mandatory encoding chain
        Returns:
        true if they match
      • matches

        protected boolean matches​(java.lang.String encoderKey,
                                  java.lang.String rawPassword,
                                  java.lang.String encodedPassword,
                                  java.lang.Object salt)
        Does the password match?
        Parameters:
        encoderKey - the encoder to use
        rawPassword - mandatory password
        encodedPassword - mandatory hashed version
        salt - optional salt
        Returns:
        true if they match