@Override public boolean isRuleApplicable( CredentialsInfo credentialsInfo ) { UserCredentials userCredentials = userService.getUserCredentialsByUsername( credentialsInfo.getUsername() ); if ( !userService.credentialsNonExpired( userCredentials ) ) { return true; } return ( credentialsInfo.isNewUser() || !currentUserService.getCurrentUsername().equals( credentialsInfo.getUsername() ) ) ? false : true; } }
@Override public PasswordValidationResult validate( CredentialsInfo credentialsInfo ) { boolean match; UserCredentials userCredentials = userService.getUserCredentialsByUsername( credentialsInfo.getUsername() ); List<String> previousPasswords = userCredentials.getPreviousPasswords(); for ( String encodedPassword : previousPasswords ) { match = passwordEncoder.matches( credentialsInfo.getPassword(), encodedPassword ); if ( match ) { return new PasswordValidationResult( String.format( "Password must not be one of the previous %d passwords", HISTORY_LIMIT ), "password_history_validation", false ); } } if ( previousPasswords.size() == HISTORY_LIMIT ) { userCredentials.getPreviousPasswords().remove( 0 ); userService.updateUserCredentials( userCredentials ); } return new PasswordValidationResult( true ); }
@Override public PasswordValidationResult validate( CredentialsInfo credentialsInfo ) { String email = credentialsInfo.getEmail(); String password = credentialsInfo.getPassword(); String username = credentialsInfo.getUsername(); if ( StringUtils.containsIgnoreCase( password, StringUtils.defaultIfEmpty( username, null ) ) || StringUtils.containsIgnoreCase( password, StringUtils.defaultIfEmpty( email, null ) ) ) { return new PasswordValidationResult( "Username/Email must not be a part of password", "password_username_validation", false ); } return new PasswordValidationResult( true ); } }