X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Futil%2FPasswordStrengthChecker.java;h=c957665ec667d2da917331b4150c6d23224d3a0b;hb=12323116dd560da2a348b4045dd8af20db764ea5;hp=0f72664e5b823b131b46e2f88f6e28e70f0cf187;hpb=b0ab4664edfc6ee90b658bfa662a54dec42879b3;p=gigi.git

diff --git a/src/org/cacert/gigi/util/PasswordStrengthChecker.java b/src/org/cacert/gigi/util/PasswordStrengthChecker.java
index 0f72664e..c957665e 100644
--- a/src/org/cacert/gigi/util/PasswordStrengthChecker.java
+++ b/src/org/cacert/gigi/util/PasswordStrengthChecker.java
@@ -1,78 +1,98 @@
 package org.cacert.gigi.util;
 
+import java.util.TreeSet;
 import java.util.regex.Pattern;
 
-import org.cacert.gigi.User;
+import org.cacert.gigi.GigiApiException;
+import org.cacert.gigi.dbObjects.Name;
+import org.cacert.gigi.dbObjects.NamePart;
 
 public class PasswordStrengthChecker {
-	static Pattern digits = Pattern.compile("\\d");
-	static Pattern lower = Pattern.compile("[a-z]");
-	static Pattern upper = Pattern.compile("[A-Z]");
-	static Pattern whitespace = Pattern.compile("\\s");
-	static Pattern special = Pattern.compile("\\W");
-	private PasswordStrengthChecker() {
-	}
-	public static int checkpwlight(String pw) {
-		int points = 0;
-		if (pw.length() > 15) {
-			points++;
-		}
-		if (pw.length() > 20) {
-			points++;
-		}
-		if (pw.length() > 25) {
-			points++;
-		}
-		if (pw.length() > 30) {
-			points++;
-		}
-		if (digits.matcher(pw).find()) {
-			points++;
-		}
-		if (lower.matcher(pw).find()) {
-			points++;
-		}
-		if (upper.matcher(pw).find()) {
-			points++;
-		}
-		if (special.matcher(pw).find()) {
-			points++;
-		}
-		if (whitespace.matcher(pw).find()) {
-			points++;
-		}
-		return points;
-	}
-	public static int checkpw(String pw, User u) {
-		int light = checkpwlight(pw);
-		if (contained(pw, u.getEmail())) {
-			light -= 2;
-		}
-		if (contained(pw, u.getFname())) {
-			light -= 2;
-		}
-		if (contained(pw, u.getLname())) {
-			light -= 2;
-		}
-		if (contained(pw, u.getMname())) {
-			light -= 2;
-		}
-		if (contained(pw, u.getSuffix())) {
-			light -= 2;
-		}
-		// TODO dictionary check
-		return light;
-	}
-	private static boolean contained(String pw, String check) {
-		if (check == null || check.equals("")) {
-			return false;
-		}
-		if (pw.contains(check)) {
-			return true;
-		}
-		if (check.contains(pw)) {
-			return true;
-		}
-		return false;
-	}
+
+    private static Pattern digits = Pattern.compile("\\d");
+
+    private static Pattern lower = Pattern.compile("[a-z]");
+
+    private static Pattern upper = Pattern.compile("[A-Z]");
+
+    private static Pattern whitespace = Pattern.compile("\\s");
+
+    private static Pattern special = Pattern.compile("(?!\\s)\\W");
+
+    private PasswordStrengthChecker() {}
+
+    private static int checkpwlight(String pw) {
+        int points = 0;
+        if (pw.length() > 15) {
+            points++;
+        }
+        if (pw.length() > 20) {
+            points++;
+        }
+        if (pw.length() > 25) {
+            points++;
+        }
+        if (pw.length() > 30) {
+            points++;
+        }
+        if (digits.matcher(pw).find()) {
+            points++;
+        }
+        if (lower.matcher(pw).find()) {
+            points++;
+        }
+        if (upper.matcher(pw).find()) {
+            points++;
+        }
+        if (special.matcher(pw).find()) {
+            points++;
+        }
+        if (whitespace.matcher(pw).find()) {
+            points++;
+        }
+        return points;
+    }
+
+    public static int checkpw(String pw, String[] nameParts, String email) {
+        if (pw == null) {
+            return 0;
+        }
+        int light = checkpwlight(pw);
+        if (contained(pw, email)) {
+            light -= 2;
+        }
+        for (int i = 0; i < nameParts.length; i++) {
+            if (contained(pw, nameParts[i])) {
+                light -= 2;
+            }
+        }
+        // TODO dictionary check
+        return light;
+    }
+
+    public static void assertStrongPassword(String pw, Name[] names, String email) throws GigiApiException {
+        TreeSet<String> parts = new TreeSet<>();
+        for (int i = 0; i < names.length; i++) {
+            for (NamePart string : names[i].getParts()) {
+                parts.add(string.getValue());
+            }
+        }
+        if (checkpw(pw, parts.toArray(new String[parts.size()]), email) < 3) {
+            throw new GigiApiException("The Pass Phrase you submitted failed to contain enough" + " differing characters and/or contained words from" + " your name and/or email address.");
+        }
+    }
+
+    private static boolean contained(String pw, String check) {
+        if (check == null || check.equals("")) {
+            return false;
+        }
+        if (pw.contains(check)) {
+            return true;
+        }
+        if (check.contains(pw)) {
+            return true;
+        }
+        return false;
+    }
+
 }