PasswordPolicyMessageResolver

PasswordPolicyMessageResolver

maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java

@@ -41,6 +41,7 @@ import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.MessageSource;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Primary;
@@ -130,8 +131,8 @@ public class ApplicationAutoConfiguration  implements InitializingBean {
     }
     
     @Bean(name = "passwordPolicyValidator")
-    public PasswordPolicyValidator passwordPolicyValidator(JdbcTemplate jdbcTemplate) {
-        return new PasswordPolicyValidator(jdbcTemplate);
+    public PasswordPolicyValidator passwordPolicyValidator(JdbcTemplate jdbcTemplate,MessageSource messageSource) {
+        return new PasswordPolicyValidator(jdbcTemplate,messageSource);
     }
     
     @Bean(name = "loginService")

maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyMessageResolver.java

@@ -0,0 +1,55 @@
+package org.maxkey.persistence.db;
+
+import java.util.Locale;
+
+import org.passay.MessageResolver;
+import org.passay.PropertiesMessageResolver;
+import org.passay.RuleResultDetail;
+import org.springframework.context.MessageSource;
+import org.springframework.context.NoSuchMessageException;
+import org.springframework.context.support.MessageSourceAccessor;
+
+
+public class PasswordPolicyMessageResolver  implements MessageResolver{
+
+    /** A accessor for Spring's {@link MessageSource} */
+    private final MessageSourceAccessor messageSourceAccessor;
+
+    /** The {@link MessageResolver} for fallback */
+    private final MessageResolver fallbackMessageResolver = new PropertiesMessageResolver();
+
+    /**
+     * Create a new instance with the locale associated with the current thread.
+     * @param messageSource a message source managed by spring
+     */
+    public PasswordPolicyMessageResolver(final MessageSource messageSource)
+    {
+      this.messageSourceAccessor = new MessageSourceAccessor(messageSource);
+    }
+
+    /**
+     * Create a new instance with the specified locale.
+     * @param messageSource a message source managed by spring
+     * @param locale the locale to use for message access
+     */
+    public PasswordPolicyMessageResolver(final MessageSource messageSource, final Locale locale)
+    {
+      this.messageSourceAccessor = new MessageSourceAccessor(messageSource, locale);
+    }
+
+    /**
+     * Resolves the message for the supplied rule result detail using Spring's {@link MessageSource}.
+     * (If the message can't retrieve from a {@link MessageSource}, return default message provided by passay)
+     * @param detail rule result detail
+     * @return message for the detail error code
+     */
+    @Override
+    public String resolve(final RuleResultDetail detail)
+    {
+      try {
+        return this.messageSourceAccessor.getMessage(detail.getErrorCode().toLowerCase(), detail.getValues());
+      } catch (NoSuchMessageException e) {
+        return this.fallbackMessageResolver.resolve(detail);
+      }
+    }
+}

maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java

@@ -34,6 +34,7 @@ import org.passay.dictionary.Dictionary;
 import org.passay.dictionary.DictionaryBuilder;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.context.MessageSource;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.authentication.BadCredentialsException;
@@ -58,6 +59,8 @@ public class PasswordPolicyValidator {
     
     protected JdbcTemplate jdbcTemplate;
     
+    MessageSource messageSource;
+    
     private static final String PASSWORD_POLICY_KEY = "PASSWORD_POLICY_KEY";
     private static final String LOCK_USER_UPDATE_STATEMENT = "UPDATE MXK_USERINFO SET ISLOCKED = ?  , UNLOCKTIME = ? WHERE ID = ?";
 
@@ -72,7 +75,8 @@ public class PasswordPolicyValidator {
     public PasswordPolicyValidator() {
     }
     
-    public PasswordPolicyValidator(JdbcTemplate jdbcTemplate) {
+    public PasswordPolicyValidator(JdbcTemplate jdbcTemplate,MessageSource messageSource) {
+        this.messageSource=messageSource;
         this.jdbcTemplate = jdbcTemplate;
     }
     
@@ -138,8 +142,9 @@ public class PasswordPolicyValidator {
        }
        
        getPasswordPolicy();
-       
-       PasswordValidator validator = new PasswordValidator(passwordPolicyRuleList);
+
+       PasswordValidator validator = new PasswordValidator(
+               new PasswordPolicyMessageResolver(messageSource),passwordPolicyRuleList);
        
        RuleResult result = validator.validate(new PasswordData(username,password));
        

maxkey-web-maxkey/src/main/resources/messages/message.properties

@@ -257,4 +257,35 @@ navs.myprofile=\u6211\u7684\u8D44\u6599
 navs.audit=\u5BA1\u8BA1
 navs.audit.login=\u767B\u5F55\u65E5\u5FD7
 navs.audit.signon=\u8BBF\u95EE\u65E5\u5FD7
-navs.audit.operation=\u64CD\u4F5C\u65E5\u5FD7
+navs.audit.operation=\u64CD\u4F5C\u65E5\u5FD7
+
+#password
+HISTORY_VIOLATION=Password matches one of %1$s previous passwords.
+ILLEGAL_WORD=Password contains the dictionary word '%1$s'.
+ILLEGAL_WORD_REVERSED=Password contains the reversed dictionary word '%1$s'.
+ILLEGAL_DIGEST_WORD=Password contains a dictionary word.
+ILLEGAL_DIGEST_WORD_REVERSED=Password contains a reversed dictionary word.
+ILLEGAL_MATCH=Password matches the illegal pattern '%1$s'.
+ALLOWED_MATCH=Password must match pattern '%1$s'.
+ILLEGAL_CHAR=Password %2$s the illegal character '%1$s'.
+ALLOWED_CHAR=Password %2$s the illegal character '%1$s'.
+ILLEGAL_QWERTY_SEQUENCE=Password contains the illegal QWERTY sequence '%1$s'.
+ILLEGAL_ALPHABETICAL_SEQUENCE=Password contains the illegal alphabetical sequence '%1$s'.
+ILLEGAL_NUMERICAL_SEQUENCE=Password contains the illegal numerical sequence '%1$s'.
+ILLEGAL_USERNAME=Password %2$s the user id '%1$s'.
+ILLEGAL_USERNAME_REVERSED=Password %2$s the user id '%1$s' in reverse.
+ILLEGAL_WHITESPACE=Password %2$s a whitespace character.
+ILLEGAL_NUMBER_RANGE=Password %2$s the number '%1$s'.
+ILLEGAL_REPEATED_CHARS=Password contains %3$s sequences of %1$s or more repeated characters, but only %2$s allowed: %4$s.
+INSUFFICIENT_UPPERCASE=Password must contain %1$s or more uppercase characters.
+INSUFFICIENT_LOWERCASE=Password must contain %1$s or more lowercase characters.
+INSUFFICIENT_ALPHABETICAL=Password must contain %1$s or more alphabetical characters.
+INSUFFICIENT_DIGIT=Password must contain %1$s or more digit characters.
+INSUFFICIENT_SPECIAL=Password must contain %1$s or more special characters.
+INSUFFICIENT_CHARACTERISTICS=Password matches %1$s of %3$s character rules, but %2$s are required.
+INSUFFICIENT_COMPLEXITY=Password meets %2$s complexity rules, but %3$s are required.
+INSUFFICIENT_COMPLEXITY_RULES=No rules have been configured for a password of length %1$s.
+SOURCE_VIOLATION=Password cannot be the same as your %1$s password.
+TOO_LONG=Password must be no more than %2$s characters in length.
+TOO_SHORT=Password must be %1$s or more characters in length \u592A\u77ED.
+TOO_MANY_OCCURRENCES=Password contains %2$s occurrences of the character '%1$s', but at most %3$s are allowed.

maxkey-web-maxkey/src/main/resources/messages/message_en.properties

@@ -261,4 +261,33 @@ navs.audit.login=Login
 navs.audit.signon=Sign-on
 navs.audit.operation=Operation
 
-
+#password
+HISTORY_VIOLATION=Password matches one of %1$s previous passwords.
+ILLEGAL_WORD=Password contains the dictionary word '%1$s'.
+ILLEGAL_WORD_REVERSED=Password contains the reversed dictionary word '%1$s'.
+ILLEGAL_DIGEST_WORD=Password contains a dictionary word.
+ILLEGAL_DIGEST_WORD_REVERSED=Password contains a reversed dictionary word.
+ILLEGAL_MATCH=Password matches the illegal pattern '%1$s'.
+ALLOWED_MATCH=Password must match pattern '%1$s'.
+ILLEGAL_CHAR=Password %2$s the illegal character '%1$s'.
+ALLOWED_CHAR=Password %2$s the illegal character '%1$s'.
+ILLEGAL_QWERTY_SEQUENCE=Password contains the illegal QWERTY sequence '%1$s'.
+ILLEGAL_ALPHABETICAL_SEQUENCE=Password contains the illegal alphabetical sequence '%1$s'.
+ILLEGAL_NUMERICAL_SEQUENCE=Password contains the illegal numerical sequence '%1$s'.
+ILLEGAL_USERNAME=Password %2$s the user id '%1$s'.
+ILLEGAL_USERNAME_REVERSED=Password %2$s the user id '%1$s' in reverse.
+ILLEGAL_WHITESPACE=Password %2$s a whitespace character.
+ILLEGAL_NUMBER_RANGE=Password %2$s the number '%1$s'.
+ILLEGAL_REPEATED_CHARS=Password contains %3$s sequences of %1$s or more repeated characters, but only %2$s allowed: %4$s.
+INSUFFICIENT_UPPERCASE=Password must contain %1$s or more uppercase characters.
+INSUFFICIENT_LOWERCASE=Password must contain %1$s or more lowercase characters.
+INSUFFICIENT_ALPHABETICAL=Password must contain %1$s or more alphabetical characters.
+INSUFFICIENT_DIGIT=Password must contain %1$s or more digit characters.
+INSUFFICIENT_SPECIAL=Password must contain %1$s or more special characters.
+INSUFFICIENT_CHARACTERISTICS=Password matches %1$s of %3$s character rules, but %2$s are required.
+INSUFFICIENT_COMPLEXITY=Password meets %2$s complexity rules, but %3$s are required.
+INSUFFICIENT_COMPLEXITY_RULES=No rules have been configured for a password of length %1$s.
+SOURCE_VIOLATION=Password cannot be the same as your %1$s password.
+TOO_LONG=Password must be no more than %2$s characters in length.
+TOO_SHORT=Password must be %1$s or more characters in length.
+TOO_MANY_OCCURRENCES=Password contains %2$s occurrences of the character '%1$s', but at most %3$s are allowed.

maxkey-web-maxkey/src/main/resources/messages/message_zh_CN.properties

@@ -257,4 +257,35 @@ navs.myprofile=\u6211\u7684\u8D44\u6599
 navs.audit=\u5BA1\u8BA1
 navs.audit.login=\u767B\u5F55\u65E5\u5FD7
 navs.audit.signon=\u8BBF\u95EE\u65E5\u5FD7
-navs.audit.operation=\u64CD\u4F5C\u65E5\u5FD7
+navs.audit.operation=\u64CD\u4F5C\u65E5\u5FD7
+
+#password
+HISTORY_VIOLATION=Password matches one of %1$s previous passwords.
+ILLEGAL_WORD=Password contains the dictionary word '%1$s'.
+ILLEGAL_WORD_REVERSED=Password contains the reversed dictionary word '%1$s'.
+ILLEGAL_DIGEST_WORD=Password contains a dictionary word.
+ILLEGAL_DIGEST_WORD_REVERSED=Password contains a reversed dictionary word.
+ILLEGAL_MATCH=Password matches the illegal pattern '%1$s'.
+ALLOWED_MATCH=Password must match pattern '%1$s'.
+ILLEGAL_CHAR=Password %2$s the illegal character '%1$s'.
+ALLOWED_CHAR=Password %2$s the illegal character '%1$s'.
+ILLEGAL_QWERTY_SEQUENCE=Password contains the illegal QWERTY sequence '%1$s'.
+ILLEGAL_ALPHABETICAL_SEQUENCE=Password contains the illegal alphabetical sequence '%1$s'.
+ILLEGAL_NUMERICAL_SEQUENCE=Password contains the illegal numerical sequence '%1$s'.
+ILLEGAL_USERNAME=Password %2$s the user id '%1$s'.
+ILLEGAL_USERNAME_REVERSED=Password %2$s the user id '%1$s' in reverse.
+ILLEGAL_WHITESPACE=Password %2$s a whitespace character.
+ILLEGAL_NUMBER_RANGE=Password %2$s the number '%1$s'.
+ILLEGAL_REPEATED_CHARS=Password contains %3$s sequences of %1$s or more repeated characters, but only %2$s allowed: %4$s.
+INSUFFICIENT_UPPERCASE=Password must contain %1$s or more uppercase characters.
+INSUFFICIENT_LOWERCASE=Password must contain %1$s or more lowercase characters.
+INSUFFICIENT_ALPHABETICAL=Password must contain %1$s or more alphabetical characters.
+INSUFFICIENT_DIGIT=Password must contain %1$s or more digit characters.
+INSUFFICIENT_SPECIAL=Password must contain %1$s or more special characters.
+INSUFFICIENT_CHARACTERISTICS=Password matches %1$s of %3$s character rules, but %2$s are required.
+INSUFFICIENT_COMPLEXITY=Password meets %2$s complexity rules, but %3$s are required.
+INSUFFICIENT_COMPLEXITY_RULES=No rules have been configured for a password of length %1$s.
+SOURCE_VIOLATION=Password cannot be the same as your %1$s password.
+TOO_LONG=Password must be no more than %2$s characters in length.
+TOO_SHORT=Password must be %1$s or more characters in length \u592A\u77ED.
+TOO_MANY_OCCURRENCES=Password contains %2$s occurrences of the character '%1$s', but at most %3$s are allowed.