From 5bb23cb020f40d07922e636ded0bb06c3c01109d Mon Sep 17 00:00:00 2001
From: Kai Moritz <kai@juplo.de>
Date: Mon, 1 Feb 2016 12:14:52 +0100
Subject: [PATCH] Switched to Encryptors.noOpText(), because of
 Illegal-key-size-issue

Spring requires a key-length of 256 bits, which is not available in the
JDK, because of US-export-restrictions.

Because Spring Security does not enable the configuration of the key-length,
the build was switched to a NoOpTextEncryptor, to circumvent this issue.

The only other easy way would have been, to require the user to install the
missing parts of the JDK by hand...

See http://stackoverflow.com/a/17637354 for a full explanation.
---
 pom.xml                                              |  1 -
 src/main/java/de/juplo/yourshouter/SocialConfig.java | 12 +-----------
 src/main/resources/application.properties            |  1 -
 3 files changed, 1 insertion(+), 13 deletions(-)

diff --git a/pom.xml b/pom.xml
index bff461f..30f0bca 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,6 @@
     <!-- settings for the Graph-API -->
     <facebook.app.id>NOT_SET</facebook.app.id>
     <facebook.app.secret>NOT_SET</facebook.app.secret>
-    <facebook.app.salt>NOT_SET</facebook.app.salt>
     <facebook.app.canvas>NOT_SET</facebook.app.canvas>
     <!-- settings for the Apache Commons Http-Client -->
     <httpclient.timeout.connection>60000</httpclient.timeout.connection>
diff --git a/src/main/java/de/juplo/yourshouter/SocialConfig.java b/src/main/java/de/juplo/yourshouter/SocialConfig.java
index 466ed23..3718953 100644
--- a/src/main/java/de/juplo/yourshouter/SocialConfig.java
+++ b/src/main/java/de/juplo/yourshouter/SocialConfig.java
@@ -2,11 +2,9 @@ package de.juplo.yourshouter;
 
 
 
-import java.math.BigInteger;
 import javax.inject.Inject;
 import javax.sql.DataSource;
 import org.apache.http.HttpRequestFactory;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Scope;
@@ -49,11 +47,6 @@ public class SocialConfig extends SocialConfigurerAdapter
   @Inject
   SignInAdapter signInAdapter;
 
-  @Value("${facebook.app.secret}")
-  String secret;
-  @Value("${facebook.app.salt}")
-  String salt;
-
 
   /**
    * Add a {@link FacebookConnectionFactory} to the configuration.
@@ -100,10 +93,7 @@ public class SocialConfig extends SocialConfigurerAdapter
         new JdbcUsersConnectionRepository(
             dataSource,
             connectionFactoryLocator,
-            Encryptors.text(
-                secret,
-                String.format("%08x", new BigInteger(1, salt.getBytes()))
-                )
+            Encryptors.noOpText()
             );
     repository.setConnectionSignUp(connectionSignUp);
     return repository;
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 2c78f2c..91b0256 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,6 +1,5 @@
 facebook.app.id=@facebook.app.id@
 facebook.app.secret=@facebook.app.secret@
-facebook.app.salt=@facebook.app.salt@
 facebook.app.canvas=@facebook.app.canvas@
 
 server.port: 8443
-- 
2.20.1