diff options
| author | Jesse Morgan <jesse@jesterpm.net> | 2016-04-09 15:53:24 -0700 |
|---|---|---|
| committer | Jesse Morgan <jesse@jesterpm.net> | 2016-04-09 15:53:24 -0700 |
| commit | 371ccae3d1f31ec38f4af77fb7fcd175d49b3cd5 (patch) | |
| tree | 38c4f1e8828f9af9c4b77a173bee0d312b321698 /src/main/java/com/p4square/grow/backend/BackendVerifier.java | |
| parent | bbf907e51dfcf157bdee24dead1d531122aa25db (diff) | |
| parent | 3102d8bce3426d9cf41aeaf201c360d342677770 (diff) | |
Merge pull request #10 from PuyallupFoursquare/maven
Switching from Ivy+Ant to Maven.
Diffstat (limited to 'src/main/java/com/p4square/grow/backend/BackendVerifier.java')
| -rw-r--r-- | src/main/java/com/p4square/grow/backend/BackendVerifier.java | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/src/main/java/com/p4square/grow/backend/BackendVerifier.java b/src/main/java/com/p4square/grow/backend/BackendVerifier.java new file mode 100644 index 0000000..83160a9 --- /dev/null +++ b/src/main/java/com/p4square/grow/backend/BackendVerifier.java @@ -0,0 +1,92 @@ +/* + * Copyright 2014 Jesse Morgan + */ + +package com.p4square.grow.backend; + +import java.io.IOException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + +import org.apache.commons.codec.binary.Hex; + +import org.restlet.security.SecretVerifier; + +import com.p4square.grow.model.UserRecord; +import com.p4square.grow.provider.Provider; + +/** + * Verify the given credentials against the users with backend access. + */ +public class BackendVerifier extends SecretVerifier { + + private final Provider<String, UserRecord> mUserProvider; + + public BackendVerifier(Provider<String, UserRecord> userProvider) { + mUserProvider = userProvider; + } + + @Override + public int verify(String identifier, char[] secret) { + if (identifier == null) { + throw new IllegalArgumentException("Null identifier"); + } + + if (secret == null) { + throw new IllegalArgumentException("Null secret"); + } + + // Does the user exist? + UserRecord user; + try { + user = mUserProvider.get(identifier); + if (user == null) { + return RESULT_UNKNOWN; + } + + } catch (IOException e) { + return RESULT_UNKNOWN; + } + + // Does the user have a backend password? + String storedHash = user.getBackendPasswordHash(); + if (storedHash == null) { + // This user doesn't have access + return RESULT_INVALID; + } + + // Validate the password. + try { + String hashedInput = hashPassword(secret); + if (hashedInput.equals(storedHash)) { + return RESULT_VALID; + } + + } catch (NoSuchAlgorithmException e) { + return RESULT_UNSUPPORTED; + } + + // If all else fails, fail. + return RESULT_INVALID; + } + + /** + * Hash the given secret. + */ + public static String hashPassword(char[] secret) throws NoSuchAlgorithmException { + MessageDigest md = MessageDigest.getInstance("SHA-1"); + + // Convert the char[] to byte[] + // FIXME This approach is incorrectly truncating multibyte + // characters. + byte[] b = new byte[secret.length]; + for (int i = 0; i < secret.length; i++) { + b[i] = (byte) secret[i]; + } + + md.update(b); + + byte[] hash = md.digest(); + return new String(Hex.encodeHex(hash)); + } +} |