Package org.springframework.security.crypto.password

Class AbstractValidatingPasswordEncoder

java.lang.Object
org.springframework.security.crypto.password.AbstractValidatingPasswordEncoder
All Implemented Interfaces:
PasswordEncoder
Direct Known Subclasses:
AbstractPasswordEncoder, Argon2Password4jPasswordEncoder, Argon2PasswordEncoder, BalloonHashingPassword4jPasswordEncoder, BcryptPassword4jPasswordEncoder, BCryptPasswordEncoder, DelegatingPasswordEncoder, LdapShaPasswordEncoder, Md4PasswordEncoder, MessageDigestPasswordEncoder, NoOpPasswordEncoder, Pbkdf2Password4jPasswordEncoder, Pbkdf2PasswordEncoder, ScryptPassword4jPasswordEncoder, SCryptPasswordEncoder, StandardPasswordEncoder
public abstract class AbstractValidatingPasswordEncoder extends Object implements PasswordEncoder

  • Constructor Details

    • AbstractValidatingPasswordEncoder

      public AbstractValidatingPasswordEncoder()

  • Method Details

    • encode

      public final @Nullable String encode(@Nullable CharSequence rawPassword)
      Description copied from interface: PasswordEncoder
      Encode the raw password. Generally, a good encoding algorithm uses an adaptive one way function.
      Specified by:
      encode in interface PasswordEncoder
      Parameters:
      rawPassword - a password that has not been encoded. The value can be null in the event that the user has no password; in which case the result must be null.
      Returns:
      A non-null encoded password, unless the rawPassword was null in which case the result must be null.

    • encodeNonNullPassword

      protected abstract String encodeNonNullPassword(String rawPassword)

    • matches

      public final boolean matches(@Nullable CharSequence rawPassword, @Nullable String encodedPassword)
      Description copied from interface: PasswordEncoder
      Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded. Returns true if the passwords match, false if they do not. The stored password itself is never decoded. Never true if either rawPassword or encodedPassword is null or an empty String.
      Specified by:
      matches in interface PasswordEncoder
      Parameters:
      rawPassword - the raw password to encode and match.
      encodedPassword - the encoded password from storage to compare with.
      Returns:
      true if the raw password, after encoding, matches the encoded password from storage.

    • matchesNonNull

      protected abstract boolean matchesNonNull(String rawPassword, String encodedPassword)

    • upgradeEncoding

      public final boolean upgradeEncoding(@Nullable String encodedPassword)
      Description copied from interface: PasswordEncoder
      Returns true if the encoded password should be encoded again for better security, else false. The default implementation always returns false.
      Specified by:
      upgradeEncoding in interface PasswordEncoder
      Parameters:
      encodedPassword - the encoded password to check. Possibly null if the user did not have a password.
      Returns:
      true if the encoded password should be encoded again for better security, else false. If encodedPassword is null (the user didn't have a password), then always false.

    • upgradeEncodingNonNull

      protected boolean upgradeEncodingNonNull(String encodedPassword)