diff --git a/server/src/main/java/password/pwm/util/PwmPasswordRuleValidator.java b/server/src/main/java/password/pwm/util/PwmPasswordRuleValidator.java index de4e379bc..1257fdc19 100644 --- a/server/src/main/java/password/pwm/util/PwmPasswordRuleValidator.java +++ b/server/src/main/java/password/pwm/util/PwmPasswordRuleValidator.java @@ -57,7 +57,6 @@ import password.pwm.util.operations.PasswordUtility; import password.pwm.ws.client.rest.RestClientHelper; import java.util.ArrayList; -import java.util.Arrays; import java.util.Collections; import java.util.HashSet; import java.util.LinkedHashMap; @@ -77,28 +76,34 @@ public class PwmPasswordRuleValidator private final PwmApplication pwmApplication; private final PwmPasswordPolicy policy; private final Locale locale; + private final Flag[] flags; + public enum Flag { FailFast, + BypassLdapRuleCheck, } - public PwmPasswordRuleValidator( final PwmApplication pwmApplication, final PwmPasswordPolicy policy ) + public PwmPasswordRuleValidator( final PwmApplication pwmApplication, final PwmPasswordPolicy policy, final Flag... flags ) { this.pwmApplication = pwmApplication; this.policy = policy; this.locale = PwmConstants.DEFAULT_LOCALE; + this.flags = flags; } public PwmPasswordRuleValidator( final PwmApplication pwmApplication, final PwmPasswordPolicy policy, - final Locale locale + final Locale locale, + final Flag... flags ) { this.pwmApplication = pwmApplication; this.policy = policy; this.locale = locale; + this.flags = flags; } public boolean testPassword( @@ -116,7 +121,7 @@ public class PwmPasswordRuleValidator throw new PwmDataValidationException( errorResults.iterator().next() ); } - if ( user != null ) + if ( user != null && !JavaHelper.enumArrayContainsValue( flags, Flag.BypassLdapRuleCheck ) ) { try { @@ -183,26 +188,24 @@ public class PwmPasswordRuleValidator public List internalPwmPolicyValidator( final PasswordData password, final PasswordData oldPassword, - final UserInfo userInfo, - final Flag... flags + final UserInfo userInfo ) throws PwmUnrecoverableException { final String passwordString = password == null ? "" : password.getStringValue(); final String oldPasswordString = oldPassword == null ? null : oldPassword.getStringValue(); - return internalPwmPolicyValidator( passwordString, oldPasswordString, userInfo, flags ); + return internalPwmPolicyValidator( passwordString, oldPasswordString, userInfo ); } @SuppressWarnings( "checkstyle:MethodLength" ) public List internalPwmPolicyValidator( final String passwordString, final String oldPasswordString, - final UserInfo userInfo, - final Flag... flags + final UserInfo userInfo ) throws PwmUnrecoverableException { - final boolean failFast = flags != null && Arrays.asList( flags ).contains( Flag.FailFast ); + final boolean failFast = JavaHelper.enumArrayContainsValue( flags, Flag.FailFast ); // null check if ( passwordString == null ) diff --git a/server/src/main/java/password/pwm/util/RandomPasswordGenerator.java b/server/src/main/java/password/pwm/util/RandomPasswordGenerator.java index 978355b93..cfb0f5589 100644 --- a/server/src/main/java/password/pwm/util/RandomPasswordGenerator.java +++ b/server/src/main/java/password/pwm/util/RandomPasswordGenerator.java @@ -197,7 +197,7 @@ public class RandomPasswordGenerator password.append( generateNewPassword( pwmRandom, seedMachine, effectiveConfig.getMinimumLength() ) ); // read a rule validator - final PwmPasswordRuleValidator pwmPasswordRuleValidator = new PwmPasswordRuleValidator( pwmApplication, randomGenPolicy ); + // modify until it passes all the rules final int maxTryCount = Integer.parseInt( pwmApplication.getConfig().readAppProperty( AppProperty.PASSWORD_RANDOMGEN_MAX_ATTEMPTS ) ); @@ -214,8 +214,9 @@ public class RandomPasswordGenerator password.append( generateNewPassword( pwmRandom, seedMachine, effectiveConfig.getMinimumLength() ) ); } + final PwmPasswordRuleValidator pwmPasswordRuleValidator = new PwmPasswordRuleValidator( pwmApplication, randomGenPolicy, PwmPasswordRuleValidator.Flag.FailFast ); final List errors = pwmPasswordRuleValidator.internalPwmPolicyValidator( - password.toString(), null, null, PwmPasswordRuleValidator.Flag.FailFast ); + password.toString(), null, null ); if ( errors != null && !errors.isEmpty() ) { validPassword = false; @@ -232,6 +233,7 @@ public class RandomPasswordGenerator // report outcome { final TimeDuration td = TimeDuration.fromCurrent( startTime ); + final PwmPasswordRuleValidator pwmPasswordRuleValidator = new PwmPasswordRuleValidator( pwmApplication, randomGenPolicy ); if ( validPassword ) { final int finalTryCount = tryCount; diff --git a/server/src/main/java/password/pwm/util/operations/PasswordUtility.java b/server/src/main/java/password/pwm/util/operations/PasswordUtility.java index b395fed58..2dce94f3a 100644 --- a/server/src/main/java/password/pwm/util/operations/PasswordUtility.java +++ b/server/src/main/java/password/pwm/util/operations/PasswordUtility.java @@ -396,7 +396,8 @@ public class PasswordUtility final PwmPasswordRuleValidator pwmPasswordRuleValidator = new PwmPasswordRuleValidator( pwmApplication, - passwordPolicy + passwordPolicy, + PwmPasswordRuleValidator.Flag.BypassLdapRuleCheck ); pwmPasswordRuleValidator.testPassword( newPassword, null, userInfo, theUser );