From a068c177bb6cdbc3b117038047818ae58f9aa1de Mon Sep 17 00:00:00 2001 From: Lucas Werkmeister Date: Sat, 13 Jan 2018 21:23:00 +0100 Subject: [PATCH] chg: move PasswordChecker object to Gigi class MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This provides one centralized place where the PasswordChecker used can be selected or changed. (setPasswordChecker() is intended for use in the tests – in normal operation, the PasswordChecker should be set up once during initialization and then not changed.) I’d like to do this via dependency injection, but neither User nor Signup seem like the right places to do this. Perhaps this kind of logic should be moved to some kind of service where this is more feasible, but that’s not a refactoring I want to do right now. Change-Id: Id23d8a492a21a934085d9b91689acd723b065843 --- src/club/wpia/gigi/Gigi.java | 16 ++++++++++++++++ src/club/wpia/gigi/dbObjects/User.java | 3 ++- src/club/wpia/gigi/pages/main/Signup.java | 3 ++- .../club/wpia/gigi/testUtils/ConfiguredTest.java | 3 +++ 4 files changed, 23 insertions(+), 2 deletions(-) diff --git a/src/club/wpia/gigi/Gigi.java b/src/club/wpia/gigi/Gigi.java index 15a52143..44e2ddd9 100644 --- a/src/club/wpia/gigi/Gigi.java +++ b/src/club/wpia/gigi/Gigi.java @@ -78,6 +78,8 @@ import club.wpia.gigi.pages.statistics.StatisticsRoles; import club.wpia.gigi.pages.wot.Points; import club.wpia.gigi.pages.wot.RequestTTPPage; import club.wpia.gigi.pages.wot.VerifyPage; +import club.wpia.gigi.passwords.PasswordChecker; +import club.wpia.gigi.passwords.PasswordStrengthChecker; import club.wpia.gigi.ping.PingerDaemon; import club.wpia.gigi.util.AuthorizationContext; import club.wpia.gigi.util.DomainAssessment; @@ -245,6 +247,8 @@ public final class Gigi extends HttpServlet { private static Gigi instance; + private static PasswordChecker passwordChecker; + private static final Template baseTemplate = new Template(Gigi.class.getResource("Gigi.templ")); private PingerDaemon pinger; @@ -273,6 +277,7 @@ public final class Gigi extends HttpServlet { this.truststore = truststore; pinger = new PingerDaemon(truststore); pinger.start(); + Gigi.passwordChecker = new PasswordStrengthChecker(); } } @@ -521,4 +526,15 @@ public final class Gigi extends HttpServlet { instance.pinger.interrupt(); } + public static PasswordChecker getPasswordChecker() { + if (passwordChecker == null) { + throw new IllegalStateException("Not yet initialized!"); + } + return passwordChecker; + } + + public static void setPasswordChecker(PasswordChecker passwordChecker) { + Gigi.passwordChecker = passwordChecker; + } + } diff --git a/src/club/wpia/gigi/dbObjects/User.java b/src/club/wpia/gigi/dbObjects/User.java index 55bb03fb..9868e36a 100644 --- a/src/club/wpia/gigi/dbObjects/User.java +++ b/src/club/wpia/gigi/dbObjects/User.java @@ -12,6 +12,7 @@ import java.util.Locale; import java.util.Set; import java.util.TreeSet; +import club.wpia.gigi.Gigi; import club.wpia.gigi.GigiApiException; import club.wpia.gigi.database.GigiPreparedStatement; import club.wpia.gigi.database.GigiResultSet; @@ -217,7 +218,7 @@ public class User extends CertificateOwner { nameParts.add(string.getValue()); } } - GigiApiException gaPassword = new PasswordStrengthChecker().checkPassword(newPass, nameParts.toArray(new String[nameParts.size()]), getEmail()); + GigiApiException gaPassword = Gigi.getPasswordChecker().checkPassword(newPass, nameParts.toArray(new String[nameParts.size()]), getEmail()); if (gaPassword != null) { throw gaPassword; } diff --git a/src/club/wpia/gigi/pages/main/Signup.java b/src/club/wpia/gigi/pages/main/Signup.java index b6585cb0..6b8dd75f 100644 --- a/src/club/wpia/gigi/pages/main/Signup.java +++ b/src/club/wpia/gigi/pages/main/Signup.java @@ -8,6 +8,7 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; +import club.wpia.gigi.Gigi; import club.wpia.gigi.GigiApiException; import club.wpia.gigi.database.GigiPreparedStatement; import club.wpia.gigi.database.GigiResultSet; @@ -130,7 +131,7 @@ public class Signup extends Form { if ( !ga.isEmpty()) { throw ga; } - GigiApiException gaPassword = new PasswordStrengthChecker().checkPassword(pw1, ni.getNamePartsPlain(), email); + GigiApiException gaPassword = Gigi.getPasswordChecker().checkPassword(pw1, ni.getNamePartsPlain(), email); if (gaPassword != null) { throw gaPassword; } diff --git a/tests/club/wpia/gigi/testUtils/ConfiguredTest.java b/tests/club/wpia/gigi/testUtils/ConfiguredTest.java index 3ece611c..13eaee5d 100644 --- a/tests/club/wpia/gigi/testUtils/ConfiguredTest.java +++ b/tests/club/wpia/gigi/testUtils/ConfiguredTest.java @@ -32,6 +32,7 @@ import java.util.regex.Pattern; import org.junit.AfterClass; import org.junit.BeforeClass; +import club.wpia.gigi.Gigi; import club.wpia.gigi.GigiApiException; import club.wpia.gigi.database.DatabaseConnection; import club.wpia.gigi.database.DatabaseConnection.Link; @@ -42,6 +43,7 @@ import club.wpia.gigi.dbObjects.CertificateProfile; import club.wpia.gigi.dbObjects.Domain; import club.wpia.gigi.dbObjects.DomainPingType; import club.wpia.gigi.dbObjects.User; +import club.wpia.gigi.passwords.PasswordStrengthChecker; import club.wpia.gigi.testUtils.TestEmailReceiver.TestMail; import club.wpia.gigi.util.DatabaseManager; import club.wpia.gigi.util.DomainAssessment; @@ -105,6 +107,7 @@ public abstract class ConfiguredTest { TimeConditions.init(props); DomainAssessment.init(props); PasswordHash.init(props); + Gigi.setPasswordChecker(new PasswordStrengthChecker()); if ( !DatabaseConnection.isInited()) { DatabaseConnection.init(testProps); -- 2.39.2