Exposed salt generator endpoint

Author: Andrea Giassi

CHANGELOG.md

@@ -2,6 +2,7 @@
 
 #### 14/04/2020
 
+- Exposed salt generator endpoint
 - New email validation support
 - Documentation improvements
 

README.md

@@ -128,6 +128,10 @@ Create and grant a new MySql user on the "users" database.
 
 Open the application.properties file located in /src/main/resources.
 
+Target your localhost MySql database:
+
+    spring.datasource.url=jdbc:mysql://localhost:3306/users?useSSL=false&allowPublicKeyRetrieval=true
+
 Set the username and password of the MySql's user:
 
     spring.datasource.username=yourMySqlUser

src/main/java/com/giassi/microservice/demo2/rest/RBACRestController.java

@@ -4,6 +4,7 @@
 import com.giassi.microservice.demo2.rest.users.dtos.RoleDTO;
 import com.giassi.microservice.demo2.rest.users.entities.Permission;
 import com.giassi.microservice.demo2.rest.users.entities.Role;
+import com.giassi.microservice.demo2.rest.users.services.EncryptionService;
 import com.giassi.microservice.demo2.rest.users.services.PermissionService;
 import com.giassi.microservice.demo2.rest.users.services.RoleService;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -94,4 +95,10 @@ public ResponseEntity<RoleDTO> removePermissionOnRole(@PathVariable("roleId") Lo
         return new ResponseEntity(new RoleDTO(roleService.removePermissionOnRole(roleId, permissionKey)), null, HttpStatus.OK);
     }
 
+    // salt generation
+    @GetMapping("/salt")
+    public ResponseEntity<String> generateSalt() {
+        return new ResponseEntity<String>(EncryptionService.generateSalt(32), HttpStatus.CREATED);
+    }
+
 }

src/main/java/com/giassi/microservice/demo2/rest/users/services/EncryptionService.java

@@ -21,14 +21,14 @@
 public class EncryptionService {
 
     public static final String ALGORITHM = "PBKDF2WithHmacSHA1";
+    public static final int KEY_LENGTH = 256;
 
     // demo salt for testing or first setup purpose
     public static final String DEFAULT_SALT = "WZeBXmCI9cAz3LyY9Sdllj9l5iPsXC";
 
     private static final Random RANDOM = new SecureRandom();
     private static final String ALPHABET = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
     private static final int ITERATIONS = 10000;
-    private static final int KEY_LENGTH = 256;
 
     public static String generateSalt(int length) {
         StringBuilder saltStr = new StringBuilder(length);

src/main/resources/microservice-rbac-user-management.postman_collection.json

@@ -613,6 +613,26 @@
 				}
 			},
 			"response": []
+		},
+		{
+			"name": "rbac - generate salt",
+			"request": {
+				"method": "GET",
+				"header": [],
+				"url": {
+					"raw": "localhost:8090/users/rbac/salt",
+					"host": [
+						"localhost"
+					],
+					"port": "8090",
+					"path": [
+						"users",
+						"rbac",
+						"salt"
+					]
+				}
+			},
+			"response": []
 		}
 	],
 	"event": [