Example 6 with CharacterRule
use of org.passay.CharacterRule in project dataverse by IQSS.
the class PasswordValidatorTest method testDifferentPasswordsAndSettings.
@SuppressWarnings("unchecked")
@Test
public void testDifferentPasswordsAndSettings() {
long DAY = 86400000L;
final Date expired = new Date(new Date().getTime() - DAY * 400);
final Date notExpired = new Date(new Date().getTime() - DAY * 300);
List<CharacterRule> characterRulesDefault = PasswordValidatorUtil.getCharacterRulesDefault();
List<CharacterRule> characterRulesHarvardLevel3 = getCharacterRulesHarvardLevel3();
final int numberOfCharactersDefault = 2;
final int numberOfCharacters = 3;
final int numConsecutiveDigitsAllowed = 4;
final int expirationDays = 365;
final int expirationMinLength = 10;
final int goodStrength20 = 20;
final int maxLength = 0;
final int minLength = 8;
final String dictionary = createDictionary("56pOtAtO", false);
final List<Params> paramsList = Arrays.asList(new Params[] { // everything wrong here for both validators.
new Params(6, "p otato", notExpired, expirationDays, expirationMinLength, goodStrength20, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), // no GoodStrength validator
new Params(5, "p otato", notExpired, expirationDays, expirationMinLength, 0, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), // no validation... everything if off
new Params(0, "p", expired, expirationDays, 0, 0, 0, 0, dictionary, 0, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), // this password is too long
new Params(1, "po", expired, expirationDays, 0, 0, 1, 0, dictionary, 0, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), // set expiration again
new Params(0, "potato", notExpired, expirationDays, 7, 0, 0, 0, dictionary, 0, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), // 401 days before expiration
new Params(5, "p otato", expired, 401, expirationMinLength, 0, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), new Params(5, "p otato", notExpired, expirationDays, expirationMinLength, 0, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), new Params(4, "one potato", notExpired, expirationDays, expirationMinLength, 0, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), new Params(3, "Two potato", notExpired, expirationDays, expirationMinLength, 0, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), new Params(0, "Three.potato", notExpired, expirationDays, expirationMinLength, 0, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), new Params(0, "F0ur.potato", notExpired, expirationDays, 15, 0, maxLength, 10, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), new Params(0, "F0ur.potatos", notExpired, expirationDays, 15, 0, maxLength, 10, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), new Params(0, "F0ur.potato", notExpired, expirationDays, 15, 0, maxLength, 10, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), new Params(0, "4.potato", notExpired, expirationDays, expirationMinLength, 0, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), new Params(0, "55Potato", notExpired, expirationDays, expirationMinLength, 0, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), // password in dictionary
new Params(1, "56pOtAtO", notExpired, expirationDays, expirationMinLength, 0, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), // password in dictionary case insensitive
new Params(1, "56Potato", notExpired, expirationDays, expirationMinLength, 0, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), // substring of password in dictionary
new Params(1, "56pOtAtOs", notExpired, expirationDays, expirationMinLength, 0, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), new Params(0, "6 Potato", notExpired, expirationDays, expirationMinLength, goodStrength20, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), // add a fourth characteristic
new Params(3, "7 Potato", notExpired, expirationDays, expirationMinLength, goodStrength20, maxLength, minLength, dictionary, 4, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), // Now it does not matter: 20 characters
new Params(0, "7 Potato901234567890", notExpired, expirationMinLength, minLength, goodStrength20, maxLength, minLength, dictionary, 4, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), // Now we use all four
new Params(0, "8.Potato", notExpired, expirationDays, expirationMinLength, goodStrength20, maxLength, minLength, dictionary, 4, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), new Params(2, "Potato.Too.12345.Short", notExpired, expirationDays, expirationMinLength, 0, maxLength, 23, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), new Params(0, "Potatoes on my plate with beef", expired, expirationDays, expirationMinLength, 30, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), new Params(0, "Potatoes on my plate with pie.", expired, expirationDays, expirationMinLength, 30, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), new Params(0, "Potatoes on a plate .", expired, expirationDays, expirationMinLength, 30, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), // Pass when repeating character maximum is 5
new Params(0, "Repeated Potatoes:0000", expired, expirationDays, expirationMinLength, 30, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, 5), // Allow no more than 3 repeating characters (default)
new Params(0, "Repeated Potatoes:000", expired, expirationDays, expirationMinLength, 30, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), // For some reason, whitespace doesn't count in the repeating rule?
new Params(6, " ", expired, expirationDays, expirationMinLength, 30, maxLength, minLength, dictionary, numberOfCharacters, characterRulesHarvardLevel3, numConsecutiveDigitsAllowed), // Good enough for Dataverse 4.0.
new Params(0, "potat1", notExpired, expirationDays, expirationMinLength, goodStrength20, maxLength, 6, dictionary, numberOfCharactersDefault, characterRulesDefault, numConsecutiveDigitsAllowed), // Has repeating chars exceeding limit, but goodstrength waives it
new Params(0, "potat000000000000000", notExpired, expirationDays, expirationMinLength, goodStrength20, maxLength, 6, dictionary, numberOfCharactersDefault, characterRulesDefault, numConsecutiveDigitsAllowed), // 5 or more numbers in a row
new Params(2, "ma02138", notExpired, expirationDays, expirationMinLength, goodStrength20, maxLength, 6, dictionary, numberOfCharactersDefault, characterRulesDefault, numConsecutiveDigitsAllowed), // 5 or more numbers in a row
new Params(2, "ma8312002138", notExpired, expirationDays, expirationMinLength, goodStrength20, maxLength, 6, dictionary, numberOfCharactersDefault, characterRulesDefault, numConsecutiveDigitsAllowed) });
paramsList.forEach(params -> {
int expectedErrors = params.getExpectedErrors();
// List<String> errors = passwordValidatorService.validate(params.getPassword(), params.getPasswordModificationTime());
// passwordValidatorService.setExpirationDays(params.getExpirationDays());
// passwordValidatorService.setExpirationMaxLength(params.getExpirationMaxLength());
passwordValidatorService.setGoodStrength(params.getGoodStrength());
passwordValidatorService.setMaxLength(params.getMaxLength());
passwordValidatorService.setMinLength(params.getMinLength());
passwordValidatorService.setDictionaries(params.getDictionaries());
passwordValidatorService.setNumberOfCharacteristics(params.getNumberOfCharacteristics());
passwordValidatorService.setCharacterRules(params.getCharacterRules());
passwordValidatorService.setNumberOfConsecutiveDigitsAllowed(params.getNumberOfConsecutiveDigitsAllowed());
List<String> errors = passwordValidatorService.validate(params.getPassword());
int actualErrors = errors.size();
String message = message(params, errors, expectedErrors, actualErrors);
logger.info(message);
Assert.assertTrue(message, actualErrors == expectedErrors);
});
}Example 7 with CharacterRule
use of org.passay.CharacterRule in project dataverse by IQSS.
the class PasswordValidatorUtil method getRequiredCharacters.
/**
* Creates the string for stating the character requirements.
*/
// This method especially does not support character rules from other languages
// Also, this method is a bit klugey because passay 1.1.0 does not allow us to get the name of the character rule.
public static String getRequiredCharacters(List<CharacterRule> characterRules, int numberOfCharacteristics) {
// how many of each character class
int lowercase = 0;
int uppercase = 0;
int digit = 0;
// if upper or lower > 0, alphabetical is irrelevant
int alphabetical = 0;
int special = 0;
for (CharacterRule c : characterRules) {
String validChars = c.getValidCharacters();
if (validChars.equals(EnglishCharacterData.LowerCase.getCharacters())) {
lowercase = c.getNumberOfCharacters();
} else if (validChars.equals(EnglishCharacterData.UpperCase.getCharacters())) {
uppercase = c.getNumberOfCharacters();
} else if (validChars.equals(EnglishCharacterData.Digit.getCharacters())) {
digit = c.getNumberOfCharacters();
} else if (validChars.equals(EnglishCharacterData.Alphabetical.getCharacters())) {
alphabetical = c.getNumberOfCharacters();
} else if (validChars.equals(EnglishCharacterData.Special.getCharacters())) {
special = c.getNumberOfCharacters();
} else {
// other rules should cause an error before here, but just in case
return BundleUtil.getStringFromBundle("passwdVal.passwdReq.unknownPasswordRule");
}
}
// these below method strings are not in the bundle as this whole method is based in English
String returnString = "";
if (lowercase <= 1 && uppercase <= 1 && digit <= 1 && alphabetical <= 1 && special <= 1) {
returnString = ((uppercase == 1) ? "uppercase" : "") + ((lowercase == 1) ? ", lowercase" : "") + ((alphabetical == 1) ? ", letter" : "") + ((digit == 1) ? ", numeral" : "") + ((special == 1) ? ", special" : "");
String eachOrSomeCharacteristics = ((characterRules.size()) > numberOfCharacteristics) ? Integer.toString(numberOfCharacteristics) : "each";
return BundleUtil.getStringFromBundle("passwdVal.passwdReq.characteristicsReq", Arrays.asList(eachOrSomeCharacteristics)) + " " + StringUtils.strip(returnString, " ,");
} else {
// if requiring multiple of any character type, we use a different string format
// this could be made to look nicer, but we don't expect this to be utilized
returnString = "Fufill " + numberOfCharacteristics + ": At least " + ((uppercase > 0) ? uppercase + " uppercase characters, " : "") + ((lowercase > 0) ? lowercase + " lowercase characters, " : "") + ((alphabetical > 0) ? " letter characters, " : "") + ((digit > 0) ? digit + " numeral characters, " : "") + // then strip
((special > 0) ? special + " special characters, " : "");
return StringUtils.strip(returnString, " ,");
}
}
Also used :
CharacterRule(org.passay.CharacterRule)
Example 8 with CharacterRule
use of org.passay.CharacterRule in project dataverse by IQSS.
the class PasswordValidatorUtil method parseConfigString.
/**
* Parses the list of character rules as defined in the database. Recall how
* configString is formatted: "UpperCase:1,LowerCase:1,Digit:1,Special:1"
*/
public static List<CharacterRule> parseConfigString(String configString) {
List<CharacterRule> characterRules = new ArrayList<>();
String[] typePlusNums = configString.split(",");
for (String typePlusNum : typePlusNums) {
String[] configArray = typePlusNum.split(":");
String type = configArray[0];
String num = configArray[1];
EnglishCharacterData typeData = EnglishCharacterData.valueOf(type);
characterRules.add(new CharacterRule(typeData, new Integer(num)));
}
return characterRules;
}
Also used :
EnglishCharacterData(org.passay.EnglishCharacterData)
ArrayList(java.util.ArrayList)
CharacterRule(org.passay.CharacterRule)
Example 9 with CharacterRule
use of org.passay.CharacterRule in project cia by Hack23.
the class UserRoleSystemTest method generatePassword.
private String generatePassword() {
final List<CharacterRule> rules = Arrays.asList(new CharacterRule(EnglishCharacterData.UpperCase, 1), new CharacterRule(EnglishCharacterData.LowerCase, 1), new CharacterRule(EnglishCharacterData.Digit, 1), new CharacterRule(EnglishCharacterData.Special, 1));
final PasswordGenerator generator = new PasswordGenerator();
// Generated password is 12 characters long, which complies with policy
return generator.generatePassword(12, rules);
}
Also used :
PasswordGenerator(org.passay.PasswordGenerator)
CharacterRule(org.passay.CharacterRule)
Example 10 with CharacterRule
use of org.passay.CharacterRule in project credhub by cloudfoundry-incubator.
the class CharacterRuleProviderTest method getCharacterRules_createdCharacterRulesFromDefaultParameters.
@Test
public void getCharacterRules_createdCharacterRulesFromDefaultParameters() {
StringGenerationParameters generationParameters = new StringGenerationParameters();
List<CharacterRule> characterRules = CharacterRuleProvider.getCharacterRules(generationParameters);
assertThat(characterRules, containsInAnyOrder(usesCharacters(EnglishCharacterData.Digit), usesCharacters(EnglishCharacterData.LowerCase), usesCharacters(EnglishCharacterData.UpperCase)));
assertThat(characterRules, not(hasItem(usesCharacters(CredHubCharacterData.Hex))));
}
Also used :
CharacterRule(org.passay.CharacterRule)
StringGenerationParameters(org.cloudfoundry.credhub.request.StringGenerationParameters)
Test(org.junit.Test)
Aggregations
CharacterRule (org.passay.CharacterRule)14
Test (org.junit.Test)8
StringGenerationParameters (org.cloudfoundry.credhub.request.StringGenerationParameters)7
ArrayList (java.util.ArrayList)4
Date (java.util.Date)1
CharacterCharacteristicsRule (org.passay.CharacterCharacteristicsRule)1
DictionaryRule (org.passay.DictionaryRule)1
DictionarySubstringRule (org.passay.DictionarySubstringRule)1
EnglishCharacterData (org.passay.EnglishCharacterData)1
IllegalRegexRule (org.passay.IllegalRegexRule)1
LengthRule (org.passay.LengthRule)1
PasswordGenerator (org.passay.PasswordGenerator)1
PasswordValidator (org.passay.PasswordValidator)1
Rule (org.passay.Rule)1
