Removed salt from config and updated config files.

Change-Id: Idfd066f0e56f5e5568325e5ea6072fb12c551ff2
diff --git a/core/Changes b/core/Changes
index 8589452..a315367 100644
--- a/core/Changes
+++ b/core/Changes
@@ -1,3 +1,7 @@
+# version 0.62.4
+24/01/2020
+   - Removed salt from config and updated config files.
+
 # version 0.62.3
 03/12/2019
    - Implemented pipe extension in the search API (margaretha)
diff --git a/core/pom.xml b/core/pom.xml
index be3b949..05faeee 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -3,7 +3,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>de.ids_mannheim.korap</groupId>
 	<artifactId>Kustvakt-core</artifactId>
-	<version>0.62.3</version>
+	<version>0.62.4</version>
 
 	<properties>
 		<java.version>1.8</java.version>
@@ -240,7 +240,7 @@
 		<dependency>
 			<groupId>de.ids_mannheim.korap</groupId>
 			<artifactId>Koral</artifactId>
-			<version>[0.35,)</version>
+			<version>[0.36,)</version>
 			<exclusions>
 				<exclusion>
 					<groupId>org.eclipse.jetty</groupId>
@@ -298,7 +298,7 @@
 		<dependency>
 			<groupId>de.ids_mannheim.korap</groupId>
 			<artifactId>Krill</artifactId>
-			<version>[0.59.0,)</version>
+			<version>[0.59.1,)</version>
 			<exclusions>
 				<exclusion>
 					<groupId>org.glassfish.jersey.containers</groupId>
diff --git a/core/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java b/core/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java
index 26075d1..f66f196 100644
--- a/core/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java
+++ b/core/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java
@@ -72,7 +72,6 @@
     private int tokenTTL;
     private int shortTokenTTL;
     private String[] rewrite_strategies;
-    private String passcodeSaltField;
 
     private String default_pos;
     private String default_morphology;
@@ -197,10 +196,6 @@
                 properties.getProperty("security.tokenTTL", "72H"));
         shortTokenTTL = TimeUtils.convertTimeToSeconds(
                 properties.getProperty("security.shortTokenTTL", "3H"));
-
-        // passcodeSaltField =
-        // properties.getProperty("security.passcode.salt",
-        // "accountCreation");
     }
     
     @Deprecated
diff --git a/core/src/main/java/de/ids_mannheim/korap/constant/AuthenticationMethod.java b/core/src/main/java/de/ids_mannheim/korap/constant/AuthenticationMethod.java
index 7c7dbae..cbdc07f 100644
--- a/core/src/main/java/de/ids_mannheim/korap/constant/AuthenticationMethod.java
+++ b/core/src/main/java/de/ids_mannheim/korap/constant/AuthenticationMethod.java
@@ -10,5 +10,9 @@
  *
  */
 public enum AuthenticationMethod {
-    LDAP, SHIBBOLETH, DATABASE, TEST; 
+    LDAP,
+    // not available
+    SHIBBOLETH, DATABASE,
+    // by pass authentication for testing
+    TEST; 
 }
diff --git a/core/src/main/java/de/ids_mannheim/korap/interfaces/EncryptionIface.java b/core/src/main/java/de/ids_mannheim/korap/interfaces/EncryptionIface.java
index 134ebdb..46f519a 100644
--- a/core/src/main/java/de/ids_mannheim/korap/interfaces/EncryptionIface.java
+++ b/core/src/main/java/de/ids_mannheim/korap/interfaces/EncryptionIface.java
@@ -26,8 +26,7 @@
             throws KustvaktException;
 
 
-    public String secureHash (String input) throws NoSuchAlgorithmException,
-            UnsupportedEncodingException, KustvaktException;
+    public String secureHash (String input);
 
 
     /**
diff --git a/full/Changes b/full/Changes
index 86a0edc..816abfd 100644
--- a/full/Changes
+++ b/full/Changes
@@ -1,3 +1,7 @@
+# version 0.62.4
+24/01/2020
+   - Removed salt from config and updated config files.
+   
 # version 0.62.3
 03/12/2019
    - Implemented pipe extension in the search API (margaretha)
diff --git a/full/pom.xml b/full/pom.xml
index a1a4f02..6ba884a 100644
--- a/full/pom.xml
+++ b/full/pom.xml
@@ -3,7 +3,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>de.ids_mannheim.korap</groupId>
 	<artifactId>Kustvakt-full</artifactId>
-	<version>0.62.3</version>
+	<version>0.62.4</version>
 	<properties>
 		<java.version>1.8</java.version>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -205,7 +205,7 @@
 		<dependency>
 			<groupId>de.ids_mannheim.korap</groupId>
 			<artifactId>Kustvakt-core</artifactId>
-			<version>[0.62.3,)</version>
+			<version>[0.62.4,)</version>
 		</dependency>
 		<!-- LDAP -->
 		<dependency>
diff --git a/full/src/main/java/de/ids_mannheim/korap/encryption/DefaultEncryption.java b/full/src/main/java/de/ids_mannheim/korap/encryption/DefaultEncryption.java
index 0f18f20..aaee8d2 100644
--- a/full/src/main/java/de/ids_mannheim/korap/encryption/DefaultEncryption.java
+++ b/full/src/main/java/de/ids_mannheim/korap/encryption/DefaultEncryption.java
@@ -1,16 +1,12 @@
 package de.ids_mannheim.korap.encryption;
 
-import de.ids_mannheim.korap.config.ContextHolder;
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
 import de.ids_mannheim.korap.config.Configurable;
+import de.ids_mannheim.korap.config.ContextHolder;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.interfaces.EncryptionIface;
-import de.ids_mannheim.korap.user.User;
-
-import java.io.UnsupportedEncodingException;
-import java.math.BigInteger;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-import java.util.Map;
 
 /**
  * @author hanl
@@ -35,8 +31,7 @@
 
 
     @Override
-    public String secureHash (String input) throws NoSuchAlgorithmException,
-            UnsupportedEncodingException, KustvaktException {
+    public String secureHash (String input) {
         return null;
     }
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
index cfe962d..b6d7e2b 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
@@ -119,8 +119,7 @@
             // specific device.
 
             secret = codeGenerator.createRandomCode();
-            secretHashcode = encryption.secureHash(secret,
-                    config.getPasscodeSaltField());
+            secretHashcode = encryption.secureHash(secret);
         }
 
         String id = codeGenerator.createRandomCode();
@@ -245,8 +244,7 @@
                 || client.getRegisteredBy().equals(username)) {
 
             String secret = codeGenerator.createRandomCode();
-            String secretHashcode = encryption.secureHash(secret,
-                    config.getPasscodeSaltField());
+            String secretHashcode = encryption.secureHash(secret);
 
             client.setSecret(secretHashcode);
             clientDao.updateClient(client);
@@ -291,8 +289,7 @@
                         OAuth2Error.INVALID_CLIENT);
             }
         }
-        else if (!encryption.checkHash(clientSecret, client.getSecret(),
-                config.getPasscodeSaltField())) {
+        else if (!encryption.checkHash(clientSecret, client.getSecret())) {
             throw new KustvaktException(
                     StatusCodes.CLIENT_AUTHENTICATION_FAILED,
                     "Invalid client credentials", OAuth2Error.INVALID_CLIENT);
diff --git a/full/src/main/resources/kustvakt.conf b/full/src/main/resources/kustvakt.conf
index 7c8ec4c..68577ae 100644
--- a/full/src/main/resources/kustvakt.conf
+++ b/full/src/main/resources/kustvakt.conf
@@ -55,6 +55,7 @@
 ### (see de.ids_mannheim.korap.constant.AuthenticationMethod for possible 
 ### oauth.password.authentication values)
 oauth.password.authentication = TEST
+### used to determine native client, currently not used
 oauth2.native.client.host = korap.ids-mannheim.de
 oauth2.max.attempts = 1
 # expiry in seconds (S), minutes (M), hours (H), days (D)
@@ -65,14 +66,6 @@
 oauth2.default.scopes = search match_info 
 oauth2.client.credentials.scopes = client_info
 
-# JWT
-security.jwt.issuer=korap.ids-mannheim.de
-
-## token expiration
-security.longTokenTTL=150D
-security.tokenTTL=72H
-security.shortTokenTTL=45M
-
 ## see SecureRandom Number Generation Algorithms
 ## default SHA1PRNG
 security.secure.random.algorithm=SHA1PRNG
@@ -81,19 +74,25 @@
 ## default MD5
 security.md.algoritm = SHA-256  
 
-### secure hash support: BCRYPT, ESAPICYPHER
+### secure hash support: BCRYPT
 security.secure.hash.algorithm=BCRYPT
-security.passcode.salt=salt
+security.encryption.loadFactor = 10
 
+# JWT
+security.jwt.issuer=korap.ids-mannheim.de
+security.sharedSecret=this-is-shared-secret-code-for-JWT-Signing.It-must-contains-minimum-256-bits
+
+## token expiration (used in other authentication provider than OAuth2)
+security.longTokenTTL=150D
+security.tokenTTL=72H
+security.shortTokenTTL=45M
+
+# Session authentication
 security.idleTimeoutDuration = 25M
 security.multipleLogIn = true
 security.loginAttemptNum = 3
 security.authAttemptTTL = 45M
 
-security.encryption.loadFactor = 8
-security.validation.stringLength = 150
-security.validation.emailLength = 50
-security.sharedSecret=this-is-shared-secret-code-for-JWT-Signing.It-must-contains-minimum-256-bits
-
-## applicable: rewrite, foundry, filter, deny
-security.rewrite.strategies=filter, foundry, rewrite
\ No newline at end of file
+#EM: deprecated and not used
+#security.validation.stringLength = 150
+#security.validation.emailLength = 50
diff --git a/full/src/test/resources/kustvakt-test.conf b/full/src/test/resources/kustvakt-test.conf
index 585d43c..03badfb 100644
--- a/full/src/test/resources/kustvakt-test.conf
+++ b/full/src/test/resources/kustvakt-test.conf
@@ -83,20 +83,12 @@
 #openid.term.of.service =
 openid.service.doc = https://github.com/KorAP/Kustvakt/wiki
 
-## JWT
-security.jwt.issuer=https://korap.ids-mannheim.de
-
 ## JWK
 ## must be set for openid
 rsa.private = kustvakt_rsa.key
 rsa.public = kustvakt_rsa_public.key
 rsa.key.id = 74caa3a9-217c-49e6-94e9-2368fdd02c35
 
-## token expiration time
-security.longTokenTTL = 1D
-security.tokenTTL = 2S
-security.shortTokenTTL = 1S
-
 ## see SecureRandom Number Generation Algorithms
 ## default SHA1PRNG
 security.secure.random.algorithm=SHA1PRNG
@@ -105,20 +97,25 @@
 ## default MD5
 security.md.algoritm = SHA-256  
 
-### secure hash support: BCRYPT, ESAPICYPHER
+### secure hash support: BCRYPT
 security.secure.hash.algorithm=BCRYPT
-security.passcode.salt=salt
+security.encryption.loadFactor = 10
 
+## JWT
+security.jwt.issuer=https://korap.ids-mannheim.de
+security.sharedSecret=this-is-shared-secret-code-for-JWT-Signing.It-must-contains-minimum-256-bits
+
+## token expiration time
+security.longTokenTTL = 1D
+security.tokenTTL = 2S
+security.shortTokenTTL = 1S
+
+# Session authentication
 security.idleTimeoutDuration = 25M
 security.multipleLogIn = true
 security.loginAttemptNum = 3
 security.authAttemptTTL = 45M
 
-security.encryption.loadFactor = 8
+#EM: deprecated and not used
 security.validation.stringLength = 150
 security.validation.emailLength = 50
-
-security.sharedSecret=this-is-shared-secret-code-for-JWT-Signing.It-must-contains-minimum-256-bits
-
-## applicable: rewrite, foundry, filter, deny
-security.rewrite.strategies=filter, foundry, rewrite
\ No newline at end of file
diff --git a/lite/Changes b/lite/Changes
index 287819e..d60aed8 100644
--- a/lite/Changes
+++ b/lite/Changes
@@ -1,3 +1,7 @@
+# version 0.62.4
+24/01/2020
+   - Removed salt from config and updated config files.
+   
 # version 0.62.3
 03/12/2019
    - Implemented pipe extension in the search API (margaretha)
diff --git a/lite/pom.xml b/lite/pom.xml
index f06e3d1..1d59de6 100644
--- a/lite/pom.xml
+++ b/lite/pom.xml
@@ -3,7 +3,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>de.ids_mannheim.korap</groupId>
 	<artifactId>Kustvakt-lite</artifactId>
-	<version>0.62.3</version>
+	<version>0.62.4</version>
 	<properties>
 		<java.version>1.8</java.version>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -137,7 +137,7 @@
 		<dependency>
 			<groupId>de.ids_mannheim.korap</groupId>
 			<artifactId>Kustvakt-core</artifactId>
-			<version>[0.62.3,)</version>
+			<version>[0.62.4,)</version>
 		</dependency>
 		<!-- Jersey test framework -->
 		<dependency>