Archives/Athou_commafeed
1
0
Fork 1
mirror of https://github.com/Athou/commafeed.git synced 2026-03-21 21:37:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

findbugs is now happy

Browse Source
This commit is contained in:
Athou
2014-08-14 08:38:13 +02:00
parent 62a8e8c119
commit 0ff477579b
3 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/com/commafeed/backend/dao/FeedEntryStatusDAO.java
View File

@@ -112,7 +112,7 @@ public class FeedEntryStatusDAO extends GenericDAO<FeedEntryStatus> {
List<FeedEntryStatus> statuses = query.list(status); List<FeedEntryStatus> statuses = query.list(status);
for (FeedEntryStatus status : statuses) { for (FeedEntryStatus status : statuses) {
status = handleStatus(user, status, status.getSubscription(), status.getEntry()); status = handleStatus(user, status, status.getSubscription(), status.getEntry());
status = fetchTags(user, status); fetchTags(user, status);
} }
return lazyLoadContent(includeContent, statuses); return lazyLoadContent(includeContent, statuses);
} }

4
src/main/java/com/commafeed/backend/service/MailService.java
View File

@@ -1,6 +1,5 @@
package com.commafeed.backend.service; package com.commafeed.backend.service;
import java.io.Serializable;
import java.util.Properties; import java.util.Properties;
import javax.mail.Authenticator; import javax.mail.Authenticator;
@@ -21,9 +20,8 @@ import com.commafeed.backend.model.User;
* Mailing service * Mailing service
* *
*/ */
@SuppressWarnings("serial")
@RequiredArgsConstructor @RequiredArgsConstructor
public class MailService implements Serializable { public class MailService {
private final CommaFeedConfiguration config; private final CommaFeedConfiguration config;

9
src/main/java/com/commafeed/backend/service/PasswordEncryptionService.java
View File

@@ -12,12 +12,17 @@ import javax.crypto.spec.PBEKeySpec;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
// taken from http://www.javacodegeeks.com/2012/05/secure-password-storage-donts-dos-and.html // taken from http://www.javacodegeeks.com/2012/05/secure-password-storage-donts-dos-and.html
@SuppressWarnings("serial") @SuppressWarnings("serial")
@Slf4j @Slf4j
public class PasswordEncryptionService implements Serializable { public class PasswordEncryptionService implements Serializable {
public boolean authenticate(String attemptedPassword, byte[] encryptedPassword, byte[] salt) { public boolean authenticate(String attemptedPassword, byte[] encryptedPassword, byte[] salt) {
if (StringUtils.isBlank(attemptedPassword)) {
return false;
}
// Encrypt the clear-text password using the same salt that was used to // Encrypt the clear-text password using the same salt that was used to
// encrypt the original password // encrypt the original password
byte[] encryptedAttemptedPassword = null; byte[] encryptedAttemptedPassword = null;
@@ -28,6 +33,10 @@ public class PasswordEncryptionService implements Serializable {
log.error(e.getMessage(), e); log.error(e.getMessage(), e);
} }
if (encryptedAttemptedPassword == null) {
return false;
}
// Authentication succeeds if encrypted password that the user entered // Authentication succeeds if encrypted password that the user entered
// is equal to the stored hash // is equal to the stored hash
return MessageDigest.isEqual(encryptedPassword, encryptedAttemptedPassword); return MessageDigest.isEqual(encryptedPassword, encryptedAttemptedPassword);