com.atlassian.crowd.password.encoder

Class AtlassianSecurityPasswordEncoder

java.lang.Object

com.atlassian.crowd.password.encoder.AtlassianSecurityPasswordEncoder

All Implemented Interfaces:

InternalPasswordEncoder, PasswordEncoder, UpgradeablePasswordEncoder

public class AtlassianSecurityPasswordEncoder
extends Object
implements InternalPasswordEncoder, UpgradeablePasswordEncoder

This class is responsible for encoding and validating passwords using Atlassian Password Encoder from Atlassian Security project, while also validating passwords encoded in Atlassian SHA1 format in order to be backwards compatible.

Constructor Summary

Constructors

Constructor and Description
AtlassianSecurityPasswordEncoder()

Method Summary

Modifier and Type	Method and Description
String	encodePassword(String rawPass, Object salt) Encodes the provided rawPass using a Atlassian Password Encoder from Atlassian Security project.
String	getKey() The key to define this password encoder
boolean	isPasswordValid(String encPass, String rawPass, Object salt) Returns true if the rawPass is the same password that was used to create encPass.
boolean	isUpgradeRequired(String encPass) Returns true if the the password is encoded using an older scheme, and if it should be re-encoded and updated.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AtlassianSecurityPasswordEncoder

public AtlassianSecurityPasswordEncoder()

Method Detail

encodePassword

public String encodePassword(String rawPass,
                             Object salt)
                      throws PasswordEncoderException

Encodes the provided rawPass using a Atlassian Password Encoder from Atlassian Security project.

Specified by:

encodePassword in interface PasswordEncoder

Parameters:

rawPass - the password to encode

salt - not used. A null value is legal.

Returns:

encoded password

Throws:

PasswordEncoderException - if there were any issues trying to encode a password

See Also:

DefaultPasswordEncoder

isPasswordValid

public boolean isPasswordValid(String encPass,
                               String rawPass,
                               Object salt)

Returns true if the rawPass is the same password that was used to create encPass.

Specified by:

isPasswordValid in interface PasswordEncoder

Parameters:

encPass - a pre-encoded password in either Atlassian SHA1 form or the form provided by DefaultPasswordEncoder.getDefaultInstance() from atlassian-password-encoder.

rawPass - a raw password to encode and compare against the pre-encoded password

salt - not used. A null value is legal.

Returns:

true if the rawPass is the same password that was used to create encPass

isUpgradeRequired

public boolean isUpgradeRequired(String encPass)

Returns true if the the password is encoded using an older scheme, and if it should be re-encoded and updated.

Specified by:

isUpgradeRequired in interface UpgradeablePasswordEncoder

Parameters:

encPass - a pre-encoded password

Returns:

true if the the password is encoded using an older scheme, and if it should be re-encoded and updated.

getKey

public String getKey()

Description copied from interface: PasswordEncoder

The key to define this password encoder

Specified by:

getKey in interface PasswordEncoder