1 package org.cacert.gigi.util;
3 import java.util.regex.Pattern;
5 import org.cacert.gigi.GigiApiException;
6 import org.cacert.gigi.dbObjects.Name;
7 import org.cacert.gigi.dbObjects.User;
9 public class PasswordStrengthChecker {
11 private static Pattern digits = Pattern.compile("\\d");
13 private static Pattern lower = Pattern.compile("[a-z]");
15 private static Pattern upper = Pattern.compile("[A-Z]");
17 private static Pattern whitespace = Pattern.compile("\\s");
19 private static Pattern special = Pattern.compile("(?!\\s)\\W");
21 private PasswordStrengthChecker() {}
23 private static int checkpwlight(String pw) {
25 if (pw.length() > 15) {
28 if (pw.length() > 20) {
31 if (pw.length() > 25) {
34 if (pw.length() > 30) {
37 if (digits.matcher(pw).find()) {
40 if (lower.matcher(pw).find()) {
43 if (upper.matcher(pw).find()) {
46 if (special.matcher(pw).find()) {
49 if (whitespace.matcher(pw).find()) {
55 public static int checkpw(String pw, User u) {
59 Name name = u.getName();
60 int light = checkpwlight(pw);
61 if (contained(pw, u.getEmail())) {
64 if (contained(pw, name.getFname())) {
67 if (contained(pw, name.getLname())) {
70 if (contained(pw, name.getMname())) {
73 if (contained(pw, name.getSuffix())) {
76 // TODO dictionary check
80 public static void assertStrongPassword(String pw, User u) throws GigiApiException {
81 if (checkpw(pw, u) < 3) {
82 throw new GigiApiException("The Pass Phrase you submitted failed to contain enough" + " differing characters and/or contained words from" + " your name and/or email address.");
86 private static boolean contained(String pw, String check) {
87 if (check == null || check.equals("")) {
90 if (pw.contains(check)) {
93 if (check.contains(pw)) {