Factory interface for creating @see \io\vertx\jphp\ext\auth\AuthProvider instances that use the Vert.x JDBC client.
By default the hashing strategy is SHA-512. If you're already running in production this is backwards compatible, however for new deployments or security upgrades it is recommended to use the PBKDF2 strategy as it is the current OWASP recommendation for password storage.
| package |
Default |
|---|
__construct()
authenticate( $arg0, $arg1) : void
The first argument is a JSON object containing information for authenticating the user. What this actually contains depends on the specific implementation. In the case of a simple username/password based authentication it is likely to contain a JSON object with the following structure:
{
"username": "tim",
"password": "mypassword"
}
For other types of authentication it contain different information - for example a JWT token or OAuth bearer token.
If the user is successfully authenticated a object is passed to the handler in an \io.vertx.core.AsyncResult. The user object can then be used for authorisation.
array
callable
computeHash( $arg0, $arg1, $arg2 = null) : string
The implementation relays to the JDBCHashStrategy provided.
param $password [string] the unhashed password param $salt [string] the salt computeHash($password, $salt)
Compute the hashed password given the unhashed password and the salt
The implementation relays to the JDBCHashStrategy provided.
param $password [string] the unhashed password param $salt [string] the salt param $version [integer] the nonce version to use computeHash($password, $salt, $version)
string
string
integer
stringthe hashed password
create( $arg0, $arg1) : \io\vertx\jphp\ext\auth\jdbc\JDBCAuth
Vertx
JDBCClient
\io\vertx\jphp\ext\auth\jdbc\JDBCAuththe auth provider
generateSalt() : string
The implementation relays to the JDBCHashStrategy provided.
stringa non null salt value
setAuthenticationQuery( $arg0) : $this
string
$thisa reference to this for fluency
setNonces( $arg0) : $this
The nonces are supposed not to be stored in the underlying jdbc storage but to be provided as a application configuration. The idea is to add one extra variable to the hash function in order to make breaking the passwords using rainbow tables or precomputed hashes harder. Leaving the attacker only with the brute force approach.
The implementation relays to the JDBCHashStrategy provided.
array
$thisa reference to this for fluency
setPermissionsQuery( $arg0) : $this
string
$thisa reference to this for fluency
setRolePrefix( $arg0) : $this
string
$thisa reference to this for fluency
setRolesQuery( $arg0) : $this
string
$thisa reference to this for fluency
DEFAULT_AUTHENTICATE_QUERY
| var |
php文件只是为了写代码方便,常量的实际值请参考原java文件 |
|---|
DEFAULT_ROLES_QUERY
| var |
php文件只是为了写代码方便,常量的实际值请参考原java文件 |
|---|
DEFAULT_PERMISSIONS_QUERY
| var |
php文件只是为了写代码方便,常量的实际值请参考原java文件 |
|---|
DEFAULT_ROLE_PREFIX
| var |
php文件只是为了写代码方便,常量的实际值请参考原java文件 |
|---|