JarCasting
JarCasting JarCasting

Pure Java client for pwnedpasswords.com

Spring Boot autoconfiguration for easy checking passwords against the pwdpassword service of Troy Hunt

License

License
Categories

Categories

CLI User Interface
GroupId

GroupId

com.github.nbaars
ArtifactId

ArtifactId

pwnedpasswords4j-client
Last Version

Last Version

1.1.0
Release Date

Release Date
Type

Type

jar
Description

Description

Pure Java client for pwnedpasswords.com
Spring Boot autoconfiguration for easy checking passwords against the pwdpassword service of Troy Hunt

Download pwnedpasswords4j-client

Filename Size
pwnedpasswords4j-client-1.1.0.pom
pwnedpasswords4j-client-1.1.0.jar 8 KB
pwnedpasswords4j-client-1.1.0-sources.jar 3 KB
pwnedpasswords4j-client-1.1.0-javadoc.jar 19 KB
Browse

How to add to project

<!-- https://jarcasting.com/artifacts/com.github.nbaars/pwnedpasswords4j-client/ -->
<dependency>
    <groupId>com.github.nbaars</groupId>
    <artifactId>pwnedpasswords4j-client</artifactId>
    <version>1.1.0</version>
</dependency>
// https://jarcasting.com/artifacts/com.github.nbaars/pwnedpasswords4j-client/
implementation 'com.github.nbaars:pwnedpasswords4j-client:1.1.0'
// https://jarcasting.com/artifacts/com.github.nbaars/pwnedpasswords4j-client/
implementation ("com.github.nbaars:pwnedpasswords4j-client:1.1.0")
'com.github.nbaars:pwnedpasswords4j-client:jar:1.1.0'
<dependency org="com.github.nbaars" name="pwnedpasswords4j-client" rev="1.1.0">
  <artifact name="pwnedpasswords4j-client" type="jar" />
</dependency>
@Grapes(
@Grab(group='com.github.nbaars', module='pwnedpasswords4j-client', version='1.1.0')
)
libraryDependencies += "com.github.nbaars" % "pwnedpasswords4j-client" % "1.1.0"
[com.github.nbaars/pwnedpasswords4j-client "1.1.0"]

Dependencies

compile (1)

Group / Artifact Type Version
com.squareup.okhttp3 : okhttp jar 3.10.0

test (5)

Group / Artifact Type Version
junit : junit jar 4.11
org.mockito : mockito-core jar 1.10.19
com.github.tomakehurst : wiremock jar 2.16.0
org.slf4j : slf4j-api jar
org.slf4j : jcl-over-slf4j jar

Project Modules

There are no modules declared in this project.

Java client for pwnedpasswords.com

Build Status Maintainability Quality Gate Coverage

Introduction

A Java client for checking a password against pwnedpasswords.com using the Searching by range API For more details see: https://haveibeenpwned.com/API/v2#SearchingPwnedPasswordsByRange

News: Artifacts are available through Maven Central

Pure Java client

The artifact client can be used in a standalone Java program and does not rely on Spring Boot To use the checker you need to add the following library to the pom.xml:

<dependency>
  <groupId>com.github.nbaars</groupId>
  <artifactId>pwnedpasswords4j-client</artifactId>
  <version>1.1.0</version>
</dependency>

In the code you can check a password as follows:

PwnedPasswordChecker checker = PwnedPasswordChecker.standalone("My user agent")
boolean result = checker.check("password");

//OR for non blocking:

CompletableFuture<Boolean> result = checker.asyncCheck("password");

The user-agent is necessary to specify as described in the API description at haveibeenpwned.com.

Spring Boot autoconfigure

For Spring Boot there is an autoconfigure module, to use this use the following dependency inside your project:

<dependency>
  <groupId>com.github.nbaars</groupId>
  <artifactId>pwnedpasswords4j-spring-boot-starter</artifactId>
  <version>1.0.1</version>
</dependency>

In the application.properties you should add:

pwnedpasswords4j.user_agent=Testing   # Required as described in the documentation of haveibeenpwned.com API
pwnedpasswords4j.url=https://api.pwnedpasswords.com/range/ # Optional

Wire up the checker as follows:

 @Autowired
 private PwnedPasswordChecker checker;
 
 ...
 
 public void signup() {
    boolean result = checker.check("password");
    
    //or for non-blocking use:
    
    CompletableFuture<Boolean> result = checker.asyncCheck("password");
 }

As an example see the demo project:

@RestController
public class SignupController {

    @Autowired
    private PwnedPasswordChecker checker;

    @PostMapping
    public ResponseEntity<?> login(@RequestBody Login login) {
        if (checker.check("password")) {
            return ResponseEntity.badRequest().body("Consider changing your password");
        }
        return ResponseEntity.ok().build();
    }
}

Releasing

This is a manual process for now, make sure the GPG keys are in place

mvn clean deploy -Prelease

Go to https://oss.sonatype.org/#stagingRepositories and search the uploaded bundle, click Close wait for all the rules to finish and click Release.

Versions

Version
1.1.0
1.0.0.0