You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@james.apache.org by bt...@apache.org on 2021/09/08 03:13:52 UTC
[james-project] branch master updated: MAILBOX-347 NONE Password
hashing is actually replace the password with a fixed string (#641)
This is an automated email from the ASF dual-hosted git repository.
btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git
The following commit(s) were added to refs/heads/master by this push:
new 6431025 MAILBOX-347 NONE Password hashing is actually replace the password with a fixed string (#641)
6431025 is described below
commit 6431025fb89fc5a3fba845f9f6fc634e3cae69cc
Author: Benoit TELLIER <bt...@linagora.com>
AuthorDate: Wed Sep 8 10:12:49 2021 +0700
MAILBOX-347 NONE Password hashing is actually replace the password with a fixed string (#641)
---
.../src/main/java/org/apache/james/user/jpa/model/JPAUser.java | 4 ++--
.../src/test/java/org/apache/james/user/jpa/model/JPAUserTest.java | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/server/data/data-jpa/src/main/java/org/apache/james/user/jpa/model/JPAUser.java b/server/data/data-jpa/src/main/java/org/apache/james/user/jpa/model/JPAUser.java
index 44cbff5..985fece 100644
--- a/server/data/data-jpa/src/main/java/org/apache/james/user/jpa/model/JPAUser.java
+++ b/server/data/data-jpa/src/main/java/org/apache/james/user/jpa/model/JPAUser.java
@@ -67,9 +67,9 @@ public class JPAUser implements User {
String algorithm = Optional.ofNullable(nullableAlgorithm).orElse("SHA-512");
switch (algorithm) {
case "NONE":
- return (password) -> "password";
+ return password -> password;
default:
- return (password) -> chooseHashing(algorithm).hashString(password, StandardCharsets.UTF_8).toString();
+ return password -> chooseHashing(algorithm).hashString(password, StandardCharsets.UTF_8).toString();
}
}
diff --git a/server/data/data-jpa/src/test/java/org/apache/james/user/jpa/model/JPAUserTest.java b/server/data/data-jpa/src/test/java/org/apache/james/user/jpa/model/JPAUserTest.java
index c09a292..85c8d15 100644
--- a/server/data/data-jpa/src/test/java/org/apache/james/user/jpa/model/JPAUserTest.java
+++ b/server/data/data-jpa/src/test/java/org/apache/james/user/jpa/model/JPAUserTest.java
@@ -28,7 +28,7 @@ class JPAUserTest {
@Test
void hashPasswordShouldBeNoopWhenNone() {
//I doubt the expected result was the author intent
- Assertions.assertThat(JPAUser.hashPassword(RANDOM_PASSWORD, "NONE")).isEqualTo("password");
+ Assertions.assertThat(JPAUser.hashPassword(RANDOM_PASSWORD, "NONE")).isEqualTo("baeMiqu7");
}
@Test
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org