/**
* Copyright (c) 2000-present Liferay, Inc. All rights reserved.
*
* This library is free software; you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 2.1 of the License, or (at your option)
* any later version.
*
* This library is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
* details.
*/
package com.liferay.portal.security.pwd;
import com.liferay.portal.kernel.exception.PwdEncryptorException;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.security.pwd.PasswordEncryptor;
import com.liferay.portal.kernel.util.CharPool;
import com.liferay.portal.kernel.util.StringBundler;
import com.liferay.portal.kernel.util.StringPool;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.util.PropsValues;
/**
* @author Tomas Polesovsky
*/
public class LegacyAlgorithmAwarePasswordEncryptor
extends BasePasswordEncryptor {
public static PasswordEncryptor create(
PasswordEncryptor parentPasswordEncryptor) {
if (Validator.isNull(
PropsValues.PASSWORDS_ENCRYPTION_ALGORITHM_LEGACY)) {
return parentPasswordEncryptor;
}
return new LegacyAlgorithmAwarePasswordEncryptor(
parentPasswordEncryptor);
}
@Override
public String encrypt(
String algorithm, String plainTextPassword,
String encryptedPassword)
throws PwdEncryptorException {
if (_log.isDebugEnabled()) {
String message =
"Using legacy detection scheme for algorithm " + algorithm +
" with current password ";
if (Validator.isNull(encryptedPassword)) {
message += "empty";
}
else {
message += "provided";
}
_log.debug(message);
}
boolean prependAlgorithm = true;
if (Validator.isNotNull(encryptedPassword) &&
(encryptedPassword.charAt(0) != CharPool.OPEN_CURLY_BRACE)) {
algorithm = PropsValues.PASSWORDS_ENCRYPTION_ALGORITHM_LEGACY;
prependAlgorithm = false;
if (_log.isDebugEnabled()) {
_log.debug("Using legacy algorithm " + algorithm);
}
}
else if (Validator.isNotNull(encryptedPassword) &&
(encryptedPassword.charAt(0) == CharPool.OPEN_CURLY_BRACE)) {
int index = encryptedPassword.indexOf(CharPool.CLOSE_CURLY_BRACE);
if (index > 0) {
algorithm = encryptedPassword.substring(1, index);
encryptedPassword = encryptedPassword.substring(index + 1);
}
if (_log.isDebugEnabled()) {
_log.debug("Upgraded password to use algorithm " + algorithm);
}
}
String newEncryptedPassword = _parentPasswordEncryptor.encrypt(
algorithm, plainTextPassword, encryptedPassword);
if (!prependAlgorithm) {
if (_log.isDebugEnabled()) {
_log.debug(
"Generated password without algorithm prefix using " +
algorithm);
}
return newEncryptedPassword;
}
if (_log.isDebugEnabled()) {
_log.debug(
"Generated password with algorithm prefix using " + algorithm);
}
StringBundler sb = new StringBundler(4);
sb.append(StringPool.OPEN_CURLY_BRACE);
sb.append(getAlgorithmName(algorithm));
sb.append(StringPool.CLOSE_CURLY_BRACE);
sb.append(newEncryptedPassword);
return sb.toString();
}
@Override
public String[] getSupportedAlgorithmTypes() {
return _parentPasswordEncryptor.getSupportedAlgorithmTypes();
}
protected String getAlgorithmName(String algorithm) {
int index = algorithm.indexOf(CharPool.SLASH);
if (index > 0) {
return algorithm.substring(0, index);
}
return algorithm;
}
private LegacyAlgorithmAwarePasswordEncryptor(
PasswordEncryptor parentPasswordEncryptor) {
_parentPasswordEncryptor = parentPasswordEncryptor;
}
private static final Log _log = LogFactoryUtil.getLog(
LegacyAlgorithmAwarePasswordEncryptor.class);
private final PasswordEncryptor _parentPasswordEncryptor;
}