Store password instead of password hash in LoginCredentials

This commit is contained in:
Kai S. K. Engelbart 2020-07-08 12:32:24 +02:00
parent 1c53694d5e
commit a2a2177728
No known key found for this signature in database
GPG Key ID: 0A48559CA32CB48F

View File

@ -1,13 +1,11 @@
package envoy.data;
import java.io.Serializable;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Formatter;
/**
* Contains a {@link User}'s login information.<br>
* <br>
* Contains a {@link User}'s login / registration information as well as the
* client version.
* <p>
* Project: <strong>envoy-common</strong><br>
* File: <strong>LoginCredentials.java</strong><br>
* Created: <strong>29.12.2019</strong><br>
@ -15,58 +13,33 @@ import java.util.Formatter;
* @author Kai S. K. Engelbart
* @since Envoy Common v0.2-alpha
*/
public class LoginCredentials implements Serializable {
public final class LoginCredentials implements Serializable {
private final String identifier;
private final byte[] passwordHash;
private final String identifier, password, clientVersion;
private final boolean registration;
private final String clientVersion;
private static final long serialVersionUID = 1;
private static final long serialVersionUID = 2;
/**
* Creates an instance of {@link LoginCredentials} for a new {@link User}.
* Initializes login credentials for a handshake.
*
* @param identifier the identifier of the user
* @param password the password of the user (will be converted to a hash)
* @param password the password of the user
* @param registration signifies that these credentials are used for user
* registration instead of user login
* @param clientVersion the version of the client sending these credentials
* @since Envoy Common v0.2-alpha
* @since Envoy Common v0.1-beta
*/
public LoginCredentials(String identifier, char[] password, boolean registration, String clientVersion) {
public LoginCredentials(String identifier, String password, boolean registration, String clientVersion) {
this.identifier = identifier;
passwordHash = getSha256(toByteArray(password));
this.password = password;
this.registration = registration;
this.clientVersion = clientVersion;
}
private byte[] getSha256(byte[] input) {
try {
return MessageDigest.getInstance("SHA-256").digest(input);
} catch (NoSuchAlgorithmException e) {
// This will never happen
throw new RuntimeException(e);
}
}
private byte[] toByteArray(char[] chars) {
byte[] bytes = new byte[chars.length * 2];
for (int i = 0; i < chars.length; ++i) {
bytes[i * 2] = (byte) (chars[i] >> 8);
bytes[i * 2 + 1] = (byte) (chars[i]);
}
return bytes;
}
@Override
public String toString() {
try (Formatter form = new Formatter()) {
form.format("LoginCredentials[identifier=%s,passwordHash=", identifier);
for (int i = 0; i < 3; i++)
form.format("%02x", passwordHash[i]);
return form.format(",registration=%b]", registration).toString();
}
return String.format("LoginCredentials[identifier=%s,registration=%b,clientVersion=%s]", identifier, registration, clientVersion);
}
/**
@ -76,10 +49,10 @@ public class LoginCredentials implements Serializable {
public String getIdentifier() { return identifier; }
/**
* @return the password hash of the user performing the login
* @since Envoy Common v0.2-alpha
* @return the password of the user performing the login
* @since Envoy Common v0.1-beta
*/
public byte[] getPasswordHash() { return passwordHash; }
public String getPassword() { return password; }
/**
* @return {@code true} if these credentials are used for user registration