ciip-grp8-password-manager/src/main/java/PasswordValidator.java

import java.io.BufferedReader;
import java.io.IOException;
import java.io.StringReader;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Locale;
import java.util.regex.Pattern;

public class PasswordValidator {
    int minLength = 6;
    boolean requireUppercase = true;
    boolean requireLowercase = true;
    boolean requireDigit = true;
    boolean requireSpecialChar = true;
    boolean checkPwned = true;
    boolean checkWordlist = false;

    private final Pattern uppercasePattern = Pattern.compile("^(?=.*[A-Z]).+$");
    private final Pattern lowercasePattern = Pattern.compile("^(?=.*[a-z]).+$");
    private final Pattern digitPattern = Pattern.compile("^(?=.*\\d).+$");
    private final Pattern specialCharPattern = Pattern.compile("^(?=.*[.!?=@#$()%^&/*_\\-+]).+$");
    private static final String pwnedPasswordsApiUrl = "https://api.pwnedpasswords.com/range/";

    public boolean validate(String password) {
        if (password.length() < minLength) {
            return false;
        } else if (requireUppercase && !uppercasePattern.matcher(password).matches()) {
            return false;
        } else if (requireLowercase && !lowercasePattern.matcher(password).matches()) {
            return false;
        } else if (requireDigit && !digitPattern.matcher(password).matches()) {
            return false;
        } else if (requireSpecialChar && !specialCharPattern.matcher(password).matches()) {
            return false;
        } else if (checkWordlist && isInWordlist(password)) {
            return false;
        } else if (checkPwned && isPwned(password)) {
            return false;
        }
        return true;
    }

    public int getMinLength() {
        return minLength;
    }

    public void setMinLength(int minLength) {
        this.minLength = minLength;
    }

    public boolean isRequireUppercase() {
        return requireUppercase;
    }

    public void setRequireUppercase(boolean requireUppercase) {
        this.requireUppercase = requireUppercase;
    }

    public boolean isRequireLowercase() {
        return requireLowercase;
    }

    public void setRequireLowercase(boolean requireLowercase) {
        this.requireLowercase = requireLowercase;
    }

    public boolean isRequireDigit() {
        return requireDigit;
    }

    public void setRequireDigit(boolean requireDigit) {
        this.requireDigit = requireDigit;
    }

    public boolean isRequireSpecialChar() {
        return requireSpecialChar;
    }

    public void setRequireSpecialChar(boolean requireSpecialChar) {
        this.requireSpecialChar = requireSpecialChar;
    }

    public boolean isCheckPwned() {
        return checkPwned;
    }

    public void setCheckPwned(boolean checkPwned) {
        this.checkPwned = checkPwned;
    }

    public boolean isCheckWordlist() {
        return checkWordlist;
    }

    public void setCheckWordlist(boolean checkWordlist) {
        this.checkWordlist = checkWordlist;
    }

    public static String getSHA1Hash(String input) {
        if (input.length() > 0) {
            try {
                MessageDigest md = MessageDigest.getInstance("SHA-1");
                byte[] messageDigest = md.digest(input.getBytes());

                // Convert byte array into signum representation
                BigInteger no = new BigInteger(1, messageDigest);

                // Convert message digest into hex value
                StringBuilder hashtext = new StringBuilder();
                hashtext.append(no.toString(16));

                // Add preceding 0s to make it 32 bit
                while (hashtext.length() < 32) {
                    hashtext.insert(0, "0");
                }
                return hashtext.toString();
            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
            }
        }

        return null;
    }

    public static boolean isPwned(String password) {
        String sha1 = PasswordValidator.getSHA1Hash(password);
        if (sha1 != null) {
            String url = pwnedPasswordsApiUrl + sha1.substring(0, 5);
            try {
                String result = HttpApi.sendHttpGETRequest(url);
                BufferedReader bufReader = new BufferedReader(new StringReader(result));
                String line = null;
                while ((line = bufReader.readLine()) != null) {
                    String[] lineSplit = line.split(":");
                    if (lineSplit.length > 0 && sha1.toUpperCase().endsWith(lineSplit[0])) {
                        return true;
                    }
                }
            } catch (IOException e) {
                e.printStackTrace();
            }
        }

        return false;
    }

    public static boolean isInWordlist(String password) {
        try {
            String lowerPassword = password.toLowerCase();
            ResourceApi resourceApi = new ResourceApi();
            String germanWordlist = resourceApi.getFileFromResourceAsString("german_wordlist.txt");
            BufferedReader bufReader = new BufferedReader(new StringReader(germanWordlist));
            String line = null;
            while ((line = bufReader.readLine()) != null) {
                if (lowerPassword.contains(line.trim().toLowerCase())) {
                    return true;
                }
            }
        } catch (IOException e) {
            e.printStackTrace();
        }

        return false;
    }
}