Class PasswordVerifier

java.lang.Object
eu.webtoolkit.jwt.auth.PasswordVerifier
All Implemented Interfaces:
PasswordService.AbstractVerifier

public class PasswordVerifier extends Object implements PasswordService.AbstractVerifier
Password hash computation and verification class.

This class implements the logic for comparing passwords against password hashes, or computing a new password hash for a password.

One or more hash functions can be added, which allow you to introduce a new "preferred" hash function while maintaining support for verifying existing passwords hashes.

  • Constructor Details

    • PasswordVerifier

      public PasswordVerifier()
      Constructor.
  • Method Details

    • addHashFunction

      public void addHashFunction(HashFunction function)
      Adds a hash function.

      The first hash function added is the one that will be used for creating new password hashes, i.e. the "preferred" hash function. The other hash functions are used only for verifying existing hash passwords. This allows you to move to new hash functions as other ones are no longer deemed secure.

      Each hash function has a unique name, which is annotated in the generated hash to identify the appropriate hash funtion to evaluate it.

      Ownership of the hash functions is transferred.

      See Also:
    • getHashFunctions

      public List<HashFunction> getHashFunctions()
      Returns the list of hash functions.

      This returns a list with references to hashfunctions that have been added with addHashFunction().

    • needsUpdate

      public boolean needsUpdate(PasswordHash hash)
      Description copied from interface: PasswordService.AbstractVerifier
      Returns whether a password hash needs to be updated (recomputed).

      A hash may need to be updated if it has been computed with a cryptographic method that is being disfavoured.

      Specified by:
      needsUpdate in interface PasswordService.AbstractVerifier
    • hashPassword

      public PasswordHash hashPassword(CharSequence password)
      Computes the password hash for a clear text password.

      This creates new salt and applies the "preferred" hash function to the salt and clear text password to compute the hash.

      Specified by:
      hashPassword in interface PasswordService.AbstractVerifier
      See Also:
    • verify

      public boolean verify(CharSequence password, PasswordHash hash)
      Verifies a password against a hash.

      This verifies whether the password matches the hash.

      Specified by:
      verify in interface PasswordService.AbstractVerifier
      See Also: