public static String decryptPassword(String encryptedText) {
try {
int saltPos = encryptedText.indexOf(SALT_SEPARATOR);
if (saltPos == -1) {
throw new RuntimeException("Invalid Data Format");
}
byte[] saltBase64 = encryptedText.substring(0, saltPos).getBytes(CHAR_ENCODING);
byte[] encryptedPasswordBase64 = encryptedText.substring(saltPos + 1).getBytes(CHAR_ENCODING);
byte[] salt = Base64.decode(saltBase64);
byte[] encryptedPassword = Base64.decode(encryptedPasswordBase64);
byte[] decryptedPassword = decryptPassword(encryptedPassword, salt);
return new String(decryptedPassword);
} catch (UnsupportedEncodingException e) {
LogHelper.log(e);
}
return null;
}
public static String encryptPassword(String password) {
try {
byte[] salt = generateSalt();
byte[] encryptedPassword = encryptPassword(password.getBytes(), salt);
byte[] saltBase64 = Base64.encode(salt);
byte[] encryptedPasswordBase64 = Base64.encode(encryptedPassword);
String saltString = new String(saltBase64, CHAR_ENCODING);
String encryptedPasswordString = new String(encryptedPasswordBase64, CHAR_ENCODING);
StringBuffer stringBuffer = new StringBuffer();
stringBuffer.append(saltString);
stringBuffer.append(SALT_SEPARATOR);
stringBuffer.append(encryptedPasswordString);
return stringBuffer.toString();
} catch (NoSuchAlgorithmException e) {
LogHelper.log(e);
} catch (UnsupportedEncodingException e) {
LogHelper.log(e);
}
return null;
}
public static boolean verifyPassword(String password, String encryptedText) {
try {
int saltPos = encryptedText.indexOf(SALT_SEPARATOR);
if (saltPos == -1) {
throw new RuntimeException("Invalid Data Format");
}
byte[] saltBase64 = encryptedText.substring(0, saltPos).getBytes(CHAR_ENCODING);
byte[] encryptedPasswordBase64 = encryptedText.substring(saltPos + 1).getBytes(CHAR_ENCODING);
byte[] salt = Base64.decode(saltBase64);
byte[] encryptedPassword = Base64.decode(encryptedPasswordBase64);
return verifyPassword(password, encryptedPassword, salt);
} catch (NoSuchAlgorithmException e) {
LogHelper.log(e);
} catch (InvalidKeySpecException e) {
LogHelper.log(e);
} catch (UnsupportedEncodingException e) {
LogHelper.log(e);
}
return false;
}
public String getAuthenticatedUser(
HttpServletRequest req, HttpServletResponse resp, Properties properties) throws IOException {
String authHead = req.getHeader("Authorization"); // $NON-NLS-1$
if (authHead != null && authHead.toUpperCase(Locale.ENGLISH).startsWith(getAuthType())) {
String base64 = authHead.substring(6);
String authString = new String(Base64.decode(base64.getBytes()));
if (authString.indexOf(':') < 0) {
return null;
}
String login = authString.substring(0, authString.indexOf(':'));
String password = authString.substring(authString.indexOf(':') + 1);
User user = getUserForCredentials(login, password);
if (user != null) {
Authorization authorization = defaultUserAdmin.getAuthorization(user);
// TODO handle authorization
return user.getUid();
}
}
return null;
}