You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2015/07/13 11:17:39 UTC
[2/3] syncope git commit: [SYNCOPE-678] Default values for min / max
provided
[SYNCOPE-678] Default values for min / max provided
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/73d0975b
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/73d0975b
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/73d0975b
Branch: refs/heads/master
Commit: 73d0975b015308a673767cb5aa890782a75afde5
Parents: 22c91a7
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Mon Jul 13 10:47:41 2015 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Mon Jul 13 10:47:41 2015 +0200
----------------------------------------------------------------------
.../syncope/core/connid/PasswordGenerator.java | 19 ++-
.../core/connid/PasswordGeneratorTest.java | 121 ++++++++++---------
2 files changed, 81 insertions(+), 59 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/73d0975b/core/src/main/java/org/apache/syncope/core/connid/PasswordGenerator.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/syncope/core/connid/PasswordGenerator.java b/core/src/main/java/org/apache/syncope/core/connid/PasswordGenerator.java
index e92c851..108dcb3 100644
--- a/core/src/main/java/org/apache/syncope/core/connid/PasswordGenerator.java
+++ b/core/src/main/java/org/apache/syncope/core/connid/PasswordGenerator.java
@@ -36,6 +36,7 @@ import org.springframework.stereotype.Component;
/**
* Generate random passwords according to given policies.
+ * When no minimum and / or maximum length are specified, default values are set.
*
* @see PasswordPolicy
*/
@@ -44,6 +45,12 @@ public class PasswordGenerator {
private static final char[] SPECIAL_CHARS = { '!', '£', '%', '&', '(', ')', '?', '#', '$' };
+ private static final int VERY_MIN_LENGTH = 0;
+
+ private static final int VERY_MAX_LENGTH = 64;
+
+ private static final int MIN_LENGTH_IF_ZERO = 6;
+
@Autowired
private PolicyDAO policyDAO;
@@ -90,8 +97,8 @@ public class PasswordGenerator {
private PasswordPolicySpec merge(final List<PasswordPolicySpec> ppSpecs) {
PasswordPolicySpec fpps = new PasswordPolicySpec();
- fpps.setMinLength(0);
- fpps.setMaxLength(1000);
+ fpps.setMinLength(VERY_MIN_LENGTH);
+ fpps.setMaxLength(VERY_MAX_LENGTH);
for (PasswordPolicySpec policySpec : ppSpecs) {
if (policySpec.getMinLength() > fpps.getMinLength()) {
@@ -158,15 +165,17 @@ public class PasswordGenerator {
fpps.setMustntEndWithAlpha(policySpec.isMustntEndWithAlpha());
}
}
+
+ if (fpps.getMinLength() == 0) {
+ fpps.setMinLength(fpps.getMaxLength() < MIN_LENGTH_IF_ZERO ? fpps.getMaxLength() : MIN_LENGTH_IF_ZERO);
+ }
+
return fpps;
}
private void check(final PasswordPolicySpec policySpec)
throws InvalidPasswordPolicySpecException {
- if (policySpec.getMinLength() == 0) {
- throw new InvalidPasswordPolicySpecException("Minimum length is zero");
- }
if (policySpec.isMustEndWithAlpha() && policySpec.isMustntEndWithAlpha()) {
throw new InvalidPasswordPolicySpecException(
"mustEndWithAlpha and mustntEndWithAlpha are both true");
http://git-wip-us.apache.org/repos/asf/syncope/blob/73d0975b/core/src/test/java/org/apache/syncope/core/connid/PasswordGeneratorTest.java
----------------------------------------------------------------------
diff --git a/core/src/test/java/org/apache/syncope/core/connid/PasswordGeneratorTest.java b/core/src/test/java/org/apache/syncope/core/connid/PasswordGeneratorTest.java
index 419c59f..54fb4d6 100644
--- a/core/src/test/java/org/apache/syncope/core/connid/PasswordGeneratorTest.java
+++ b/core/src/test/java/org/apache/syncope/core/connid/PasswordGeneratorTest.java
@@ -23,6 +23,7 @@ import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.List;
import org.apache.syncope.common.types.CipherAlgorithm;
import org.apache.syncope.common.types.PasswordPolicySpec;
@@ -45,9 +46,9 @@ public class PasswordGeneratorTest extends AbstractNonDAOTest {
private UserDAO userDAO;
@Test
- public void issueSYNCOPE226() {
+ public void forUser() {
SyncopeUser user = userDAO.find(5L);
- String password = "";
+ String password = null;
try {
password = passwordGenerator.generate(user);
} catch (InvalidPasswordPolicySpecException ex) {
@@ -55,32 +56,36 @@ public class PasswordGeneratorTest extends AbstractNonDAOTest {
}
assertNotNull(password);
- user.setPassword(password, CipherAlgorithm.AES);
-
- SyncopeUser actual = userDAO.save(user);
- assertNotNull(actual);
- }
-
- @Test
- public void testPasswordGenerator() {
- SyncopeUser user = userDAO.find(5L);
-
- String password = "";
- try {
- password = passwordGenerator.generate(user);
-
- } catch (InvalidPasswordPolicySpecException ex) {
- fail(ex.getMessage());
- }
- assertNotNull(password);
user.setPassword(password, CipherAlgorithm.SHA);
userDAO.save(user);
}
- @Test
- public void startEndWithDigit()
- throws InvalidPasswordPolicySpecException {
+ private PasswordPolicySpec createBasePasswordPolicySpec() {
+ PasswordPolicySpec basePasswordPolicySpec = new PasswordPolicySpec();
+ basePasswordPolicySpec.setAlphanumericRequired(false);
+ basePasswordPolicySpec.setDigitRequired(false);
+ basePasswordPolicySpec.setLowercaseRequired(false);
+ basePasswordPolicySpec.setMaxLength(1000);
+ basePasswordPolicySpec.setMinLength(8);
+ basePasswordPolicySpec.setMustEndWithAlpha(false);
+ basePasswordPolicySpec.setMustEndWithDigit(false);
+ basePasswordPolicySpec.setMustEndWithNonAlpha(false);
+ basePasswordPolicySpec.setMustStartWithAlpha(false);
+ basePasswordPolicySpec.setMustStartWithDigit(false);
+ basePasswordPolicySpec.setMustStartWithNonAlpha(false);
+ basePasswordPolicySpec.setMustntEndWithAlpha(false);
+ basePasswordPolicySpec.setMustntEndWithDigit(false);
+ basePasswordPolicySpec.setMustntEndWithNonAlpha(false);
+ basePasswordPolicySpec.setMustntStartWithAlpha(false);
+ basePasswordPolicySpec.setMustntStartWithDigit(false);
+ basePasswordPolicySpec.setMustntStartWithNonAlpha(false);
+ basePasswordPolicySpec.setNonAlphanumericRequired(false);
+ basePasswordPolicySpec.setUppercaseRequired(false);
+ return basePasswordPolicySpec;
+ }
+ @Test
+ public void startEndWithDigit() throws InvalidPasswordPolicySpecException {
PasswordPolicySpec passwordPolicySpec = createBasePasswordPolicySpec();
passwordPolicySpec.setMustStartWithDigit(true);
@@ -95,9 +100,7 @@ public class PasswordGeneratorTest extends AbstractNonDAOTest {
}
@Test
- public void startWithDigitAndWithAlpha()
- throws InvalidPasswordPolicySpecException {
-
+ public void startWithDigitAndWithAlpha() throws InvalidPasswordPolicySpecException {
PasswordPolicySpec passwordPolicySpec = createBasePasswordPolicySpec();
passwordPolicySpec.setMustStartWithDigit(true);
@@ -112,9 +115,7 @@ public class PasswordGeneratorTest extends AbstractNonDAOTest {
}
@Test
- public void passwordWithNonAlpha()
- throws InvalidPasswordPolicySpecException {
-
+ public void passwordWithNonAlpha() throws InvalidPasswordPolicySpecException {
PasswordPolicySpec passwordPolicySpec = createBasePasswordPolicySpec();
passwordPolicySpec.setNonAlphanumericRequired(true);
@@ -129,9 +130,7 @@ public class PasswordGeneratorTest extends AbstractNonDAOTest {
}
@Test(expected = InvalidPasswordPolicySpecException.class)
- public void incopatiblePolicies()
- throws InvalidPasswordPolicySpecException {
-
+ public void incopatiblePolicies() throws InvalidPasswordPolicySpecException {
PasswordPolicySpec passwordPolicySpec = createBasePasswordPolicySpec();
passwordPolicySpec.setMinLength(12);
@@ -144,27 +143,41 @@ public class PasswordGeneratorTest extends AbstractNonDAOTest {
passwordGenerator.generate(passwordPolicySpecs);
}
- private PasswordPolicySpec createBasePasswordPolicySpec() {
- PasswordPolicySpec basePasswordPolicySpec = new PasswordPolicySpec();
- basePasswordPolicySpec.setAlphanumericRequired(false);
- basePasswordPolicySpec.setDigitRequired(false);
- basePasswordPolicySpec.setLowercaseRequired(false);
- basePasswordPolicySpec.setMaxLength(1000);
- basePasswordPolicySpec.setMinLength(8);
- basePasswordPolicySpec.setMustEndWithAlpha(false);
- basePasswordPolicySpec.setMustEndWithDigit(false);
- basePasswordPolicySpec.setMustEndWithNonAlpha(false);
- basePasswordPolicySpec.setMustStartWithAlpha(false);
- basePasswordPolicySpec.setMustStartWithDigit(false);
- basePasswordPolicySpec.setMustStartWithNonAlpha(false);
- basePasswordPolicySpec.setMustntEndWithAlpha(false);
- basePasswordPolicySpec.setMustntEndWithDigit(false);
- basePasswordPolicySpec.setMustntEndWithNonAlpha(false);
- basePasswordPolicySpec.setMustntStartWithAlpha(false);
- basePasswordPolicySpec.setMustntStartWithDigit(false);
- basePasswordPolicySpec.setMustntStartWithNonAlpha(false);
- basePasswordPolicySpec.setNonAlphanumericRequired(false);
- basePasswordPolicySpec.setUppercaseRequired(false);
- return basePasswordPolicySpec;
+ @Test
+ public void issueSYNCOPE226() {
+ SyncopeUser user = userDAO.find(5L);
+ String password = null;
+ try {
+ password = passwordGenerator.generate(user);
+ } catch (InvalidPasswordPolicySpecException e) {
+ fail(e.getMessage());
+ }
+ assertNotNull(password);
+
+ user.setPassword(password, CipherAlgorithm.AES);
+
+ SyncopeUser actual = userDAO.save(user);
+ assertNotNull(actual);
+ }
+
+ @Test
+ public void issueSYNCOPE678() {
+ String password = null;
+ try {
+ password = passwordGenerator.generate(Collections.<PasswordPolicySpec>emptyList());
+ } catch (InvalidPasswordPolicySpecException e) {
+ fail(e.getMessage());
+ }
+ assertNotNull(password);
+
+ PasswordPolicySpec ppSpec = createBasePasswordPolicySpec();
+ ppSpec.setMinLength(0);
+ password = null;
+ try {
+ password = passwordGenerator.generate(Collections.singletonList(ppSpec));
+ } catch (InvalidPasswordPolicySpecException e) {
+ fail(e.getMessage());
+ }
+ assertNotNull(password);
}
}