Fixed the styling
This commit is contained in:
AsimA
parent
a8d5020ede
commit
aeb9754500
13 changed files with 74 additions and 54 deletions
|
|
@ -150,7 +150,8 @@ public class RootUserPolicy implements PolicyIface {
|
||||||
ua.setEmailAddress(configuredRootUser);
|
ua.setEmailAddress(configuredRootUser);
|
||||||
ua.setFirstName("root");
|
ua.setFirstName("root");
|
||||||
ua.setLastName("user");
|
ua.setLastName("user");
|
||||||
ua.setArgon2Password(Authenticator.applyArgon2iEncoding(cp,ROOT_USER_INITIAL_PASSWORD));
|
ua.setArgon2Password(Authenticator.applyArgon2iEncoding(cp,
|
||||||
|
ROOT_USER_INITIAL_PASSWORD));
|
||||||
ua.setMd5Password("");
|
ua.setMd5Password("");
|
||||||
ua.setPasswordChangeRequired(true);
|
ua.setPasswordChangeRequired(true);
|
||||||
ua.setStatus(Status.ACTIVE);
|
ua.setStatus(Status.ACTIVE);
|
||||||
|
|
|
||||||
|
|
@ -136,7 +136,6 @@ public class UserAccount {
|
||||||
public String getPasswordLinkExpiresHash() {
|
public String getPasswordLinkExpiresHash() {
|
||||||
return limitStringLength(8, Authenticator.applyArgon2iEncoding(String
|
return limitStringLength(8, Authenticator.applyArgon2iEncoding(String
|
||||||
.valueOf(passwordLinkExpires)));
|
.valueOf(passwordLinkExpires)));
|
||||||
//applyMd5Encoding
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setPasswordLinkExpires(long passwordLinkExpires) {
|
public void setPasswordLinkExpires(long passwordLinkExpires) {
|
||||||
|
|
@ -246,6 +245,7 @@ public class UserAccount {
|
||||||
+ (", firstName=" + firstName) + (", lastName=" + lastName)
|
+ (", firstName=" + firstName) + (", lastName=" + lastName)
|
||||||
+ (", md5password=" + md5Password)
|
+ (", md5password=" + md5Password)
|
||||||
+ (", oldPassword=" + oldPassword)
|
+ (", oldPassword=" + oldPassword)
|
||||||
|
+ (", argon2password=" + argon2Password)
|
||||||
+ (", passwordLinkExpires=" + passwordLinkExpires)
|
+ (", passwordLinkExpires=" + passwordLinkExpires)
|
||||||
+ (", passwordChangeRequired=" + passwordChangeRequired)
|
+ (", passwordChangeRequired=" + passwordChangeRequired)
|
||||||
+ (", externalAuthOnly=" + externalAuthOnly)
|
+ (", externalAuthOnly=" + externalAuthOnly)
|
||||||
|
|
|
||||||
|
|
@ -59,7 +59,7 @@ public abstract class Authenticator {
|
||||||
*/
|
*/
|
||||||
private static ConfigurationProperties cp;
|
private static ConfigurationProperties cp;
|
||||||
public static Authenticator getInstance(HttpServletRequest request) {
|
public static Authenticator getInstance(HttpServletRequest request) {
|
||||||
ServletContext ctx = request.getSession().getServletContext();
|
ServletContext ctx = request.getSession().getServletContext();
|
||||||
Object attribute = ctx.getAttribute(FACTORY_ATTRIBUTE_NAME);
|
Object attribute = ctx.getAttribute(FACTORY_ATTRIBUTE_NAME);
|
||||||
if (!(attribute instanceof AuthenticatorFactory)) {
|
if (!(attribute instanceof AuthenticatorFactory)) {
|
||||||
setAuthenticatorFactory(new BasicAuthenticator.Factory(), ctx);
|
setAuthenticatorFactory(new BasicAuthenticator.Factory(), ctx);
|
||||||
|
|
@ -117,6 +117,11 @@ public abstract class Authenticator {
|
||||||
String clearTextPassword);
|
String clearTextPassword);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Does this UserAccount have this Argon2 password? False if the
|
||||||
|
* userAccount is null.
|
||||||
|
*/
|
||||||
public abstract boolean isCurrentPasswordArgon2(UserAccount userAccount,
|
public abstract boolean isCurrentPasswordArgon2(UserAccount userAccount,
|
||||||
String clearTextPassword);
|
String clearTextPassword);
|
||||||
|
|
||||||
|
|
@ -220,13 +225,19 @@ public abstract class Authenticator {
|
||||||
public static String applyArgon2iEncoding(String raw) {
|
public static String applyArgon2iEncoding(String raw) {
|
||||||
Argon2 argon2 = Argon2Factory.create();
|
Argon2 argon2 = Argon2Factory.create();
|
||||||
try {
|
try {
|
||||||
if(cp.getProperty("argon2.time") != null && cp.getProperty("argon2.memory") !=null && cp.getProperty("argon2.parallelism")!=null)
|
if(cp.getProperty("argon2.time") != null && cp.getProperty("argon2.memory") !=null
|
||||||
return argon2.hash(Integer.parseInt(cp.getProperty("argon2.time")),
|
&& cp.getProperty("argon2.parallelism")!=null) {
|
||||||
Integer.parseInt(cp.getProperty("argon2.memory")),
|
return argon2.hash(Integer.parseInt(cp.getProperty("argon2.time")),
|
||||||
Integer.parseInt(cp.getProperty("argon2.parallelism")), raw);
|
Integer.parseInt(cp.getProperty("argon2.memory")),
|
||||||
else
|
Integer.parseInt(cp.getProperty("argon2.parallelism")), raw);
|
||||||
throw new RuntimeException("Parameters \"argon2.time\", \"argon2.memory\" and \"argon2.parallelism\" are either missing in the \"runtime.properties\" file or are not defined correctly");
|
}
|
||||||
} catch (Exception e) {
|
else {
|
||||||
|
throw new RuntimeException("Parameters \"argon2.time\", \"argon2.memory\" " +
|
||||||
|
"and \"argon2.parallelism\" are either missing in the \"runtime.properties\"" +
|
||||||
|
" file or are not defined correctly");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
catch (Exception e) {
|
||||||
// This can't happen with a normal Java runtime.
|
// This can't happen with a normal Java runtime.
|
||||||
throw new RuntimeException(e);
|
throw new RuntimeException(e);
|
||||||
}
|
}
|
||||||
|
|
@ -245,13 +256,19 @@ public abstract class Authenticator {
|
||||||
public static String applyArgon2iEncoding(ConfigurationProperties configProp, String raw) {
|
public static String applyArgon2iEncoding(ConfigurationProperties configProp, String raw) {
|
||||||
Argon2 argon2 = Argon2Factory.create();
|
Argon2 argon2 = Argon2Factory.create();
|
||||||
try {
|
try {
|
||||||
if(configProp.getProperty("argon2.time") != null && configProp.getProperty("argon2.memory") !=null && configProp.getProperty("argon2.parallelism")!=null)
|
if(configProp.getProperty("argon2.time") != null && configProp.getProperty("argon2.memory") !=null
|
||||||
return argon2.hash(Integer.parseInt(configProp.getProperty("argon2.time")),
|
&& configProp.getProperty("argon2.parallelism")!=null) {
|
||||||
Integer.parseInt(configProp.getProperty("argon2.memory")),
|
return argon2.hash(Integer.parseInt(configProp.getProperty("argon2.time")),
|
||||||
Integer.parseInt(configProp.getProperty("argon2.parallelism")), raw);
|
Integer.parseInt(configProp.getProperty("argon2.memory")),
|
||||||
else
|
Integer.parseInt(configProp.getProperty("argon2.parallelism")), raw);
|
||||||
throw new RuntimeException("Parameters \"argon2.time\", \"argon2.memory\" and \"argon2.parallelism\" are either missing in the \"runtime.properties\" file or are not defined correctly");
|
}
|
||||||
} catch (Exception e) {
|
else {
|
||||||
|
throw new RuntimeException("Parameters \"argon2.time\", \"argon2.memory\" " +
|
||||||
|
"and \"argon2.parallelism\" are either missing in the \"runtime.properties\"" +
|
||||||
|
" file or are not defined correctly");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
catch (Exception e) {
|
||||||
// This can't happen with a normal Java runtime.
|
// This can't happen with a normal Java runtime.
|
||||||
throw new RuntimeException(e);
|
throw new RuntimeException(e);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -100,7 +100,8 @@ public class BasicAuthenticator extends Authenticator {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean md5HashIsNull(UserAccount userAccount){
|
public boolean md5HashIsNull(UserAccount userAccount){
|
||||||
if(userAccount.getMd5Password().compareTo("")==0 || userAccount.getMd5Password()==null)
|
if(userAccount.getMd5Password().compareTo("")==0 ||
|
||||||
|
userAccount.getMd5Password()==null)
|
||||||
return true;
|
return true;
|
||||||
else
|
else
|
||||||
return false;
|
return false;
|
||||||
|
|
@ -109,19 +110,18 @@ public class BasicAuthenticator extends Authenticator {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean isCurrentPasswordArgon2(UserAccount userAccount,
|
public boolean isCurrentPasswordArgon2(UserAccount userAccount,
|
||||||
String clearTextPassword) {
|
String clearTextPassword) {
|
||||||
if (userAccount == null) {
|
if (userAccount == null) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (clearTextPassword == null) {
|
if (clearTextPassword == null) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
return verifyArgon2iHash(userAccount.getArgon2Password(),
|
||||||
return verifyArgon2iHash(userAccount.getArgon2Password(),clearTextPassword);
|
clearTextPassword);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void recordNewPassword(UserAccount userAccount,
|
public void recordNewPassword(UserAccount userAccount,
|
||||||
String newClearTextPassword) {
|
String newClearTextPassword) {
|
||||||
|
|
@ -129,7 +129,8 @@ public class BasicAuthenticator extends Authenticator {
|
||||||
log.error("Trying to change password on null user.");
|
log.error("Trying to change password on null user.");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
userAccount.setArgon2Password((applyArgon2iEncoding(newClearTextPassword)));
|
userAccount.setArgon2Password((applyArgon2iEncoding(
|
||||||
|
newClearTextPassword)));
|
||||||
userAccount.setMd5Password("");
|
userAccount.setMd5Password("");
|
||||||
userAccount.setPasswordChangeRequired(false);
|
userAccount.setPasswordChangeRequired(false);
|
||||||
userAccount.setPasswordLinkExpires(0L);
|
userAccount.setPasswordLinkExpires(0L);
|
||||||
|
|
|
||||||
|
|
@ -169,7 +169,6 @@ public class ProgramLogin extends HttpServlet {
|
||||||
return false;
|
return false;
|
||||||
else {
|
else {
|
||||||
userAccount.setPasswordChangeRequired(true);
|
userAccount.setPasswordChangeRequired(true);
|
||||||
// userAccount.setMd5Password("");
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
|
|
|
||||||
|
|
@ -78,7 +78,8 @@ public class RestrictedAuthenticator extends Authenticator {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean md5HashIsNull(UserAccount userAccount){
|
public boolean md5HashIsNull(UserAccount userAccount){
|
||||||
if(userAccount.getMd5Password().compareTo("")==0 || userAccount.getMd5Password()==null)
|
if(userAccount.getMd5Password().compareTo("")==0 ||
|
||||||
|
userAccount.getMd5Password()==null)
|
||||||
return true;
|
return true;
|
||||||
else
|
else
|
||||||
return false;
|
return false;
|
||||||
|
|
@ -94,8 +95,8 @@ public class RestrictedAuthenticator extends Authenticator {
|
||||||
if (clearTextPassword == null) {
|
if (clearTextPassword == null) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
return verifyArgon2iHash(userAccount.getArgon2Password(),
|
||||||
return verifyArgon2iHash(userAccount.getArgon2Password(),clearTextPassword);
|
clearTextPassword);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -339,21 +339,25 @@ public class Authenticate extends VitroHttpServlet {
|
||||||
|
|
||||||
|
|
||||||
if(getAuthenticator(request).md5HashIsNull(user)) {
|
if(getAuthenticator(request).md5HashIsNull(user)) {
|
||||||
if (!getAuthenticator(request).isCurrentPasswordArgon2(user, password)) {
|
if (!getAuthenticator(request)
|
||||||
bean.setMessage(request, ERROR, "error_incorrect_credentials");
|
.isCurrentPasswordArgon2(user, password)) {
|
||||||
|
bean.setMessage(request, ERROR,
|
||||||
|
"error_incorrect_credentials");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if (!getAuthenticator(request).isCurrentPassword(user, password)) {
|
if (!getAuthenticator(request)
|
||||||
bean.setMessage(request, ERROR, "error_incorrect_credentials");
|
.isCurrentPassword(user, password)) {
|
||||||
|
bean.setMessage(request, ERROR,
|
||||||
|
"error_incorrect_credentials");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
user.setPasswordChangeRequired(true);
|
user.setPasswordChangeRequired(true);
|
||||||
user.setMd5Password("");
|
user.setMd5Password("");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -105,7 +105,8 @@ public class AuthenticatorStub extends Authenticator {
|
||||||
@Override
|
@Override
|
||||||
public boolean md5HashIsNull(UserAccount userAccount){
|
public boolean md5HashIsNull(UserAccount userAccount){
|
||||||
if(userAccount!=null) {
|
if(userAccount!=null) {
|
||||||
if (userAccount.getMd5Password().compareTo("") == 0 || userAccount.getMd5Password() == null)
|
if (userAccount.getMd5Password().compareTo("") == 0 ||
|
||||||
|
userAccount.getMd5Password() == null)
|
||||||
return true;
|
return true;
|
||||||
else
|
else
|
||||||
return false;
|
return false;
|
||||||
|
|
@ -123,8 +124,8 @@ public class AuthenticatorStub extends Authenticator {
|
||||||
if (clearTextPassword == null) {
|
if (clearTextPassword == null) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
return verifyArgon2iHash(userAccount.getArgon2Password(),
|
||||||
return verifyArgon2iHash(userAccount.getArgon2Password(),clearTextPassword);
|
clearTextPassword);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -100,7 +100,6 @@ public class ProgramLoginTest extends AbstractTestClass {
|
||||||
.singleton(PermissionSets.URI_DBA));
|
.singleton(PermissionSets.URI_DBA));
|
||||||
user.setArgon2Password(Authenticator.applyArgon2iEncodingStub(password));
|
user.setArgon2Password(Authenticator.applyArgon2iEncodingStub(password));
|
||||||
user.setMd5Password("");
|
user.setMd5Password("");
|
||||||
//user.setMd5Password(Authenticator.applyMd5Encoding(password));
|
|
||||||
user.setLoginCount(loginCount);
|
user.setLoginCount(loginCount);
|
||||||
user.setPasswordChangeRequired(loginCount == 0);
|
user.setPasswordChangeRequired(loginCount == 0);
|
||||||
return user;
|
return user;
|
||||||
|
|
@ -181,15 +180,12 @@ public class ProgramLoginTest extends AbstractTestClass {
|
||||||
String newPassword) {
|
String newPassword) {
|
||||||
if (email != null) {
|
if (email != null) {
|
||||||
request.addParameter(PARAM_EMAIL_ADDRESS, email);
|
request.addParameter(PARAM_EMAIL_ADDRESS, email);
|
||||||
System.out.println("1");
|
|
||||||
}
|
}
|
||||||
if (password != null) {
|
if (password != null) {
|
||||||
request.addParameter(PARAM_PASSWORD, password);
|
request.addParameter(PARAM_PASSWORD, password);
|
||||||
System.out.println("2");
|
|
||||||
}
|
}
|
||||||
if (newPassword != null) {
|
if (newPassword != null) {
|
||||||
request.addParameter(PARAM_NEW_PASSWORD, newPassword);
|
request.addParameter(PARAM_NEW_PASSWORD, newPassword);
|
||||||
System.out.println("3");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
|
|
||||||
|
|
@ -193,7 +193,6 @@ public class AuthenticateTest extends AbstractTestClass {
|
||||||
user.setPermissionSetUris(userInfo.permissionSetUris);
|
user.setPermissionSetUris(userInfo.permissionSetUris);
|
||||||
user.setArgon2Password(Authenticator.applyArgon2iEncodingStub(userInfo.password));
|
user.setArgon2Password(Authenticator.applyArgon2iEncodingStub(userInfo.password));
|
||||||
user.setMd5Password("");
|
user.setMd5Password("");
|
||||||
// user.setMd5Password(Authenticator.applyMd5Encoding(userInfo.password));
|
|
||||||
user.setLoginCount(userInfo.loginCount);
|
user.setLoginCount(userInfo.loginCount);
|
||||||
user.setPasswordChangeRequired(userInfo.loginCount == 0);
|
user.setPasswordChangeRequired(userInfo.loginCount == 0);
|
||||||
return user;
|
return user;
|
||||||
|
|
|
||||||
|
|
@ -104,7 +104,7 @@ public class UserAccountsDaoJenaTest extends AbstractTestClass {
|
||||||
0L, false, 1, 0L, Status.ACTIVE, "bboop", false, EMPTY, false,
|
0L, false, 1, 0L, Status.ACTIVE, "bboop", false, EMPTY, false,
|
||||||
collection(URI_PROFILE1, URI_PROFILE2));
|
collection(URI_PROFILE1, URI_PROFILE2));
|
||||||
userC = userAccount("", "ccallas@here", "Charlie", "Callas", "XXXX", "",
|
userC = userAccount("", "ccallas@here", "Charlie", "Callas", "XXXX", "",
|
||||||
"YYYY", 0L, false, 1, 0L, Status.ACTIVE, "ccallas", false,
|
"YYYY", 0L, false, 1, 0L, Status.ACTIVE, "ccallas", false,
|
||||||
EMPTY, false, collection(URI_PROFILE2));
|
EMPTY, false, collection(URI_PROFILE2));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -392,7 +392,6 @@ public class UserAccountsDaoJenaTest extends AbstractTestClass {
|
||||||
ua.setLastName(lastName);
|
ua.setLastName(lastName);
|
||||||
ua.setArgon2Password(argon2Password);
|
ua.setArgon2Password(argon2Password);
|
||||||
ua.setMd5Password("");
|
ua.setMd5Password("");
|
||||||
//ua.setMd5Password(md5Password);
|
|
||||||
ua.setOldPassword(oldPassword);
|
ua.setOldPassword(oldPassword);
|
||||||
ua.setPasswordLinkExpires(passwordLinkExpires);
|
ua.setPasswordLinkExpires(passwordLinkExpires);
|
||||||
ua.setPasswordChangeRequired(passwordChangeRequired);
|
ua.setPasswordChangeRequired(passwordChangeRequired);
|
||||||
|
|
|
||||||
|
|
@ -78,15 +78,16 @@ VitroConnection.DataSource.validationQuery = SELECT 1
|
||||||
rootUser.emailAddress = root@myDomain.com
|
rootUser.emailAddress = root@myDomain.com
|
||||||
|
|
||||||
#
|
#
|
||||||
# Argon2 password hashing parameters for time, memory and parallelism required to compute a hash.
|
# Argon2 password hashing parameters for time, memory and parallelism required to
|
||||||
|
# compute a hash.
|
||||||
#
|
#
|
||||||
# A time cost defines the amount of computation realized and therefore the execution time, given in a number of iterations
|
# A time cost defines the amount of computation realized and therefore the execution
|
||||||
|
# time, given in a number of iterations.
|
||||||
# A memory cost defines the memory usage, given in kibibytes
|
# A memory cost defines the memory usage, given in kibibytes
|
||||||
# A parallelism degree defines the number of parallel threads
|
# A parallelism degree defines the number of parallel threads
|
||||||
# For determining the optimal values of the parameters for your setup please refer to the white paper section 9 - https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf
|
# For determining the optimal values of the parameters for your setup please refer to
|
||||||
#
|
# the white paper section 9
|
||||||
# Warning: Please change the parameters only if you have installed a fresh installation of Vitro/Vivo and have not logged-in in the system yet.
|
# https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf
|
||||||
# If you already have user accounts encrypted through these parameters please do not change them otherwise the existing users would not be able to log-in.
|
|
||||||
#
|
#
|
||||||
argon2.parallelism =1
|
argon2.parallelism =1
|
||||||
argon2.memory = 1024
|
argon2.memory = 1024
|
||||||
|
|
|
||||||
|
|
@ -78,15 +78,16 @@ VitroConnection.DataSource.validationQuery = SELECT 1
|
||||||
rootUser.emailAddress = root@myDomain.com
|
rootUser.emailAddress = root@myDomain.com
|
||||||
|
|
||||||
#
|
#
|
||||||
# Argon2 password hashing parameters for time, memory and parallelism required to compute a hash.
|
# Argon2 password hashing parameters for time, memory and parallelism required to
|
||||||
|
# compute a hash.
|
||||||
#
|
#
|
||||||
# A time cost defines the amount of computation realized and therefore the execution time, given in a number of iterations
|
# A time cost defines the amount of computation realized and therefore the execution
|
||||||
|
# time, given in a number of iterations.
|
||||||
# A memory cost defines the memory usage, given in kibibytes
|
# A memory cost defines the memory usage, given in kibibytes
|
||||||
# A parallelism degree defines the number of parallel threads
|
# A parallelism degree defines the number of parallel threads
|
||||||
# For determining the optimal values of the parameters for your setup please refer to the white paper section 9 - https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf
|
# For determining the optimal values of the parameters for your setup please refer to
|
||||||
#
|
# the white paper section 9
|
||||||
# Warning: Please change the parameters only if you have installed a fresh installation of Vitro/Vivo and have not logged-in in the system yet.
|
# https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf
|
||||||
# If you already have user accounts encrypted through these parameters please do not change them otherwise the existing users would not be able to log-in.
|
|
||||||
#
|
#
|
||||||
argon2.parallelism =1
|
argon2.parallelism =1
|
||||||
argon2.memory = 1024
|
argon2.memory = 1024
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue