%line | %branch | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
org.apache.jetspeed.security.spi.impl.AlgorithmUpgradePBEPasswordService |
|
|
1 | /* |
|
2 | * Licensed to the Apache Software Foundation (ASF) under one or more |
|
3 | * contributor license agreements. See the NOTICE file distributed with |
|
4 | * this work for additional information regarding copyright ownership. |
|
5 | * The ASF licenses this file to You under the Apache License, Version 2.0 |
|
6 | * (the "License"); you may not use this file except in compliance with |
|
7 | * the License. You may obtain a copy of the License at |
|
8 | * |
|
9 | * http://www.apache.org/licenses/LICENSE-2.0 |
|
10 | * |
|
11 | * Unless required by applicable law or agreed to in writing, software |
|
12 | * distributed under the License is distributed on an "AS IS" BASIS, |
|
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
14 | * See the License for the specific language governing permissions and |
|
15 | * limitations under the License. |
|
16 | */ |
|
17 | package org.apache.jetspeed.security.spi.impl; |
|
18 | ||
19 | import java.security.NoSuchAlgorithmException; |
|
20 | import java.security.spec.InvalidKeySpecException; |
|
21 | import java.sql.Timestamp; |
|
22 | import java.text.ParseException; |
|
23 | import java.text.SimpleDateFormat; |
|
24 | import org.apache.jetspeed.security.AlgorithmUpgradePasswordEncodingService; |
|
25 | import org.apache.jetspeed.security.PasswordCredential; |
|
26 | import org.apache.jetspeed.security.SecurityException; |
|
27 | import org.apache.jetspeed.security.om.InternalCredential; |
|
28 | import org.apache.jetspeed.security.spi.AlgorithmUpgradeCredentialPasswordEncoder; |
|
29 | import org.apache.jetspeed.security.spi.CredentialPasswordEncoder; |
|
30 | ||
31 | /** |
|
32 | * <p> |
|
33 | * MessageDigestToPBEPasswordUpgradeService allows for migrating from a MessageDigestCredentialPasswordEncoder |
|
34 | * to the PBEPasswordService |
|
35 | * </p> |
|
36 | * |
|
37 | * @author <a href="mailto:ate@douma.nu">Ate Douma</a> |
|
38 | * @version $Id:$ |
|
39 | */ |
|
40 | public class AlgorithmUpgradePBEPasswordService extends PBEPasswordService implements AlgorithmUpgradeCredentialPasswordEncoder, AlgorithmUpgradePasswordEncodingService |
|
41 | { |
|
42 | private CredentialPasswordEncoder oldEncoder; |
|
43 | private Timestamp startPBEPasswordEncoding; |
|
44 | ||
45 | public AlgorithmUpgradePBEPasswordService(String pbePassword, CredentialPasswordEncoder oldEncoder, String startPBEPasswordEncoding) throws InvalidKeySpecException, |
|
46 | NoSuchAlgorithmException, ParseException |
|
47 | { |
|
48 | 0 | super(pbePassword); |
49 | 0 | this.oldEncoder = oldEncoder; |
50 | 0 | SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); |
51 | 0 | this.startPBEPasswordEncoding = new Timestamp(df.parse(startPBEPasswordEncoding).getTime()); |
52 | 0 | } |
53 | ||
54 | /* (non-Javadoc) |
|
55 | * @see org.apache.jetspeed.security.AlgorithmUpgradePasswordEncodingService#usesOldEncodingAlgorithm(org.apache.jetspeed.security.PasswordCredential) |
|
56 | */ |
|
57 | public boolean usesOldEncodingAlgorithm(PasswordCredential credential) |
|
58 | { |
|
59 | 0 | return usesOldEncodingAlgorithm(credential.isEnabled(), credential.getLastAuthenticationDate(), credential.getPreviousAuthenticationDate()); |
60 | } |
|
61 | ||
62 | /* (non-Javadoc) |
|
63 | * @see org.apache.jetspeed.security.spi.AlgorithmUpgradeCredentialPasswordEncoder#encode(java.lang.String, java.lang.String, org.apache.jetspeed.security.om.InternalCredential) |
|
64 | */ |
|
65 | public String encode(String userName, String clearTextPassword, InternalCredential credential) throws SecurityException |
|
66 | { |
|
67 | 0 | if ( usesOldEncodingAlgorithm(credential.isEnabled(), credential.getLastAuthenticationDate(), credential.getPreviousAuthenticationDate())) |
68 | { |
|
69 | 0 | return oldEncoder.encode(userName, clearTextPassword); |
70 | } |
|
71 | else |
|
72 | { |
|
73 | 0 | return encode(userName, clearTextPassword); |
74 | } |
|
75 | } |
|
76 | ||
77 | /* (non-Javadoc) |
|
78 | * @see org.apache.jetspeed.security.spi.AlgorithmUpgradeCredentialPasswordEncoder#recodeIfNeeded(java.lang.String, java.lang.String, org.apache.jetspeed.security.om.InternalCredential) |
|
79 | */ |
|
80 | public void recodeIfNeeded(String userName, String clearTextPassword, InternalCredential credential) throws SecurityException |
|
81 | { |
|
82 | 0 | if ( usesOldEncodingAlgorithm(credential.isEnabled(), credential.getLastAuthenticationDate(), credential.getPreviousAuthenticationDate())) |
83 | { |
|
84 | 0 | credential.setValue(encode(userName, clearTextPassword)); |
85 | } |
|
86 | 0 | } |
87 | ||
88 | private boolean usesOldEncodingAlgorithm(class="keyword">boolean encoded, Timestamp lastAuthDate, Timestamp prevAuthDate ) |
|
89 | { |
|
90 | 0 | if ( encoded ) |
91 | { |
|
92 | 0 | if ( lastAuthDate != null ) |
93 | { |
|
94 | 0 | return lastAuthDate.before(startPBEPasswordEncoding); |
95 | } |
|
96 | 0 | else if ( prevAuthDate != null ) |
97 | { |
|
98 | // password was created, but the user is not authenticated yet |
|
99 | 0 | return prevAuthDate.before(startPBEPasswordEncoding); |
100 | } |
|
101 | else |
|
102 | { |
|
103 | // not yet upgraded encoded password |
|
104 | 0 | return true; |
105 | } |
|
106 | } |
|
107 | else |
|
108 | { |
|
109 | 0 | return false; |
110 | } |
|
111 | } |
|
112 | } |
This report is generated by jcoverage, Maven and Maven JCoverage Plugin. |