package org.cacert.gigi.util;
+import java.util.TreeSet;
import java.util.regex.Pattern;
import org.cacert.gigi.GigiApiException;
-import org.cacert.gigi.User;
+import org.cacert.gigi.dbObjects.Name;
+import org.cacert.gigi.dbObjects.NamePart;
public class PasswordStrengthChecker {
- static Pattern digits = Pattern.compile("\\d");
+ private static Pattern digits = Pattern.compile("\\d");
- static Pattern lower = Pattern.compile("[a-z]");
+ private static Pattern lower = Pattern.compile("[a-z]");
- static Pattern upper = Pattern.compile("[A-Z]");
+ private static Pattern upper = Pattern.compile("[A-Z]");
- static Pattern whitespace = Pattern.compile("\\s");
+ private static Pattern whitespace = Pattern.compile("\\s");
- static Pattern special = Pattern.compile("(?!\\s)\\W");
+ private static Pattern special = Pattern.compile("(?!\\s)\\W");
private PasswordStrengthChecker() {}
return points;
}
- public static int checkpw(String pw, User u) {
+ public static int checkpw(String pw, String[] nameParts, String email) {
if (pw == null) {
return 0;
}
int light = checkpwlight(pw);
- if (contained(pw, u.getEmail())) {
+ if (contained(pw, email)) {
light -= 2;
}
- if (contained(pw, u.getFname())) {
- light -= 2;
- }
- if (contained(pw, u.getLname())) {
- light -= 2;
- }
- if (contained(pw, u.getMname())) {
- light -= 2;
- }
- if (contained(pw, u.getSuffix())) {
- light -= 2;
+ for (int i = 0; i < nameParts.length; i++) {
+ if (contained(pw, nameParts[i])) {
+ light -= 2;
+ }
}
// TODO dictionary check
return light;
}
- public static void assertStrongPassword(String pw, User u) throws GigiApiException {
- if (checkpw(pw, u) < 3) {
+ public static void assertStrongPassword(String pw, Name[] names, String email) throws GigiApiException {
+ TreeSet<String> parts = new TreeSet<>();
+ for (int i = 0; i < names.length; i++) {
+ for (NamePart string : names[i].getParts()) {
+ parts.add(string.getValue());
+ }
+ }
+ if (checkpw(pw, parts.toArray(new String[parts.size()]), email) < 3) {
throw new GigiApiException("The Pass Phrase you submitted failed to contain enough" + " differing characters and/or contained words from" + " your name and/or email address.");
}
}
}
return false;
}
+
}