Refactoring, extract method

eclipse · Sep 29, 2022 · 6afb55b · 6afb55b
1 parent 12260ae
commit 6afb55b
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 27 deletions.
diff --git a/.../org/eclipse/kapua/app/console/module/authentication/server/GwtCredentialServiceImpl.java b/.../org/eclipse/kapua/app/console/module/authentication/server/GwtCredentialServiceImpl.java
@@ -77,7 +77,7 @@ public class GwtCredentialServiceImpl extends KapuaRemoteServiceServlet implemen
     private static final UserService USER_SERVICE = LOCATOR.getService(UserService.class);
     private static final UserFactory USER_FACTORY = LOCATOR.getFactory(UserFactory.class);
 
-    // this should be removed due to the refactoring in update method
+    // this should be removed due to the refactoring in fixPasswordValidationBypass method
     private static final int SYSTEM_MAXIMUM_PASSWORD_LENGTH = 255;
 
     @Override
@@ -176,32 +176,8 @@ public GwtCredential update(GwtXSRFToken gwtXsrfToken, GwtCredential gwtCredenti
         // Checking XSRF token
         checkXSRFToken(gwtXsrfToken);
 
-        // Validate password, this check should be moved to CredentialServiceImpl.
-        // There, this check already exists, but it's useless since it's done on
-        // the encrypted password
-        Credential credential =
-            GwtKapuaAuthenticationModelConverter.convertCredential(gwtCredential);
-        try {
-            // Validate Password length
-            int minPasswordLength = CREDENTIAL_SERVICE.getMinimumPasswordLength(
-                credential.getScopeId());
-            if (gwtCredential.getCredentialKey().length() < minPasswordLength ||
-                gwtCredential.getCredentialKey().length() >
-                    SYSTEM_MAXIMUM_PASSWORD_LENGTH) {
-                throw new PasswordLengthException(
-                    minPasswordLength, SYSTEM_MAXIMUM_PASSWORD_LENGTH);
-            }
-
-            // Validate Password regex
-            ArgumentValidator.match(
-                gwtCredential.getCredentialKey(),
-                CommonsValidationRegex.PASSWORD_REGEXP,
-                "credential.credentialKey"
-            );
+        fixPasswordValidationBypass(gwtCredential);
 
-        } catch (Throwable t) {
-            KapuaExceptionHandler.handle(t);
-        }
         //
         // Do update
         GwtCredential gwtCredentialUpdated = null;
@@ -232,6 +208,43 @@ public GwtCredential update(GwtXSRFToken gwtXsrfToken, GwtCredential gwtCredenti
         return gwtCredentialUpdated;
     }
 
+
+    /**
+     * Validate password, this check should be moved to
+     * CredentialServiceImpl. There, this check already exist,
+     * but it's useless since it's done on the already encrypted password
+     * @param gwtCredential
+     * @throws GwtKapuaException
+     */
+    private void fixPasswordValidationBypass(GwtCredential gwtCredential)
+    throws GwtKapuaException {
+        Credential credential =
+            GwtKapuaAuthenticationModelConverter.convertCredential(
+                gwtCredential);
+        try {
+            // Validate Password length
+            int minPasswordLength = CREDENTIAL_SERVICE.getMinimumPasswordLength(
+                credential.getScopeId());
+            if (gwtCredential.getCredentialKey().length() < minPasswordLength ||
+                gwtCredential.getCredentialKey().length() >
+                    SYSTEM_MAXIMUM_PASSWORD_LENGTH) {
+                throw new PasswordLengthException(
+                    minPasswordLength, SYSTEM_MAXIMUM_PASSWORD_LENGTH);
+            }
+
+            // Validate Password regex
+            ArgumentValidator.match(
+                gwtCredential.getCredentialKey(),
+                CommonsValidationRegex.PASSWORD_REGEXP,
+                "credential.credentialKey"
+            );
+
+        } catch (Throwable t) {
+            KapuaExceptionHandler.handle(t);
+        }
+    }
+
+
     @Override
     public void changePassword(GwtXSRFToken gwtXsrfToken, String oldPassword, final String newPassword, String mfaCode, String stringUserId, String stringScopeId) throws GwtKapuaException {
         String username = null;

diff --git a/...java/org/eclipse/kapua/service/authentication/credential/shiro/CredentialServiceImpl.java b/...java/org/eclipse/kapua/service/authentication/credential/shiro/CredentialServiceImpl.java
@@ -217,7 +217,7 @@ public Credential update(Credential credential)
         ArgumentValidator.notNull(credential.getCredentialType(), "credential.credentialType");
         ArgumentValidator.notEmptyOrNull(credential.getCredentialKey(), "credential.credentialKey");
 
-        // These check are not correct, since they're applied to an already encrypted password
+        // FIXME These check are not correct, since they're applied to an already encrypted password
         if (CredentialType.PASSWORD == credential.getCredentialType()) {
             // Validate Password length
             int minPasswordLength = getMinimumPasswordLength(credential.getScopeId());