private boolean isNotEmptyMinLength(ValuePolicyType policy) { StringPolicyType stringPolicy = policy.getStringPolicy(); if (stringPolicy == null) { return false; } Integer minLength = stringPolicy.getLimitations().getMinLength(); if (minLength != null) { if (minLength.intValue() == 0) { return false; } return true; } return false; }
private HashSet<String> getValidCharacters(CharacterClassType characterClassType, ValuePolicyType passwordPolicy) { if (null != characterClassType.getValue()) { return new HashSet<>(StringPolicyUtils.stringTokenizer(characterClassType.getValue())); } else { return new HashSet<>(StringPolicyUtils.stringTokenizer(StringPolicyUtils .collectCharacterClass(passwordPolicy.getStringPolicy().getCharacterClass(), characterClassType.getRef()))); } }
@Test public void stringPolicyUtilsComplexTest() { final String TEST_NAME = "stringPolicyUtilsComplexTest"; TestUtil.displayTestTitle(TEST_NAME); File file = new File(TEST_DIR, "password-policy-complex.xml"); ValuePolicyType pp = null; try { pp = (ValuePolicyType) PrismTestUtil.parseObject(file).asObjectable(); } catch (Exception e) { e.printStackTrace(); } StringPolicyType sp = pp.getStringPolicy(); StringPolicyUtils.normalize(sp); }
/** * add defined default values */ private void normalize(ValuePolicyType pp) { if (null == pp) { throw new IllegalArgumentException("Password policy cannot be null"); } if (null == pp.getStringPolicy()) { StringPolicyType sp = new StringPolicyType(); pp.setStringPolicy(StringPolicyUtils.normalize(sp)); } else { pp.setStringPolicy(StringPolicyUtils.normalize(pp.getStringPolicy())); } if (null == pp.getLifetime()) { PasswordLifeTimeType lt = new PasswordLifeTimeType(); lt.setExpiration(-1); lt.setWarnBeforeExpiration(0); lt.setLockAfterExpiration(0); lt.setMinPasswordAge(0); lt.setPasswordHistoryLength(0); } }
private String generateAttempt(ValuePolicyType policy, int defaultLength, boolean generateMinimalSize, Context ctx, OperationResult result) { StringPolicyType stringPolicy = policy.getStringPolicy();
private <O extends ObjectType> boolean checkAttempt(String generatedValue, ValuePolicyType policy, AbstractValuePolicyOriginResolver<O> originResolver, String shortDesc, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, SecurityViolationException { StringPolicyType stringPolicy = policy.getStringPolicy(); if (stringPolicy != null) { LimitationsType limitationsType = stringPolicy.getLimitations(); if (limitationsType != null) { List<CheckExpressionType> checkExpressionTypes = limitationsType.getCheckExpression(); if (!checkExpressions(generatedValue, checkExpressionTypes, originResolver, shortDesc, task, result)) { LOGGER.trace("Check expression returned false for generated value in {}", shortDesc); return false; } } } if (!checkProhibitedValues(generatedValue, policy.getProhibitedValues(), originResolver, null, shortDesc, task, result)) { LOGGER.trace("Generated value is prohibited in {}", shortDesc); return false; } // TODO Check pattern return true; }
private void assertGeneratedValue(String value, ValuePolicyType valuePolicy, String pattern, boolean ignoreMin, boolean ignoreMax) { StringPolicyType stringPolicy = valuePolicy.getStringPolicy(); if (stringPolicy == null) { assertEquals("Unexpected generated value length", GenerateExpressionEvaluator.DEFAULT_LENGTH, value.length()); } else { if (!ignoreMin) { assertTrue("Value '"+value+"' too short, minLength="+stringPolicy.getLimitations().getMinLength()+", length="+value.length(), value.length() >= stringPolicy.getLimitations().getMinLength()); } if (!ignoreMax) { assertTrue("Value '"+value+"' too long, maxLength="+stringPolicy.getLimitations().getMaxLength()+", length="+value.length(), value.length() <= stringPolicy.getLimitations().getMaxLength()); } // TODO: better validation } if (pattern != null) { assertTrue("Value '"+value+"' does not match pattern '"+pattern+"'", value.matches(pattern)); } }
@Test public void stringPolicyUtilsMinimalTest() throws JAXBException, SchemaException, IOException { File file = new File(TEST_DIR, "password-policy-minimal.xml"); ValuePolicyType pp = (ValuePolicyType) PrismTestUtil.parseObject(file).asObjectable(); StringPolicyType sp = pp.getStringPolicy(); StringPolicyUtils.normalize(sp); AssertJUnit.assertNotNull(sp.getCharacterClass()); AssertJUnit.assertNotNull(sp.getLimitations().getLimit()); AssertJUnit.assertTrue(Integer.MAX_VALUE == sp.getLimitations().getMaxLength()); AssertJUnit.assertTrue(0 == sp.getLimitations().getMinLength()); AssertJUnit.assertTrue(0 == " !\"#$%&'()*+,-.01234567890:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~" .compareTo(sp.getCharacterClass().getValue())); }
LimitationsType lims = pp.getStringPolicy().getLimitations();
StringPolicyType stringPolicy = valuePolicy != null ? valuePolicy.getStringPolicy() : null; if (stringPolicy == null) { LOGGER.trace("No sting policy defined. Cannot generate value.");
pp.getStringPolicy().getLimitations().setMinLength(2); pp.getStringPolicy().getLimitations().setMinUniqueChars(5); for (StringLimitType l : pp.getStringPolicy().getLimitations().getLimit()) { l.setMustBeFirst(true);
StringPolicyType stringPolicy = policy.getStringPolicy(); int maxAttempts = DEFAULT_MAX_ATTEMPTS; if (stringPolicy.getLimitations() != null && stringPolicy.getLimitations().getMaxAttempts() != null) {