diff --git a/src/main/java/guru/sfg/brewery/config/SecurityConfig.java b/src/main/java/guru/sfg/brewery/config/SecurityConfig.java index 8aaccc4ee..add18bd0f 100644 --- a/src/main/java/guru/sfg/brewery/config/SecurityConfig.java +++ b/src/main/java/guru/sfg/brewery/config/SecurityConfig.java @@ -50,7 +50,7 @@ protected void configure(AuthenticationManagerBuilder auth) throws Exception { .password("{sha256}1296cefceb47413d3fb91ac7586a4625c33937b4d3109f5a4dd96c79c46193a029db713b96006ded") .roles("USER"); - auth.inMemoryAuthentication().withUser("scott").password("{ldap}{SSHA}A10yuLOEGbSTbHl7csQHk7X0X3rwrqdmBomRsA==").roles("CUSTOMER"); + auth.inMemoryAuthentication().withUser("scott").password("{bcrypt12}$2a$12$t3WNAiSn1qhkhiv.EvmHEunIyHJDyVqWnHgdHhBt8idh7Uto9YMFW").roles("CUSTOMER"); } // @Override diff --git a/src/main/java/guru/sfg/brewery/security/Bcrypt12Encoder.java b/src/main/java/guru/sfg/brewery/security/Bcrypt12Encoder.java new file mode 100644 index 000000000..d1d457081 --- /dev/null +++ b/src/main/java/guru/sfg/brewery/security/Bcrypt12Encoder.java @@ -0,0 +1,22 @@ +package guru.sfg.brewery.security; + +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; + +public class Bcrypt12Encoder implements PasswordEncoder { + BCryptPasswordEncoder bCryptPasswordEncoder; + + public Bcrypt12Encoder() { + bCryptPasswordEncoder = new BCryptPasswordEncoder(12); + } + + @Override + public String encode(CharSequence rawPassword) { + return bCryptPasswordEncoder.encode(rawPassword); + } + + @Override + public boolean matches(CharSequence rawPassword, String encodedPassword) { + return bCryptPasswordEncoder.matches(rawPassword, encodedPassword); + } +} diff --git a/src/main/java/guru/sfg/brewery/security/SfgPasswordEncoderFactories.java b/src/main/java/guru/sfg/brewery/security/SfgPasswordEncoderFactories.java index f613da682..c1e3ec830 100644 --- a/src/main/java/guru/sfg/brewery/security/SfgPasswordEncoderFactories.java +++ b/src/main/java/guru/sfg/brewery/security/SfgPasswordEncoderFactories.java @@ -19,6 +19,7 @@ public static PasswordEncoder createDelegatingPasswordEncoder() { encoders.put("ldap", new org.springframework.security.crypto.password.LdapShaPasswordEncoder()); encoders.put("noop", org.springframework.security.crypto.password.NoOpPasswordEncoder.getInstance()); encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder()); + encoders.put("bcrypt12", new Bcrypt12Encoder()); return new DelegatingPasswordEncoder(encodingId, encoders); } diff --git a/src/test/java/guru/sfg/brewery/web/controllers/PasswordEncodingTests.java b/src/test/java/guru/sfg/brewery/web/controllers/PasswordEncodingTests.java index eb8e7e307..db3ef25b0 100644 --- a/src/test/java/guru/sfg/brewery/web/controllers/PasswordEncodingTests.java +++ b/src/test/java/guru/sfg/brewery/web/controllers/PasswordEncodingTests.java @@ -1,5 +1,6 @@ package guru.sfg.brewery.web.controllers; +import guru.sfg.brewery.security.Bcrypt12Encoder; import org.junit.jupiter.api.Test; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.LdapShaPasswordEncoder; @@ -17,6 +18,16 @@ public class PasswordEncodingTests { static final String PASSWORD = "password"; + @Test + void testBcrypt12() { + PasswordEncoder bcrypt = new Bcrypt12Encoder(); + + System.out.println(bcrypt.encode(PASSWORD)); + System.out.println(bcrypt.encode(PASSWORD)); + System.out.println(bcrypt.encode("tiger")); + + } + @Test void testBcrypt() { PasswordEncoder bcrypt = new BCryptPasswordEncoder();