diff --git a/src/main/java/PasswordValidator.java b/src/main/java/PasswordValidator.java index c3bf21a..800b269 100644 --- a/src/main/java/PasswordValidator.java +++ b/src/main/java/PasswordValidator.java @@ -11,6 +11,7 @@ public class PasswordValidator { boolean requireUppercase = true; boolean requireLowercase = true; boolean requireDigit = true; + boolean checkPwned = true; private final Pattern uppercasePattern = Pattern.compile("^(?=.*[A-Z]).+$"); private final Pattern lowercasePattern = Pattern.compile("^(?=.*[a-z]).+$"); @@ -26,6 +27,8 @@ public class PasswordValidator { return false; } else if (requireDigit && !digitPattern.matcher(password).matches()) { return false; + } else if (checkPwned && isPwned(password)) { + return false; } return true; } @@ -62,6 +65,14 @@ public class PasswordValidator { this.requireDigit = requireDigit; } + public boolean isCheckPwned() { + return checkPwned; + } + + public void setCheckPwned(boolean checkPwned) { + this.checkPwned = checkPwned; + } + public static String getSHA1Hash(String input) { if (input.length() > 0) { try { diff --git a/src/test/java/PasswordValidatorTest.java b/src/test/java/PasswordValidatorTest.java index d0db88a..ddbd653 100644 --- a/src/test/java/PasswordValidatorTest.java +++ b/src/test/java/PasswordValidatorTest.java @@ -14,6 +14,7 @@ class PasswordValidatorTest { passwordValidator.setRequireUppercase(false); passwordValidator.setRequireLowercase(false); passwordValidator.setRequireDigit(false); + passwordValidator.setCheckPwned(false); assertFalse(passwordValidator.validate("abcde")); assertTrue(passwordValidator.validate("abcdef")); assertTrue(passwordValidator.validate("abcdefg")); @@ -22,6 +23,7 @@ class PasswordValidatorTest { passwordValidator.setRequireUppercase(true); passwordValidator.setRequireLowercase(false); passwordValidator.setRequireDigit(false); + passwordValidator.setCheckPwned(false); assertFalse(passwordValidator.validate("abcdef")); assertTrue(passwordValidator.validate("abCdef")); assertTrue(passwordValidator.validate("ABCDEF")); @@ -30,6 +32,7 @@ class PasswordValidatorTest { passwordValidator.setRequireUppercase(true); passwordValidator.setRequireLowercase(true); passwordValidator.setRequireDigit(false); + passwordValidator.setCheckPwned(false); assertFalse(passwordValidator.validate("abcdef")); assertTrue(passwordValidator.validate("abCdef")); assertFalse(passwordValidator.validate("ABCDEF")); @@ -38,6 +41,7 @@ class PasswordValidatorTest { passwordValidator.setRequireUppercase(true); passwordValidator.setRequireLowercase(true); passwordValidator.setRequireDigit(true); + passwordValidator.setCheckPwned(false); assertFalse(passwordValidator.validate("8")); assertFalse(passwordValidator.validate("12345678")); assertFalse(passwordValidator.validate("abcdef")); @@ -46,6 +50,15 @@ class PasswordValidatorTest { assertFalse(passwordValidator.validate("ABCDEF")); assertFalse(passwordValidator.validate("ABCDEF8")); assertTrue(passwordValidator.validate("abCDE8F")); + + // test password pwned check + passwordValidator.setRequireUppercase(true); + passwordValidator.setRequireLowercase(true); + passwordValidator.setRequireDigit(true); + passwordValidator.setCheckPwned(true); + assertFalse(passwordValidator.validate("8")); + assertFalse(passwordValidator.validate("asdf12")); + assertTrue(passwordValidator.validate("=phan0johB4aisae6Mie0jeip9Saejahc0iuvuth7ahv9uoni6o*_.+")); } @Test