fdai6545
/
ciip-grp8-password-manager
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Merge commit '8cfd7481978d77f5c5823248d77b9f5132fb4566' into HEAD

feature-create-new-vault
jenkins 2 years ago
parent
9b3fed46fa 8cfd748197
commit
452685583b
5 changed files with 137625 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 43
      src/main/java/PasswordValidator.java
  2. 37
      src/main/java/ResourceApi.java
  3. 137465
      src/main/resources/german_wordlist.txt
  4. 32
      src/test/java/PasswordValidatorTest.java
  5. 48
      src/test/java/ResourceApiTest.java

43
src/main/java/PasswordValidator.java
View File

@ -4,6 +4,7 @@ import java.io.StringReader;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Locale;
import java.util.regex.Pattern;
public class PasswordValidator {
@ -11,11 +12,14 @@ public class PasswordValidator {
boolean requireUppercase = true;
boolean requireLowercase = true;
boolean requireDigit = true;
boolean requireSpecialChar = true;
boolean checkPwned = true;
boolean checkWordlist = false;
private final Pattern uppercasePattern = Pattern.compile("^(?=.*[A-Z]).+$");
private final Pattern lowercasePattern = Pattern.compile("^(?=.*[a-z]).+$");
private final Pattern digitPattern = Pattern.compile("^(?=.*\\d).+$");
private final Pattern specialCharPattern = Pattern.compile("^(?=.*[.!?=@#$()%^&/*_\\-+]).+$");
private static final String pwnedPasswordsApiUrl = "https://api.pwnedpasswords.com/range/";
public boolean validate(String password) {
@ -27,6 +31,10 @@ public class PasswordValidator {
return false;
} else if (requireDigit && !digitPattern.matcher(password).matches()) {
return false;
} else if (requireSpecialChar && !specialCharPattern.matcher(password).matches()) {
return false;
} else if (checkWordlist && isInWordlist(password)) {
return false;
} else if (checkPwned && isPwned(password)) {
return false;
}
@ -65,6 +73,14 @@ public class PasswordValidator {
this.requireDigit = requireDigit;
}
public boolean isRequireSpecialChar() {
return requireSpecialChar;
}
public void setRequireSpecialChar(boolean requireSpecialChar) {
this.requireSpecialChar = requireSpecialChar;
}
public boolean isCheckPwned() {
return checkPwned;
}
@ -73,6 +89,14 @@ public class PasswordValidator {
this.checkPwned = checkPwned;
}
public boolean isCheckWordlist() {
return checkWordlist;
}
public void setCheckWordlist(boolean checkWordlist) {
this.checkWordlist = checkWordlist;
}
public static String getSHA1Hash(String input) {
if (input.length() > 0) {
try {
@ -120,4 +144,23 @@ public class PasswordValidator {
return false;
}
public static boolean isInWordlist(String password) {
try {
String lowerPassword = password.toLowerCase();
ResourceApi resourceApi = new ResourceApi();
String germanWordlist = resourceApi.getFileFromResourceAsString("german_wordlist.txt");
BufferedReader bufReader = new BufferedReader(new StringReader(germanWordlist));
String line = null;
while ((line = bufReader.readLine()) != null) {
if (lowerPassword.contains(line.trim().toLowerCase())) {
return true;
}
}
} catch (IOException e) {
e.printStackTrace();
}
return false;
}
}

37
src/main/java/ResourceApi.java
View File

@ -0,0 +1,37 @@
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
public class ResourceApi {
public String getFileFromResourceAsString(String fileName) throws IOException {
InputStream inputStream = getFileFromResourceAsStream(fileName);
return getStringFromInputStream(inputStream);
}
public InputStream getFileFromResourceAsStream(String fileName) {
//ClassLoader classLoader = getClass().getClassLoader();
ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
InputStream inputStream = classLoader.getResourceAsStream(fileName);
if (inputStream == null) {
throw new IllegalArgumentException("file not found! " + fileName);
} else {
return inputStream;
}
}
public String getStringFromInputStream(InputStream inputStream) throws IOException {
BufferedReader in = new BufferedReader(new InputStreamReader(inputStream));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine + "\n");
}
in.close();
return response.toString();
}
}

137465
src/main/resources/german_wordlist.txt
File diff suppressed because it is too large
View File

32
src/test/java/PasswordValidatorTest.java
View File

@ -15,6 +15,7 @@ class PasswordValidatorTest {
passwordValidator.setRequireLowercase(false);
passwordValidator.setRequireDigit(false);
passwordValidator.setCheckPwned(false);
passwordValidator.setRequireSpecialChar(false);
assertFalse(passwordValidator.validate("abcde"));
assertTrue(passwordValidator.validate("abcdef"));
assertTrue(passwordValidator.validate("abcdefg"));
@ -24,6 +25,7 @@ class PasswordValidatorTest {
passwordValidator.setRequireLowercase(false);
passwordValidator.setRequireDigit(false);
passwordValidator.setCheckPwned(false);
passwordValidator.setRequireSpecialChar(false);
assertFalse(passwordValidator.validate("abcdef"));
assertTrue(passwordValidator.validate("abCdef"));
assertTrue(passwordValidator.validate("ABCDEF"));
@ -33,6 +35,7 @@ class PasswordValidatorTest {
passwordValidator.setRequireLowercase(true);
passwordValidator.setRequireDigit(false);
passwordValidator.setCheckPwned(false);
passwordValidator.setRequireSpecialChar(false);
assertFalse(passwordValidator.validate("abcdef"));
assertTrue(passwordValidator.validate("abCdef"));
assertFalse(passwordValidator.validate("ABCDEF"));
@ -42,6 +45,7 @@ class PasswordValidatorTest {
passwordValidator.setRequireLowercase(true);
passwordValidator.setRequireDigit(true);
passwordValidator.setCheckPwned(false);
passwordValidator.setRequireSpecialChar(false);
assertFalse(passwordValidator.validate("8"));
assertFalse(passwordValidator.validate("12345678"));
assertFalse(passwordValidator.validate("abcdef"));
@ -51,6 +55,17 @@ class PasswordValidatorTest {
assertFalse(passwordValidator.validate("ABCDEF8"));
assertTrue(passwordValidator.validate("abCDE8F"));
// test special chars requirement
passwordValidator.setRequireUppercase(true);
passwordValidator.setRequireLowercase(true);
passwordValidator.setRequireDigit(true);
passwordValidator.setCheckPwned(false);
passwordValidator.setRequireSpecialChar(true);
assertFalse(passwordValidator.validate("*"));
assertFalse(passwordValidator.validate("abCDE8F"));
assertTrue(passwordValidator.validate("abCDE8_F"));
assertTrue(passwordValidator.validate("abCDE*/8_F"));
// test password pwned check
passwordValidator.setRequireUppercase(true);
passwordValidator.setRequireLowercase(true);
@ -59,6 +74,16 @@ class PasswordValidatorTest {
assertFalse(passwordValidator.validate("8"));
assertFalse(passwordValidator.validate("asdf12"));
assertTrue(passwordValidator.validate("=phan0johB4aisae6Mie0jeip9Saejahc0iuvuth7ahv9uoni6o*_.+"));
// test password wordlist check
passwordValidator.setRequireUppercase(true);
passwordValidator.setRequireLowercase(true);
passwordValidator.setRequireDigit(true);
passwordValidator.setCheckPwned(true);
passwordValidator.setCheckWordlist(true);
assertFalse(passwordValidator.validate("8"));
assertFalse(passwordValidator.validate("_Sonnenblume123"));
assertTrue(passwordValidator.validate("=phan0johB4aisae6Mie0jeip9Saejahc0iuvuth7ahv9uoni6o*_.+"));
}
@Test
@ -74,4 +99,11 @@ class PasswordValidatorTest {
assertFalse(PasswordValidator.isPwned("=phan0johB4aisae6Mie0jeip9Saejahc0iuvuth7ahv9uoni6o*_.+"));
assertFalse(PasswordValidator.isPwned(""));
}
@Test
void isInWordlist() {
assertTrue(PasswordValidator.isInWordlist("Sonnenblume"));
assertTrue(PasswordValidator.isInWordlist("_Sonnenblume123"));
assertFalse(PasswordValidator.isInWordlist("=phan0johB4aisae6Mie0jeip9Saejahc0iuvuth7ahv9uoni6o*_.+"));
}
}

48
src/test/java/ResourceApiTest.java
View File

@ -0,0 +1,48 @@
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
import java.io.*;
import java.nio.charset.StandardCharsets;
import static org.junit.jupiter.api.Assertions.*;
class ResourceApiTest {
private static ResourceApi resourceApi;
@BeforeAll
static void init() {
resourceApi = new ResourceApi();
}
@Test
void getFileFromResourceAsStream() throws IOException {
assertThrowsExactly(IllegalArgumentException.class,
() -> resourceApi.getFileFromResourceAsStream("does_not_exist"));
InputStream is = resourceApi.getFileFromResourceAsStream("german_wordlist.txt");
BufferedReader in = new BufferedReader(new InputStreamReader(is));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine + "\n");
}
in.close();
assertTrue(response.toString().contains("Alleinherrschaft"));
}
@Test
void getStringFromInputStream() throws IOException {
String testString = "I am a test string!\nAnother test line.\n";
InputStream is = new ByteArrayInputStream(testString.getBytes(StandardCharsets.UTF_8));
assertEquals(resourceApi.getStringFromInputStream(is), testString);
}
@Test
void getFileFromResourceAsString() throws IOException {
assertTrue(resourceApi.getFileFromResourceAsString("german_wordlist.txt").contains("Alleinherrschaft"));
}
}
Write Preview
Loading…
Cancel
Save