Package io.gravitee.am.service.authentication.crypto.password

Interface PasswordEncoder

All Known Implementing Classes:
Argon2IdPasswordEncoder, BCryptPasswordEncoder, MD5PasswordEncoder, MessageDigestPasswordEncoder, NoOpPasswordEncoder, PBKDF2PasswordEncoder, SHAMD5PasswordEncoder, SHAPasswordEncoder
public interface PasswordEncoder
Service interface for encoding passwords. The preferred implementation is BCryptPasswordEncoder.
Author:
Titouan COMPIEGNE (titouan.compiegne at graviteesource.com), GraviteeSource Team

  • Method Summary

    Modifier and Type
    Method
    Description
    String
    encode(CharSequence rawPassword)
    Encode the raw password.
    default String
    encode(CharSequence rawPassword, byte[] salt)
    Encode the raw password.
    boolean
    matches(CharSequence rawPassword, String encodedPassword)
    Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded.
    default boolean
    matches(CharSequence rawPassword, String encodedPassword, byte[] salt)
    Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded.
    default boolean
    matches(CharSequence rawPassword, String encodedPassword, String salt)
    Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded.

  • Method Details

    • encode

      String encode(CharSequence rawPassword)
      Encode the raw password. Generally, a good encoding algorithm applies a SHA-1 or greater hash combined with an 8-byte or greater randomly generated salt.
      Parameters:
      rawPassword - the raw password to encode

    • encode

      default String encode(CharSequence rawPassword, byte[] salt)
      Encode the raw password. Generally, a good encoding algorithm applies a SHA-1 or greater hash combined with an 8-byte or greater randomly generated salt.
      Parameters:
      rawPassword - the raw password to encode
      salt - the salt use to encode the rawPassword

    • matches

      boolean matches(CharSequence rawPassword, String encodedPassword)
      Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded. Returns true if the passwords match, false if they do not. The stored password itself is never decoded.
      Parameters:
      rawPassword - the raw password to encode and match
      encodedPassword - the encoded password from storage to compare with
      Returns:
      true if the raw password, after encoding, matches the encoded password from storage

    • matches

      default boolean matches(CharSequence rawPassword, String encodedPassword, byte[] salt)
      Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded. Returns true if the passwords match, false if they do not. The stored password itself is never decoded.
      Parameters:
      rawPassword - the raw password to encode and match
      encodedPassword - the encoded password from storage to compare with
      salt - the salt use to compare the rawPassword and the encodedPassword
      Returns:

    • matches

      default boolean matches(CharSequence rawPassword, String encodedPassword, String salt)
      Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded. Returns true if the passwords match, false if they do not. The stored password itself is never decoded.
      Parameters:
      rawPassword - the raw password to encode and match
      encodedPassword - the encoded password from storage to compare with
      salt - the salt use to compare the rawPassword and the encodedPassword
      Returns: