Example 1 with RuleResult
use of org.passay.RuleResult in project dataverse by IQSS.
the class GoodStrengthRule method validate.
@Override
public RuleResult validate(PasswordData passwordData) {
final RuleResult result = super.validate(passwordData);
if (!result.isValid()) {
result.getDetails().clear();
result.getDetails().add(new RuleResultDetail(ERROR_CODE_GOODSTRENGTH, createRuleResultDetailParameters()));
}
return result;
}
Also used :
RuleResultDetail(org.passay.RuleResultDetail)
RuleResult(org.passay.RuleResult)
Example 2 with RuleResult
use of org.passay.RuleResult in project dataverse by IQSS.
the class PasswordValidatorServiceBean method validate.
/**
* validate
* <p>
* Validates the password properties and its modification date and determine if their valid.
*
* @param passwordModificationTime The time the password was set or changed.
* @param password The password to check
* @param isHumanReadable The expression of the error messages. True if the audience is human.
* @return A List with error messages. Empty when the password is valid.
*/
public List<String> validate(String password, Date passwordModificationTime, boolean isHumanReadable) {
// public List<String> validate(String password, boolean isHumanReadable) {
init();
final PasswordData passwordData = PasswordData.newInstance(password, String.valueOf(passwordModificationTime.getTime()), null);
// final PasswordData passwordData = PasswordData.newInstance(password, "username", null);
final RuleResult result = new RuleResult();
for (PasswordValidator currentUser : validators.values()) {
logger.fine("characterRules.size(): " + characterRules.size());
logger.fine("numberOfCharacteristics: " + numberOfCharacteristics);
RuleResult r = currentUser.validate(passwordData);
if (r.isValid())
return Collections.emptyList();
result.getDetails().addAll(r.getDetails());
}
if (isHumanReadable) {
return validators.get(ValidatorTypes.StandardValidator).getMessages(result);
} else {
return result.getDetails().stream().map(RuleResultDetail::getErrorCode).collect(Collectors.toList());
}
}
Also used :
PasswordData(org.passay.PasswordData)
PasswordValidator(org.passay.PasswordValidator)
RuleResult(org.passay.RuleResult)
Example 3 with RuleResult
use of org.passay.RuleResult in project cia by Hack23.
the class RegisterUserService method processService.
@Override
@Secured({ "ROLE_ANONYMOUS" })
public RegisterUserResponse processService(final RegisterUserRequest serviceRequest) {
final RegisterUserResponse inputValidation = inputValidation(serviceRequest);
if (inputValidation != null) {
return inputValidation;
}
final CreateApplicationEventRequest eventRequest = createApplicationEventForService(serviceRequest);
RegisterUserResponse response;
final ApplicationConfiguration registeredUsersGetAdminConfig = applicationConfigurationService.checkValueOrLoadDefault("Registered User All get Role Admin", "Registered User All get Role Admin", ConfigurationGroup.AUTHORIZATION, RegisterUserService.class.getSimpleName(), "Register User Service", "Responsible for create of useraccounts", "registered.users.get.admin", "true");
final UserAccount userNameExist = userDAO.findFirstByProperty(UserAccount_.username, serviceRequest.getUsername());
final UserAccount userEmailExist = userDAO.findFirstByProperty(UserAccount_.email, serviceRequest.getEmail());
final RuleResult passwordRuleResults = passwordValidator.validate(new PasswordData(serviceRequest.getUserpassword()));
if (userEmailExist == null && userNameExist == null && passwordRuleResults.isValid()) {
final UserAccount userAccount = new UserAccount();
userAccount.setCountry(serviceRequest.getCountry());
userAccount.setEmail(serviceRequest.getEmail());
userAccount.setUsername(serviceRequest.getUsername());
userAccount.setUserId(UUID.randomUUID().toString());
userAccount.setUserpassword(passwordEncoder.encode(userAccount.getUserId() + ".uuid" + serviceRequest.getUserpassword()));
userAccount.setNumberOfVisits(1);
if (serviceRequest.getUserType() == null) {
userAccount.setUserType(UserType.PRIVATE);
} else {
userAccount.setUserType(serviceRequest.getUserType());
}
userAccount.setUserEmailStatus(UserEmailStatus.UNKNOWN);
userAccount.setUserLockStatus(UserLockStatus.UNLOCKED);
userAccount.setCreatedDate(new Date());
userDAO.persist(userAccount);
if ("true".equals(registeredUsersGetAdminConfig.getPropertyValue())) {
userAccount.setUserRole(UserRole.ADMIN);
} else {
userAccount.setUserRole(UserRole.USER);
}
final Collection<SimpleGrantedAuthority> authorities = new ArrayList<>();
if (UserRole.ADMIN == userAccount.getUserRole()) {
authorities.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
} else if (UserRole.USER == userAccount.getUserRole()) {
authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
}
SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(userAccount, userAccount.getUserpassword(), authorities));
eventRequest.setUserId(userAccount.getUserId());
response = new RegisterUserResponse(ServiceResult.SUCCESS);
} else {
response = new RegisterUserResponse(ServiceResult.FAILURE);
if (passwordRuleResults.isValid()) {
response.setErrorMessage(RegisterUserResponse.ErrorMessage.USER_ALREADY_EXIST.toString());
eventRequest.setErrorMessage(RegisterUserResponse.ErrorMessage.USER_ALREADY_EXIST.toString());
} else {
final String errorMessage = passwordValidator.getMessages(passwordRuleResults).toString();
response.setErrorMessage(errorMessage);
eventRequest.setErrorMessage(errorMessage);
}
}
eventRequest.setApplicationMessage(response.getResult().toString());
createApplicationEventService.processService(eventRequest);
LOGGER.info("Event: {}", eventRequest);
return response;
}
Also used :
ArrayList(java.util.ArrayList)
RuleResult(org.passay.RuleResult)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Date(java.util.Date)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
PasswordData(org.passay.PasswordData)
RegisterUserResponse(com.hack23.cia.service.api.action.application.RegisterUserResponse)
CreateApplicationEventRequest(com.hack23.cia.service.api.action.application.CreateApplicationEventRequest)
ApplicationConfiguration(com.hack23.cia.model.internal.application.system.impl.ApplicationConfiguration)
UserAccount(com.hack23.cia.model.internal.application.user.impl.UserAccount)
Secured(org.springframework.security.access.annotation.Secured)
Aggregations
RuleResult (org.passay.RuleResult)3
PasswordData (org.passay.PasswordData)2
ApplicationConfiguration (com.hack23.cia.model.internal.application.system.impl.ApplicationConfiguration)1
UserAccount (com.hack23.cia.model.internal.application.user.impl.UserAccount)1
CreateApplicationEventRequest (com.hack23.cia.service.api.action.application.CreateApplicationEventRequest)1
RegisterUserResponse (com.hack23.cia.service.api.action.application.RegisterUserResponse)1
ArrayList (java.util.ArrayList)1
Date (java.util.Date)1
PasswordValidator (org.passay.PasswordValidator)1
RuleResultDetail (org.passay.RuleResultDetail)1
Secured (org.springframework.security.access.annotation.Secured)1
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)1
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)1
