Java 类org.springframework.security.authentication.encoding.MessageDigestPasswordEncoder 实例源码

public MongoPasswordHasherConfiguration(SecurityConfigurationProperties securityConfig) {
    if (StringUtils.isNotBlank(securityConfig.getMongo().getPasswordHasher())) {
        passwordEncoder = new MessageDigestPasswordEncoder(securityConfig.getMongo().getPasswordHasher());
    } else {
        passwordEncoder = null;
    }
}

private void addSessionContextToLogging() {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    String tokenValue = "EMPTY";
    if (authentication != null && !Strings.isNullOrEmpty(authentication.getDetails().toString())) {
        MessageDigestPasswordEncoder encoder = new MessageDigestPasswordEncoder("SHA-1");
        tokenValue = encoder.encodePassword(authentication.getDetails().toString(), "not_so_random_salt");
    }
    MDC.put(TOKEN_SESSION_KEY, tokenValue);

    String userValue = "EMPTY";
    if (authentication != null && !Strings.isNullOrEmpty(authentication.getPrincipal().toString())) {
        userValue = authentication.getPrincipal().toString();
    }
    MDC.put(USER_SESSION_KEY, userValue);
}

private static final boolean resetSuperUserPasswordIfNecessary(RegisteredUsersTable t,
    boolean newUser, MessageDigestPasswordEncoder mde, CallingContext cc)
    throws ODKEntityPersistException, ODKOverQuotaException, ODKEntityNotFoundException {
  String localSuperUser = t.getUsername();
  String currentRealmString = cc.getUserService().getCurrentRealm().getRealmString();
  String lastKnownRealmString = ServerPreferencesProperties.getLastKnownRealmString(cc);
  if (!newUser && lastKnownRealmString != null && lastKnownRealmString.equals(currentRealmString)) {
    // no need to reset the passwords
    return false;
  }
  // The realm string has changed, so we need to reset the password.
  RealmSecurityInfo r = new RealmSecurityInfo();
  r.setRealmString(currentRealmString);
  r.setBasicAuthHashEncoding(mde.getAlgorithm());

  CredentialsInfo credential;
  try {
    credential = CredentialsInfoBuilderInternal.build(localSuperUser, r, "aggregate");
  } catch (NoSuchAlgorithmException e) {
    e.printStackTrace();
    throw new IllegalStateException("unrecognized algorithm");
  }
  t.setDigestAuthPassword(credential.getDigestAuthHash());
  t.setBasicAuthPassword(credential.getBasicAuthHash());
  t.setBasicAuthSalt(credential.getBasicAuthSalt());
  // done setting the password...persist it...
  t.setIsRemoved(false);
  cc.getDatastore().putEntity(t, cc.getCurrentUser());
  // remember the current realm string
  ServerPreferencesProperties.setLastKnownRealmString(cc, currentRealmString);
  logger.warn("Reset password of the local superuser record: " + t.getUri() + " identified by: "
      + t.getUsername());
  return true;
}

@Override
public RealmSecurityInfo getRealmInfo(String xsrfString) throws AccessDeniedException, DatastoreFailureException {

  HttpServletRequest req = this.getThreadLocalRequest();
  CallingContext cc = ContextFactory.getCallingContext(this, req);

  if (!req.getSession().getId().equals(xsrfString)) {
    throw new AccessDeniedException("Invalid request");
  }

  RealmSecurityInfo r = new RealmSecurityInfo();
  r.setRealmString(cc.getUserService().getCurrentRealm().getRealmString());
  MessageDigestPasswordEncoder mde = (MessageDigestPasswordEncoder) cc
      .getBean(SecurityBeanDefs.BASIC_AUTH_PASSWORD_ENCODER);
  r.setBasicAuthHashEncoding(mde.getAlgorithm());
  r.setSuperUserEmail(cc.getUserService().getSuperUserEmail());
  r.setSuperUsername(cc.getUserService().getSuperUserUsername());
  try {
    r.setSuperUsernamePasswordSet(cc.getUserService().isSuperUsernamePasswordSet(cc));
  } catch (ODKDatastoreException e) {
    e.printStackTrace();
    throw new DatastoreFailureException("Unable to access datastore");
  }
  // User interface layer uses this URL to submit password changes securely
  r.setChangeUserPasswordURL(cc.getSecureServerURL() + BasicConsts.FORWARDSLASH
      + UserManagePasswordsServlet.ADDR);
  return r;
}

private void addSessionContextToLogging() {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    String tokenValue = "EMPTY";
    if (authentication != null && !Strings.isNullOrEmpty(authentication.getDetails().toString())) {
        MessageDigestPasswordEncoder encoder = new MessageDigestPasswordEncoder("SHA-1");
        tokenValue = encoder.encodePassword(authentication.getDetails().toString(), "not_so_random_salt");
    }
    MDC.put(TOKEN_SESSION_KEY, tokenValue);

    String userValue = "EMPTY";
    if (authentication != null && !Strings.isNullOrEmpty(authentication.getPrincipal().toString())) {
        userValue = authentication.getPrincipal().toString();
    }
    MDC.put(USER_SESSION_KEY, userValue);
}

public static String encodePassword(String clearTextPassword) {
    return new MessageDigestPasswordEncoder("MD5", true).encodePassword(clearTextPassword, null);
}

private static String encode(String password) {
    return new MessageDigestPasswordEncoder("MD5", true).encodePassword(password, null);
}

/**
 * 采用md5进行信息摘要加密
 */
public static String encodePasswordByMD5(String password,String key){
    return new MessageDigestPasswordEncoder("MD5").encodePassword(password,key);        
}

@Override
public String hashPassword(String password) {

    return new MessageDigestPasswordEncoder(AppConstants.SHA_256.toString()).encodePassword(password, null);
}

protected AbstractCoreMessageDigestPasswordEncoder(MessageDigestPasswordEncoder delegate) {
    this.delegate = delegate;
}

public MessageDigestPasswordEncoder getPasswordEncoder() {
    return passwordEncoder;
}

public void setPasswordEncoder(MessageDigestPasswordEncoder passwordEncoder) {
    this.passwordEncoder = passwordEncoder;
}

public static String encodePassword(String clearTextPassword) {
    return new MessageDigestPasswordEncoder("MD5", true).encodePassword(clearTextPassword, null);
}

private static String encode(String password) {
    return new MessageDigestPasswordEncoder("MD5", true).encodePassword(password, null);
}

public String getHash(String id, String pass) {
    MessageDigestPasswordEncoder mdpe = new MessageDigestPasswordEncoder("MD5");
    return mdpe.encodePassword(pass, id);
}

private static String getHash(String id, String pass)
{
    MessageDigestPasswordEncoder mdpe = new MessageDigestPasswordEncoder(
            "MD5");
    return mdpe.encodePassword(pass, id);
}

public void setPasswordEncoder(MessageDigestPasswordEncoder passwordEncoder) {
    this.passwordEncoder = passwordEncoder;
}

/**
 * Gets the MD5 hash and encodes it in Base 64 notation
 * 
 * @param clearTextPassword
 * @return
 * @throws NoSuchAlgorithmException
 */
public static String getEncodedPassword(String clearTextPassword) {
    return new MessageDigestPasswordEncoder("MD5", true).encodePassword(clearTextPassword, null);
}

/**
 * Get the password encoder.
 * 
 * @return
 */
public MessageDigestPasswordEncoder getPasswordEncoder() {
    return passwordEncoder;
}

/**
 * Set the password encoder.
 * 
 * @param encoder
 */
public void setPasswordEncoder(MessageDigestPasswordEncoder encoder) {
    this.passwordEncoder = encoder;
}

/**
 * Get the encoder for the user manager
 * @return
 */
public MessageDigestPasswordEncoder getEncoder() {
    return encoder;
}

/**
 * Set the encoder for the user manager.
 * 
 * @param encoder
 */
public void setEncoder(MessageDigestPasswordEncoder encoder) {
    this.encoder = encoder;
}

/**
 * Gets the MD5 hash and encodes it in Base 64 notation
 * 
 * @param clearTextPassword
 * @return
 * @throws NoSuchAlgorithmException
 */
public static String getEncodedPassword(String clearTextPassword) {
    return new MessageDigestPasswordEncoder("MD5", true).encodePassword(clearTextPassword, null);
}