mirror of
https://github.com/GravitLauncher/Launcher
synced 2025-01-09 00:59:44 +03:00
[FEATURE] PasswordVerifier encrypt support
This commit is contained in:
parent
fbd246a338
commit
201b6826ed
8 changed files with 101 additions and 8 deletions
|
@ -27,7 +27,7 @@
|
|||
import java.util.UUID;
|
||||
|
||||
public class JsonCoreProvider extends AuthCoreProvider {
|
||||
private transient final Logger logger = LogManager.getLogger();
|
||||
private static transient final Logger logger = LogManager.getLogger();
|
||||
public String getUserByUsernameUrl;
|
||||
public String getUserByLoginUrl;
|
||||
public String getUserByUUIDUrl;
|
||||
|
@ -302,8 +302,11 @@ public long getExpireIn() {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
public <T, R> R jsonRequest(T request, String url, Class<R> clazz) {
|
||||
return jsonRequest(request, url, bearerToken, clazz, client);
|
||||
}
|
||||
|
||||
public static <T, R> R jsonRequest(T request, String url, String bearerToken, Class<R> clazz, HttpClient client) {
|
||||
HttpRequest.BodyPublisher publisher;
|
||||
if (request != null) {
|
||||
publisher = HttpRequest.BodyPublishers.ofString(request.toString());
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
package pro.gravit.launchserver.auth.password;
|
||||
|
||||
public class AcceptPasswordVerifier extends PasswordVerifier {
|
||||
@Override
|
||||
public boolean check(String encryptedPassword, String password) {
|
||||
return true;
|
||||
}
|
||||
}
|
|
@ -13,15 +13,29 @@ public class DigestPasswordVerifier extends PasswordVerifier {
|
|||
private transient final Logger logger = LogManager.getLogger();
|
||||
public String algo;
|
||||
|
||||
private byte[] digest(String text) throws NoSuchAlgorithmException {
|
||||
MessageDigest digest = MessageDigest.getInstance(algo);
|
||||
return digest.digest(text.getBytes(StandardCharsets.UTF_8));
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean check(String encryptedPassword, String password) {
|
||||
try {
|
||||
MessageDigest digest = MessageDigest.getInstance(algo);
|
||||
byte[] bytes = SecurityHelper.fromHex(encryptedPassword);
|
||||
return Arrays.equals(bytes, digest.digest(password.getBytes(StandardCharsets.UTF_8)));
|
||||
return Arrays.equals(bytes, digest(password));
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
logger.error("Digest algorithm {} not supported", algo);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public String encrypt(String password) {
|
||||
try {
|
||||
return SecurityHelper.toHex(digest(password));
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
logger.error("Digest algorithm {} not supported", algo);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -14,16 +14,30 @@ public class DoubleDigestPasswordVerifier extends PasswordVerifier {
|
|||
public String algo;
|
||||
public boolean toHexMode;
|
||||
|
||||
private byte[] digest(String text) throws NoSuchAlgorithmException {
|
||||
MessageDigest digest = MessageDigest.getInstance(algo);
|
||||
byte[] firstDigest = digest.digest();
|
||||
return toHexMode ? digest.digest(SecurityHelper.toHex(firstDigest).getBytes(StandardCharsets.UTF_8)) : digest.digest(firstDigest);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean check(String encryptedPassword, String password) {
|
||||
try {
|
||||
MessageDigest digest = MessageDigest.getInstance(algo);
|
||||
byte[] bytes = SecurityHelper.fromHex(password);
|
||||
byte[] firstDigest = digest.digest(bytes);
|
||||
return Arrays.equals(encryptedPassword.getBytes(StandardCharsets.UTF_8), toHexMode ? digest.digest(SecurityHelper.toHex(firstDigest).getBytes(StandardCharsets.UTF_8)) : digest.digest(firstDigest));
|
||||
byte[] bytes = SecurityHelper.fromHex(encryptedPassword);
|
||||
return Arrays.equals(bytes, digest(password));
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
logger.error("Digest algorithm {} not supported", algo);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public String encrypt(String password) {
|
||||
try {
|
||||
return SecurityHelper.toHex(digest(password));
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
logger.error("Digest algorithm {} not supported", algo);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,34 @@
|
|||
package pro.gravit.launchserver.auth.password;
|
||||
|
||||
import pro.gravit.launchserver.auth.core.JsonCoreProvider;
|
||||
|
||||
import java.net.http.HttpClient;
|
||||
|
||||
public class JsonPasswordVerifier extends PasswordVerifier {
|
||||
public String url;
|
||||
public String bearerToken;
|
||||
private transient HttpClient client = HttpClient.newBuilder().build();
|
||||
|
||||
public static class JsonPasswordRequest {
|
||||
public String encryptedPassword;
|
||||
public String password;
|
||||
|
||||
public JsonPasswordRequest(String encryptedPassword, String password) {
|
||||
this.encryptedPassword = encryptedPassword;
|
||||
this.password = password;
|
||||
}
|
||||
}
|
||||
|
||||
public static class JsonPasswordResponse {
|
||||
public boolean success;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean check(String encryptedPassword, String password) {
|
||||
JsonPasswordResponse response = JsonCoreProvider.jsonRequest(new JsonPasswordRequest(encryptedPassword, password), url, bearerToken, JsonPasswordResponse.class, client);
|
||||
if (response != null) {
|
||||
return response.success;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
}
|
|
@ -11,9 +11,16 @@ public static void registerProviders() {
|
|||
providers.register("plain", PlainPasswordVerifier.class);
|
||||
providers.register("digest", DigestPasswordVerifier.class);
|
||||
providers.register("doubleDigest", DoubleDigestPasswordVerifier.class);
|
||||
providers.register("json", JsonPasswordVerifier.class);
|
||||
providers.register("accept", AcceptPasswordVerifier.class);
|
||||
providers.register("reject", RejectPasswordVerifier.class);
|
||||
registeredProviders = true;
|
||||
}
|
||||
}
|
||||
|
||||
public abstract boolean check(String encryptedPassword, String password);
|
||||
|
||||
public String encrypt(String password) {
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -5,4 +5,9 @@ public class PlainPasswordVerifier extends PasswordVerifier {
|
|||
public boolean check(String encryptedPassword, String password) {
|
||||
return encryptedPassword.equals(password);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String encrypt(String password) {
|
||||
return super.encrypt(password);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
package pro.gravit.launchserver.auth.password;
|
||||
|
||||
public class RejectPasswordVerifier extends PasswordVerifier {
|
||||
@Override
|
||||
public boolean check(String encryptedPassword, String password) {
|
||||
return false;
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue