enhancement to use salt value

Author: nicolabeghin

src/main/java/com/msalmi/SHA1HashProvider.java

@@ -10,6 +10,7 @@
 public class SHA1HashProvider implements PasswordHashProvider {
 
 	private final String providerId;
+	public static final String ALGORITHM = "SHA-1";
 
 	public SHA1HashProvider(String providerId) {
 		this.providerId = providerId;
@@ -32,15 +33,16 @@ public PasswordCredentialModel encodedCredential(String rawPassword, int iterati
 
 	@Override
 	public boolean verify(String rawPassword, PasswordCredentialModel credential) {
-		String encodedPassword = this.encode(rawPassword, credential.getPasswordCredentialData().getHashIterations());
+		String salt = new String(credential.getPasswordSecretData().getSalt(), java.nio.charset.StandardCharsets.UTF_8);
+		String encodedPassword = this.encode(salt + rawPassword, credential.getPasswordCredentialData().getHashIterations());
 		String hash = credential.getPasswordSecretData().getValue();
 		return encodedPassword.equals(hash);
 	}
 
 	@Override
 	public String encode(String rawPassword, int iterations) {
 		try {
-			MessageDigest md = MessageDigest.getInstance(this.providerId);
+			MessageDigest md = MessageDigest.getInstance(ALGORITHM);
 			md.update(rawPassword.getBytes());
 
 			// convert the digest byte[] to BigInteger

src/main/java/com/msalmi/SHA1HashProviderFactory.java

@@ -7,7 +7,7 @@
 import org.keycloak.models.KeycloakSessionFactory;
 
 public class SHA1HashProviderFactory implements PasswordHashProviderFactory {
-	public static final String ID = "SHA-1";
+	public static final String ID = "sha1-salted";
 
 	@Override
 	public PasswordHashProvider create(KeycloakSession session) {