org.springframework.security.crypto.bcrypt.BCrypt.checkpw()方法的使用及代码示例

x33g5p2x  于2022-01-17 转载在 其他  
字(10.4k)|赞(0)|评价(0)|浏览(150)

本文整理了Java中org.springframework.security.crypto.bcrypt.BCrypt.checkpw()方法的一些代码示例,展示了BCrypt.checkpw()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。BCrypt.checkpw()方法的具体详情如下:
包路径:org.springframework.security.crypto.bcrypt.BCrypt
类名称:BCrypt
方法名:checkpw

BCrypt.checkpw介绍

[英]Check that a plaintext password matches a previously hashed one
[中]检查明文密码是否与以前的哈希密码匹配

代码示例

代码示例来源:origin: spring-projects/spring-security

public boolean matches(CharSequence rawPassword, String encodedPassword) {
  if (encodedPassword == null || encodedPassword.length() == 0) {
    logger.warn("Empty encoded password");
    return false;
  }
  if (!BCRYPT_PATTERN.matcher(encodedPassword).matches()) {
    logger.warn("Encoded password does not look like BCrypt");
    return false;
  }
  return BCrypt.checkpw(rawPassword.toString(), encodedPassword);
}

代码示例来源:origin: org.springframework.security/spring-security-core

public boolean matches(CharSequence rawPassword, String encodedPassword) {
    if (encodedPassword == null || encodedPassword.length() == 0) {
      logger.warn("Empty encoded password");
      return false;
    }

    if (!BCRYPT_PATTERN.matcher(encodedPassword).matches()) {
      logger.warn("Encoded password does not look like BCrypt");
      return false;
    }

    return BCrypt.checkpw(rawPassword.toString(), encodedPassword);
  }
}

代码示例来源:origin: spring-projects/spring-security

/**
 * Test method for 'BCrypt.checkpw(String, String)' expecting success
 */
@Test
public void testCheckpw_success() {
  print("BCrypt.checkpw w/ good passwords: ");
  for (int i = 0; i < test_vectors.length; i++) {
    String plain = test_vectors[i][0];
    String expected = test_vectors[i][2];
    assertThat(BCrypt.checkpw(plain, expected)).isTrue();
    print(".");
  }
  println("");
}

代码示例来源:origin: spring-projects/spring-security

/**
 * Test method for 'BCrypt.checkpw(String, String)' expecting failure
 */
@Test
public void testCheckpw_failure() {
  print("BCrypt.checkpw w/ bad passwords: ");
  for (int i = 0; i < test_vectors.length; i++) {
    int broken_index = (i + 8) % test_vectors.length;
    String plain = test_vectors[i][0];
    String expected = test_vectors[broken_index][2];
    assertThat(BCrypt.checkpw(plain, expected)).isFalse();
    print(".");
  }
  println("");
}

代码示例来源:origin: spring-projects/spring-security

/**
 * Test for correct hashing of non-US-ASCII passwords
 */
@Test
public void testInternationalChars() {
  print("BCrypt.hashpw w/ international chars: ");
  String pw1 = "ππππππππ";
  String pw2 = "????????";
  String h1 = BCrypt.hashpw(pw1, BCrypt.gensalt());
  assertThat(BCrypt.checkpw(pw2, h1)).isFalse();
  print(".");
  String h2 = BCrypt.hashpw(pw2, BCrypt.gensalt());
  assertThat(BCrypt.checkpw(pw1, h2)).isFalse();
  print(".");
  println("");
}

代码示例来源:origin: cloudfoundry/uaa

@Test
public void canChangePasswordWithCorrectOldPassword() throws Exception {
  db.changePassword(JOE_ID, "joespassword", "koala123$marissa", IdentityZoneHolder.get().getId());
  String storedPassword = jdbcTemplate.queryForObject("SELECT password from users where ID=?", String.class, JOE_ID);
  assertTrue(BCrypt.checkpw("koala123$marissa", storedPassword));
}

代码示例来源:origin: cloudfoundry/uaa

@Test
public void canChangePasswordWithoutOldPassword() throws Exception {
  db.changePassword(JOE_ID, null, "koala123$marissa", IdentityZoneHolder.get().getId());
  String storedPassword = jdbcTemplate.queryForObject("SELECT password from users where ID=?", String.class, JOE_ID);
  assertTrue(BCrypt.checkpw("koala123$marissa", storedPassword));
}

代码示例来源:origin: org.springframework.security/org.springframework.security.core

public boolean matches(CharSequence rawPassword, String encodedPassword) {
    if (encodedPassword == null || encodedPassword.length() == 0) {
      throw new IllegalArgumentException("Encoded password cannot be null or empty");
    }

    if (!BCRYPT_PATTERN.matcher(encodedPassword).matches()) {
      throw new IllegalArgumentException("Encoded password does not look like BCrypt");
    }

    return BCrypt.checkpw(rawPassword.toString(), encodedPassword);
  }
}

代码示例来源:origin: org.springframework.security/spring-security-crypto

public boolean matches(CharSequence rawPassword, String encodedPassword) {
    if (encodedPassword == null || encodedPassword.length() == 0) {
      logger.warn("Empty encoded password");
      return false;
    }

    if (!BCRYPT_PATTERN.matcher(encodedPassword).matches()) {
      logger.warn("Encoded password does not look like BCrypt");
      return false;
    }

    return BCrypt.checkpw(rawPassword.toString(), encodedPassword);
  }
}

代码示例来源:origin: apache/servicemix-bundles

public boolean matches(CharSequence rawPassword, String encodedPassword) {
    if (encodedPassword == null || encodedPassword.length() == 0) {
      logger.warn("Empty encoded password");
      return false;
    }

    if (!BCRYPT_PATTERN.matcher(encodedPassword).matches()) {
      logger.warn("Encoded password does not look like BCrypt");
      return false;
    }

    return BCrypt.checkpw(rawPassword.toString(), encodedPassword);
  }
}

代码示例来源:origin: apache/servicemix-bundles

public boolean matches(CharSequence rawPassword, String encodedPassword) {
    if (encodedPassword == null || encodedPassword.length() == 0) {
      logger.warn("Empty encoded password");
      return false;
    }

    if (!BCRYPT_PATTERN.matcher(encodedPassword).matches()) {
      logger.warn("Encoded password does not look like BCrypt");
      return false;
    }

    return BCrypt.checkpw(rawPassword.toString(), encodedPassword);
  }
}

代码示例来源:origin: com.erudika/para

/**
 * Checks if a hash matches a string.
 * @param plain plain text string
 * @param storedHash hashed string
 * @return true if the hash matches
 */
public static boolean bcryptMatches(String plain, String storedHash) {
  if (StringUtils.isBlank(plain) || StringUtils.isBlank(storedHash)) {
    return false;
  }
  try {
    return BCrypt.checkpw(plain, storedHash);
  } catch (Exception e) {
    return false;
  }
}

代码示例来源:origin: infiniteautomation/ma-core-public

public static boolean checkPassword(String password, String storedHash, boolean passwordEncrypted) {
  try {
    if (password == null || storedHash == null)
      return false;
    if (passwordEncrypted) {
      return storedHash.equals(password);
    }
    Matcher m = EXTRACT_ALGORITHM_HASH.matcher(storedHash);
    if (!m.matches()) {
      return false;
    }
    String algorithm = m.group(1);
    String hash = m.group(2);
    if (User.BCRYPT_ALGORITHM.equals(algorithm)) {
      return BCrypt.checkpw(password, hash);
    } else if (User.NONE_ALGORITHM.equals(algorithm)) {
      return hash.equals(password);
    } else if (User.LOCKED_ALGORITHM.equals(algorithm)) {
      return false;
    } else {
      return hash.equals(encrypt(password, algorithm));
    }
  } catch (Throwable t) {
    return false;
  }
}

代码示例来源:origin: org.apache.syncope.core/syncope-core-spring

public boolean verify(final String value, final CipherAlgorithm cipherAlgorithm, final String encodedValue) {
  boolean res = false;
  try {
    if (value != null) {
      if (cipherAlgorithm == null || cipherAlgorithm == CipherAlgorithm.AES) {
        res = encode(value, cipherAlgorithm).equals(encodedValue);
      } else if (cipherAlgorithm == CipherAlgorithm.BCRYPT) {
        res = BCrypt.checkpw(value, encodedValue);
      } else {
        res = getDigester(cipherAlgorithm).matches(value, encodedValue);
      }
    }
  } catch (Exception e) {
    LOG.error("Could not verify encoded value", e);
  }
  return res;
}

代码示例来源:origin: alien4cloud/alien4cloud

private Authentication internalAuthentication(User user, String password) {
  if (BCrypt.checkpw(password, user.getPassword())) {
    return AuthorizationUtil.createAuthenticationToken(user, password);
  } else {
    log.debug("Wrong password for user <" + user.getUsername() + ">");
    throw new BadCredentialsException("Incorrect password for user <" + user.getUsername() + ">");
  }
}

代码示例来源:origin: apache/syncope

public boolean verify(final String value, final CipherAlgorithm cipherAlgorithm, final String encodedValue) {
  boolean res = false;
  try {
    if (value != null) {
      if (cipherAlgorithm == null || cipherAlgorithm == CipherAlgorithm.AES) {
        res = encode(value, cipherAlgorithm).equals(encodedValue);
      } else if (cipherAlgorithm == CipherAlgorithm.BCRYPT) {
        res = BCrypt.checkpw(value, encodedValue);
      } else {
        res = getDigester(cipherAlgorithm).matches(value, encodedValue);
      }
    }
  } catch (Exception e) {
    LOG.error("Could not verify encoded value", e);
  }
  return res;
}

代码示例来源:origin: openbaton/NFVO

@Override
public void changePassword(String oldPassword, String newPassword) {
 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
 String currentUserName = authentication.getName();
 log.debug("Changing password of user: " + currentUserName);
 User user = userRepository.findFirstByUsername(currentUserName);
 if (!BCrypt.checkpw(oldPassword, user.getPassword())) {
  throw new UnauthorizedUserException("Old password is wrong.");
 }
 if (!(authentication instanceof AnonymousAuthenticationToken)) { // TODO is this line needed?
  user.setPassword(BCrypt.hashpw(newPassword, BCrypt.gensalt(12)));
  userRepository.save(user);
  log.debug("Password of user " + currentUserName + " has been changed successfully.");
 }
}

代码示例来源:origin: eclipse/kapua

String infoHashedKey = fullApiKey.split(preSeparator)[1];
if (tokenPre.equals(infoPre) && BCrypt.checkpw(tokenKey, infoHashedKey)) {
  credentialMatch = true;

代码示例来源:origin: eclipse/kapua

@Override
public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) {
  //
  // Token data
  UsernamePasswordCredentials token = (UsernamePasswordCredentials) authenticationToken;
  String tokenUsername = token.getUsername();
  String tokenPassword = token.getPassword();
  //
  // Info data
  LoginAuthenticationInfo info = (LoginAuthenticationInfo) authenticationInfo;
  User infoUser = (User) info.getPrincipals().getPrimaryPrincipal();
  Credential infoCredential = (Credential) info.getCredentials();
  //
  // Match token with info
  boolean credentialMatch = false;
  if (tokenUsername.equals(infoUser.getName()) && CredentialType.PASSWORD.equals(infoCredential.getCredentialType()) && BCrypt.checkpw(tokenPassword, infoCredential.getCredentialKey())) {
    credentialMatch = true;
    // FIXME: if true cache token password for authentication performance improvement
  }
  return credentialMatch;
}

代码示例来源:origin: org.eclipse.kapua/kapua-security-shiro

@Override
public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) {
  //
  // Token data
  UsernamePasswordCredentials token = (UsernamePasswordCredentials) authenticationToken;
  String tokenUsername = token.getUsername();
  String tokenPassword = token.getPassword();
  //
  // Info data
  LoginAuthenticationInfo info = (LoginAuthenticationInfo) authenticationInfo;
  User infoUser = (User) info.getPrincipals().getPrimaryPrincipal();
  Credential infoCredential = (Credential) info.getCredentials();
  //
  // Match token with info
  boolean credentialMatch = false;
  if (tokenUsername.equals(infoUser.getName()) && CredentialType.PASSWORD.equals(infoCredential.getCredentialType()) && BCrypt.checkpw(tokenPassword, infoCredential.getCredentialKey())) {
    credentialMatch = true;
    // FIXME: if true cache token password for authentication performance improvement
  }
  return credentialMatch;
}

内容来源于网络,如有侵权,请联系作者删除!

BCrypt

相关文章

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新文章

    更多
    • 蜀ICP备2022004421号-2 NULL123 https://www.null123.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com