svn commit: r1486918 - in /syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core: connid/ConnObjectUtil.java persistence/beans/user/SyncopeUser.java util/MappingUtil.java util/SecureRandomUtil.java

Tue, 28 May 2013 06:37:14 -0700 

Author: massi
Date: Tue May 28 13:36:34 2013
New Revision: 1486918

URL: http://svn.apache.org/r1486918
Log:
Secure random string

Added:
    
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/SecureRandomUtil.java
Modified:
    
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/connid/ConnObjectUtil.java
    
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/persistence/beans/user/SyncopeUser.java
    
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java

Modified: 
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/connid/ConnObjectUtil.java
URL: 
http://svn.apache.org/viewvc/syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/connid/ConnObjectUtil.java?rev=1486918&r1=1486917&r2=1486918&view=diff
==============================================================================
--- 
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/connid/ConnObjectUtil.java
 (original)
+++ 
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/connid/ConnObjectUtil.java
 Tue May 28 13:36:34 2013
@@ -26,7 +26,6 @@ import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
-import org.apache.commons.lang.RandomStringUtils;
 import org.apache.commons.lang.StringUtils;
 import org.apache.syncope.common.mod.AbstractAttributableMod;
 import org.apache.syncope.common.to.AbstractAttributableTO;
@@ -62,6 +61,7 @@ import org.apache.syncope.core.util.Attr
 import org.apache.syncope.core.util.InvalidPasswordPolicySpecException;
 import org.apache.syncope.core.util.JexlUtil;
 import org.apache.syncope.core.util.MappingUtil;
+import org.apache.syncope.core.util.SecureRandomUtil;
 import org.apache.syncope.core.util.VirAttrCache;
 import org.identityconnectors.common.security.GuardedByteArray;
 import org.identityconnectors.common.security.GuardedString;
@@ -183,7 +183,7 @@ public class ConnObjectUtil {
             } catch (InvalidPasswordPolicySpecException e) {
                 LOG.error("Could not generate policy-compliant random password 
for {}", userTO, e);
 
-                password = RandomStringUtils.randomAlphanumeric(16);
+                password = SecureRandomUtil.generateRandomPassword(16);
             }
             userTO.setPassword(password);
         }

Modified: 
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/persistence/beans/user/SyncopeUser.java
URL: 
http://svn.apache.org/viewvc/syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/persistence/beans/user/SyncopeUser.java?rev=1486918&r1=1486917&r2=1486918&view=diff
==============================================================================
--- 
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/persistence/beans/user/SyncopeUser.java
 (original)
+++ 
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/persistence/beans/user/SyncopeUser.java
 Tue May 28 13:36:34 2013
@@ -47,7 +47,6 @@ import javax.validation.Valid;
 import javax.validation.constraints.Max;
 import javax.validation.constraints.Min;
 import javax.validation.constraints.NotNull;
-import org.apache.commons.lang.RandomStringUtils;
 import org.apache.syncope.common.types.CipherAlgorithm;
 import org.apache.syncope.core.persistence.beans.AbstractAttr;
 import org.apache.syncope.core.persistence.beans.AbstractAttributable;
@@ -58,6 +57,7 @@ import org.apache.syncope.core.persisten
 import org.apache.syncope.core.persistence.beans.role.SyncopeRole;
 import org.apache.syncope.core.persistence.validation.entity.SyncopeUserCheck;
 import org.apache.syncope.core.util.PasswordEncoder;
+import org.apache.syncope.core.util.SecureRandomUtil;
 
 @Entity
 @Cacheable
@@ -397,7 +397,7 @@ public class SyncopeUser extends Abstrac
     }
 
     public void generateToken(final int tokenLength, final int 
tokenExpireTime) {
-        this.token = RandomStringUtils.randomAlphanumeric(tokenLength);
+        this.token = SecureRandomUtil.generateRandomPassword(tokenLength);
 
         Calendar calendar = Calendar.getInstance();
         calendar.add(Calendar.MINUTE, tokenExpireTime);
@@ -485,6 +485,8 @@ public class SyncopeUser extends Abstrac
         return username;
     }
 
+    int PASSWORD_LENGTH = 8;
+
     public void setUsername(final String username) {
         this.username = username;
     }

Modified: 
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java
URL: 
http://svn.apache.org/viewvc/syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java?rev=1486918&r1=1486917&r2=1486918&view=diff
==============================================================================
--- 
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java
 (original)
+++ 
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java
 Tue May 28 13:36:34 2013
@@ -28,7 +28,6 @@ import java.util.Map;
 import java.util.Set;
 import org.apache.commons.jexl2.JexlContext;
 import org.apache.commons.jexl2.MapContext;
-import org.apache.commons.lang.RandomStringUtils;
 import org.apache.commons.lang.StringUtils;
 import org.apache.syncope.common.mod.AttributeMod;
 import org.apache.syncope.common.types.IntMappingType;
@@ -222,7 +221,7 @@ public final class MappingUtil {
                     } catch (InvalidPasswordPolicySpecException e) {
                         LOG.error("Could not generate policy-compliant random 
password for {}", user, e);
 
-                        passwordAttrValue = 
RandomStringUtils.randomAlphanumeric(16);
+                        passwordAttrValue = 
SecureRandomUtil.generateRandomPassword(16);
                     }
                 }
             }

Added: 
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/SecureRandomUtil.java
URL: 
http://svn.apache.org/viewvc/syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/SecureRandomUtil.java?rev=1486918&view=auto
==============================================================================
--- 
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/SecureRandomUtil.java
 (added)
+++ 
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/SecureRandomUtil.java
 Tue May 28 13:36:34 2013
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.util;
+
+import java.security.SecureRandom;
+import java.util.Random;
+
+public class SecureRandomUtil {
+
+    public static String generateRandomPassword(final int tokenLength) {
+        Random random = new SecureRandom();
+
+        final String letters = 
"abcdefghjkmnpqrstuvwxyzABCDEFGHJKMNPQRSTUVWXYZ0123456789";
+
+        String pw = "";
+        for (int i = 0; i < tokenLength; i++) {
+            pw += letters.charAt((int) (random.nextDouble() * 
letters.length()));
+        }
+        return pw;
+    }
+}

Reply via email to