private boolean verifyPassword(
QueryConfiguration configuration, PasswordKeyMapper passwordMapper, Evidence evidence) {
Credential credential = executePrincipalQuery(configuration, passwordMapper::map);
String algorithm = passwordMapper.getAlgorithm();
try {
if (credential instanceof PasswordCredential) {
PasswordFactory passwordFactory = getPasswordFactory(algorithm);
char[] guessCredentialChars;
if (evidence instanceof PasswordGuessEvidence) {
guessCredentialChars = ((PasswordGuessEvidence) evidence).getGuess();
} else {
throw log.passwordBasedCredentialsMustBeCharsOrClearPassword();
}
return passwordFactory.verify(
((PasswordCredential) credential).getPassword(), guessCredentialChars);
}
} catch (InvalidKeyException e) {
throw log.invalidPasswordKeyForAlgorithm(algorithm, e);
}
return false;
}
@Override
public boolean verifyEvidence(final String credentialName, final Evidence evidence)
throws RealmUnavailableException {
if (evidence != null) {
for (QueryConfiguration configuration : JdbcSecurityRealm.this.queryConfiguration) {
for (PasswordKeyMapper passwordMapper :
configuration.getColumnMappers(PasswordKeyMapper.class)) {
if (passwordMapper.getCredentialName().equals(credentialName)) {
return verifyPassword(configuration, passwordMapper, evidence);
}
}
}
}
return false;
}
