Code improvement

eclipse · Mar 6, 2023 · 7e380c0 · 7e380c0
1 parent 0f13035
commit 7e380c0
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 37 deletions.
diff --git a/.../src/main/java/org/eclipse/kapua/service/authentication/credential/CredentialService.java b/.../src/main/java/org/eclipse/kapua/service/authentication/credential/CredentialService.java
@@ -56,8 +56,7 @@ CredentialListResult findByUserId(KapuaId scopeId, KapuaId userId)
      * @param query
      */
     @Override
-    CredentialListResult query(KapuaQuery query)
-            throws KapuaException;
+    CredentialListResult query(KapuaQuery query) throws KapuaException;
 
     /**
      * Unlocks a {@link Credential}
@@ -76,4 +75,14 @@ CredentialListResult query(KapuaQuery query)
      * @throws KapuaException   When something goes wrong
      */
     int getMinimumPasswordLength(KapuaId scopeId) throws KapuaException;
+
+
+    /**
+     * Check if the provided password meets all the password's requirements. Return exception if requirements not fulfilled.
+     *
+     * @param scopeId:          The scope ID in which to perform the check
+     * @param plainPassword:    Password to check requirement for
+     * @throws KapuaException   When something goes wrong
+     */
+    void validatePassword(KapuaId scopeId, String plainPassword) throws KapuaException;
 }
diff --git a/...java/org/eclipse/kapua/service/authentication/credential/shiro/CredentialServiceImpl.java b/...java/org/eclipse/kapua/service/authentication/credential/shiro/CredentialServiceImpl.java
@@ -115,16 +115,11 @@ public Credential create(CredentialCreator credentialCreator)
                 }
             }
 
-            // Validate Password length
-            int minPasswordLength = getMinimumPasswordLength(credentialCreator.getScopeId());
-            if (credentialCreator.getCredentialPlainKey().length() < minPasswordLength ||
-                    credentialCreator.getCredentialPlainKey().length() > SYSTEM_MAXIMUM_PASSWORD_LENGTH) {
-                throw new PasswordLengthException(minPasswordLength, SYSTEM_MAXIMUM_PASSWORD_LENGTH);
+            try {
+                validatePassword(credentialCreator.getScopeId(), credentialCreator.getCredentialPlainKey());
+            } catch (KapuaIllegalArgumentException ignored) {
+                throw new KapuaIllegalArgumentException("credentialCreator.credentialKey", credentialCreator.getCredentialPlainKey());
             }
-
-            //
-            // Validate Password regex
-            ArgumentValidator.match(credentialCreator.getCredentialPlainKey(), CommonsValidationRegex.PASSWORD_REGEXP, "credentialCreator.credentialKey");
         }
 
         //
@@ -520,4 +515,22 @@ private void deleteCredentialByAccountId(KapuaId scopeId, KapuaId accountId) thr
         }
     }
 
+
+    @Override
+    public void validatePassword(KapuaId scopeId, String plainPassword) throws KapuaException {
+        //
+        // Argument Validation
+        ArgumentValidator.notNull(scopeId, "scopeId");
+        ArgumentValidator.notEmptyOrNull(plainPassword, "plainPassword");
+
+        // Validate Password length
+        int minPasswordLength = getMinimumPasswordLength(scopeId);
+        if (plainPassword.length() < minPasswordLength || plainPassword.length() > SYSTEM_MAXIMUM_PASSWORD_LENGTH) {
+            throw new PasswordLengthException(minPasswordLength, SYSTEM_MAXIMUM_PASSWORD_LENGTH);
+        }
+
+        //
+        // Validate Password regex
+        ArgumentValidator.match(plainPassword, CommonsValidationRegex.PASSWORD_REGEXP, "plainPassword");
+    }
 }
diff --git a/.../java/org/eclipse/kapua/service/authentication/user/shiro/UserCredentialsServiceImpl.java b/.../java/org/eclipse/kapua/service/authentication/user/shiro/UserCredentialsServiceImpl.java
@@ -18,7 +18,6 @@
 import org.eclipse.kapua.commons.jpa.EntityManager;
 import org.eclipse.kapua.commons.security.KapuaSecurityUtils;
 import org.eclipse.kapua.commons.util.ArgumentValidator;
-import org.eclipse.kapua.commons.util.CommonsValidationRegex;
 import org.eclipse.kapua.commons.util.KapuaExceptionUtils;
 import org.eclipse.kapua.locator.KapuaLocator;
 import org.eclipse.kapua.locator.KapuaProvider;
@@ -37,7 +36,6 @@
 import org.eclipse.kapua.service.authentication.credential.CredentialType;
 import org.eclipse.kapua.service.authentication.credential.shiro.CredentialDAO;
 import org.eclipse.kapua.service.authentication.exception.KapuaAuthenticationException;
-import org.eclipse.kapua.service.authentication.exception.PasswordLengthException;
 import org.eclipse.kapua.service.authentication.shiro.AuthenticationEntityManagerFactory;
 import org.eclipse.kapua.service.authentication.shiro.utils.AuthenticationUtils;
 import org.eclipse.kapua.service.authentication.shiro.utils.CryptAlgorithm;
@@ -56,7 +54,6 @@
  */
 @KapuaProvider
 public class UserCredentialsServiceImpl implements UserCredentialsService {
-    private static final int SYSTEM_MAXIMUM_PASSWORD_LENGTH = 255;
     private final KapuaLocator locator = KapuaLocator.getInstance();
     private final CredentialService credentialService = locator.getService(CredentialService.class);
 
@@ -87,17 +84,14 @@ public Credential changePasswordRequest(PasswordChangeRequest passwordChangeRequ
                     .findAny()
                     .orElseThrow(() -> new IllegalStateException("User does not have any credential of type password"));
 
-            // Validate Password length
-            int minPasswordLength = credentialService.getMinimumPasswordLength(passwordCredential.getScopeId());
-            if (passwordChangeRequest.getNewPassword().length() < minPasswordLength || passwordChangeRequest.getNewPassword().length() > SYSTEM_MAXIMUM_PASSWORD_LENGTH) {
-                throw new PasswordLengthException(minPasswordLength, SYSTEM_MAXIMUM_PASSWORD_LENGTH);
+            String plainNewPassword = passwordChangeRequest.getNewPassword();
+            try {
+                credentialService.validatePassword(KapuaSecurityUtils.getSession().getScopeId(), plainNewPassword);
+            } catch (KapuaIllegalArgumentException ignored) {
+                throw new KapuaIllegalArgumentException("passwordChangeRequest.newPassword", plainNewPassword);
             }
 
-            //
-            // Validate Password regex
-            ArgumentValidator.match(passwordChangeRequest.getNewPassword(), CommonsValidationRegex.PASSWORD_REGEXP, "passwordChangeRequest.newPassword");
-
-            String encryptedPass = AuthenticationUtils.cryptCredential(CryptAlgorithm.BCRYPT, passwordChangeRequest.getNewPassword());
+            String encryptedPass = AuthenticationUtils.cryptCredential(CryptAlgorithm.BCRYPT, plainNewPassword);
             passwordCredential.setCredentialKey(encryptedPass);
 
             return credentialService.update(passwordCredential);
@@ -107,15 +101,10 @@ public Credential changePasswordRequest(PasswordChangeRequest passwordChangeRequ
 
     @Override
     public Credential resetPassword(KapuaId scopeId, KapuaId credentialId, PasswordResetRequest passwordResetRequest) throws KapuaException {
-        Credential credential = credentialService.find(scopeId, credentialId);
-        if (credential == null) {
-            throw new KapuaEntityNotFoundException(Credential.TYPE, credentialId);
-        }
-
         //
         // Argument Validation
         ArgumentValidator.notNull(scopeId, "scopeId");
-        ArgumentValidator.notNull(credentialId, "credential.id");
+        ArgumentValidator.notNull(credentialId, "credentialId");
         ArgumentValidator.notNull(passwordResetRequest.getNewPassword(), "passwordResetRequest.newPassword");
 
         //
@@ -124,16 +113,17 @@ public Credential resetPassword(KapuaId scopeId, KapuaId credentialId, PasswordR
         PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
         authorizationService.checkPermission(permissionFactory.newPermission(AuthenticationDomains.CREDENTIAL_DOMAIN, Actions.write, scopeId));
 
-        // Validate Password length
-        String plainNewPassword = passwordResetRequest.getNewPassword();
-        int minPasswordLength = credentialService.getMinimumPasswordLength(credential.getScopeId());
-        if (plainNewPassword.length() < minPasswordLength || plainNewPassword.length() > SYSTEM_MAXIMUM_PASSWORD_LENGTH) {
-            throw new PasswordLengthException(minPasswordLength, SYSTEM_MAXIMUM_PASSWORD_LENGTH);
+        Credential credential = credentialService.find(scopeId, credentialId);
+        if (credential == null) {
+            throw new KapuaEntityNotFoundException(Credential.TYPE, credentialId);
         }
 
-        //
-        // Validate Password regex
-        ArgumentValidator.match(plainNewPassword, CommonsValidationRegex.PASSWORD_REGEXP, "passwordResetRequest.newPassword");
+        String plainNewPassword = passwordResetRequest.getNewPassword();
+        try {
+            credentialService.validatePassword(credential.getScopeId(), plainNewPassword);
+        } catch (KapuaIllegalArgumentException ignored) {
+            throw new KapuaIllegalArgumentException("passwordResetRequest.newPassword", plainNewPassword);
+        }
 
         CredentialFactory credentialFactory = locator.getFactory(CredentialFactory.class);
         CredentialCreator credentialCreator = credentialFactory.newCreator(scopeId,