Meishin/LoginSystem
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,682 Commits 10 Branches 53 Tags
Commit Graph

78 Commits

Author SHA1 Message Date
DNx5
b380893847 Serialize Xenforo hash before put it into table. 
- Fix #417
 2016-01-09 06:13:47 +07:00
DNx5
da5de58afb Rename XF class into XFBCRYPT. 2016-01-07 06:15:39 +07:00
DNx5
e0c3affa33 Merge branch 'master' into 137-xenforo-support 
Conflicts:
	src/main/java/fr/xephi/authme/datasource/CacheDataSource.java
	src/main/java/fr/xephi/authme/datasource/DataSource.java
	src/main/java/fr/xephi/authme/datasource/SQLite.java
	src/main/java/fr/xephi/authme/security/crypts/BCRYPT.java
 2016-01-06 12:15:27 +07:00
ljacqu
9533965095 Minor - update JavaDoc for HashAlgorithm 
- Replace incorrect description
 2016-01-02 01:09:42 +01:00
ljacqu
6475cecd79 Add tools task to generate an encryption algorithm overview 2015-12-31 13:33:00 +01:00
ljacqu
a0da423a7b Minor - Javadoc changes 
- Add/replace/improve javadoc in the commands and encryption section
- Note: A simple <p> is the javadoc way to make a new paragraph
http://www.oracle.com/technetwork/java/javase/documentation/index-137868.html#format
- Note: Do not escape '<' and '>' inside of {@code }
- Note: '>' does not need to be escaped
 2015-12-31 13:32:41 +01:00
DNx5
0c305a6287 Added new updatePassword method in DataSource class 2015-12-31 12:55:34 +07:00
DNx5
bd5d341e67 Xenforo support. 
- Added getPassword method in DataSource and all implementations.
 2015-12-31 11:05:18 +07:00
Xephi59
e1a84448a2 Fix the whole Javadoc syntax 2015-12-31 01:06:09 +01:00
ljacqu
aed23cb1ef Revert removal of XENFORO enum, hash class and custom SQL 
- Undo commits 121d323 and 1c12278
- Add TODO's with issue number
- Add slight, necessary adjustments for code changes since the reverted commits
 2015-12-31 00:36:08 +01:00
ljacqu
eea3697fa4 #364 Add test for bogus hashes 
- Verify that a "hash" in the wrong format doesn't throw exception (this is relevant when the supportOldPasswordHash setting is enabled)
 2015-12-30 23:24:36 +01:00
ljacqu
c0a393b8b3 Minor - rename EncryptedPassword to HashedPassword 
- We hash passwords; we don't encrypt them
 2015-12-30 22:51:59 +01:00
ljacqu
e85dbe81e5 #358 Ensure lowercase player name, issue cleanup 
- Ensure within PasswordSecurity that the player name is lowercase
- Remove check for MD5VB separate salt (we only generate hashes with the salt embedded, so either we need to change that or we don't need this check)
- Remove obsolete TODO
 2015-12-30 22:45:18 +01:00
Gabriele C
300a621e1c cleanup 2015-12-30 22:28:45 +01:00
ljacqu
3328656134 #358 Create test for PasswordSecurity, create salt column if not exists 
- Add test class for PasswordSecurity
- Check and create the salt column in MySQL and SQLite when necessary
- Add javadoc to some classes
 2015-12-30 21:36:07 +01:00
ljacqu
a3402d573f #358 Handle hash + salt as one "unit" 
- Rename HashResult to EncryptedPassword to reflect its broader use
- Use EncryptedPassword in methods that require the hash and the salt, instead of passing them as strings separately
- Store EncryptedPassword as field in PlayerAuth; updatePassword() thus processes the entire data in the EncryptedPassword object
 2015-12-30 17:56:22 +01:00
ljacqu
9c4a578bec #358 Remove old methods on PasswordSecurity, unify hash + salt 
- For encryption methods with a separate salt, the hash is useless without the salt, so hash and salt should always be persisted and retrieved together
 2015-12-30 15:43:25 +01:00
ljacqu
922082f312 #364 Add HashAlgorithm integration test, fix failing tests 
- Create integration test for the HashAlgorithm enum
- Create AsciiRestricted annotation and make test aware of it
- Add option to skip "same hash for same salt" test (for wordpress)
- Change some EncryptionMethods to extend from a common superclass
 2015-12-29 13:29:26 +01:00
ljacqu
531327dd9b Minor - make AuthMe.database private 
- In favor of AuthMe.getDataSource()
 2015-12-29 11:55:57 +01:00
ljacqu
b3b751920a #358 Replace usage of static PasswordSecurity methods 
- Replace static methods to instance methods
- Use PlayerAuth builder instead of constructor
 2015-12-29 00:13:20 +01:00
ljacqu
1c12278c4b #369 Remove XENFORO enum entry 2015-12-28 22:39:15 +01:00
ljacqu
121d323221 #369 Delete Xenforo (XF) encryption algorithm 
Rationale:
- Seems not to have been working since it was added to the codebase
- Seems not to correspond to the actual Xenforo password hashing (class does some sort of JSON extraction?)
- It would be easier to rewrite it from scratch if someone requests it later
 2015-12-28 22:32:24 +01:00
ljacqu
47f4275225 #358 Update EncryptionMethod to new interface 
- Add new methods to the EncryptionMethod interface
- Delete temporary interface (NewEncrMethod)
- Remove temporary checks and casts to NewEncrMethod
 2015-12-28 22:00:43 +01:00
ljacqu
9b73475b9a Minor - clean up bcrypt 2y implementation 
- Update Recommendation annotation
- Add proper length check to hash
- Remove check that is always true
 2015-12-28 21:27:47 +01:00
ljacqu
73bc6e286a #369 Fix bcrypt 2y implementation 
- Change salt length to 22: it was once changed on accident during some other commit
 2015-12-28 21:03:33 +01:00
ljacqu
48d0a65724 #358 Create encryption method supertypes, add new methods 2015-12-28 20:10:45 +01:00
ljacqu
31730699ac #358 Start refactoring PasswordSecurity 
- Add new methods temporarily to NewEncrMethod interface
   - No data source access within EncryptionMethod implementations
   - Generate the salt within the EncryptionMethod implementation
- Deprecate static methods on PasswordSecurity
- Adjust AbstractEncryptionMethodTest to test the classes with the new interface
- Add getter for data source instead of accessing field directly
 2015-12-28 16:23:08 +01:00
ljacqu
6ac1967364 Merge branch 'master' of https://github.com/AuthMe-Team/AuthMeReloaded into 358-encryptn-mthd-refactor 2015-12-28 13:33:18 +01:00
Xephi
0688a8645a Deprecated PLAINTEXT support 2015-12-28 12:29:00 +01:00
ljacqu
804a670e08 Create test for HashUtils and RandomString 2015-12-27 23:37:07 +01:00
ljacqu
513ff9a928 #358 Make RandomString static & generate all rand. strings with it 
- Remove dubious random String generator on HashUtils
- Make further hash classes use HashUtils
 2015-12-27 22:16:16 +01:00
ljacqu
90a0325194 #358 Add future interface methods, remove exception throwing 
- Create Utils class for a common implementation of md5/sha1
- Create "foolproof" way of getting the MessageDigest for md5 etc. (MessageDigestAlgorithm enum)
- Create description annotations to annotate algorithms with usage recommendation and salt type
 2015-12-26 23:59:32 +01:00
ljacqu
1f11537b85 #364 Add more tests for encryption algorithms 
- Rename getHash() to computeHash(): get.. suggests it's just retrieving some field but it's really doing a computation, which is quite complex depending on the hash algorithm
 2015-12-20 23:43:54 +01:00
ljacqu
bf7a0c5a49 #364 Create first EncryptionMethod tests 2015-12-20 00:51:15 +01:00
ljacqu
7b2be4ca47 Remove redundant JavaDoc in security package 
- Remove all JavaDoc in security package that has no additional information than in the code
- Reduce visibility of class members where appropriate
 2015-12-19 09:53:52 +01:00
Tim Visée
09067ddbd1 Removed redundant code, fixed some warnings, other minor fixes 2015-11-23 22:18:04 +01:00
Tim Visée
82bf0f45ca Finalized some fields, removed redundant code, various other fixes 2015-11-23 22:14:03 +01:00
Tim Visée
83e5d726af Improved various code bits 2015-11-23 22:12:01 +01:00
Tim Visée
47b1d00ccf Fixed various spelling and grammar issues 2015-11-23 22:07:32 +01:00
Tim Visée
36c50c4507 Reformatted code with new code style 2015-11-23 21:46:34 +01:00
Tim Visée
53117928f5 Reformatted all files once again 2015-11-23 21:40:11 +01:00
Tim Visée
2e868c7492 Reformatted all code files, cleaned up the project 2015-11-23 21:33:08 +01:00
AuthMe-Team
9ec2d6d059 Stuff from the common floobits workspace 
Author:    AuthMe-Team <AuthMeTeam@123NoEmail.com>
 2015-11-23 20:23:52 +01:00
Gabriele C
bd1f868c6d standard javadoc 2015-11-21 01:31:18 +01:00
Gabriele C
118c79401a Prepare the project for javadocs 2015-11-21 01:27:06 +01:00
Gabriele C
adcd70b91d auto cleanup 2015-11-21 01:15:52 +01:00
Gabriele C
3567fc909d Organize imports 2015-10-09 19:18:24 +02:00
games647
e9f299fca8 Fix PlayerAuth constructor calls 2015-10-03 18:22:13 +02:00
DNx5
350ab53563 update base64 2015-09-20 08:44:30 +07:00
DNx5
53fcfb5b43 cleanup encryption 2015-09-20 08:44:28 +07:00