Class HaveIBeenPwnedRestApiReactivePasswordChecker
java.lang.Object
org.springframework.security.web.authentication.password.HaveIBeenPwnedRestApiReactivePasswordChecker
- All Implemented Interfaces:
ReactiveCompromisedPasswordChecker
public class HaveIBeenPwnedRestApiReactivePasswordChecker
extends Object
implements ReactiveCompromisedPasswordChecker
Checks if the provided password was leaked by relying on
Have I Been Pwned REST
API. This implementation uses the Search by Range in order to protect the value of
the source password being searched for.
- Since:
- 6.3
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionreactor.core.publisher.Mono<CompromisedPasswordDecision>
Check whether the password is compromisedvoid
setWebClient
(org.springframework.web.reactive.function.client.WebClient webClient) Sets theWebClient
to use when making requests to Have I Been Pwned REST API.
-
Constructor Details
-
HaveIBeenPwnedRestApiReactivePasswordChecker
public HaveIBeenPwnedRestApiReactivePasswordChecker()
-
-
Method Details
-
check
Description copied from interface:ReactiveCompromisedPasswordChecker
Check whether the password is compromised- Specified by:
check
in interfaceReactiveCompromisedPasswordChecker
- Parameters:
password
- the password to check- Returns:
- a
Mono
containing theCompromisedPasswordDecision
-
setWebClient
public void setWebClient(org.springframework.web.reactive.function.client.WebClient webClient) Sets theWebClient
to use when making requests to Have I Been Pwned REST API. By default, aWebClient
with a base URL ofAPI_URL
is used.- Parameters:
webClient
- theWebClient
to use
-