### Generate auth credential
-Util "crypt_password.py" to generate new cryptographic password is stored in dcaegen2/sdk
+Library to generate new cryptographic password is stored in dcaegen2/sdk -"security/crypt-password"
+or download artifact from:
+
+https://nexus.onap.org/#nexus-search;quick~crypt-password
+
+How to use:
```
-python crypt_password.py -p TestPassword
+java -jar crypt-password-<version>.jar password_to_crypt
```
### Environment variables in Docker Container
<version>2.1.0.RELEASE</version>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>org.onap.dcaegen2.services.sdk.security.crypt</groupId>
+ <artifactId>crypt-password</artifactId>
+ <version>1.0.0-SNAPSHOT</version>
+ </dependency>
</dependencies>
<repositories>
<repository>
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.onap.dcae.ApplicationSettings;
+import org.onap.dcaegen2.services.sdk.security.CryptPassword;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
final class ApiAuthInterceptor extends HandlerInterceptorAdapter {
private static final Logger LOG = LoggerFactory.getLogger(ApiAuthInterceptor.class);
- private final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
+ private final CryptPassword cryptPassword = new CryptPassword();
private final ApplicationSettings applicationSettings;
private Logger errorLog;
String providedPassword = decodedData.split(":")[1].trim();
Option<String> maybeSavedPassword = applicationSettings.validAuthorizationCredentials().get(providedUser);
boolean userRegistered = maybeSavedPassword.isDefined();
- return userRegistered && passwordEncoder.matches(providedPassword,maybeSavedPassword.get());
+ return userRegistered && cryptPassword.matches(providedPassword,maybeSavedPassword.get());
} catch (Exception e) {
LOG.warn(String.format("Could not check if user is authorized (header: '%s')), probably malformed header.",
authorizationHeader), e);