PasswordEncoder (Atlassian Security 3.2.5 API)

All Known Implementing Classes:

DefaultPasswordEncoder
```
public interface PasswordEncoder
```
Encodes passwords for storage in an application and allows verification of raw passwords against the stored versions. The actual encoding mechanism depends on the implementation.

See Also:

for a useful starting point for new implementations

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`boolean`	`canDecodePassword(String encodedPassword)` Returns `true` if the encodedPassword is in the right format for decoding and verification by this implementation, otherwise `false`.
`String`	`encodePassword(String rawPassword)` Encodes a password and returns it as a String suitable for storage by the client.
`boolean`	`isValidPassword(String rawPassword, String encodedPassword)` Returns `true` if the rawPassword matches the stored password hash in encodedPassword, otherwise `false`.

- Method Detail
  - encodePassword
```
String encodePassword(String rawPassword)
               throws IllegalArgumentException
```
    Encodes a password and returns it as a String suitable for storage by the client.
    Implementations must perform a one-way hashing operation on the rawPassword so that the rawPassword cannot practically be derived from the encoded result by an attacker.
    It is recommended that implementations include a unique prefix in their encoded form which will allow canDecodePassword(String) to be implemented easily.
    
    Parameters:
    
    rawPassword - the password provided by the user
    
    Returns:
    
    the encoded password
    
    Throws:
    
    IllegalArgumentException - if the rawPassword is null or empty
  - isValidPassword
```
boolean isValidPassword(String rawPassword,
                        String encodedPassword)
                 throws IllegalArgumentException
```
    Returns true if the rawPassword matches the stored password hash in encodedPassword, otherwise false. The encodedPassword parameter should be the result of an earlier call to encodePassword(String). If the encoded password is not in a format which is handled by this encoder, this method will return false.
    If multiple encodings are supported by an application, the client should call canDecodePassword(String) to check that the password was generated by this encoder before calling this method.
    
    Parameters:
    
    rawPassword - the raw password provided by the user for authentication
    
    encodedPassword - the stored password associated with the user
    
    Returns:
    
    true if the rawPassword is a match for the
    
    Throws:
    
    IllegalArgumentException - if either rawPassword or encodedPassword is null or empty
  - canDecodePassword
```
boolean canDecodePassword(String encodedPassword)
```
    Returns true if the encodedPassword is in the right format for decoding and verification by this implementation, otherwise false. For example, implementations might check the length of the encoded password or look for a particular prefix in the encoded string.
    
    Parameters:
    
    encodedPassword - the stored password associated with this user
    
    Returns:
    
    true if the encodedPassword can be decoded by this implementation, otherwise false

Interface PasswordEncoder

Method Summary

Method Detail

encodePassword

isValidPassword

canDecodePassword