From 0daa39edfb61fc564e3f6690bdcb53b11f26f161 Mon Sep 17 00:00:00 2001
From: James Daugherty <jdaugherty@jdresources.net>
Date: Mon, 4 Nov 2024 09:44:24 -0500
Subject: [PATCH] Fix #551 - add missing argon2 & defaults for scrypt & pbkdf2
 algorithms

---
 .../rest/SpringSecurityRestGrailsPlugin.groovy             | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/spring-security-rest/src/main/groovy/grails/plugin/springsecurity/rest/SpringSecurityRestGrailsPlugin.groovy b/spring-security-rest/src/main/groovy/grails/plugin/springsecurity/rest/SpringSecurityRestGrailsPlugin.groovy
index 2ff96883..ed812259 100644
--- a/spring-security-rest/src/main/groovy/grails/plugin/springsecurity/rest/SpringSecurityRestGrailsPlugin.groovy
+++ b/spring-security-rest/src/main/groovy/grails/plugin/springsecurity/rest/SpringSecurityRestGrailsPlugin.groovy
@@ -45,6 +45,7 @@ import grails.plugin.springsecurity.rest.token.rendering.DefaultAccessTokenJsonR
 import grails.plugin.springsecurity.rest.token.storage.jwt.JwtTokenStorageService
 import grails.plugins.Plugin
 import groovy.util.logging.Slf4j
+import org.springframework.security.crypto.argon2.Argon2PasswordEncoder
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
 import org.springframework.security.crypto.password.DelegatingPasswordEncoder
 import org.springframework.security.crypto.password.LdapShaPasswordEncoder
@@ -338,6 +339,7 @@ class SpringSecurityRestGrailsPlugin extends Plugin {
         final String ENCODING_ID_NOOP = "noop"
         final String ENCODING_ID_PBKDF2 = "pbkdf2"
         final String ENCODING_ID_SCRYPT = "scrypt"
+        final String ENCODING_ID_ARGON2 = "argon2"
         final String ENCODING_ID_SHA1 = "SHA-1"
         final String ENCODING_IDSHA256 = "SHA-256"
 
@@ -359,8 +361,9 @@ class SpringSecurityRestGrailsPlugin extends Plugin {
          (ENCODING_ID_MD4): new Md4PasswordEncoder(),
          (ENCODING_ID_MD5): messageDigestPasswordEncoderMD5,
          (ENCODING_ID_NOOP): NoOpPasswordEncoder.getInstance(),
-         (ENCODING_ID_PBKDF2): new Pbkdf2PasswordEncoder(),
-         (ENCODING_ID_SCRYPT): new SCryptPasswordEncoder(),
+         (ENCODING_ID_PBKDF2): Pbkdf2PasswordEncoder.defaultsForSpringSecurity_v5_8(),
+         (ENCODING_ID_SCRYPT): SCryptPasswordEncoder.defaultsForSpringSecurity_v5_8(),
+         (ENCODING_ID_ARGON2): Argon2PasswordEncoder.defaultsForSpringSecurity_v5_8(),
          (ENCODING_ID_SHA1): messsageDigestPasswordEncoderSHA1,
          (ENCODING_IDSHA256): messsageDigestPasswordEncoderSHA256,
          "sha256": new StandardPasswordEncoder()]