[FEATURE] PasswordVerifier encrypt support

This commit is contained in:
Gravita 2021-06-15 18:24:29 +07:00
parent fbd246a338
commit 201b6826ed
8 changed files with 101 additions and 8 deletions

View file

@ -27,7 +27,7 @@
import java.util.UUID; import java.util.UUID;
public class JsonCoreProvider extends AuthCoreProvider { public class JsonCoreProvider extends AuthCoreProvider {
private transient final Logger logger = LogManager.getLogger(); private static transient final Logger logger = LogManager.getLogger();
public String getUserByUsernameUrl; public String getUserByUsernameUrl;
public String getUserByLoginUrl; public String getUserByLoginUrl;
public String getUserByUUIDUrl; public String getUserByUUIDUrl;
@ -302,8 +302,11 @@ public long getExpireIn() {
} }
} }
public <T, R> R jsonRequest(T request, String url, Class<R> clazz) { public <T, R> R jsonRequest(T request, String url, Class<R> clazz) {
return jsonRequest(request, url, bearerToken, clazz, client);
}
public static <T, R> R jsonRequest(T request, String url, String bearerToken, Class<R> clazz, HttpClient client) {
HttpRequest.BodyPublisher publisher; HttpRequest.BodyPublisher publisher;
if (request != null) { if (request != null) {
publisher = HttpRequest.BodyPublishers.ofString(request.toString()); publisher = HttpRequest.BodyPublishers.ofString(request.toString());

View file

@ -0,0 +1,8 @@
package pro.gravit.launchserver.auth.password;
public class AcceptPasswordVerifier extends PasswordVerifier {
@Override
public boolean check(String encryptedPassword, String password) {
return true;
}
}

View file

@ -13,15 +13,29 @@ public class DigestPasswordVerifier extends PasswordVerifier {
private transient final Logger logger = LogManager.getLogger(); private transient final Logger logger = LogManager.getLogger();
public String algo; public String algo;
private byte[] digest(String text) throws NoSuchAlgorithmException {
MessageDigest digest = MessageDigest.getInstance(algo);
return digest.digest(text.getBytes(StandardCharsets.UTF_8));
}
@Override @Override
public boolean check(String encryptedPassword, String password) { public boolean check(String encryptedPassword, String password) {
try { try {
MessageDigest digest = MessageDigest.getInstance(algo);
byte[] bytes = SecurityHelper.fromHex(encryptedPassword); byte[] bytes = SecurityHelper.fromHex(encryptedPassword);
return Arrays.equals(bytes, digest.digest(password.getBytes(StandardCharsets.UTF_8))); return Arrays.equals(bytes, digest(password));
} catch (NoSuchAlgorithmException e) { } catch (NoSuchAlgorithmException e) {
logger.error("Digest algorithm {} not supported", algo); logger.error("Digest algorithm {} not supported", algo);
return false; return false;
} }
} }
@Override
public String encrypt(String password) {
try {
return SecurityHelper.toHex(digest(password));
} catch (NoSuchAlgorithmException e) {
logger.error("Digest algorithm {} not supported", algo);
return null;
}
}
} }

View file

@ -14,16 +14,30 @@ public class DoubleDigestPasswordVerifier extends PasswordVerifier {
public String algo; public String algo;
public boolean toHexMode; public boolean toHexMode;
private byte[] digest(String text) throws NoSuchAlgorithmException {
MessageDigest digest = MessageDigest.getInstance(algo);
byte[] firstDigest = digest.digest();
return toHexMode ? digest.digest(SecurityHelper.toHex(firstDigest).getBytes(StandardCharsets.UTF_8)) : digest.digest(firstDigest);
}
@Override @Override
public boolean check(String encryptedPassword, String password) { public boolean check(String encryptedPassword, String password) {
try { try {
MessageDigest digest = MessageDigest.getInstance(algo); byte[] bytes = SecurityHelper.fromHex(encryptedPassword);
byte[] bytes = SecurityHelper.fromHex(password); return Arrays.equals(bytes, digest(password));
byte[] firstDigest = digest.digest(bytes);
return Arrays.equals(encryptedPassword.getBytes(StandardCharsets.UTF_8), toHexMode ? digest.digest(SecurityHelper.toHex(firstDigest).getBytes(StandardCharsets.UTF_8)) : digest.digest(firstDigest));
} catch (NoSuchAlgorithmException e) { } catch (NoSuchAlgorithmException e) {
logger.error("Digest algorithm {} not supported", algo); logger.error("Digest algorithm {} not supported", algo);
return false; return false;
} }
} }
@Override
public String encrypt(String password) {
try {
return SecurityHelper.toHex(digest(password));
} catch (NoSuchAlgorithmException e) {
logger.error("Digest algorithm {} not supported", algo);
return null;
}
}
} }

View file

@ -0,0 +1,34 @@
package pro.gravit.launchserver.auth.password;
import pro.gravit.launchserver.auth.core.JsonCoreProvider;
import java.net.http.HttpClient;
public class JsonPasswordVerifier extends PasswordVerifier {
public String url;
public String bearerToken;
private transient HttpClient client = HttpClient.newBuilder().build();
public static class JsonPasswordRequest {
public String encryptedPassword;
public String password;
public JsonPasswordRequest(String encryptedPassword, String password) {
this.encryptedPassword = encryptedPassword;
this.password = password;
}
}
public static class JsonPasswordResponse {
public boolean success;
}
@Override
public boolean check(String encryptedPassword, String password) {
JsonPasswordResponse response = JsonCoreProvider.jsonRequest(new JsonPasswordRequest(encryptedPassword, password), url, bearerToken, JsonPasswordResponse.class, client);
if (response != null) {
return response.success;
}
return false;
}
}

View file

@ -11,9 +11,16 @@ public static void registerProviders() {
providers.register("plain", PlainPasswordVerifier.class); providers.register("plain", PlainPasswordVerifier.class);
providers.register("digest", DigestPasswordVerifier.class); providers.register("digest", DigestPasswordVerifier.class);
providers.register("doubleDigest", DoubleDigestPasswordVerifier.class); providers.register("doubleDigest", DoubleDigestPasswordVerifier.class);
providers.register("json", JsonPasswordVerifier.class);
providers.register("accept", AcceptPasswordVerifier.class);
providers.register("reject", RejectPasswordVerifier.class);
registeredProviders = true; registeredProviders = true;
} }
} }
public abstract boolean check(String encryptedPassword, String password); public abstract boolean check(String encryptedPassword, String password);
public String encrypt(String password) {
throw new UnsupportedOperationException();
}
} }

View file

@ -5,4 +5,9 @@ public class PlainPasswordVerifier extends PasswordVerifier {
public boolean check(String encryptedPassword, String password) { public boolean check(String encryptedPassword, String password) {
return encryptedPassword.equals(password); return encryptedPassword.equals(password);
} }
@Override
public String encrypt(String password) {
return super.encrypt(password);
}
} }

View file

@ -0,0 +1,8 @@
package pro.gravit.launchserver.auth.password;
public class RejectPasswordVerifier extends PasswordVerifier {
@Override
public boolean check(String encryptedPassword, String password) {
return false;
}
}