From 2afdfe317975f8a4bd79c0eba333ec7c2d311a3e Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Fri, 13 May 2016 14:42:27 +0200 Subject: [PATCH] added method generatedConfirmationKey() --- .../jusercore/model/user/UserUtils.java | 56 ++++++++++++++++++- 1 file changed, 55 insertions(+), 1 deletion(-) diff --git a/src/org/mxchange/jusercore/model/user/UserUtils.java b/src/org/mxchange/jusercore/model/user/UserUtils.java index bd2c898..8aa0b11 100644 --- a/src/org/mxchange/jusercore/model/user/UserUtils.java +++ b/src/org/mxchange/jusercore/model/user/UserUtils.java @@ -21,6 +21,8 @@ import java.security.SecureRandom; import java.text.MessageFormat; import java.util.Random; import org.apache.commons.codec.digest.Crypt; +import org.apache.commons.codec.digest.DigestUtils; +import org.mxchange.jcontacts.contact.Contact; import org.mxchange.jusercore.container.login.LoginContainer; /** @@ -137,10 +139,62 @@ public class UserUtils implements Serializable { return userName; } + /** + * Generate a key suitable for confirmation. This is basicly a large and + * strong hash with a lop entropy. + *

+ * @param user User instance to use as additional entropy source + *

+ * @return Generated key + */ + public static String generatedConfirmationKey (final User user) { + // Generates random string by creating a random, encrypted password + StringBuilder key = new StringBuilder(encryptPassword(generateRandomUserName())); + + // Is user set? + if (user instanceof User) { + // Add it's name, too + key.append(":").append(user); //NOI18N + + // Is user name set? + if (user.getUserName() instanceof String) { + // Add it + key.append(":").append(user.getUserName()); //NOI18N + } + + // Is password set? + if (user.getUserEncryptedPassword() instanceof String) { + // Add it, too + key.append(":").append(user.getUserEncryptedPassword()); //NOI18N + } + + // Get contact instance + Contact contact = user.getUserContact(); + + // Is contact set? + if (contact instanceof Contact) { + // Add it, too + key.append(":").append(contact); //NOI18N + + // Is email address set? + if (contact.getContactEmailAddress() instanceof String) { + // Add it, too + key.append(":").append(contact.getContactEmailAddress()); //NOI18N + } + } + } + + // Hash key + String hash = DigestUtils.sha256Hex(key.toString()); + + // Return it + return hash; + } + /** * Checks if password from container matches the updatedUser's password *

- * @param container Container holding user instance and unencrypted password + * @param container Container holding user instance and unencrypted password * @param updatedUser Updated user instance from database *

* @return Whether the password matches -- 2.39.5