/*
*    Copyright [2011] [wisemapping]
*
*   Licensed under WiseMapping Public License, Version 1.0 (the "License").
*   It is basically the Apache License, Version 2.0 (the "License") plus the
*   "powered by wisemapping" text requirement on every single page;
*   you may not use this file except in compliance with the License.
*   You may obtain a copy of the license at
*
*       http://www.wisemapping.org/license
*
*   Unless required by applicable law or agreed to in writing, software
*   distributed under the License is distributed on an "AS IS" BASIS,
*   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
*   See the License for the specific language governing permissions and
*   limitations under the License.
*/

package com.wisemapping.security;

import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.springframework.dao.DataAccessException;
import org.springframework.security.authentication.encoding.PasswordEncoder;
import org.springframework.security.authentication.encoding.ShaPasswordEncoder;

public class CustomPasswordEncoder
    implements PasswordEncoder
{
    private PasswordEncoder delegateEncoder = new ShaPasswordEncoder();

    private static final String ENC_PREFIX = "ENC:";

    public String encodePassword(@NotNull String rawPass, @Nullable Object salt) throws DataAccessException {

        String password = rawPass;
        if (!rawPass.startsWith(ENC_PREFIX))
        {
            password = ENC_PREFIX + delegateEncoder.encodePassword(rawPass,salt);
        }

        return password;
    }

    public boolean isPasswordValid(@NotNull String encPass, @NotNull String rawPass, Object salt) throws DataAccessException {

        String pass1 = "" + encPass;
        String pass2 = rawPass;

        if (pass1.startsWith(ENC_PREFIX))
        {

            pass2 = encodePassword(rawPass, salt);
        }
      return pass1.equals(pass2);
    }
}