From 7f8666c0183d9d7a3a4de2ee587db81dedcf5b67 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20Zl=C3=A1mal?= Date: Mon, 15 Feb 2021 11:53:03 +0100 Subject: [PATCH] Added password strength check for MU namespace - Password must be at least 12 characters longs. - Password must consists of at least 3 groups of chars. --- .../client/resources/PerunTranslation.java | 9 ++++++ .../resources/PerunTranslation_cs.properties | 3 ++ .../wui/pwdreset/pages/PwdResetView.java | 30 +++++++++++++++++++ 3 files changed, 42 insertions(+) diff --git a/perun-wui-core/src/main/java/cz/metacentrum/perun/wui/client/resources/PerunTranslation.java b/perun-wui-core/src/main/java/cz/metacentrum/perun/wui/client/resources/PerunTranslation.java index 8909b569..6126387d 100644 --- a/perun-wui-core/src/main/java/cz/metacentrum/perun/wui/client/resources/PerunTranslation.java +++ b/perun-wui-core/src/main/java/cz/metacentrum/perun/wui/client/resources/PerunTranslation.java @@ -288,4 +288,13 @@ public interface PerunTranslation extends Messages { @DefaultMessage("Password can`t contain login, name or surname, not even backwards!") public String einfraPasswordStrengthForNameLogin(); + @DefaultMessage("Password must ") + public String muPasswordHelp(); + + @DefaultMessage("Password must be at least 12 characters long!") + public String muPasswordLength(); + + @DefaultMessage("Password must consist of at least 3 of 4 character groups") + public String muPasswordStrength(); + } diff --git a/perun-wui-core/src/main/resources/cz/metacentrum/perun/wui/client/resources/PerunTranslation_cs.properties b/perun-wui-core/src/main/resources/cz/metacentrum/perun/wui/client/resources/PerunTranslation_cs.properties index 328e951b..8977fdac 100644 --- a/perun-wui-core/src/main/resources/cz/metacentrum/perun/wui/client/resources/PerunTranslation_cs.properties +++ b/perun-wui-core/src/main/resources/cz/metacentrum/perun/wui/client/resources/PerunTranslation_cs.properties @@ -104,3 +104,6 @@ einfraPasswordLength=Heslo musí mít alespoň 10 znaků! einfraPasswordFormat=Heslo nesmí obsahovat diakritiku nebo řídící a formátovací znaky! einfraPasswordStrength=Heslo musí obsahovat alespoň 3 ze 4 kategorií znaků einfraPasswordStrengthForNameLogin=Heslo nesmí obsahovat login, jméno nebo příjmení a to ani pozpátku! +muPasswordHelp=Heslo musí +muPasswordLength=Heslo musí mít alespoň 12 znaků! +muPasswordStrength=Heslo musí obsahovat alespoň 3 ze 4 kategorií znaků diff --git a/perun-wui-pwdreset/src/main/java/cz/metacentrum/perun/wui/pwdreset/pages/PwdResetView.java b/perun-wui-pwdreset/src/main/java/cz/metacentrum/perun/wui/pwdreset/pages/PwdResetView.java index 929ae2c3..914775e3 100644 --- a/perun-wui-pwdreset/src/main/java/cz/metacentrum/perun/wui/pwdreset/pages/PwdResetView.java +++ b/perun-wui-pwdreset/src/main/java/cz/metacentrum/perun/wui/pwdreset/pages/PwdResetView.java @@ -348,6 +348,8 @@ public void onFinished(JavaScriptObject result) { help.setHTML("

" + translation.einfraPasswordHelp()); } else if (Objects.equals(namespace, "vsup")) { help.setHTML("

"+translation.vsupHelp()); + } else if (Objects.equals(namespace, "mu")) { + help.setHTML("

"+translation.muPasswordHelp()); } return; @@ -509,6 +511,34 @@ private boolean validate() { return false; } + } else if (Objects.equals(namespace, "mu")) { + + // Check that password contains at least 3 of 4 character groups + + RegExp regExpDigit = RegExp.compile("^.*[0-9].*$"); + RegExp regExpLower = RegExp.compile("^.*[a-z].*$"); + RegExp regExpUpper = RegExp.compile("^.*[A-Z].*$"); + RegExp regExpSpec = RegExp.compile("^.*[\\x20-\\x2F\\x3A-\\x40\\x5B-\\x60\\x7B-\\x7E].*$"); // FIXME - are those correct printable specific chars? + + int matchCounter = 0; + if (regExpDigit.exec(passwordTextBox.getValue()) != null) matchCounter++; + if (regExpLower.exec(passwordTextBox.getValue()) != null) matchCounter++; + if (regExpUpper.exec(passwordTextBox.getValue()) != null) matchCounter++; + if (regExpSpec.exec(passwordTextBox.getValue()) != null) matchCounter++; + + if(matchCounter < 3){ + passItem.setValidationState(ValidationState.ERROR); + itemStatus.setHTML(translation.muPasswordStrength()); + return false; + } + + // check length + if (passwordTextBox.getValue().length() < 12) { + passItem.setValidationState(ValidationState.ERROR); + itemStatus.setHTML(translation.muPasswordLength()); + return false; + } + } if (!Objects.equals(passwordTextBox.getValue(), passwordTextBox2.getValue())) {