下面列出了怎么用org.springframework.security.crypto.password.Pbkdf2PasswordEncoder的API类实例代码及写法,或者点击链接到github查看源代码。
@SuppressWarnings("deprecation")
public static PasswordEncoder createDelegatingPasswordEncoder() {
String encodingId = "pbkdf2";
Map<String, PasswordEncoder> encoders = new HashMap<>();
encoders.put(encodingId, new BCryptPasswordEncoder());
encoders.put("ldap", new org.springframework.security.crypto.password.LdapShaPasswordEncoder());
encoders.put("MD4", new org.springframework.security.crypto.password.Md4PasswordEncoder());
encoders.put("MD5", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("MD5"));
encoders.put("noop", org.springframework.security.crypto.password.NoOpPasswordEncoder.getInstance());
encoders.put("pbkdf2", new Pbkdf2PasswordEncoder());
encoders.put("scrypt", new SCryptPasswordEncoder());
encoders.put("SHA-1", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1"));
encoders.put("SHA-256", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256"));
encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder());
return new DelegatingPasswordEncoder(encodingId, encoders);
}
public String encode(String plainPassword) {
String pepper = "pepper"; // secret key used by password encoding
int iterations = 200000; // number of hash iteration
int hashWidth = 256; // hash with in bits
Pbkdf2PasswordEncoder pbkdf2PasswordEncoder =
new Pbkdf2PasswordEncoder(pepper, iterations, hashWidth);
return pbkdf2PasswordEncoder.encode(plainPassword);
}
/**
* Finds the number of Iteration for the {@link Pbkdf2PasswordEncoder} to get the duration of
* password encoding close to 1s. The Calculation does not use any secret (pepper) and applies
* hash algorithm SHA256.
*/
public int calculateIteration() {
int iterationNumber = 150000;
while (true) {
Pbkdf2PasswordEncoder pbkdf2PasswordEncoder =
new Pbkdf2PasswordEncoder(NO_ADDITIONAL_SECRET, iterationNumber, HASH_WIDTH);
Stopwatch stopwatch = Stopwatch.createStarted();
pbkdf2PasswordEncoder.encode(TEST_PASSWORD);
stopwatch.stop();
long duration = stopwatch.elapsed(TimeUnit.MILLISECONDS);
if (duration > GOAL_MILLISECONDS_PER_PASSWORD) {
return iterationNumber;
}
iterationNumber += ITERATION_STEP;
}
}
public static PasswordEncoder newPasswordEncoder(final String encoderType) {
switch (encoderType) {
case "bcrypt":
return new BCryptPasswordEncoder();
case "ldap":
return new org.springframework.security.crypto.password.LdapShaPasswordEncoder();
case "MD4":
return new org.springframework.security.crypto.password.Md4PasswordEncoder();
case "MD5":
return new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("MD5");
case "noop":
return org.springframework.security.crypto.password.NoOpPasswordEncoder.getInstance();
case "pbkdf2":
return new Pbkdf2PasswordEncoder();
case "scrypt":
return new SCryptPasswordEncoder();
case "SHA-1":
return new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1");
case "SHA-256":
return new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256");
case "sha256":
return new org.springframework.security.crypto.password.StandardPasswordEncoder();
default:
return NoOpPasswordEncoder.getInstance();
}
}
@Bean
public PasswordEncoder passwordEncoder() {
Map<String,PasswordEncoder> encoders = new HashMap<>();
encoders.put(PwdEncodingAlgo.BCrypt.getStatus(), new BCryptPasswordEncoder());
encoders.put(PwdEncodingAlgo.Pbkf2.getStatus(), new Pbkdf2PasswordEncoder());
encoders.put(PwdEncodingAlgo.SCrypt.getStatus(), new SCryptPasswordEncoder());
return new DelegatingPasswordEncoder(PwdEncodingAlgo.BCrypt.getStatus(), encoders);
}