syncope-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ilgro...@apache.org
Subject [1/3] syncope git commit: [SYNCOPE-678] Default values for min / max provided
Date Mon, 13 Jul 2015 09:17:38 GMT
Repository: syncope
Updated Branches:
  refs/heads/1_2_X 22c91a794 -> 73d0975b0
  refs/heads/master aac331491 -> f45f2d9bf


[SYNCOPE-678] Default values for min / max provided


Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/73d0975b
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/73d0975b
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/73d0975b

Branch: refs/heads/1_2_X
Commit: 73d0975b015308a673767cb5aa890782a75afde5
Parents: 22c91a7
Author: Francesco Chicchiriccò <ilgrosso@apache.org>
Authored: Mon Jul 13 10:47:41 2015 +0200
Committer: Francesco Chicchiriccò <ilgrosso@apache.org>
Committed: Mon Jul 13 10:47:41 2015 +0200

----------------------------------------------------------------------
 .../syncope/core/connid/PasswordGenerator.java  |  19 ++-
 .../core/connid/PasswordGeneratorTest.java      | 121 ++++++++++---------
 2 files changed, 81 insertions(+), 59 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/syncope/blob/73d0975b/core/src/main/java/org/apache/syncope/core/connid/PasswordGenerator.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/syncope/core/connid/PasswordGenerator.java b/core/src/main/java/org/apache/syncope/core/connid/PasswordGenerator.java
index e92c851..108dcb3 100644
--- a/core/src/main/java/org/apache/syncope/core/connid/PasswordGenerator.java
+++ b/core/src/main/java/org/apache/syncope/core/connid/PasswordGenerator.java
@@ -36,6 +36,7 @@ import org.springframework.stereotype.Component;
 
 /**
  * Generate random passwords according to given policies.
+ * When no minimum and / or maximum length are specified, default values are set.
  *
  * @see PasswordPolicy
  */
@@ -44,6 +45,12 @@ public class PasswordGenerator {
 
     private static final char[] SPECIAL_CHARS = { '!', '£', '%', '&', '(', ')', '?',
'#', '$' };
 
+    private static final int VERY_MIN_LENGTH = 0;
+
+    private static final int VERY_MAX_LENGTH = 64;
+
+    private static final int MIN_LENGTH_IF_ZERO = 6;
+
     @Autowired
     private PolicyDAO policyDAO;
 
@@ -90,8 +97,8 @@ public class PasswordGenerator {
 
     private PasswordPolicySpec merge(final List<PasswordPolicySpec> ppSpecs) {
         PasswordPolicySpec fpps = new PasswordPolicySpec();
-        fpps.setMinLength(0);
-        fpps.setMaxLength(1000);
+        fpps.setMinLength(VERY_MIN_LENGTH);
+        fpps.setMaxLength(VERY_MAX_LENGTH);
 
         for (PasswordPolicySpec policySpec : ppSpecs) {
             if (policySpec.getMinLength() > fpps.getMinLength()) {
@@ -158,15 +165,17 @@ public class PasswordGenerator {
                 fpps.setMustntEndWithAlpha(policySpec.isMustntEndWithAlpha());
             }
         }
+
+        if (fpps.getMinLength() == 0) {
+            fpps.setMinLength(fpps.getMaxLength() < MIN_LENGTH_IF_ZERO ? fpps.getMaxLength()
: MIN_LENGTH_IF_ZERO);
+        }
+
         return fpps;
     }
 
     private void check(final PasswordPolicySpec policySpec)
             throws InvalidPasswordPolicySpecException {
 
-        if (policySpec.getMinLength() == 0) {
-            throw new InvalidPasswordPolicySpecException("Minimum length is zero");
-        }
         if (policySpec.isMustEndWithAlpha() && policySpec.isMustntEndWithAlpha())
{
             throw new InvalidPasswordPolicySpecException(
                     "mustEndWithAlpha and mustntEndWithAlpha are both true");

http://git-wip-us.apache.org/repos/asf/syncope/blob/73d0975b/core/src/test/java/org/apache/syncope/core/connid/PasswordGeneratorTest.java
----------------------------------------------------------------------
diff --git a/core/src/test/java/org/apache/syncope/core/connid/PasswordGeneratorTest.java
b/core/src/test/java/org/apache/syncope/core/connid/PasswordGeneratorTest.java
index 419c59f..54fb4d6 100644
--- a/core/src/test/java/org/apache/syncope/core/connid/PasswordGeneratorTest.java
+++ b/core/src/test/java/org/apache/syncope/core/connid/PasswordGeneratorTest.java
@@ -23,6 +23,7 @@ import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.List;
 import org.apache.syncope.common.types.CipherAlgorithm;
 import org.apache.syncope.common.types.PasswordPolicySpec;
@@ -45,9 +46,9 @@ public class PasswordGeneratorTest extends AbstractNonDAOTest {
     private UserDAO userDAO;
 
     @Test
-    public void issueSYNCOPE226() {
+    public void forUser() {
         SyncopeUser user = userDAO.find(5L);
-        String password = "";
+        String password = null;
         try {
             password = passwordGenerator.generate(user);
         } catch (InvalidPasswordPolicySpecException ex) {
@@ -55,32 +56,36 @@ public class PasswordGeneratorTest extends AbstractNonDAOTest {
         }
         assertNotNull(password);
 
-        user.setPassword(password, CipherAlgorithm.AES);
-
-        SyncopeUser actual = userDAO.save(user);
-        assertNotNull(actual);
-    }
-
-    @Test
-    public void testPasswordGenerator() {
-        SyncopeUser user = userDAO.find(5L);
-
-        String password = "";
-        try {
-            password = passwordGenerator.generate(user);
-
-        } catch (InvalidPasswordPolicySpecException ex) {
-            fail(ex.getMessage());
-        }
-        assertNotNull(password);
         user.setPassword(password, CipherAlgorithm.SHA);
         userDAO.save(user);
     }
 
-    @Test
-    public void startEndWithDigit()
-            throws InvalidPasswordPolicySpecException {
+    private PasswordPolicySpec createBasePasswordPolicySpec() {
+        PasswordPolicySpec basePasswordPolicySpec = new PasswordPolicySpec();
+        basePasswordPolicySpec.setAlphanumericRequired(false);
+        basePasswordPolicySpec.setDigitRequired(false);
+        basePasswordPolicySpec.setLowercaseRequired(false);
+        basePasswordPolicySpec.setMaxLength(1000);
+        basePasswordPolicySpec.setMinLength(8);
+        basePasswordPolicySpec.setMustEndWithAlpha(false);
+        basePasswordPolicySpec.setMustEndWithDigit(false);
+        basePasswordPolicySpec.setMustEndWithNonAlpha(false);
+        basePasswordPolicySpec.setMustStartWithAlpha(false);
+        basePasswordPolicySpec.setMustStartWithDigit(false);
+        basePasswordPolicySpec.setMustStartWithNonAlpha(false);
+        basePasswordPolicySpec.setMustntEndWithAlpha(false);
+        basePasswordPolicySpec.setMustntEndWithDigit(false);
+        basePasswordPolicySpec.setMustntEndWithNonAlpha(false);
+        basePasswordPolicySpec.setMustntStartWithAlpha(false);
+        basePasswordPolicySpec.setMustntStartWithDigit(false);
+        basePasswordPolicySpec.setMustntStartWithNonAlpha(false);
+        basePasswordPolicySpec.setNonAlphanumericRequired(false);
+        basePasswordPolicySpec.setUppercaseRequired(false);
+        return basePasswordPolicySpec;
+    }
 
+    @Test
+    public void startEndWithDigit() throws InvalidPasswordPolicySpecException {
         PasswordPolicySpec passwordPolicySpec = createBasePasswordPolicySpec();
         passwordPolicySpec.setMustStartWithDigit(true);
 
@@ -95,9 +100,7 @@ public class PasswordGeneratorTest extends AbstractNonDAOTest {
     }
 
     @Test
-    public void startWithDigitAndWithAlpha()
-            throws InvalidPasswordPolicySpecException {
-
+    public void startWithDigitAndWithAlpha() throws InvalidPasswordPolicySpecException {
         PasswordPolicySpec passwordPolicySpec = createBasePasswordPolicySpec();
         passwordPolicySpec.setMustStartWithDigit(true);
 
@@ -112,9 +115,7 @@ public class PasswordGeneratorTest extends AbstractNonDAOTest {
     }
 
     @Test
-    public void passwordWithNonAlpha()
-            throws InvalidPasswordPolicySpecException {
-
+    public void passwordWithNonAlpha() throws InvalidPasswordPolicySpecException {
         PasswordPolicySpec passwordPolicySpec = createBasePasswordPolicySpec();
         passwordPolicySpec.setNonAlphanumericRequired(true);
 
@@ -129,9 +130,7 @@ public class PasswordGeneratorTest extends AbstractNonDAOTest {
     }
 
     @Test(expected = InvalidPasswordPolicySpecException.class)
-    public void incopatiblePolicies()
-            throws InvalidPasswordPolicySpecException {
-
+    public void incopatiblePolicies() throws InvalidPasswordPolicySpecException {
         PasswordPolicySpec passwordPolicySpec = createBasePasswordPolicySpec();
         passwordPolicySpec.setMinLength(12);
 
@@ -144,27 +143,41 @@ public class PasswordGeneratorTest extends AbstractNonDAOTest {
         passwordGenerator.generate(passwordPolicySpecs);
     }
 
-    private PasswordPolicySpec createBasePasswordPolicySpec() {
-        PasswordPolicySpec basePasswordPolicySpec = new PasswordPolicySpec();
-        basePasswordPolicySpec.setAlphanumericRequired(false);
-        basePasswordPolicySpec.setDigitRequired(false);
-        basePasswordPolicySpec.setLowercaseRequired(false);
-        basePasswordPolicySpec.setMaxLength(1000);
-        basePasswordPolicySpec.setMinLength(8);
-        basePasswordPolicySpec.setMustEndWithAlpha(false);
-        basePasswordPolicySpec.setMustEndWithDigit(false);
-        basePasswordPolicySpec.setMustEndWithNonAlpha(false);
-        basePasswordPolicySpec.setMustStartWithAlpha(false);
-        basePasswordPolicySpec.setMustStartWithDigit(false);
-        basePasswordPolicySpec.setMustStartWithNonAlpha(false);
-        basePasswordPolicySpec.setMustntEndWithAlpha(false);
-        basePasswordPolicySpec.setMustntEndWithDigit(false);
-        basePasswordPolicySpec.setMustntEndWithNonAlpha(false);
-        basePasswordPolicySpec.setMustntStartWithAlpha(false);
-        basePasswordPolicySpec.setMustntStartWithDigit(false);
-        basePasswordPolicySpec.setMustntStartWithNonAlpha(false);
-        basePasswordPolicySpec.setNonAlphanumericRequired(false);
-        basePasswordPolicySpec.setUppercaseRequired(false);
-        return basePasswordPolicySpec;
+    @Test
+    public void issueSYNCOPE226() {
+        SyncopeUser user = userDAO.find(5L);
+        String password = null;
+        try {
+            password = passwordGenerator.generate(user);
+        } catch (InvalidPasswordPolicySpecException e) {
+            fail(e.getMessage());
+        }
+        assertNotNull(password);
+
+        user.setPassword(password, CipherAlgorithm.AES);
+
+        SyncopeUser actual = userDAO.save(user);
+        assertNotNull(actual);
+    }
+
+    @Test
+    public void issueSYNCOPE678() {
+        String password = null;
+        try {
+            password = passwordGenerator.generate(Collections.<PasswordPolicySpec>emptyList());
+        } catch (InvalidPasswordPolicySpecException e) {
+            fail(e.getMessage());
+        }
+        assertNotNull(password);
+
+        PasswordPolicySpec ppSpec = createBasePasswordPolicySpec();
+        ppSpec.setMinLength(0);
+        password = null;
+        try {
+            password = passwordGenerator.generate(Collections.singletonList(ppSpec));
+        } catch (InvalidPasswordPolicySpecException e) {
+            fail(e.getMessage());
+        }
+        assertNotNull(password);
     }
 }


Mime
View raw message