You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
123 lines
3.9 KiB
123 lines
3.9 KiB
import java.io.BufferedReader;
|
|
import java.io.IOException;
|
|
import java.io.StringReader;
|
|
import java.math.BigInteger;
|
|
import java.security.MessageDigest;
|
|
import java.security.NoSuchAlgorithmException;
|
|
import java.util.regex.Pattern;
|
|
|
|
public class PasswordValidator {
|
|
int minLength = 6;
|
|
boolean requireUppercase = true;
|
|
boolean requireLowercase = true;
|
|
boolean requireDigit = true;
|
|
boolean checkPwned = true;
|
|
|
|
private final Pattern uppercasePattern = Pattern.compile("^(?=.*[A-Z]).+$");
|
|
private final Pattern lowercasePattern = Pattern.compile("^(?=.*[a-z]).+$");
|
|
private final Pattern digitPattern = Pattern.compile("^(?=.*\\d).+$");
|
|
private static final String pwnedPasswordsApiUrl = "https://api.pwnedpasswords.com/range/";
|
|
|
|
public boolean validate(String password) {
|
|
if (password.length() < minLength) {
|
|
return false;
|
|
} else if (requireUppercase && !uppercasePattern.matcher(password).matches()) {
|
|
return false;
|
|
} else if (requireLowercase && !lowercasePattern.matcher(password).matches()) {
|
|
return false;
|
|
} else if (requireDigit && !digitPattern.matcher(password).matches()) {
|
|
return false;
|
|
} else if (checkPwned && isPwned(password)) {
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
public int getMinLength() {
|
|
return minLength;
|
|
}
|
|
|
|
public void setMinLength(int minLength) {
|
|
this.minLength = minLength;
|
|
}
|
|
|
|
public boolean isRequireUppercase() {
|
|
return requireUppercase;
|
|
}
|
|
|
|
public void setRequireUppercase(boolean requireUppercase) {
|
|
this.requireUppercase = requireUppercase;
|
|
}
|
|
|
|
public boolean isRequireLowercase() {
|
|
return requireLowercase;
|
|
}
|
|
|
|
public void setRequireLowercase(boolean requireLowercase) {
|
|
this.requireLowercase = requireLowercase;
|
|
}
|
|
|
|
public boolean isRequireDigit() {
|
|
return requireDigit;
|
|
}
|
|
|
|
public void setRequireDigit(boolean requireDigit) {
|
|
this.requireDigit = requireDigit;
|
|
}
|
|
|
|
public boolean isCheckPwned() {
|
|
return checkPwned;
|
|
}
|
|
|
|
public void setCheckPwned(boolean checkPwned) {
|
|
this.checkPwned = checkPwned;
|
|
}
|
|
|
|
public static String getSHA1Hash(String input) {
|
|
if (input.length() > 0) {
|
|
try {
|
|
MessageDigest md = MessageDigest.getInstance("SHA-1");
|
|
byte[] messageDigest = md.digest(input.getBytes());
|
|
|
|
// Convert byte array into signum representation
|
|
BigInteger no = new BigInteger(1, messageDigest);
|
|
|
|
// Convert message digest into hex value
|
|
StringBuilder hashtext = new StringBuilder();
|
|
hashtext.append(no.toString(16));
|
|
|
|
// Add preceding 0s to make it 32 bit
|
|
while (hashtext.length() < 32) {
|
|
hashtext.insert(0, "0");
|
|
}
|
|
return hashtext.toString();
|
|
} catch (NoSuchAlgorithmException e) {
|
|
e.printStackTrace();
|
|
}
|
|
}
|
|
|
|
return null;
|
|
}
|
|
|
|
public static boolean isPwned(String password) {
|
|
String sha1 = PasswordValidator.getSHA1Hash(password);
|
|
if (sha1 != null) {
|
|
String url = pwnedPasswordsApiUrl + sha1.substring(0, 5);
|
|
try {
|
|
String result = HttpApi.sendHttpGETRequest(url);
|
|
BufferedReader bufReader = new BufferedReader(new StringReader(result));
|
|
String line = null;
|
|
while ((line = bufReader.readLine()) != null) {
|
|
String[] lineSplit = line.split(":");
|
|
if (lineSplit.length > 0 && sha1.toUpperCase().endsWith(lineSplit[0])) {
|
|
return true;
|
|
}
|
|
}
|
|
} catch (IOException e) {
|
|
e.printStackTrace();
|
|
}
|
|
}
|
|
|
|
return false;
|
|
}
|
|
}
|