mindol1004/spring-boot-webflux-jjwt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

remove unused method, add password encoder iteration and keylength to properties

Browse Source
This commit is contained in:
ard333
2018-09-04 11:27:07 +07:00
parent 74b2cb9acd
commit 7fabe11f67
3 changed files with 11 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/main/java/com/ard333/springbootwebfluxjjwt/security/PBKDF2Encoder.java
View File

@@ -16,8 +16,14 @@ import org.springframework.stereotype.Component;
@Component @Component
public class PBKDF2Encoder implements PasswordEncoder{ public class PBKDF2Encoder implements PasswordEncoder{
@Value("${springbootwebfluxjjwt.password.secret}") @Value("${springbootwebfluxjjwt.password.encoder.secret}")
private String secret; private String secret;
@Value("${springbootwebfluxjjwt.password.encoder.iteration}")
private Integer iteration;
@Value("${springbootwebfluxjjwt.password.encoder.keylength}")
private Integer keylength;
/** /**
* More info (https://www.owasp.org/index.php/Hashing_Java) * More info (https://www.owasp.org/index.php/Hashing_Java)
@@ -28,7 +34,7 @@ public class PBKDF2Encoder implements PasswordEncoder{
public String encode(CharSequence cs) { public String encode(CharSequence cs) {
try { try {
byte[] result = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512") byte[] result = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512")
.generateSecret(new PBEKeySpec(cs.toString().toCharArray(), secret.getBytes(), 33, 256)) .generateSecret(new PBEKeySpec(cs.toString().toCharArray(), secret.getBytes(), iteration, keylength))
.getEncoded(); .getEncoded();
return Base64.getEncoder().encodeToString(result); return Base64.getEncoder().encodeToString(result);
} catch (NoSuchAlgorithmException | InvalidKeySpecException ex) { } catch (NoSuchAlgorithmException | InvalidKeySpecException ex) {

11
src/main/java/com/ard333/springbootwebfluxjjwt/service/UserService.java
View File

@@ -24,17 +24,6 @@ public class UserService {
private final String adminUsername = "admin";// password: admin private final String adminUsername = "admin";// password: admin
private final User admin = new User(adminUsername, "dQNjUIMorJb8Ubj2+wVGYp6eAeYkdekqAcnYp+aRq5w=", true, Arrays.asList(Role.ROLE_ADMIN)); private final User admin = new User(adminUsername, "dQNjUIMorJb8Ubj2+wVGYp6eAeYkdekqAcnYp+aRq5w=", true, Arrays.asList(Role.ROLE_ADMIN));
public Mono<UserDetails> findUserDetailsByUsername(String username) {
if (username.equals(userUsername)) {
return Mono.just(user);
} else if (username.equals(adminUsername)) {
return Mono.just(admin);
} else {
return Mono.empty();
}
}
public Mono<User> findByUsername(String username) { public Mono<User> findByUsername(String username) {
if (username.equals(userUsername)) { if (username.equals(userUsername)) {
return Mono.just(user); return Mono.just(user);

4
src/main/resources/application.properties
View File

@@ -1,3 +1,5 @@
springbootwebfluxjjwt.password.secret=mysecret springbootwebfluxjjwt.password.encoder.secret=mysecret
springbootwebfluxjjwt.password.encoder.iteration=33
springbootwebfluxjjwt.password.encoder.keylength=256
springbootwebfluxjjwt.jjwt.secret=mysecret springbootwebfluxjjwt.jjwt.secret=mysecret
springbootwebfluxjjwt.jjwt.expiration=28800 springbootwebfluxjjwt.jjwt.expiration=28800