dreezey
diff --git a/‎README.md‎
Lines changed: 24 additions & 29 deletions b/‎README.md‎
Lines changed: 24 additions & 29 deletions
diff --git a/‎ear-module/pom.xml‎
Lines changed: 0 additions & 43 deletions b/‎ear-module/pom.xml‎
Lines changed: 0 additions & 43 deletions
diff --git a/‎jar-module/pom.xml‎
Lines changed: 0 additions & 51 deletions b/‎jar-module/pom.xml‎
Lines changed: 0 additions & 51 deletions
diff --git a/‎jar-module/src/main/java/be/cronos/keycloak/credential/hash/Argon2PasswordHashProvider.java‎
Lines changed: 0 additions & 109 deletions b/‎jar-module/src/main/java/be/cronos/keycloak/credential/hash/Argon2PasswordHashProvider.java‎
Lines changed: 0 additions & 109 deletions
diff --git a/‎jar-module/src/main/java/be/cronos/keycloak/policy/Argon2VariantPasswordPolicyProviderFactory.java‎
Lines changed: 0 additions & 46 deletions b/‎jar-module/src/main/java/be/cronos/keycloak/policy/Argon2VariantPasswordPolicyProviderFactory.java‎
Lines changed: 0 additions & 46 deletions
@@ -1,51 +1,46 @@
 # Introduction
-This project introduces Argon2 Password Hashing for Keycloak (version 8.0.0 and above), it uses `de.mkammerer.argon2` as the library, more can be found on the [GitHub Project](https://github.com/phxql/argon2-jvm).
+This project introduces Argon2 Password Hashing for Keycloak, there are 2 versions:
+* V1.x, which uses `de.mkammerer.argon2` as the library, more can be found on the [GitHub Project](https://github.com/phxql/argon2-jvm). (Compatible with Keycloak V8.x and above)
+* V2.x, which inherits Keycloak's [BouncyCastle V1.62](https://www.bouncycastle.org/releasenotes.html#1.61) with native support for Argon2 (Compatible with Keycloak V10.x and above only)
 
-It generates an EAR which can be deployed using [Keycloak Deployer](https://www.keycloak.org/docs/latest/server_development/index.html#using-the-keycloak-deployer). 
+V1.x is packaged as an EAR due to external dependencies. I will no longer maintain this version. Choose this one if you don't Keycloak V10.x or above.
+
+V2.x is packaged as a JAR since it uses Keycloak's provided libraries. This will be the **actively maintained** version for now.
+
+Both are deployed using [Keycloak Deployer](https://www.keycloak.org/docs/latest/server_development/index.html#using-the-keycloak-deployer).
 
 # Build
 Build the project using:
 ```
-mvn clean install;
+mvn clean package;
 ```
 
-This will build both the `jar-module` and `ear-module`:
+This will build the provider JAR:
 ```
-[INFO] Reactor Summary for Argon2 Password Hash Provider x.y.z:
-[INFO] 
-[INFO] Argon2 Password Hash Provider ...................... SUCCESS [  0.633 s]
-[INFO] Argon2 Password Hash Provider Module ............... SUCCESS [  3.264 s]
-[INFO] Argon2 Password Hash Provider Bundle ............... SUCCESS [  0.348 s]
+[INFO] ----------< be.cronos.keycloak:argon2-password-hash-provider >----------
+[INFO] Building Argon2 Password Hash Provider 2.x.x
+[INFO] --------------------------------[ jar ]---------------------------------
 ```
 
 # Installation
-The EAR will contain all the necessary dependencies, therefore you can hot-deploy the module without additional configuration:
-```
-cp ear-module/target/argon2-password-hash-provider-bundle-*.ear /opt/keycloak/standalone/deployments/;
+Simply hot-deploy the module:
 ```
-
-# System Dependencies
-When running Keycloak on CentOS 7 (or another EL7), install argon2 system library:
-```
-yum install -y epel-release;
-yum install -y argon2;
+cp target/argon2-password-hash-provider-*.jar /opt/keycloak/standalone/deployments/argon2-password-hash-provider.jar;
 ```
 
-Once this is complete, start Keycloak.
-
 # Keycloak configuration
 Finally, in the Keycloak realm of your choosing, activate the Argon2 password hashing via:
 `Authentication > Password Policy` and then selecting the policy `Hashing Algorithm` and name it: `argon2`.
 
 Further tuning can be done by the other Policy Providers:
-* `Argon2 Variant` --> you can choose which Argon2 variant to use, either: ARGON2i, ARGON2d or ARGON2id
-* `Argon2 Iterations` --> tune the number of iterations the provider will perform
-* `Argon2 Memory Usage` --> tune the memory limitation of the provider
-* `Argon2 Parallelism` --> tune the number of threads and memory lanes
-* `Argon2 Salt Length` --> tune the length of the salt
-* `Argon2 Hash Length` --> tune the length of the hash
+* `Argon2 Version` --> you can choose which Argon2 version to use, either: `10` or `13` (default: 13)
+* `Argon2 Variant` --> you can choose which Argon2 variant to use, either: `ARGON2i`, `ARGON2d` or `ARGON2id` (default: ARGON2id)
+* `Argon2 Iterations` --> tune the number of iterations the provider will perform (default: 1)
+* `Argon2 Memory Usage` --> tune the memory limitation (in KB) of the provider (default: 65536)
+* `Argon2 Parallelism` --> tune the number of threads and memory lanes  (default: 1)
+* `Argon2 Salt Length` --> tune the length of the salt (default: 16)
+* `Argon2 Hash Length` --> tune the length of the hash (default: 32)
 
-For security purposes, there's also the possibility to configure the desired maximum runtime of the hashing, by default it's 1000 milliseconds, however it can be configured via the `Argon2 Max Time` policy.
-In case the hashing exceeds this time, it will generate a `WARN` in the console.
+> I have deprecated use of the `Argon2 Max Time` provider, as I believe it offers no real value. If you still have a use-case for this, let me know.
 
-For parameter optimization, check the [project's benchmark](https://github.com/phxql/argon2-jvm#recommended-parameters) or the [Argon2 whitepaper recommendations](https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf#section.9).
+For parameter optimization, check the [Argon2 whitepaper recommendations](https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf#section.9).