From 5f2785d39c860ff850124f602bf15013c868fb15 Mon Sep 17 00:00:00 2001
From: Rob Winch <rwinch@users.noreply.github.com>
Date: Mon, 23 Oct 2017 09:52:25 -0500
Subject: [PATCH] Add SHA-1 to PasswordEncoderFactories

Issue: gh-4674
---
 .../security/crypto/factory/PasswordEncoderFactories.java   | 2 ++
 .../crypto/factory/PasswordEncoderFactoriesTests.java       | 6 ++++++
 2 files changed, 8 insertions(+)

diff --git a/crypto/src/main/java/org/springframework/security/crypto/factory/PasswordEncoderFactories.java b/crypto/src/main/java/org/springframework/security/crypto/factory/PasswordEncoderFactories.java
index 165518f5a4..9a6c0d5e3b 100644
--- a/crypto/src/main/java/org/springframework/security/crypto/factory/PasswordEncoderFactories.java
+++ b/crypto/src/main/java/org/springframework/security/crypto/factory/PasswordEncoderFactories.java
@@ -49,6 +49,7 @@ public class PasswordEncoderFactories {
 	 * <li>noop - {@link NoOpPasswordEncoder}</li>
 	 * <li>pbkdf2 - {@link Pbkdf2PasswordEncoder}</li>
 	 * <li>scrypt - {@link SCryptPasswordEncoder}</li>
+	 * <li>SHA-1 - {@code new MessageDigestPasswordEncoder("SHA-1")}</li>
 	 * <li>sha256 - {@link StandardPasswordEncoder}</li>
 	 * </ul>
 	 *
@@ -63,6 +64,7 @@ public class PasswordEncoderFactories {
 		encoders.put("noop", NoOpPasswordEncoder.getInstance());
 		encoders.put("pbkdf2", new Pbkdf2PasswordEncoder());
 		encoders.put("scrypt", new SCryptPasswordEncoder());
+		encoders.put("SHA-1", new MessageDigestPasswordEncoder("SHA-1"));
 		encoders.put("sha256", new StandardPasswordEncoder());
 
 		return new DelegatingPasswordEncoder(encodingId, encoders);
diff --git a/crypto/src/test/java/org/springframework/security/crypto/factory/PasswordEncoderFactoriesTests.java b/crypto/src/test/java/org/springframework/security/crypto/factory/PasswordEncoderFactoriesTests.java
index 01edd0b3b4..de6e96e7b8 100644
--- a/crypto/src/test/java/org/springframework/security/crypto/factory/PasswordEncoderFactoriesTests.java
+++ b/crypto/src/test/java/org/springframework/security/crypto/factory/PasswordEncoderFactoriesTests.java
@@ -74,6 +74,12 @@ public class PasswordEncoderFactoriesTests {
 		assertThat(this.encoder.matches(this.rawPassword, encodedPassword)).isTrue();
 	}
 
+	@Test
+	public void matchesWhenSHA1ThenWorks() {
+		String encodedPassword = "{SHA-1}{6581QepZz2qd8jVrT2QYPVtK8DuM2n45dVslmc3UTWc=}4f31573948ddbfb8ac9dd80107dfad13fd8f2454";
+		assertThat(this.encoder.matches(this.rawPassword, encodedPassword)).isTrue();
+	}
+
 	@Test
 	public void matchesWhenSha256ThenWorks() {
 		String encodedPassword = "{sha256}97cde38028ad898ebc02e690819fa220e88c62e0699403e94fff291cfffaf8410849f27605abcbc0";