AuthProvider authProvider = JDBCAuth.create(vertx, client);
/** * Provide a application configuration level on hash nonce's as a ordered list of * nonces where each position corresponds to a version. * * The nonces are supposed not to be stored in the underlying jdbc storage but to * be provided as a application configuration. The idea is to add one extra variable * to the hash function in order to make breaking the passwords using rainbow tables * or precomputed hashes harder. Leaving the attacker only with the brute force * approach. * * The implementation relays to the JDBCHashStrategy provided. * @param nonces a List of non null Strings. * @return a reference to this for fluency */ public io.vertx.rxjava.ext.auth.jdbc.JDBCAuth setNonces(JsonArray nonces) { delegate.setNonces(nonces); return this; }
/** * Set the authentication query to use. Use this if you want to override the default authentication query. * @param authenticationQuery the authentication query * @return a reference to this for fluency */ public io.vertx.rxjava.ext.auth.jdbc.JDBCAuth setAuthenticationQuery(String authenticationQuery) { delegate.setAuthenticationQuery(authenticationQuery); return this; }
@Override public void setUp() throws Exception { super.setUp(); authProvider.setAuthenticationQuery(AUTHENTICATION_QUERY_OVERRIDE) .setPermissionsQuery(PERMISSIONS_QUERY_OVERRIDE) .setRolesQuery(ROLES_QUERY_OVERRIDE); } }
@Test public void testAuthenticateFailBadPwd() { JsonObject authInfo = new JsonObject(); authInfo.put("username", "tim").put("password", "eggs"); authProvider.authenticate(authInfo, onFailure(v -> { assertEquals("Invalid username/password", v.getMessage()); testComplete(); })); await(); }
/** * Set the roles query to use. Use this if you want to override the default roles query. * @param rolesQuery the roles query * @return a reference to this for fluency */ public io.vertx.rxjava.ext.auth.jdbc.JDBCAuth setRolesQuery(String rolesQuery) { delegate.setRolesQuery(rolesQuery); return this; }
/** * Set the permissions query to use. Use this if you want to override the default permissions query. * @param permissionsQuery the permissions query * @return a reference to this for fluency */ public io.vertx.rxjava.ext.auth.jdbc.JDBCAuth setPermissionsQuery(String permissionsQuery) { delegate.setPermissionsQuery(permissionsQuery); return this; }
/** * Compute the hashed password given the unhashed password and the salt * * The implementation relays to the JDBCHashStrategy provided. * @param password the unhashed password * @param salt the salt * @param version the nonce version to use * @return the hashed password */ public String computeHash(String password, String salt, int version) { String ret = delegate.computeHash(password, salt, version); return ret; }
/** * Compute a salt string. * * The implementation relays to the JDBCHashStrategy provided. * @return a non null salt value */ public String generateSalt() { String ret = delegate.generateSalt(); return ret; }
/** * Set the role prefix to distinguish from permissions when checking for isPermitted requests. * @param rolePrefix a Prefix e.g.: "role:" * @return a reference to this for fluency */ public io.vertx.rxjava.ext.auth.jdbc.JDBCAuth setRolePrefix(String rolePrefix) { delegate.setRolePrefix(rolePrefix); return this; }
@Test public void testAuthenticateFailBadUser() { JsonObject authInfo = new JsonObject(); authInfo.put("username", "blah").put("password", "whatever"); authProvider.authenticate(authInfo, onFailure(v -> { assertEquals("Invalid username/password", v.getMessage()); testComplete(); })); await(); }
/** * Set the roles query to use. Use this if you want to override the default roles query. * @param rolesQuery the roles query * @return a reference to this for fluency */ public io.vertx.rxjava.ext.auth.jdbc.JDBCAuth setRolesQuery(String rolesQuery) { delegate.setRolesQuery(rolesQuery); return this; }
/** * Set the permissions query to use. Use this if you want to override the default permissions query. * @param permissionsQuery the permissions query * @return a reference to this for fluency */ public io.vertx.rxjava.ext.auth.jdbc.JDBCAuth setPermissionsQuery(String permissionsQuery) { delegate.setPermissionsQuery(permissionsQuery); return this; }
/** * Compute the hashed password given the unhashed password and the salt without nonce * * The implementation relays to the JDBCHashStrategy provided. * @param password the unhashed password * @param salt the salt * @return the hashed password */ public String computeHash(String password, String salt) { String ret = delegate.computeHash(password, salt); return ret; }
/** * Compute a salt string. * * The implementation relays to the JDBCHashStrategy provided. * @return a non null salt value */ public String generateSalt() { String ret = delegate.generateSalt(); return ret; }
/** * Set the role prefix to distinguish from permissions when checking for isPermitted requests. * @param rolePrefix a Prefix e.g.: "role:" * @return a reference to this for fluency */ public io.vertx.rxjava.ext.auth.jdbc.JDBCAuth setRolePrefix(String rolePrefix) { delegate.setRolePrefix(rolePrefix); return this; }
/** * Create a JDBC auth provider implementation * @param vertx * @param client the JDBC client instance * @return the auth provider */ public static io.vertx.rxjava.ext.auth.jdbc.JDBCAuth create(io.vertx.rxjava.core.Vertx vertx, io.vertx.rxjava.ext.jdbc.JDBCClient client) { io.vertx.rxjava.ext.auth.jdbc.JDBCAuth ret = io.vertx.rxjava.ext.auth.jdbc.JDBCAuth.newInstance(io.vertx.ext.auth.jdbc.JDBCAuth.create(vertx.getDelegate(), client.getDelegate())); return ret; }
/** * Provide a application configuration level on hash nonce's as a ordered list of * nonces where each position corresponds to a version. * * The nonces are supposed not to be stored in the underlying jdbc storage but to * be provided as a application configuration. The idea is to add one extra variable * to the hash function in order to make breaking the passwords using rainbow tables * or precomputed hashes harder. Leaving the attacker only with the brute force * approach. * * The implementation relays to the JDBCHashStrategy provided. * @param nonces a List of non null Strings. * @return a reference to this for fluency */ public io.vertx.rxjava.ext.auth.jdbc.JDBCAuth setNonces(JsonArray nonces) { delegate.setNonces(nonces); return this; }
@Test public void testAuthenticateWithNonce() { JsonObject authInfo = new JsonObject(); authInfo.put("username", "paulo").put("password", "secret"); authProvider.authenticate(authInfo, onSuccess(user -> { assertNotNull(user); testComplete(); })); await(); } }
/** * Set the authentication query to use. Use this if you want to override the default authentication query. * @param authenticationQuery the authentication query * @return a reference to this for fluency */ public io.vertx.rxjava.ext.auth.jdbc.JDBCAuth setAuthenticationQuery(String authenticationQuery) { delegate.setAuthenticationQuery(authenticationQuery); return this; }