LibreCCM
/
libreccm
3
0
Fork 0
Code Issues 10 Pull Requests Packages Releases Wiki Activity

CCM NG: Replaced string constant for UTF-8 with java.nio.charset.StandardCharsets.UTF_8 

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@3514 8810af33-2d31-482b-a856-94f89814c4df
pull/2/head
jensp 2015-07-01 17:20:11 +00:00
parent 40f9b8d79d
commit bae3e911a7
3 changed files with 29 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ccm-core/src/main/java/org/libreccm/core/CoreConstants.java
View File

@ -26,7 +26,6 @@ package org.libreccm.core;
public final class CoreConstants {
public static final String CORE_XML_NS = "http://core.libreccm.org";
public static final String UTF8 = "UTF-8";
private CoreConstants() {
//Nothing

59
ccm-core/src/main/java/org/libreccm/core/UserManager.java
View File

@ -23,6 +23,7 @@ import static org.libreccm.core.CoreConstants.*;
import org.apache.commons.codec.binary.Base64;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Random;
@ -73,27 +74,21 @@ public class UserManager {
* @param password The new password.
*/
public void updatePassword(final User user, final String password) {
final Random random = new Random(System.currentTimeMillis());
final byte[] passwordBytes = password.getBytes(
StandardCharsets.UTF_8);
final byte[] salt = new byte[getSaltLength()];
random.nextBytes(salt);
try {
final Random random = new Random(System.currentTimeMillis());
final byte[] passwordBytes = password.getBytes(UTF8);
final byte[] salt = new byte[getSaltLength()];
random.nextBytes(salt);
final byte[] hashedBytes = generateHash(passwordBytes, salt);
final byte[] hashedBytes = generateHash(passwordBytes, salt);
final Base64 base64 = new Base64();
final String hashedPassword = base64.encodeToString(hashedBytes);
final String saltStr = base64.encodeToString(salt);
final Base64 base64 = new Base64();
final String hashedPassword = base64.encodeToString(hashedBytes);
final String saltStr = base64.encodeToString(salt);
user.setPassword(hashedPassword);
user.setSalt(saltStr);
userRepository.save(user);
} catch (UnsupportedEncodingException ex) {
throw new PasswordHashingFailedException(
"UTF-8 charset is not supported.", ex);
}
user.setPassword(hashedPassword);
user.setSalt(saltStr);
userRepository.save(user);
}
/**
@ -105,28 +100,24 @@ public class UserManager {
* @return {@code true} if the provided password matches the password
* stored, {@code false} if not.
*/
public boolean verifyPasswordForUser(final User user,
public boolean verifyPasswordForUser(final User user,
final String password) {
final Base64 base64 = new Base64();
try {
final byte[] hashed = generateHash(
password.getBytes(UTF8), base64.decode(user.getSalt()));
final String hashedPassword = base64.encodeAsString(hashed);
final byte[] hashed = generateHash(
password.getBytes(StandardCharsets.UTF_8),
base64.decode(user.getSalt()));
return hashedPassword.equals(user.getPassword());
final String hashedPassword = base64.encodeAsString(hashed);
return hashedPassword.equals(user.getPassword());
} catch (UnsupportedEncodingException ex) {
throw new PasswordHashingFailedException(
"Failed to generate hash of password", ex);
}
}
public boolean verifyPasswordForScreenname(final String screenname,
final String password)
throws UserNotFoundException {
final User user = userRepository.findByScreenName(screenname);
if (user == null) {
@ -136,11 +127,11 @@ public class UserManager {
return verifyPasswordForUser(user, password);
}
}
public boolean verifyPasswordForEmail(final String emailAddress,
final String password)
throws UserNotFoundException{
final String password)
throws UserNotFoundException {
final User user = userRepository.findByEmailAddress(emailAddress);
if (user == null) {

7
ccm-core/src/test/java/org/libreccm/core/UserManagerTest.java
View File

@ -48,6 +48,7 @@ import org.libreccm.tests.categories.IntegrationTest;
import java.io.File;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
@ -168,7 +169,8 @@ public class UserManagerTest {
final Base64 base64 = new Base64();
final User user = entityManager.find(User.class, -10L);
final byte[] passwordBytes = newPassword.getBytes(UTF8);
final byte[] passwordBytes = newPassword.getBytes(
StandardCharsets.UTF_8);
final String salt = user.getSalt();
final byte[] saltBytes = base64.decode(salt);
@ -201,9 +203,8 @@ public class UserManagerTest {
@InSequence(200)
public void verifyPasswordForUser() {
final User user = userRepository.findById(-10L);
//userManager.updatePassword(user, "foobar");
//userManager.updatePassword(user, "foobar");
final boolean result = userManager.verifyPasswordForUser(user, "foobar");
assertThat(result, is(true));