From ae16d96121f8ab4de81ed5a5b2f336642b343931 Mon Sep 17 00:00:00 2001
From: Ben Alex <ben.alex@springsource.com>
Date: Sat, 17 Apr 2004 01:28:05 +0000
Subject: [PATCH] Moved to net.sf.acegisecurity.providers.encoding.

---
 .../dao/BaseDigestPasswordEncoder.java        | 44 ------------
 .../providers/dao/MD5PasswordEncoder.java     | 63 -----------------
 .../providers/dao/PasswordEncoder.java        | 38 ----------
 .../dao/PlaintextPasswordEncoder.java         | 69 -------------------
 .../providers/dao/SHAPasswordEncoder.java     | 61 ----------------
 5 files changed, 275 deletions(-)
 delete mode 100644 core/src/main/java/org/acegisecurity/providers/dao/BaseDigestPasswordEncoder.java
 delete mode 100644 core/src/main/java/org/acegisecurity/providers/dao/MD5PasswordEncoder.java
 delete mode 100644 core/src/main/java/org/acegisecurity/providers/dao/PasswordEncoder.java
 delete mode 100644 core/src/main/java/org/acegisecurity/providers/dao/PlaintextPasswordEncoder.java
 delete mode 100644 core/src/main/java/org/acegisecurity/providers/dao/SHAPasswordEncoder.java

diff --git a/core/src/main/java/org/acegisecurity/providers/dao/BaseDigestPasswordEncoder.java b/core/src/main/java/org/acegisecurity/providers/dao/BaseDigestPasswordEncoder.java
deleted file mode 100644
index 0c49fce06a..0000000000
--- a/core/src/main/java/org/acegisecurity/providers/dao/BaseDigestPasswordEncoder.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/* Copyright 2004 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package net.sf.acegisecurity.providers.dao;
-
-/**
- * <p>
- * Convenience base for Digest password encoders
- * </p>
- *
- * @author colin sampaleanu
- * @version $Id$
- */
-public abstract class BaseDigestPasswordEncoder implements PasswordEncoder {
-  
-  //~ Instance fields ========================================================
-  private boolean encodeHashAsBase64 = false;
-
-  //~ Methods ================================================================
-  
-  /**
-   * The encoded password is normally returned as Hex (32 char) version of the
-   * hash bytes. Setting this property to true will cause the encoded pass to
-   * be returned as Base64 text, which will consume 24 characters.
-   */
-  public void setEncodeHashAsBase64(boolean encodeHashAsBase64) {
-    this.encodeHashAsBase64 = encodeHashAsBase64;
-  }
-  public boolean getEncodeHashAsBase64() {
-    return encodeHashAsBase64;
-  }
-
-}
diff --git a/core/src/main/java/org/acegisecurity/providers/dao/MD5PasswordEncoder.java b/core/src/main/java/org/acegisecurity/providers/dao/MD5PasswordEncoder.java
deleted file mode 100644
index c3694bbe94..0000000000
--- a/core/src/main/java/org/acegisecurity/providers/dao/MD5PasswordEncoder.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/* Copyright 2004 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package net.sf.acegisecurity.providers.dao;
-
-import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.codec.digest.DigestUtils;
-
-
-/**
- * <p>
- * MD5 implementation of PasswordEncoder.
- * </p>
- * 
- * <p>
- * A null password is encoded to the same value as an empty ("") password.
- * </p>
- *
- * @author colin sampaleanu
- * @version $Id$
- */
-public class MD5PasswordEncoder extends BaseDigestPasswordEncoder implements PasswordEncoder {
-    //~ Methods ================================================================
-
-  /* (non-Javadoc)
-   * @see net.sf.acegisecurity.providers.dao.PasswordEncoder#isPasswordValid(java.lang.String, java.lang.String, java.lang.Object)
-   */
-  public boolean isPasswordValid(String encPass, String rawPass, Object saltSource) {
-
-      String pass1 = "" + encPass;
-      String pass2 = encodeInternal("" + rawPass);
-
-      return pass1.equals(pass2);
-  }
-
-  /* (non-Javadoc)
-   * @see net.sf.acegisecurity.providers.dao.PasswordEncoder#encodePassword(java.lang.String, java.lang.Object)
-   */
-  public String encodePassword(String rawPass, Object saltSource) {
-      return encodeInternal("" + rawPass);
-  }
-  
-  private String encodeInternal(String input) {
-    
-    if (!getEncodeHashAsBase64())
-      return DigestUtils.md5Hex(input);
-    
-    byte[] encoded = Base64.encodeBase64(DigestUtils.md5(input));
-    return new String(encoded);
-  }
-}
diff --git a/core/src/main/java/org/acegisecurity/providers/dao/PasswordEncoder.java b/core/src/main/java/org/acegisecurity/providers/dao/PasswordEncoder.java
deleted file mode 100644
index ba0db95c00..0000000000
--- a/core/src/main/java/org/acegisecurity/providers/dao/PasswordEncoder.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/* Copyright 2004 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package net.sf.acegisecurity.providers.dao;
-
-import org.springframework.dao.DataAccessException;
-
-
-/**
- * <p>
- * Describes authentication operations on a password, so that digest algorithms
- * can be abstracted
- * </p>
- *
- * @author colin sampaleanu
- * @version $Id$
- */
-public interface PasswordEncoder {
-    //~ Methods ================================================================
-
-    public boolean isPasswordValid(String encPass, String rawPass,
-        Object saltSource)
-        throws DataAccessException;
-
-    public String encodePassword(String rawPass, Object saltSource) throws DataAccessException;
-}
diff --git a/core/src/main/java/org/acegisecurity/providers/dao/PlaintextPasswordEncoder.java b/core/src/main/java/org/acegisecurity/providers/dao/PlaintextPasswordEncoder.java
deleted file mode 100644
index 91c15bf87f..0000000000
--- a/core/src/main/java/org/acegisecurity/providers/dao/PlaintextPasswordEncoder.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/* Copyright 2004 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package net.sf.acegisecurity.providers.dao;
-
-/**
- * <p>
- * Plaintext implementation of PasswordEncoder.
- * </p>
- *
- * @author colin sampaleanu
- * @version $Id$
- */
-public class PlaintextPasswordEncoder implements PasswordEncoder {
-  
-    //~ Instance fields ========================================================
-    private boolean ignorePasswordCase = false;
-  
-    //~ Methods ================================================================
-    
-    /**
-     * Indicates whether the password comparison is case sensitive. Defaults to
-     * <code>false</code>, meaning an exact case match is required.
-     *
-     * @param ignorePasswordCase set to <code>true</code> for less stringent
-     *        comparison
-     */
-    public void setIgnorePasswordCase(boolean ignorePasswordCase) {
-        this.ignorePasswordCase = ignorePasswordCase;
-    }
-
-    public boolean isIgnorePasswordCase() {
-        return ignorePasswordCase;
-    }
-
-    /* (non-Javadoc)
-     * @see net.sf.acegisecurity.providers.dao.PasswordEncoder#isPasswordValid(java.lang.String, java.lang.String, java.lang.Object)
-     */
-    public boolean isPasswordValid(String encPass, String rawPass, Object saltSource) {
-      
-        String pass1 = "" + encPass;
-        String pass2 = "" + rawPass;
-
-        if (!ignorePasswordCase) {
-            return pass1.equals(pass2);
-        } else {
-            return pass1.equalsIgnoreCase(pass2);
-        }
-    }
-
-    /* (non-Javadoc)
-     * @see net.sf.acegisecurity.providers.dao.PasswordEncoder#encodePassword(java.lang.String, java.lang.Object)
-     */
-    public String encodePassword(String rawPass, Object saltSource) {
-        return rawPass;
-    }
-}
diff --git a/core/src/main/java/org/acegisecurity/providers/dao/SHAPasswordEncoder.java b/core/src/main/java/org/acegisecurity/providers/dao/SHAPasswordEncoder.java
deleted file mode 100644
index 2fd7ad523e..0000000000
--- a/core/src/main/java/org/acegisecurity/providers/dao/SHAPasswordEncoder.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/* Copyright 2004 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package net.sf.acegisecurity.providers.dao;
-
-import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.codec.digest.DigestUtils;
-
-/**
- * <p>
- * SHA implementation of PasswordEncoder.
- * </p>
- * 
- * <p>
- * A null password is encoded to the same value as an empty ("") password.
- * </p>
- *
- * @author colin sampaleanu
- * @version $Id$
- */
-public class SHAPasswordEncoder extends BaseDigestPasswordEncoder implements PasswordEncoder {
-  
-    /* (non-Javadoc)
-     * @see net.sf.acegisecurity.providers.dao.PasswordEncoder#isPasswordValid(java.lang.String, java.lang.String, java.lang.Object)
-     */
-    public boolean isPasswordValid(String encPass, String rawPass, Object saltSource) {
-
-        String pass1 = "" + encPass;
-        String pass2 = encodeInternal("" + rawPass);
-
-        return pass1.equals(pass2);
-    }
-
-    /* (non-Javadoc)
-     * @see net.sf.acegisecurity.providers.dao.PasswordEncoder#encodePassword(java.lang.String, java.lang.Object)
-     */
-    public String encodePassword(String rawPass, Object saltSource) {
-        return encodeInternal("" + rawPass);
-    }
-    
-    private String encodeInternal(String input) {
-      
-      if (!getEncodeHashAsBase64())
-        return DigestUtils.shaHex(input);
-      
-      byte[] encoded = Base64.encodeBase64(DigestUtils.sha(input));
-      return new String(encoded);
-    }
-}