Skip to content

D
daaexample
Commit 7d4b0096 authored by Administrator's avatar Administrator
Browse files
Options

Java 8 native SHA-256 and Base64 native algorithms. 

Dependency with Apache Commons Codec was removed and now the native Java
8 utilities for SHA-256 and Base64 encoding and decoding is used.
parent 73365e45
Hide whitespace changes
Inline Side-by-side
Showing with 37 additions and 16 deletions
pom.xml
View file @ 7d4b0096
......@@ -20,7 +20,6 @@
<maven.compiler.target>1.8</maven.compiler.target>
<jersey.version>2.15</jersey.version>
<mysql.version>5.1.34</mysql.version>
<commons.codec.version>1.10</commons.codec.version>
<commons.dbcp.version>1.4</commons.dbcp.version>
<java.servlet.version>3.0.1</java.servlet.version>
<junit.version>4.12</junit.version>
......@@ -55,12 +54,6 @@
<version>${mysql.version}</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>${commons.codec.version}</version>
</dependency>
<!-- Test Scope -->
<dependency>
<groupId>junit</groupId>
......
src/main/java/es/uvigo/esei/daa/dao/UsersDAO.java
View file @ 7d4b0096
package es.uvigo.esei.daa.dao;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Base64;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
public class UsersDAO extends DAO {
private final static Logger LOG = Logger.getLogger("UsersDAO");
......@@ -23,10 +23,10 @@ public class UsersDAO extends DAO {
try (ResultSet result = statement.executeQuery()) {
if (result.next()) {
final String dbPassword = result.getString("password");
final String shaPassword = DigestUtils.sha256Hex(password);
final String shaPassword = encodeSha256(password);
if (shaPassword.equals(dbPassword)) {
return new String(Base64.encodeBase64((login + ":" + password).getBytes()));
return encodeBase64(login + ":" + password);
} else {
return null;
}
......@@ -43,7 +43,7 @@ public class UsersDAO extends DAO {
public String checkToken(String token)
throws DAOException, IllegalArgumentException {
final String decodedToken = new String(Base64.decodeBase64(token.getBytes()));
final String decodedToken = decodeBase64(token);
final int colonIndex = decodedToken.indexOf(':');
if (colonIndex < 0 || colonIndex == decodedToken.length()-1) {
......@@ -51,9 +51,7 @@ public class UsersDAO extends DAO {
}
final String login = decodedToken.substring(0, decodedToken.indexOf(':'));
final String password = DigestUtils.sha256Hex(
decodedToken.substring(decodedToken.indexOf(':') + 1)
);
final String password = encodeSha256(decodedToken.substring(decodedToken.indexOf(':') + 1));
try (final Connection conn = this.getConnection()) {
final String query = "SELECT password FROM users WHERE login=?";
......@@ -76,4 +74,34 @@ public class UsersDAO extends DAO {
throw new DAOException(e);
}
}
private final static String decodeBase64(String text) {
return new String(Base64.getDecoder().decode(text.getBytes()));
}
private final static String encodeBase64(String text) {
return Base64.getEncoder().encodeToString(text.getBytes());
}
private final static String encodeSha256(String text) {
try {
final MessageDigest digest = MessageDigest.getInstance("SHA-256");
final byte[] digested = digest.digest(text.getBytes());
return hexToString(digested);
} catch (NoSuchAlgorithmException e) {
LOG.log(Level.SEVERE, "SHA-256 not supported", e);
throw new RuntimeException(e);
}
}
private final static String hexToString(byte[] hex) {
final StringBuilder sb = new StringBuilder();
for (byte b : hex) {
sb.append(String.format("%02x", b & 0xff));
}
return sb.toString();
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment