예제 #1
0
  public static boolean validate(String cookieValue) {
    if (cookieValue == null) {
      return false;
    }

    Properties props = new java.util.Properties();
    try {
      props.load(new java.io.FileInputStream(new java.io.File("conf/mturk.properties")));
    } catch (IOException e) {
      System.err.println(
          "There was a problem reading your properties file from " + "mturk.properties");
      System.err.println("The exception was " + e.toString());
      throw new RuntimeException(
          "Cannot load configuration properties file from " + "mturk.properties", e);
    }
    String store = props.getProperty(Application.PASSWORD);
    if (store == null) {
      store = Crypto.encryptAES(Application.DEFAULT_PASSWORD);
    }

    return store.equals(cookieValue);
  }
예제 #2
0
 public static Result authenticate() {
   DynamicForm df = new DynamicForm().bindFromRequest();
   session().clear();
   session(Application.PASSWORD, Crypto.encryptAES(df.get("password")));
   return redirect(routes.Application.index());
 }
예제 #3
0
 /**
  * Encrypt a String with the AES encryption standard and the supplied private key. <br>
  * The private key must have a length of 16 bytes. <br>
  * The provider used is by default this uses the platform default JSSE provider. This can be
  * overridden by defining <code>application.crypto.provider</code> in <code>application.conf
  * </code>. <br>
  * The transformation algorithm used is the provider specific implementation of the <code>AES
  * </code> name. On Oracles JDK, this is <code>AES/CTR/NoPadding</code>. This algorithm is
  * suitable for small amounts of data, typically less than 32bytes, hence is useful for encrypting
  * credit card numbers, passwords etc. For larger blocks of data, this algorithm may expose
  * patterns and be vulnerable to repeat attacks. <br>
  * The transformation algorithm can be configured by defining <code>
  * application.crypto.aes.transformation</code> in <code>application.conf</code>. Although any
  * cipher transformation algorithm can be selected here, the secret key spec used is always AES,
  * so only AES transformation algorithms will work.
  *
  * @deprecated This method is deprecated and will be removed in future versions.
  * @param value The String to encrypt.
  * @param privateKey The key used to encrypt.
  * @return An hexadecimal encrypted string.
  */
 @Deprecated
 public String encryptAES(String value, String privateKey) {
   return crypto.encryptAES(value, privateKey);
 }
예제 #4
0
 /**
  * Encrypt a String with the AES encryption standard using the application's secret key. <br>
  * The provider used is by default this uses the platform default JSSE provider. This can be
  * overridden by defining <code>application.crypto.provider</code> in <code>application.conf
  * </code>. <br>
  * The transformation algorithm used is the provider specific implementation of the <code>AES
  * </code> name. On Oracles JDK, this is <code>AES/CTR/NoPadding</code>. This algorithm is
  * suitable for small amounts of data, typically less than 32 bytes, hence is useful for
  * encrypting credit card numbers, passwords etc. For larger blocks of data, this algorithm may
  * expose patterns and be vulnerable to repeat attacks. <br>
  * The transformation algorithm can be configured by defining <code>
  * application.crypto.aes.transformation</code> in <code>application.conf</code>. Although any
  * cipher transformation algorithm can be selected here, the secret key spec used is always AES,
  * so only AES transformation algorithms will work.
  *
  * @deprecated This method is deprecated and will be removed in future versions.
  * @param value The String to encrypt.
  * @return An hexadecimal encrypted string.
  */
 @Deprecated
 public String encryptAES(String value) {
   return crypto.encryptAES(value);
 }