本文整理汇总了Java中org.springframework.security.crypto.bcrypt.BCrypt.checkpw方法的典型用法代码示例。如果您正苦于以下问题:Java BCrypt.checkpw方法的具体用法?Java BCrypt.checkpw怎么用?Java BCrypt.checkpw使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.springframework.security.crypto.bcrypt.BCrypt
的用法示例。
在下文中一共展示了BCrypt.checkpw方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: verify
import org.springframework.security.crypto.bcrypt.BCrypt; //导入方法依赖的package包/类
public boolean verify(final String value, final CipherAlgorithm cipherAlgorithm, final String encodedValue) {
boolean res = false;
try {
if (value != null) {
if (cipherAlgorithm == null || cipherAlgorithm == CipherAlgorithm.AES) {
res = encode(value, cipherAlgorithm).equals(encodedValue);
} else if (cipherAlgorithm == CipherAlgorithm.BCRYPT) {
res = BCrypt.checkpw(value, encodedValue);
} else {
res = getDigester(cipherAlgorithm).matches(value, encodedValue);
}
}
} catch (Exception e) {
LOG.error("Could not verify encoded value", e);
}
return res;
}
示例2: loginUser
import org.springframework.security.crypto.bcrypt.BCrypt; //导入方法依赖的package包/类
/**
* Login user.
*
* @param message
* the message
* @return the response
*/
protected Response loginUser(UserMessage message) {
String userName = message.getUserName();
User user = assist.expectedUser(userName);
SystemIdKey id = message.getSystemId();
switch (user.getState()) {
case ACTIVE:
break;
default:
fail(getResponseContext(CANNOT_DELETE_USER, id), userName + " is in state " + user.getState());
}
boolean ok = BCrypt.checkpw(message.getOldPassword(), user.getPasswordHash());
log.info("Login for {} is {}", userName, ok);
setLocale(message);
//@formatter:off
return ok ?
createSession(message, user) :
failure(getResponseContext(INVALID_PASSWORD, id), message, "Password is invalid");
//@formatter:on
}
示例3: authenticate
import org.springframework.security.crypto.bcrypt.BCrypt; //导入方法依赖的package包/类
static boolean authenticate(String username, String password) {
boolean authenticated = false;
if (Properties.getString("ldap.server") == null) {
Person user = Person.find("byUsername", username).first();
authenticated = user != null && user.password != null && BCrypt.checkpw(password, user.password);
} else {
if (!password.isEmpty()) {
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, Properties.getString("ldap.server"));
env.put(Context.SECURITY_PRINCIPAL, String.format("%[email protected]%s", username, Properties.getString("ldap.domain")));
env.put(Context.SECURITY_CREDENTIALS, password);
try {
new InitialDirContext(env);
authenticated = true;
} catch (NamingException e) {
Logger.info("LDAP authentication failed for %s", username);
}
}
}
return authenticated;
}
示例4: validatePassword
import org.springframework.security.crypto.bcrypt.BCrypt; //导入方法依赖的package包/类
private void validatePassword(final String receiverId, final String password,
final ReceiverMessage receiverMessage) {
if (receiverMessage.getPassword() == null) {
throw new IllegalStateException("Message is not password protected");
}
final int decryptAttempts = receiverMessage.incrementDecryptAttempt();
receiverMsgRepository.update(receiverMessage.getId(), receiverMessage);
if (BCrypt.checkpw(password, receiverMessage.getPassword())) {
return;
}
// invalid password ...
if (decryptAttempts > 2) {
// burn if too many failed attempts
receiverMsgRepository.delete(receiverId);
// inform the sender about invalidation
updateSenderMessageInvalidated(receiverMessage.getSenderId());
throw new MessageNotFoundException();
}
throw new IllegalStateException("Incorrect password");
}
示例5: tokenProcessingFilter
import org.springframework.security.crypto.bcrypt.BCrypt; //导入方法依赖的package包/类
private Filter tokenProcessingFilter() {
return new BasicAuthenticationFilter(new AuthenticationManager() {
@Override
public Authentication authenticate(Authentication authentication)
throws AuthenticationException {
User user = userRepository.findByEmail(authentication.getName());
if (user == null || user.getUsr() == null) {
throw new BadCredentialsException("Invalid credentials! \n\n Please, login again.");
}
String token = user.getUsr().getDeviceToken();
String credentials = (String) authentication.getCredentials();
try {
if(!BCrypt.checkpw(token, credentials)) {
throw new BadCredentialsException("Invalid credentials! \n\n Please, login again.");
}
} catch (IllegalArgumentException e) {
throw new BadCredentialsException("Invalid credentials! \n\n Please, login again.");
}
Collection<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.add(new SimpleGrantedAuthority(user.getRole().name()));
Authentication ret = new PreAuthenticatedAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), authorities );
return ret;
}
}) {
@Override
protected boolean isIgnoreFailure() {
return true;
}
};
}
示例6: login
import org.springframework.security.crypto.bcrypt.BCrypt; //导入方法依赖的package包/类
@Override
public String login(String username, String password) {
final UserDetails userDetails = userDetailsService.loadUserByUsername(username);
if (userDetails == null) {
return null;
}
if (!BCrypt.checkpw(password, userDetails.getPassword())) {
return null;
}
final String token = jwtTokenUtil.generateToken(username);
System.out.println(token);
return token;
}
示例7: changePassword
import org.springframework.security.crypto.bcrypt.BCrypt; //导入方法依赖的package包/类
@Override
public void changePassword(String oldPassword, String newPassword) {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
String currentUserName = authentication.getName();
log.debug("Changing password of user: " + currentUserName);
User user = userRepository.findFirstByUsername(currentUserName);
if (!BCrypt.checkpw(oldPassword, user.getPassword())) {
throw new UnauthorizedUserException("Old password is wrong.");
}
if (!(authentication instanceof AnonymousAuthenticationToken)) { // TODO is this line needed?
user.setPassword(BCrypt.hashpw(newPassword, BCrypt.gensalt(12)));
userRepository.save(user);
log.debug("Password of user " + currentUserName + " has been changed successfully.");
}
}
示例8: login
import org.springframework.security.crypto.bcrypt.BCrypt; //导入方法依赖的package包/类
@RequestMapping(value = "/login", method = RequestMethod.POST)
@ResponseBody
public LoggedUserModel login(@RequestBody LoginUserModel loginUserModel,
HttpServletResponse response) {
LoggedUserModel loggedUserModel = new LoggedUserModel();
String username = loginUserModel.getUsername();
UserModel user = userService.getUserByUsername(username);
if (user == null) {
throw new IllegalArgumentException("Username is incorect");
}
String password = loginUserModel.getPassword();
if (BCrypt.checkpw(password, user.getPassword())) {
String sessionKey = this.generateSessionKey(user.getId());
user.setSessionKey(sessionKey);
userService.update(user);
loggedUserModel.setUsername(username);
loggedUserModel.setSessionKey(sessionKey);
loggedUserModel.setId(user.getId());
} else {
throw new IllegalArgumentException("Password is incorrect!");
}
return loggedUserModel;
}
示例9: checkField
import org.springframework.security.crypto.bcrypt.BCrypt; //导入方法依赖的package包/类
private boolean checkField(String plainValue, String encryptedValue, String encryptionType) {
if (ONE_WAY_HINT.equals(encryptionType)) {
return BCrypt.checkpw(plainValue, encryptedValue);
} else if (TWO_WAY_HINT.equals(encryptionType)) {
return encryptedValue.equals(encryptField(plainValue, encryptionType));
// // AES encryption, requires Java7
// String[] splitted = encryptedValue.split(":");
// TextEncryptor textEncryptor = Encryptors.queryableText(_password, splitted[1]);
// return textEncryptor.encrypt(plainValue).equals(splitted[0]);
}
return false;
}
示例10: validatePassword
import org.springframework.security.crypto.bcrypt.BCrypt; //导入方法依赖的package包/类
@Override
public boolean validatePassword(String password, String correctHash) throws CustomException {
logger.trace("Validation du mot de passe avec BCrypt");
return BCrypt.checkpw(password, correctHash);
}
示例11: matches
import org.springframework.security.crypto.bcrypt.BCrypt; //导入方法依赖的package包/类
@Override
public boolean matches(CharSequence rawPassword, String encodedPassword) {
return BCrypt.checkpw(rawPassword.toString(), encodedPassword);
}
示例12: matches
import org.springframework.security.crypto.bcrypt.BCrypt; //导入方法依赖的package包/类
/**
* Matches raw password and encoded password.
*
* @param rawPassword raw password
* @param encodedPassword encoded password
* @return match or not
*/
@Override public boolean matches(CharSequence rawPassword, String encodedPassword) {
String rawPwd = (String) rawPassword;
return BCrypt.checkpw(rawPwd, encodedPassword);
}