diff --git a/pom.xml b/pom.xml
index 1986eaa9660d209707e35712c95a78f5d25fab52..fe8c7142c89c7befb501ea8309c4ed9243377e7c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -20,7 +20,6 @@
1.8
2.15
5.1.34
- 1.10
1.4
3.0.1
4.12
@@ -55,12 +54,6 @@
${mysql.version}
-
- commons-codec
- commons-codec
- ${commons.codec.version}
-
-
junit
diff --git a/src/main/java/es/uvigo/esei/daa/dao/UsersDAO.java b/src/main/java/es/uvigo/esei/daa/dao/UsersDAO.java
index b05fdd4c0914cdb54861ab6955f958b0bf8b8f50..7015600d1b32619eb81a7587583c7a1329c63612 100644
--- a/src/main/java/es/uvigo/esei/daa/dao/UsersDAO.java
+++ b/src/main/java/es/uvigo/esei/daa/dao/UsersDAO.java
@@ -1,15 +1,15 @@
package es.uvigo.esei.daa.dao;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
+import java.util.Base64;
import java.util.logging.Level;
import java.util.logging.Logger;
-import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.codec.digest.DigestUtils;
-
public class UsersDAO extends DAO {
private final static Logger LOG = Logger.getLogger("UsersDAO");
@@ -23,10 +23,10 @@ public class UsersDAO extends DAO {
try (ResultSet result = statement.executeQuery()) {
if (result.next()) {
final String dbPassword = result.getString("password");
- final String shaPassword = DigestUtils.sha256Hex(password);
+ final String shaPassword = encodeSha256(password);
if (shaPassword.equals(dbPassword)) {
- return new String(Base64.encodeBase64((login + ":" + password).getBytes()));
+ return encodeBase64(login + ":" + password);
} else {
return null;
}
@@ -43,7 +43,7 @@ public class UsersDAO extends DAO {
public String checkToken(String token)
throws DAOException, IllegalArgumentException {
- final String decodedToken = new String(Base64.decodeBase64(token.getBytes()));
+ final String decodedToken = decodeBase64(token);
final int colonIndex = decodedToken.indexOf(':');
if (colonIndex < 0 || colonIndex == decodedToken.length()-1) {
@@ -51,9 +51,7 @@ public class UsersDAO extends DAO {
}
final String login = decodedToken.substring(0, decodedToken.indexOf(':'));
- final String password = DigestUtils.sha256Hex(
- decodedToken.substring(decodedToken.indexOf(':') + 1)
- );
+ final String password = encodeSha256(decodedToken.substring(decodedToken.indexOf(':') + 1));
try (final Connection conn = this.getConnection()) {
final String query = "SELECT password FROM users WHERE login=?";
@@ -76,4 +74,34 @@ public class UsersDAO extends DAO {
throw new DAOException(e);
}
}
+
+ private final static String decodeBase64(String text) {
+ return new String(Base64.getDecoder().decode(text.getBytes()));
+ }
+
+ private final static String encodeBase64(String text) {
+ return Base64.getEncoder().encodeToString(text.getBytes());
+ }
+
+ private final static String encodeSha256(String text) {
+ try {
+ final MessageDigest digest = MessageDigest.getInstance("SHA-256");
+ final byte[] digested = digest.digest(text.getBytes());
+
+ return hexToString(digested);
+ } catch (NoSuchAlgorithmException e) {
+ LOG.log(Level.SEVERE, "SHA-256 not supported", e);
+ throw new RuntimeException(e);
+ }
+ }
+
+ private final static String hexToString(byte[] hex) {
+ final StringBuilder sb = new StringBuilder();
+
+ for (byte b : hex) {
+ sb.append(String.format("%02x", b & 0xff));
+ }
+
+ return sb.toString();
+ }
}