From 566d8bdb7e86e00366204e2f2c4ed4ba3087afe5 Mon Sep 17 00:00:00 2001 From: "Crystal.Sea" Date: Tue, 25 Aug 2020 07:58:42 +0800 Subject: [PATCH] PasswordPolicyMessageResolver PasswordPolicyMessageResolver --- .../ApplicationAutoConfiguration.java | 5 +- .../db/PasswordPolicyMessageResolver.java | 55 +++++++++++++++++++ .../db/PasswordPolicyValidator.java | 11 +++- .../resources/messages/message.properties | 33 ++++++++++- .../resources/messages/message_en.properties | 31 ++++++++++- .../messages/message_zh_CN.properties | 33 ++++++++++- 6 files changed, 160 insertions(+), 8 deletions(-) create mode 100644 maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyMessageResolver.java diff --git a/maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java b/maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java index 486eeb1ac..5a57a17b3 100644 --- a/maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java +++ b/maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java @@ -41,6 +41,7 @@ import org.slf4j.LoggerFactory; import org.springframework.beans.factory.InitializingBean; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.MessageSource; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Primary; @@ -130,8 +131,8 @@ public class ApplicationAutoConfiguration implements InitializingBean { } @Bean(name = "passwordPolicyValidator") - public PasswordPolicyValidator passwordPolicyValidator(JdbcTemplate jdbcTemplate) { - return new PasswordPolicyValidator(jdbcTemplate); + public PasswordPolicyValidator passwordPolicyValidator(JdbcTemplate jdbcTemplate,MessageSource messageSource) { + return new PasswordPolicyValidator(jdbcTemplate,messageSource); } @Bean(name = "loginService") diff --git a/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyMessageResolver.java b/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyMessageResolver.java new file mode 100644 index 000000000..10fba53f1 --- /dev/null +++ b/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyMessageResolver.java @@ -0,0 +1,55 @@ +package org.maxkey.persistence.db; + +import java.util.Locale; + +import org.passay.MessageResolver; +import org.passay.PropertiesMessageResolver; +import org.passay.RuleResultDetail; +import org.springframework.context.MessageSource; +import org.springframework.context.NoSuchMessageException; +import org.springframework.context.support.MessageSourceAccessor; + + +public class PasswordPolicyMessageResolver implements MessageResolver{ + + /** A accessor for Spring's {@link MessageSource} */ + private final MessageSourceAccessor messageSourceAccessor; + + /** The {@link MessageResolver} for fallback */ + private final MessageResolver fallbackMessageResolver = new PropertiesMessageResolver(); + + /** + * Create a new instance with the locale associated with the current thread. + * @param messageSource a message source managed by spring + */ + public PasswordPolicyMessageResolver(final MessageSource messageSource) + { + this.messageSourceAccessor = new MessageSourceAccessor(messageSource); + } + + /** + * Create a new instance with the specified locale. + * @param messageSource a message source managed by spring + * @param locale the locale to use for message access + */ + public PasswordPolicyMessageResolver(final MessageSource messageSource, final Locale locale) + { + this.messageSourceAccessor = new MessageSourceAccessor(messageSource, locale); + } + + /** + * Resolves the message for the supplied rule result detail using Spring's {@link MessageSource}. + * (If the message can't retrieve from a {@link MessageSource}, return default message provided by passay) + * @param detail rule result detail + * @return message for the detail error code + */ + @Override + public String resolve(final RuleResultDetail detail) + { + try { + return this.messageSourceAccessor.getMessage(detail.getErrorCode().toLowerCase(), detail.getValues()); + } catch (NoSuchMessageException e) { + return this.fallbackMessageResolver.resolve(detail); + } + } +} diff --git a/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java b/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java index 6119c7fe3..12a1b21b3 100644 --- a/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java +++ b/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java @@ -34,6 +34,7 @@ import org.passay.dictionary.Dictionary; import org.passay.dictionary.DictionaryBuilder; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.context.MessageSource; import org.springframework.core.io.ClassPathResource; import org.springframework.jdbc.core.JdbcTemplate; import org.springframework.security.authentication.BadCredentialsException; @@ -58,6 +59,8 @@ public class PasswordPolicyValidator { protected JdbcTemplate jdbcTemplate; + MessageSource messageSource; + private static final String PASSWORD_POLICY_KEY = "PASSWORD_POLICY_KEY"; private static final String LOCK_USER_UPDATE_STATEMENT = "UPDATE MXK_USERINFO SET ISLOCKED = ? , UNLOCKTIME = ? WHERE ID = ?"; @@ -72,7 +75,8 @@ public class PasswordPolicyValidator { public PasswordPolicyValidator() { } - public PasswordPolicyValidator(JdbcTemplate jdbcTemplate) { + public PasswordPolicyValidator(JdbcTemplate jdbcTemplate,MessageSource messageSource) { + this.messageSource=messageSource; this.jdbcTemplate = jdbcTemplate; } @@ -138,8 +142,9 @@ public class PasswordPolicyValidator { } getPasswordPolicy(); - - PasswordValidator validator = new PasswordValidator(passwordPolicyRuleList); + + PasswordValidator validator = new PasswordValidator( + new PasswordPolicyMessageResolver(messageSource),passwordPolicyRuleList); RuleResult result = validator.validate(new PasswordData(username,password)); diff --git a/maxkey-web-maxkey/src/main/resources/messages/message.properties b/maxkey-web-maxkey/src/main/resources/messages/message.properties index 5dceaedac..b25004641 100644 --- a/maxkey-web-maxkey/src/main/resources/messages/message.properties +++ b/maxkey-web-maxkey/src/main/resources/messages/message.properties @@ -257,4 +257,35 @@ navs.myprofile=\u6211\u7684\u8D44\u6599 navs.audit=\u5BA1\u8BA1 navs.audit.login=\u767B\u5F55\u65E5\u5FD7 navs.audit.signon=\u8BBF\u95EE\u65E5\u5FD7 -navs.audit.operation=\u64CD\u4F5C\u65E5\u5FD7 \ No newline at end of file +navs.audit.operation=\u64CD\u4F5C\u65E5\u5FD7 + +#password +HISTORY_VIOLATION=Password matches one of %1$s previous passwords. +ILLEGAL_WORD=Password contains the dictionary word '%1$s'. +ILLEGAL_WORD_REVERSED=Password contains the reversed dictionary word '%1$s'. +ILLEGAL_DIGEST_WORD=Password contains a dictionary word. +ILLEGAL_DIGEST_WORD_REVERSED=Password contains a reversed dictionary word. +ILLEGAL_MATCH=Password matches the illegal pattern '%1$s'. +ALLOWED_MATCH=Password must match pattern '%1$s'. +ILLEGAL_CHAR=Password %2$s the illegal character '%1$s'. +ALLOWED_CHAR=Password %2$s the illegal character '%1$s'. +ILLEGAL_QWERTY_SEQUENCE=Password contains the illegal QWERTY sequence '%1$s'. +ILLEGAL_ALPHABETICAL_SEQUENCE=Password contains the illegal alphabetical sequence '%1$s'. +ILLEGAL_NUMERICAL_SEQUENCE=Password contains the illegal numerical sequence '%1$s'. +ILLEGAL_USERNAME=Password %2$s the user id '%1$s'. +ILLEGAL_USERNAME_REVERSED=Password %2$s the user id '%1$s' in reverse. +ILLEGAL_WHITESPACE=Password %2$s a whitespace character. +ILLEGAL_NUMBER_RANGE=Password %2$s the number '%1$s'. +ILLEGAL_REPEATED_CHARS=Password contains %3$s sequences of %1$s or more repeated characters, but only %2$s allowed: %4$s. +INSUFFICIENT_UPPERCASE=Password must contain %1$s or more uppercase characters. +INSUFFICIENT_LOWERCASE=Password must contain %1$s or more lowercase characters. +INSUFFICIENT_ALPHABETICAL=Password must contain %1$s or more alphabetical characters. +INSUFFICIENT_DIGIT=Password must contain %1$s or more digit characters. +INSUFFICIENT_SPECIAL=Password must contain %1$s or more special characters. +INSUFFICIENT_CHARACTERISTICS=Password matches %1$s of %3$s character rules, but %2$s are required. +INSUFFICIENT_COMPLEXITY=Password meets %2$s complexity rules, but %3$s are required. +INSUFFICIENT_COMPLEXITY_RULES=No rules have been configured for a password of length %1$s. +SOURCE_VIOLATION=Password cannot be the same as your %1$s password. +TOO_LONG=Password must be no more than %2$s characters in length. +TOO_SHORT=Password must be %1$s or more characters in length \u592A\u77ED. +TOO_MANY_OCCURRENCES=Password contains %2$s occurrences of the character '%1$s', but at most %3$s are allowed. \ No newline at end of file diff --git a/maxkey-web-maxkey/src/main/resources/messages/message_en.properties b/maxkey-web-maxkey/src/main/resources/messages/message_en.properties index b11bcd14d..f5f9a6f59 100644 --- a/maxkey-web-maxkey/src/main/resources/messages/message_en.properties +++ b/maxkey-web-maxkey/src/main/resources/messages/message_en.properties @@ -261,4 +261,33 @@ navs.audit.login=Login navs.audit.signon=Sign-on navs.audit.operation=Operation - +#password +HISTORY_VIOLATION=Password matches one of %1$s previous passwords. +ILLEGAL_WORD=Password contains the dictionary word '%1$s'. +ILLEGAL_WORD_REVERSED=Password contains the reversed dictionary word '%1$s'. +ILLEGAL_DIGEST_WORD=Password contains a dictionary word. +ILLEGAL_DIGEST_WORD_REVERSED=Password contains a reversed dictionary word. +ILLEGAL_MATCH=Password matches the illegal pattern '%1$s'. +ALLOWED_MATCH=Password must match pattern '%1$s'. +ILLEGAL_CHAR=Password %2$s the illegal character '%1$s'. +ALLOWED_CHAR=Password %2$s the illegal character '%1$s'. +ILLEGAL_QWERTY_SEQUENCE=Password contains the illegal QWERTY sequence '%1$s'. +ILLEGAL_ALPHABETICAL_SEQUENCE=Password contains the illegal alphabetical sequence '%1$s'. +ILLEGAL_NUMERICAL_SEQUENCE=Password contains the illegal numerical sequence '%1$s'. +ILLEGAL_USERNAME=Password %2$s the user id '%1$s'. +ILLEGAL_USERNAME_REVERSED=Password %2$s the user id '%1$s' in reverse. +ILLEGAL_WHITESPACE=Password %2$s a whitespace character. +ILLEGAL_NUMBER_RANGE=Password %2$s the number '%1$s'. +ILLEGAL_REPEATED_CHARS=Password contains %3$s sequences of %1$s or more repeated characters, but only %2$s allowed: %4$s. +INSUFFICIENT_UPPERCASE=Password must contain %1$s or more uppercase characters. +INSUFFICIENT_LOWERCASE=Password must contain %1$s or more lowercase characters. +INSUFFICIENT_ALPHABETICAL=Password must contain %1$s or more alphabetical characters. +INSUFFICIENT_DIGIT=Password must contain %1$s or more digit characters. +INSUFFICIENT_SPECIAL=Password must contain %1$s or more special characters. +INSUFFICIENT_CHARACTERISTICS=Password matches %1$s of %3$s character rules, but %2$s are required. +INSUFFICIENT_COMPLEXITY=Password meets %2$s complexity rules, but %3$s are required. +INSUFFICIENT_COMPLEXITY_RULES=No rules have been configured for a password of length %1$s. +SOURCE_VIOLATION=Password cannot be the same as your %1$s password. +TOO_LONG=Password must be no more than %2$s characters in length. +TOO_SHORT=Password must be %1$s or more characters in length. +TOO_MANY_OCCURRENCES=Password contains %2$s occurrences of the character '%1$s', but at most %3$s are allowed. diff --git a/maxkey-web-maxkey/src/main/resources/messages/message_zh_CN.properties b/maxkey-web-maxkey/src/main/resources/messages/message_zh_CN.properties index 5dceaedac..b25004641 100644 --- a/maxkey-web-maxkey/src/main/resources/messages/message_zh_CN.properties +++ b/maxkey-web-maxkey/src/main/resources/messages/message_zh_CN.properties @@ -257,4 +257,35 @@ navs.myprofile=\u6211\u7684\u8D44\u6599 navs.audit=\u5BA1\u8BA1 navs.audit.login=\u767B\u5F55\u65E5\u5FD7 navs.audit.signon=\u8BBF\u95EE\u65E5\u5FD7 -navs.audit.operation=\u64CD\u4F5C\u65E5\u5FD7 \ No newline at end of file +navs.audit.operation=\u64CD\u4F5C\u65E5\u5FD7 + +#password +HISTORY_VIOLATION=Password matches one of %1$s previous passwords. +ILLEGAL_WORD=Password contains the dictionary word '%1$s'. +ILLEGAL_WORD_REVERSED=Password contains the reversed dictionary word '%1$s'. +ILLEGAL_DIGEST_WORD=Password contains a dictionary word. +ILLEGAL_DIGEST_WORD_REVERSED=Password contains a reversed dictionary word. +ILLEGAL_MATCH=Password matches the illegal pattern '%1$s'. +ALLOWED_MATCH=Password must match pattern '%1$s'. +ILLEGAL_CHAR=Password %2$s the illegal character '%1$s'. +ALLOWED_CHAR=Password %2$s the illegal character '%1$s'. +ILLEGAL_QWERTY_SEQUENCE=Password contains the illegal QWERTY sequence '%1$s'. +ILLEGAL_ALPHABETICAL_SEQUENCE=Password contains the illegal alphabetical sequence '%1$s'. +ILLEGAL_NUMERICAL_SEQUENCE=Password contains the illegal numerical sequence '%1$s'. +ILLEGAL_USERNAME=Password %2$s the user id '%1$s'. +ILLEGAL_USERNAME_REVERSED=Password %2$s the user id '%1$s' in reverse. +ILLEGAL_WHITESPACE=Password %2$s a whitespace character. +ILLEGAL_NUMBER_RANGE=Password %2$s the number '%1$s'. +ILLEGAL_REPEATED_CHARS=Password contains %3$s sequences of %1$s or more repeated characters, but only %2$s allowed: %4$s. +INSUFFICIENT_UPPERCASE=Password must contain %1$s or more uppercase characters. +INSUFFICIENT_LOWERCASE=Password must contain %1$s or more lowercase characters. +INSUFFICIENT_ALPHABETICAL=Password must contain %1$s or more alphabetical characters. +INSUFFICIENT_DIGIT=Password must contain %1$s or more digit characters. +INSUFFICIENT_SPECIAL=Password must contain %1$s or more special characters. +INSUFFICIENT_CHARACTERISTICS=Password matches %1$s of %3$s character rules, but %2$s are required. +INSUFFICIENT_COMPLEXITY=Password meets %2$s complexity rules, but %3$s are required. +INSUFFICIENT_COMPLEXITY_RULES=No rules have been configured for a password of length %1$s. +SOURCE_VIOLATION=Password cannot be the same as your %1$s password. +TOO_LONG=Password must be no more than %2$s characters in length. +TOO_SHORT=Password must be %1$s or more characters in length \u592A\u77ED. +TOO_MANY_OCCURRENCES=Password contains %2$s occurrences of the character '%1$s', but at most %3$s are allowed. \ No newline at end of file