io.vertx.reactivex.ext.auth.jdbc

Class JDBCAuth

java.lang.Object

io.vertx.reactivex.ext.auth.AuthProvider

io.vertx.reactivex.ext.auth.jdbc.JDBCAuth

public class JDBCAuth
extends AuthProvider

Factory interface for creating AuthProvider instances that use the Vert.x JDBC client. By default the hashing strategy is SHA-512. If you're already running in production this is backwards compatible, however for new deployments or security upgrades it is recommended to use the PBKDF2 strategy as it is the current OWASP recommendation for password storage.

NOTE: This class has been automatically generated from the original non RX-ified interface using Vert.x codegen.

Field Summary

Fields

Modifier and Type	Field and Description
static io.vertx.lang.rx.TypeArg<JDBCAuth>	__TYPE_ARG
static String	DEFAULT_AUTHENTICATE_QUERY The default query to be used for authentication
static String	DEFAULT_PERMISSIONS_QUERY The default query to retrieve all permissions for the role
static String	DEFAULT_ROLE_PREFIX The default role prefix
static String	DEFAULT_ROLES_QUERY The default query to retrieve all roles for the user

Constructor Summary

Constructors

Constructor and Description
JDBCAuth(JDBCAuth delegate)
JDBCAuth(Object delegate)

Method Summary

Modifier and Type	Method and Description
String	computeHash(String password, String salt) Compute the hashed password given the unhashed password and the salt without nonce The implementation relays to the JDBCHashStrategy provided.
String	computeHash(String password, String salt, int version) Compute the hashed password given the unhashed password and the salt The implementation relays to the JDBCHashStrategy provided.
static JDBCAuth	create(Vertx vertx, JDBCClient client) Create a JDBC auth provider implementation
boolean	equals(Object o)
String	generateSalt() Compute a salt string.
JDBCAuth	getDelegate()
int	hashCode()
static JDBCAuth	newInstance(JDBCAuth arg)
JDBCAuth	setAuthenticationQuery(String authenticationQuery) Set the authentication query to use.
JDBCAuth	setNonces(JsonArray nonces) Provide a application configuration level on hash nonce's as a ordered list of nonces where each position corresponds to a version.
JDBCAuth	setPermissionsQuery(String permissionsQuery) Set the permissions query to use.
JDBCAuth	setRolePrefix(String rolePrefix) Set the role prefix to distinguish from permissions when checking for isPermitted requests.
JDBCAuth	setRolesQuery(String rolesQuery) Set the roles query to use.
String	toString()

Methods inherited from class io.vertx.reactivex.ext.auth.AuthProvider

authenticate, newInstance, rxAuthenticate

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

__TYPE_ARG

public static final io.vertx.lang.rx.TypeArg<JDBCAuth> __TYPE_ARG

DEFAULT_AUTHENTICATE_QUERY

public static final String DEFAULT_AUTHENTICATE_QUERY

The default query to be used for authentication

See Also:

Constant Field Values

DEFAULT_ROLES_QUERY

public static final String DEFAULT_ROLES_QUERY

The default query to retrieve all roles for the user

See Also:

Constant Field Values

DEFAULT_PERMISSIONS_QUERY

public static final String DEFAULT_PERMISSIONS_QUERY

The default query to retrieve all permissions for the role

See Also:

Constant Field Values

DEFAULT_ROLE_PREFIX

public static final String DEFAULT_ROLE_PREFIX

The default role prefix

See Also:

Constant Field Values

Constructor Detail

JDBCAuth

public JDBCAuth(JDBCAuth delegate)

JDBCAuth

public JDBCAuth(Object delegate)

Method Detail

toString

public String toString()

Overrides:

toString in class AuthProvider

equals

public boolean equals(Object o)

Overrides:

equals in class AuthProvider

hashCode

public int hashCode()

Overrides:

hashCode in class AuthProvider

getDelegate

public JDBCAuth getDelegate()

Overrides:

getDelegate in class AuthProvider

create

public static JDBCAuth create(Vertx vertx,
                              JDBCClient client)

Create a JDBC auth provider implementation

Parameters:

vertx -

client - the JDBC client instance

Returns:

the auth provider

setAuthenticationQuery

public JDBCAuth setAuthenticationQuery(String authenticationQuery)

Set the authentication query to use. Use this if you want to override the default authentication query.

Parameters:

authenticationQuery - the authentication query

Returns:

a reference to this for fluency

setRolesQuery

public JDBCAuth setRolesQuery(String rolesQuery)

Set the roles query to use. Use this if you want to override the default roles query.

Parameters:

rolesQuery - the roles query

Returns:

a reference to this for fluency

setPermissionsQuery

public JDBCAuth setPermissionsQuery(String permissionsQuery)

Set the permissions query to use. Use this if you want to override the default permissions query.

Parameters:

permissionsQuery - the permissions query

Returns:

a reference to this for fluency

setRolePrefix

public JDBCAuth setRolePrefix(String rolePrefix)

Set the role prefix to distinguish from permissions when checking for isPermitted requests.

Parameters:

rolePrefix - a Prefix e.g.: "role:"

Returns:

a reference to this for fluency

computeHash

public String computeHash(String password,
                          String salt)

Compute the hashed password given the unhashed password and the salt without nonce The implementation relays to the JDBCHashStrategy provided.

Parameters:

password - the unhashed password

salt - the salt

Returns:

the hashed password

computeHash

public String computeHash(String password,
                          String salt,
                          int version)

Compute the hashed password given the unhashed password and the salt The implementation relays to the JDBCHashStrategy provided.

Parameters:

password - the unhashed password

salt - the salt

version - the nonce version to use

Returns:

the hashed password

generateSalt

public String generateSalt()

Compute a salt string. The implementation relays to the JDBCHashStrategy provided.

Returns:

a non null salt value

setNonces

public JDBCAuth setNonces(JsonArray nonces)

Provide a application configuration level on hash nonce's as a ordered list of nonces where each position corresponds to a version. The nonces are supposed not to be stored in the underlying jdbc storage but to be provided as a application configuration. The idea is to add one extra variable to the hash function in order to make breaking the passwords using rainbow tables or precomputed hashes harder. Leaving the attacker only with the brute force approach. The implementation relays to the JDBCHashStrategy provided.

Parameters:

nonces - a List of non null Strings.

Returns:

a reference to this for fluency

newInstance

public static JDBCAuth newInstance(JDBCAuth arg)