71 lines
2.5 KiB
Plaintext
71 lines
2.5 KiB
Plaintext
@startuml
|
|
skinparam Shadowing false
|
|
skinparam class {
|
|
BackgroundColor White
|
|
}
|
|
hide empty members
|
|
|
|
abstract AbstractUserDetailsAuthenticationProvider
|
|
class UserDetails
|
|
|
|
class DaoAuthenticationProvider {
|
|
- PasswordEncoder passwordEncoder
|
|
- String userNotFoundEncodedPassword
|
|
- UserDetailsService userDetailsService
|
|
- UserDetailsPasswordService userDetailsPasswordService
|
|
- void prepareTimingAttackProtection()
|
|
- void mitigateAgainstTimingAttack(UsernamePasswordAuthenticationToken authentication)
|
|
}
|
|
|
|
interface UserDetailsService {
|
|
+ UserDetails loadUserByUsername(String username)
|
|
}
|
|
|
|
interface UserDetailsPasswordService {
|
|
+ UserDetails update(UserDetails user, String password)
|
|
}
|
|
|
|
interface PasswordEncoder {
|
|
+ String encode(CharSequence rawPassword)
|
|
+ boolean matches(CharSequence rawPassword, String encodedPassword)
|
|
+ boolean upgradeEncoding(String rawPassword)
|
|
}
|
|
class UsernamePasswordAuthenticationToken
|
|
|
|
abstract AbstractPasswordEncoder {
|
|
# byte[] encode(CharSequence rawPassword, byte[] salt)
|
|
# byte[] encodeAndConcatenate(CharSequence rawPassword, byte[] salt)
|
|
# {static} boolean matches(byte[] expected, byte[] actual)
|
|
}
|
|
|
|
class DelegatingPasswordEncoder {
|
|
- {static} String PREFIX
|
|
- {static} String SUFFIX
|
|
- String idForEncode
|
|
- PasswordEncoder passwordEncoderForEncode
|
|
- Map<String, PasswordEncoder> idToPasswordEncoder
|
|
- PasswordEncoder defaultPasswordEncoderForMatches
|
|
+ DelegatingPasswordEncoder(String idForEncode, Map<String, PasswordEncoder> idToPasswordEncoder)
|
|
+ void setDefaultPasswordEncoderForMatches(PasswordEncoder defaultPasswordEncoderForMatches)
|
|
- String extractId(String prefixEncodedPassword)
|
|
- String extractEncodedPassword(String prefixEncodedPassword)
|
|
}
|
|
|
|
class UnmappedIdPasswordEncoder
|
|
class BCryptPasswordEncoder
|
|
class Pbkdf2PasswordEncoder
|
|
|
|
DaoAuthenticationProvider --|> AbstractUserDetailsAuthenticationProvider
|
|
UserDetailsService --* DaoAuthenticationProvider
|
|
UserDetailsPasswordService --* DaoAuthenticationProvider
|
|
UsernamePasswordAuthenticationToken --* DaoAuthenticationProvider
|
|
PasswordEncoder ---* DaoAuthenticationProvider
|
|
UserDetails --* UserDetailsService
|
|
UserDetails --* UserDetailsPasswordService
|
|
AbstractPasswordEncoder ..|> PasswordEncoder
|
|
DelegatingPasswordEncoder ..|> PasswordEncoder
|
|
DelegatingPasswordEncoder +-- UnmappedIdPasswordEncoder
|
|
UnmappedIdPasswordEncoder ..|> PasswordEncoder
|
|
BCryptPasswordEncoder ..|> PasswordEncoder
|
|
Pbkdf2PasswordEncoder ..|> PasswordEncoder
|
|
@enduml |