1
|
/**
|
2
|
* Copyright (C) 2021 EDIT
|
3
|
* European Distributed Institute of Taxonomy
|
4
|
* http://www.e-taxonomy.eu
|
5
|
*
|
6
|
* The contents of this file are subject to the Mozilla Public License Version 1.1
|
7
|
* See LICENSE.TXT at the top of this package for the full license terms.
|
8
|
*/
|
9
|
package eu.etaxonomy.cdm.validation.constraint;
|
10
|
|
11
|
import java.util.ArrayList;
|
12
|
import java.util.Arrays;
|
13
|
import java.util.List;
|
14
|
import java.util.stream.Collectors;
|
15
|
|
16
|
import javax.validation.ConstraintValidator;
|
17
|
import javax.validation.ConstraintValidatorContext;
|
18
|
|
19
|
import org.passay.CharacterRule;
|
20
|
import org.passay.EnglishCharacterData;
|
21
|
import org.passay.LengthRule;
|
22
|
import org.passay.PasswordData;
|
23
|
import org.passay.PasswordData.Origin;
|
24
|
import org.passay.PasswordValidator;
|
25
|
import org.passay.RuleResult;
|
26
|
import org.passay.WhitespaceRule;
|
27
|
|
28
|
import eu.etaxonomy.cdm.validation.annotation.ValidPassword;
|
29
|
|
30
|
|
31
|
/**
|
32
|
* @author a.kohlbecker
|
33
|
* @since Nov 12, 2021
|
34
|
*/
|
35
|
public class PasswordConstraintValidator implements ConstraintValidator<ValidPassword, String> {
|
36
|
|
37
|
@Override
|
38
|
public boolean isValid(String value, ConstraintValidatorContext context) {
|
39
|
|
40
|
final PasswordValidator validator = defaultPasswordValidator();
|
41
|
final RuleResult result = validator.validate(new PasswordData(value));
|
42
|
if (result.isValid()) {
|
43
|
return true;
|
44
|
}
|
45
|
context.disableDefaultConstraintViolation();
|
46
|
context.buildConstraintViolationWithTemplate(
|
47
|
validator.getMessages(result).stream().collect(Collectors.joining(", "))).addConstraintViolation();
|
48
|
return false;
|
49
|
}
|
50
|
|
51
|
private static PasswordValidator defaultPasswordValidator() {
|
52
|
return new PasswordValidator(Arrays.asList(
|
53
|
// see https://www.passay.org/reference/
|
54
|
|
55
|
// length between 8 and 16 characters
|
56
|
new LengthRule(8, Integer.MAX_VALUE),
|
57
|
|
58
|
// at least one upper-case character
|
59
|
new CharacterRule(EnglishCharacterData.UpperCase, 1),
|
60
|
|
61
|
// at least one lower-case character
|
62
|
new CharacterRule(EnglishCharacterData.LowerCase, 1),
|
63
|
|
64
|
// at least one digit character
|
65
|
new CharacterRule(EnglishCharacterData.Digit, 1),
|
66
|
|
67
|
// // at least one symbol (special character)
|
68
|
// new CharacterRule(EnglishCharacterData.Special, 1),
|
69
|
|
70
|
// no whitespace
|
71
|
new WhitespaceRule()));
|
72
|
}
|
73
|
|
74
|
public static class PasswordRulesValidator {
|
75
|
|
76
|
private PasswordValidator validator = PasswordConstraintValidator.defaultPasswordValidator();
|
77
|
|
78
|
/**
|
79
|
* Validate a password which was generated by a typical human user
|
80
|
*
|
81
|
* @param password
|
82
|
* The password to validate
|
83
|
* @return In case of rule violations the returned lost contains the
|
84
|
* violation messages, other wise the lost is empty.
|
85
|
*/
|
86
|
public List<String> validateUserPassword(String password) {
|
87
|
return readViolationMessageList(validator.validate(new PasswordData(password)));
|
88
|
}
|
89
|
|
90
|
/**
|
91
|
* Validate a password which was generated by a random source
|
92
|
*
|
93
|
* @param password
|
94
|
* The password to validate
|
95
|
* @return In case of rule violations the returned lost contains the
|
96
|
* violation messages, other wise the lost is empty.
|
97
|
*/
|
98
|
public List<String> validateGeneratedPassword(String password) {
|
99
|
return readViolationMessageList(validator.validate(new PasswordData(password, Origin.Generated)));
|
100
|
}
|
101
|
|
102
|
private List<String> readViolationMessageList(RuleResult validate) {
|
103
|
if (validate.isValid()) {
|
104
|
return new ArrayList<>(0);
|
105
|
}
|
106
|
return validator.getMessages(validate);
|
107
|
}
|
108
|
|
109
|
protected PasswordValidator getValidator() {
|
110
|
return validator;
|
111
|
}
|
112
|
}
|
113
|
|
114
|
|
115
|
|
116
|
}
|