Created
December 10, 2020 15:01
-
-
Save sepastian/fe2024427b1bc5bee7f01c149b07373b to your computer and use it in GitHub Desktop.
Generate user credentials for Solr BasicAuthentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# Copyright 2020 Sebastian Gassner <sebastian.gassner@gmail.com> | |
# License: MIT | |
# Based on java.org.apache.solr.security.Sha256AuthenticationProvider | |
# | |
# Usage: generate_user_credentials.py USER PASS | |
# | |
# Then add the output into security.json under 'credentials'. | |
import hashlib | |
import os | |
import base64 | |
import sys | |
import json | |
os.path.basename(__file__) | |
if len(sys.argv) != 3: | |
print(f"Usage: {os.path.basename(__file__)} USER PASSWORD") | |
sys.exit(2) | |
user = sys.argv[1] | |
password = sys.argv[2] | |
# Generate 32 random bytes for salt; | |
# then, the hashed_password is sha256(sha256(salt+password)); | |
# return base64(hashed_password) base64(salt). | |
m = hashlib.sha256() | |
salt = os.urandom(32) | |
m.update(salt) | |
m.update(password.encode('utf-8')) | |
tmp = m.digest() | |
m = hashlib.sha256() | |
m.update(tmp) | |
hashed = m.digest() | |
result = {} | |
print('"{}" : "{} {}"'.format( | |
user, | |
base64.standard_b64encode(hashed).decode('utf-8'), | |
base64.standard_b64encode(salt).decode('utf-8'))) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment