/*
* This file is part of LibrePlan
*
* Copyright (C) 2009-2010 Fundación para o Fomento da Calidade Industrial e
* Desenvolvemento Tecnolóxico de Galicia
* Copyright (C) 2010-2011 Igalia, S.L.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package org.libreplan.web.users.services;
import java.util.Collections;
import org.springframework.security.authentication.dao.SaltSource;
import org.springframework.security.authentication.encoding.PasswordEncoder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
/**
* For maximum flexibility, the implementation uses the password encoder and the salt source
* configured in the Spring Security configuration file
* (in consequence, it is possible to change the configuration to use any password encoder and/or salt source
* without modifying the implementation of this service).
*
* The only restriction the implementation imposes is that
* when using a reflection-based salt source, the "username" property must be specified.
*
* @author Fernando Bellas Permuy <fbellas@udc.es>
*/
public class DBPasswordEncoderService implements IDBPasswordEncoderService {
private SaltSource saltSource;
// TODO resolve deprecated
private PasswordEncoder passwordEncoder;
public void setSaltSource(SaltSource saltSource) {
this.saltSource = saltSource;
}
// TODO resolve deprecated
public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
this.passwordEncoder = passwordEncoder;
}
@Override
/**
* The second parameter, <code>loginName</code>, is used as a salt if the
* configured salt source is <code>ReflectionSaltSource</code>
* (which must be configured to use "username" property as a salt).
*/
public String encodePassword(String clearPassword, String loginName) {
/*
* The only important parameter in User's constructor is "loginName",
* which corresponds to the "username" property if the "saltSource" is
* "ReflectionSaltSource". Note that "SystemWideSaltSource" ignores
* the "user" passed as a parameter to "saltSource.getSalt"
*/
UserDetails userDetails = new User(loginName, clearPassword, true, true, true, true, Collections.emptyList());
Object salt = null;
if ( saltSource != null ) {
salt = saltSource.getSalt(userDetails);
}
return passwordEncoder.encodePassword(clearPassword, salt);
}
}