Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Code cleanups.

This commit is contained in:
Simone Bordet 2017-05-16 10:25:34 +02:00
parent 3521c76d53
commit b1b94d870e
1 changed files with 6 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
jetty-util/src/main/java/org/eclipse/jetty/util/security/Credential.java
View File

@ -26,7 +26,6 @@ import org.eclipse.jetty.util.TypeUtil;
import org.eclipse.jetty.util.log.Log; import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger; import org.eclipse.jetty.util.log.Logger;
/* ------------------------------------------------------------ */
/** /**
* Credentials. The Credential class represents an abstract mechanism for * Credentials. The Credential class represents an abstract mechanism for
* checking authentication credentials. A credential instance either represents * checking authentication credentials. A credential instance either represents
@ -39,15 +38,12 @@ import org.eclipse.jetty.util.log.Logger;
* This class includes an implementation for unix Crypt an MD5 digest. * This class includes an implementation for unix Crypt an MD5 digest.
* *
* @see Password * @see Password
*
*/ */
public abstract class Credential implements Serializable public abstract class Credential implements Serializable
{ {
private static final long serialVersionUID = -7760551052768181572L;
private static final Logger LOG = Log.getLogger(Credential.class); private static final Logger LOG = Log.getLogger(Credential.class);
private static final long serialVersionUID = -7760551052768181572L;
/* ------------------------------------------------------------ */
/** /**
* Check a credential * Check a credential
* *
@ -59,7 +55,6 @@ public abstract class Credential implements Serializable
*/ */
public abstract boolean check(Object credentials); public abstract boolean check(Object credentials);
/* ------------------------------------------------------------ */
/** /**
* Get a credential from a String. If the credential String starts with a * Get a credential from a String. If the credential String starts with a
* known Credential type (eg "CRYPT:" or "MD5:" ) then a Credential of that * known Credential type (eg "CRYPT:" or "MD5:" ) then a Credential of that
@ -76,15 +71,13 @@ public abstract class Credential implements Serializable
return new Password(credential); return new Password(credential);
} }
/* ------------------------------------------------------------ */
/** /**
* Unix Crypt Credentials * Unix Crypt Credentials
*/ */
public static class Crypt extends Credential public static class Crypt extends Credential
{ {
private static final long serialVersionUID = -2027792997664744210L; private static final long serialVersionUID = -2027792997664744210L;
private static final String __TYPE = "CRYPT:";
public static final String __TYPE = "CRYPT:";
private final String _cooked; private final String _cooked;
@ -100,58 +93,49 @@ public abstract class Credential implements Serializable
credentials=new String((char[])credentials); credentials=new String((char[])credentials);
if (!(credentials instanceof String) && !(credentials instanceof Password)) if (!(credentials instanceof String) && !(credentials instanceof Password))
LOG.warn("Can't check " + credentials.getClass() + " against CRYPT"); LOG.warn("Can't check " + credentials.getClass() + " against CRYPT");
String passwd = credentials.toString(); String passwd = credentials.toString();
return _cooked.equals(UnixCrypt.crypt(passwd, _cooked)); return _cooked.equals(UnixCrypt.crypt(passwd, _cooked));
} }
public static String crypt(String user, String pw) public static String crypt(String user, String pw)
{ {
return "CRYPT:" + UnixCrypt.crypt(pw, user); return __TYPE + UnixCrypt.crypt(pw, user);
} }
} }
/* ------------------------------------------------------------ */
/** /**
* MD5 Credentials * MD5 Credentials
*/ */
public static class MD5 extends Credential public static class MD5 extends Credential
{ {
private static final long serialVersionUID = 5533846540822684240L; private static final long serialVersionUID = 5533846540822684240L;
private static final String __TYPE = "MD5:";
public static final String __TYPE = "MD5:"; private static final Object __md5Lock = new Object();
public static final Object __md5Lock = new Object();
private static MessageDigest __md; private static MessageDigest __md;
private final byte[] _digest; private final byte[] _digest;
/* ------------------------------------------------------------ */
MD5(String digest) MD5(String digest)
{ {
digest = digest.startsWith(__TYPE) ? digest.substring(__TYPE.length()) : digest; digest = digest.startsWith(__TYPE) ? digest.substring(__TYPE.length()) : digest;
_digest = TypeUtil.parseBytes(digest, 16); _digest = TypeUtil.parseBytes(digest, 16);
} }
/* ------------------------------------------------------------ */
public byte[] getDigest() public byte[] getDigest()
{ {
return _digest; return _digest;
} }
/* ------------------------------------------------------------ */
@Override @Override
public boolean check(Object credentials) public boolean check(Object credentials)
{ {
try try
{ {
byte[] digest = null;
if (credentials instanceof char[]) if (credentials instanceof char[])
credentials=new String((char[])credentials); credentials=new String((char[])credentials);
if (credentials instanceof Password || credentials instanceof String) if (credentials instanceof Password || credentials instanceof String)
{ {
byte[] digest;
synchronized (__md5Lock) synchronized (__md5Lock)
{ {
if (__md == null) __md = MessageDigest.getInstance("MD5"); if (__md == null) __md = MessageDigest.getInstance("MD5");
@ -193,7 +177,6 @@ public abstract class Credential implements Serializable
} }
} }
/* ------------------------------------------------------------ */
public static String digest(String password) public static String digest(String password)
{ {
try try