From c1c0385dbce65c308736423f59a49624af4e3e06 Mon Sep 17 00:00:00 2001 From: Phillip Webb Date: Fri, 2 Feb 2018 01:04:52 -0800 Subject: [PATCH] Refine encodepassword options Refine the options to include 'default'. Also no longer add the prefix to all results. Closes gh-11875 --- .../encodepassword/EncodePasswordCommand.java | 9 +++++--- .../EncodePasswordCommandTests.java | 22 +++++++++++++++---- 2 files changed, 24 insertions(+), 7 deletions(-) diff --git a/spring-boot-project/spring-boot-cli/src/main/java/org/springframework/boot/cli/command/encodepassword/EncodePasswordCommand.java b/spring-boot-project/spring-boot-cli/src/main/java/org/springframework/boot/cli/command/encodepassword/EncodePasswordCommand.java index 6fa41370617..226116a0331 100644 --- a/spring-boot-project/spring-boot-cli/src/main/java/org/springframework/boot/cli/command/encodepassword/EncodePasswordCommand.java +++ b/spring-boot-project/spring-boot-cli/src/main/java/org/springframework/boot/cli/command/encodepassword/EncodePasswordCommand.java @@ -35,6 +35,7 @@ import org.springframework.boot.cli.command.options.OptionHandler; import org.springframework.boot.cli.command.status.ExitStatus; import org.springframework.boot.cli.util.Log; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.factory.PasswordEncoderFactories; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder; import org.springframework.util.StringUtils; @@ -51,6 +52,8 @@ public class EncodePasswordCommand extends OptionParsingCommand { static { Map> encoders = new LinkedHashMap<>(); + encoders.put("default", + PasswordEncoderFactories::createDelegatingPasswordEncoder); encoders.put("bcrypt", BCryptPasswordEncoder::new); encoders.put("pbkdf2", Pbkdf2PasswordEncoder::new); ENCODERS = Collections.unmodifiableMap(encoders); @@ -69,7 +72,7 @@ public class EncodePasswordCommand extends OptionParsingCommand { @Override public Collection getExamples() { List examples = new ArrayList<>(); - examples.add(new HelpExample("To encode a password with bcrypt", + examples.add(new HelpExample("To encode a password with the default encoder", "spring encodepassword mypassword")); examples.add(new HelpExample("To encode a password with pbkdf2", "spring encodepassword -a pbkdf2 mypassword")); @@ -83,7 +86,7 @@ public class EncodePasswordCommand extends OptionParsingCommand { @Override protected void options() { this.algorithm = option(Arrays.asList("algorithm", "a"), - "The algorithm to use").withRequiredArg().defaultsTo("bcrypt"); + "The algorithm to use").withRequiredArg().defaultsTo("default"); } @Override @@ -100,7 +103,7 @@ public class EncodePasswordCommand extends OptionParsingCommand { .collectionToCommaDelimitedString(ENCODERS.keySet())); return ExitStatus.ERROR; } - Log.info("{" + algorithm + "}" + encoder.get().encode(password)); + Log.info(encoder.get().encode(password)); return ExitStatus.OK; } diff --git a/spring-boot-project/spring-boot-cli/src/test/java/org/springframework/boot/cli/command/encodepassword/EncodePasswordCommandTests.java b/spring-boot-project/spring-boot-cli/src/test/java/org/springframework/boot/cli/command/encodepassword/EncodePasswordCommandTests.java index f197dbd9961..1376fec812a 100644 --- a/spring-boot-project/spring-boot-cli/src/test/java/org/springframework/boot/cli/command/encodepassword/EncodePasswordCommandTests.java +++ b/spring-boot-project/spring-boot-cli/src/test/java/org/springframework/boot/cli/command/encodepassword/EncodePasswordCommandTests.java @@ -25,7 +25,9 @@ import org.mockito.MockitoAnnotations; import org.springframework.boot.cli.command.status.ExitStatus; import org.springframework.boot.cli.util.MockLog; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.factory.PasswordEncoderFactories; +import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder; import static org.assertj.core.api.Assertions.assertThat; import static org.mockito.Mockito.verify; @@ -64,14 +66,25 @@ public class EncodePasswordCommandTests { assertThat(status).isEqualTo(ExitStatus.OK); } + @Test + public void encodeWithBCryptShouldUseBCrypt() throws Exception { + EncodePasswordCommand command = new EncodePasswordCommand(); + ExitStatus status = command.run("-a", "bcrypt", "boot"); + verify(this.log).info(this.message.capture()); + assertThat(this.message.getValue()).doesNotStartWith("{"); + assertThat(new BCryptPasswordEncoder().matches("boot", this.message.getValue())) + .isTrue(); + assertThat(status).isEqualTo(ExitStatus.OK); + } + @Test public void encodeWithPbkdf2ShouldUsePbkdf2() throws Exception { EncodePasswordCommand command = new EncodePasswordCommand(); ExitStatus status = command.run("-a", "pbkdf2", "boot"); verify(this.log).info(this.message.capture()); - assertThat(this.message.getValue()).startsWith("{pbkdf2}"); - assertThat(PasswordEncoderFactories.createDelegatingPasswordEncoder() - .matches("boot", this.message.getValue())).isTrue(); + assertThat(this.message.getValue()).doesNotStartWith("{"); + assertThat(new Pbkdf2PasswordEncoder().matches("boot", this.message.getValue())) + .isTrue(); assertThat(status).isEqualTo(ExitStatus.OK); } @@ -79,7 +92,8 @@ public class EncodePasswordCommandTests { public void encodeWithUnkownAlgorithShouldExitWithError() throws Exception { EncodePasswordCommand command = new EncodePasswordCommand(); ExitStatus status = command.run("--algorithm", "bad", "boot"); - verify(this.log).error("Unknown algorithm, valid options are: bcrypt,pbkdf2"); + verify(this.log) + .error("Unknown algorithm, valid options are: default,bcrypt,pbkdf2"); assertThat(status).isEqualTo(ExitStatus.ERROR); }