From 01aeaa20d5bc475fb2bb3d99d24682ffc899cb2b Mon Sep 17 00:00:00 2001 From: binsky Date: Mon, 14 Feb 2022 18:46:54 +0100 Subject: [PATCH] implement check for existing special character in password --- src/main/java/PasswordValidator.java | 12 ++++++++++++ src/test/java/PasswordValidatorTest.java | 15 +++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/src/main/java/PasswordValidator.java b/src/main/java/PasswordValidator.java index 800b269..ed10c06 100644 --- a/src/main/java/PasswordValidator.java +++ b/src/main/java/PasswordValidator.java @@ -11,11 +11,13 @@ public class PasswordValidator { boolean requireUppercase = true; boolean requireLowercase = true; boolean requireDigit = true; + boolean requireSpecialChar = true; boolean checkPwned = true; private final Pattern uppercasePattern = Pattern.compile("^(?=.*[A-Z]).+$"); private final Pattern lowercasePattern = Pattern.compile("^(?=.*[a-z]).+$"); private final Pattern digitPattern = Pattern.compile("^(?=.*\\d).+$"); + private final Pattern specialCharPattern = Pattern.compile("^(?=.*[.!?=@#$()%^&/*_\\-+]).+$"); private static final String pwnedPasswordsApiUrl = "https://api.pwnedpasswords.com/range/"; public boolean validate(String password) { @@ -27,6 +29,8 @@ public class PasswordValidator { return false; } else if (requireDigit && !digitPattern.matcher(password).matches()) { return false; + } else if (requireSpecialChar && !specialCharPattern.matcher(password).matches()) { + return false; } else if (checkPwned && isPwned(password)) { return false; } @@ -65,6 +69,14 @@ public class PasswordValidator { this.requireDigit = requireDigit; } + public boolean isRequireSpecialChar() { + return requireSpecialChar; + } + + public void setRequireSpecialChar(boolean requireSpecialChar) { + this.requireSpecialChar = requireSpecialChar; + } + public boolean isCheckPwned() { return checkPwned; } diff --git a/src/test/java/PasswordValidatorTest.java b/src/test/java/PasswordValidatorTest.java index ddbd653..4755cc1 100644 --- a/src/test/java/PasswordValidatorTest.java +++ b/src/test/java/PasswordValidatorTest.java @@ -15,6 +15,7 @@ class PasswordValidatorTest { passwordValidator.setRequireLowercase(false); passwordValidator.setRequireDigit(false); passwordValidator.setCheckPwned(false); + passwordValidator.setRequireSpecialChar(false); assertFalse(passwordValidator.validate("abcde")); assertTrue(passwordValidator.validate("abcdef")); assertTrue(passwordValidator.validate("abcdefg")); @@ -24,6 +25,7 @@ class PasswordValidatorTest { passwordValidator.setRequireLowercase(false); passwordValidator.setRequireDigit(false); passwordValidator.setCheckPwned(false); + passwordValidator.setRequireSpecialChar(false); assertFalse(passwordValidator.validate("abcdef")); assertTrue(passwordValidator.validate("abCdef")); assertTrue(passwordValidator.validate("ABCDEF")); @@ -33,6 +35,7 @@ class PasswordValidatorTest { passwordValidator.setRequireLowercase(true); passwordValidator.setRequireDigit(false); passwordValidator.setCheckPwned(false); + passwordValidator.setRequireSpecialChar(false); assertFalse(passwordValidator.validate("abcdef")); assertTrue(passwordValidator.validate("abCdef")); assertFalse(passwordValidator.validate("ABCDEF")); @@ -42,6 +45,7 @@ class PasswordValidatorTest { passwordValidator.setRequireLowercase(true); passwordValidator.setRequireDigit(true); passwordValidator.setCheckPwned(false); + passwordValidator.setRequireSpecialChar(false); assertFalse(passwordValidator.validate("8")); assertFalse(passwordValidator.validate("12345678")); assertFalse(passwordValidator.validate("abcdef")); @@ -51,6 +55,17 @@ class PasswordValidatorTest { assertFalse(passwordValidator.validate("ABCDEF8")); assertTrue(passwordValidator.validate("abCDE8F")); + // test special chars requirement + passwordValidator.setRequireUppercase(true); + passwordValidator.setRequireLowercase(true); + passwordValidator.setRequireDigit(true); + passwordValidator.setCheckPwned(false); + passwordValidator.setRequireSpecialChar(true); + assertFalse(passwordValidator.validate("*")); + assertFalse(passwordValidator.validate("abCDE8F")); + assertTrue(passwordValidator.validate("abCDE8_F")); + assertTrue(passwordValidator.validate("abCDE*/8_F")); + // test password pwned check passwordValidator.setRequireUppercase(true); passwordValidator.setRequireLowercase(true);