@Override public boolean checkEntropy(String password) { if (!accountsSettings.getPasswordRequirements().getMinimalEntropyBits().isPresent()) { return true; } return meter.getStrength(password).getEntropy() >= accountsSettings.getPasswordRequirements().getMinimalEntropyBits().get(); } }
@Override public boolean checkLength(String password) { return password.length() >= accountsSettings.getPasswordRequirements().getMinimalLength(); }
@Override public void resetPassword(String resetKey, String password) throws NoSuchPasswordResetKeyException, PasswordDoesNotMeetRequirementsException { Preconditions.checkNotNull(resetKey); Preconditions.checkNotNull(password); User user = this.userStore.get().findUserByPasswordResetRequest(resetKey); if (user == null) { throw new NoSuchPasswordResetKeyException(); } AccountsSettings settings = getSettings(); if (password.length() < settings.getPasswordRequirements().getMinimalLength()) { throw new PasswordDoesNotMeetRequirementsException("Provided password does not meet requirements"); } this.userStore.get().updatePassword(user, passwordManager.hashPassword(password)); this.userStore.get().deletePasswordResetRequest(resetKey); }
private void create(User user, Role initialRole, Map<String, Object> additionalContext) throws InvalidEntityException, EntityAlreadyExistsException, PasswordDoesNotMeetRequirementsException { AccountsSettings settings = getSettings(); Boolean validationIsRequired = settings.getUserValidation().getValue(); if (user.getPassword().length() < settings.getPasswordRequirements().getMinimalLength()) { throw new PasswordDoesNotMeetRequirementsException("Provided password does not meet requirements"); } if (validationIsRequired) { if (context.getTenant() != null) { throw new RuntimeException("Validation is not supported for local users"); } user.setActive(false); user.setValidationKey(generateSecret()); } else { user.setActive(true); } user.setPassword(this.passwordManager.hashPassword(user.getPassword())); final User createdUser = this.userStore.get().create(user, initialRole); if (validationIsRequired) { sendValidationMail(createdUser, settings, additionalContext); } }