Add some encryption

build.gradle.kts

@@ -19,7 +19,7 @@ sourceSets {
         java.srcDir("externalApp/src")
     }
 
-    create("httpsServer") {
+    create("httpServer") {
         java.srcDir("httpServer/src")
     }
 }
@@ -79,6 +79,7 @@ dependencies {
     testImplementation("org.junit.jupiter:junit-jupiter")
     testRuntimeOnly("org.junit.platform:junit-platform-launcher")
 
+    implementation("org.springframework.security:spring-security-crypto:6.4.5")
     implementation("com.fasterxml.jackson.core:jackson-databind:2.17.1")
 }
 

src/main/java/httpsServer/httpServer/src/authorization/AuthorizedClients.java

@@ -1,5 +1,7 @@
 package httpsServer.httpServer.src.authorization;
 
+import org.springframework.security.crypto.bcrypt.BCrypt;
+
 import java.util.*;
 
 public class AuthorizedClients {
@@ -12,12 +14,21 @@ public class AuthorizedClients {
     }
 
     private void populateClients() {
-        registerClient("Aude Vaiselle", "password1");
-        registerClient("Tony Truand", "password2");
-        registerClient("Jean Porte", "password3");
-        registerClient("Ruby Gnaule", "password4");
-        registerClient("Nat Action", "password5");
-        registerClient("hepl", "hepl");
+
+        //Aude Vaiselle:password
+        registerClient(
+                "Aude Vaiselle",
+                "$2a$14$0l9j/3YPt7lKooaNkjArNOLdjfaUvpzhzOEqcAjrQ8MU3aaH.tcVe");
+
+        //Nat Action:password
+        registerClient(
+                "Nat Action",
+                "$2a$14$8v0DBDBgrd.66ScMyZxfb.OtG71xIlcmvDorX4hw5ibF3GcdnbbiS");
+
+        //hepl:hepl
+        registerClient(
+                "hepl",
+                "$2a$14$3TFtoKXLlbCskAtagSNKLOi3lOePjng5TjNRpr9idAd1D4ml7WJtu");
     }
 
     private void registerClient(String username, String password) {
@@ -30,6 +41,14 @@ public class AuthorizedClients {
     }
 
     public boolean isAuthorized(String username, String password) {
-        return clients.contains(new Client(username, password));
+        Client candidate = clients
+                .stream()
+                .filter(c -> c.username().equals(username))
+                .findAny().orElse(null);
+        if(candidate == null) {
+            return false;
+        }
+
+        return BCrypt.checkpw(password, candidate.password());
     }
 }

src/main/java/httpsServer/httpServer/src/authorization/Client.java

@@ -1,3 +1,19 @@
 package httpsServer.httpServer.src.authorization;
 
-public record Client(String username, String password) {}
+import java.util.Objects;
+
+public record Client(String username, String password) {
+    @Override
+    public boolean equals(Object obj) {
+        if (this == obj) return true;
+        if (obj == null || getClass() != obj.getClass()) return false;
+
+        Client other = (Client) obj;
+        return Objects.equals(username, other.username);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(username);
+    }
+}

src/main/java/httpsServer/httpServer/src/authorization/PasswordHasher.java

@@ -0,0 +1,32 @@
+package httpsServer.httpServer.src.authorization;
+
+import org.springframework.security.crypto.bcrypt.BCrypt;
+
+import java.util.Scanner;
+
+public class PasswordHasher {
+
+    public static String genSalt(){
+        return BCrypt.gensalt(14);
+    }
+
+    public static String hashPassword(String password, String salt) {
+        return BCrypt.hashpw(password, salt);
+    }
+
+    public static void main(String[] args) {
+        System.out.print("Enter password: ");
+        Scanner in = new Scanner(System.in);
+        String password = in.nextLine();
+
+        String salt = genSalt();
+        String hashed = hashPassword(password, salt);
+
+        System.out.println("Hashed Password: " + hashed);
+
+        // Example of verifying a password
+        /*
+            boolean matches = BCrypt.checkpw(plainPassword, storedHash);
+        */
+    }
+}