From 7f88e7c22d4b61d36cbb4a62990f5fe144e80c2d Mon Sep 17 00:00:00 2001 From: Eric Hartmann Date: Fri, 13 Apr 2018 18:26:16 +0200 Subject: SONAR-6949 Implements bcrypt hash for password Extract hash mechanism into a single class LocalAuthentication Implements SHA1 (deprecated) and bcrypt hash Set bcrypt as default Update the hash of a user during authentication if hash method was SHA1 --- server/sonar-db-migration/build.gradle | 1 + .../server/platform/db/migration/version/v72/DbVersion72.java | 2 +- .../db/migration/version/v72/IncreaseCryptedPasswordSizeTest.java | 7 ++++--- 3 files changed, 6 insertions(+), 4 deletions(-) (limited to 'server/sonar-db-migration') diff --git a/server/sonar-db-migration/build.gradle b/server/sonar-db-migration/build.gradle index 7360daec774..53e5be5a48c 100644 --- a/server/sonar-db-migration/build.gradle +++ b/server/sonar-db-migration/build.gradle @@ -18,6 +18,7 @@ dependencies { testCompile 'org.assertj:assertj-core' testCompile 'org.dbunit:dbunit' testCompile 'org.mockito:mockito-core' + testCompile 'org.mindrot:jbcrypt' testCompile project(':sonar-testing-harness') testCompile project(':server:sonar-db-core').sourceSets.test.output diff --git a/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v72/DbVersion72.java b/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v72/DbVersion72.java index 35c94276936..2303e9e1d89 100644 --- a/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v72/DbVersion72.java +++ b/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v72/DbVersion72.java @@ -27,7 +27,7 @@ public class DbVersion72 implements DbVersion { @Override public void addSteps(MigrationStepRegistry registry) { registry - .add(2100, "Increase size of CRYPTED_PASSWORD", IncreaseCryptedPasswordSize.class) + .add(2100, "Increase size of USERS.CRYPTED_PASSWORD", IncreaseCryptedPasswordSize.class) .add(2101, "Add HASH_METHOD to table users", AddHashMethodToUsersTable.class) .add(2102, "Populate HASH_METHOD on table users", PopulateHashMethodOnUsers.class) ; diff --git a/server/sonar-db-migration/src/test/java/org/sonar/server/platform/db/migration/version/v72/IncreaseCryptedPasswordSizeTest.java b/server/sonar-db-migration/src/test/java/org/sonar/server/platform/db/migration/version/v72/IncreaseCryptedPasswordSizeTest.java index 455c0a25835..2dee68bea27 100644 --- a/server/sonar-db-migration/src/test/java/org/sonar/server/platform/db/migration/version/v72/IncreaseCryptedPasswordSizeTest.java +++ b/server/sonar-db-migration/src/test/java/org/sonar/server/platform/db/migration/version/v72/IncreaseCryptedPasswordSizeTest.java @@ -1,4 +1,4 @@ -package org.sonar.server.platform.db.migration.version.v72;/* +/* * SonarQube * Copyright (C) 2009-2018 SonarSource SA * mailto:info AT sonarsource DOT com @@ -17,12 +17,12 @@ package org.sonar.server.platform.db.migration.version.v72;/* * along with this program; if not, write to the Free Software Foundation, * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ +package org.sonar.server.platform.db.migration.version.v72; import java.sql.SQLException; import org.junit.Rule; import org.junit.Test; import org.junit.rules.ExpectedException; -import org.mindrot.jbcrypt.BCrypt; import org.sonar.db.CoreDbTester; import static org.assertj.core.api.Assertions.assertThat; @@ -53,9 +53,10 @@ public class IncreaseCryptedPasswordSizeTest { } private void insertRow() { + // bcrypt hash is 60 characters db.executeInsert( "USERS", - "CRYPTED_PASSWORD", BCrypt.hashpw("a", BCrypt.gensalt()), + "CRYPTED_PASSWORD", "$2a$10$8tscphgcElKF5vOBer4H.OVfLKpPIH74hK.rxyhOP5HVyZHyfgRGy", "IS_ROOT", false, "ONBOARDED", false); } -- cgit v1.2.3