從spring security 5.0起支持多種加密方式處理,並通過前綴來區分加密方式
測試代碼:
PasswordEncoder passwordEncoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
String encode = passwordEncoder.encode("123456");
System.out.println("bcrypt密文:" + encode);
System.out.println("bcrypt對比:" + passwordEncoder.matches("123456", encode));
//MD5加密前的密碼:123456
String md5encode = "{MD5}e10adc3949ba59abbe56e057f20f883e";
System.out.println("MD5對比:" + passwordEncoder.matches("123456", md5encode));
測試結果
bcrypt密文:{bcrypt}$2a$10$r5vO.SHOl2nsv71k8lZgLe5na1fBdtqDvDYhYPweu/CnzFRSYhZSq
bcrypt對比:true
MD5對比:true
PasswordEncoderFactories代碼
public static PasswordEncoder createDelegatingPasswordEncoder() {
String encodingId = "bcrypt";
Map<String, PasswordEncoder> encoders = new HashMap<>();
encoders.put(encodingId, new BCryptPasswordEncoder());
encoders.put("ldap", new org.springframework.security.crypto.password.LdapShaPasswordEncoder());
encoders.put("MD4", new org.springframework.security.crypto.password.Md4PasswordEncoder());
encoders.put("MD5", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("MD5"));
encoders.put("noop", org.springframework.security.crypto.password.NoOpPasswordEncoder.getInstance());
encoders.put("pbkdf2", new Pbkdf2PasswordEncoder());
encoders.put("scrypt", new SCryptPasswordEncoder());
encoders.put("SHA-1", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1"));
encoders.put("SHA-256", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256"));
encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder());
return new DelegatingPasswordEncoder(encodingId, encoders);
}