| 
									
										
										
										
											2021-01-05 09:33:45 +01:00
										 |  |  | package domain | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | import ( | 
					
						
							|  |  |  | 	"time" | 
					
						
							| 
									
										
										
										
											2022-04-27 01:01:45 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	"github.com/zitadel/zitadel/internal/crypto" | 
					
						
							|  |  |  | 	caos_errs "github.com/zitadel/zitadel/internal/errors" | 
					
						
							|  |  |  | 	es_models "github.com/zitadel/zitadel/internal/eventstore/v1/models" | 
					
						
							| 
									
										
										
										
											2021-01-05 09:33:45 +01:00
										 |  |  | ) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | type Password struct { | 
					
						
							|  |  |  | 	es_models.ObjectRoot | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	SecretString   string | 
					
						
							|  |  |  | 	SecretCrypto   *crypto.CryptoValue | 
					
						
							|  |  |  | 	ChangeRequired bool | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-01-08 11:33:45 +01:00
										 |  |  | func NewPassword(password string) *Password { | 
					
						
							|  |  |  | 	return &Password{ | 
					
						
							|  |  |  | 		SecretString: password, | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-01-05 09:33:45 +01:00
										 |  |  | type PasswordCode struct { | 
					
						
							|  |  |  | 	es_models.ObjectRoot | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	Code             *crypto.CryptoValue | 
					
						
							|  |  |  | 	Expiry           time.Duration | 
					
						
							|  |  |  | 	NotificationType NotificationType | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-01-07 16:06:45 +01:00
										 |  |  | func (p *Password) HashPasswordIfExisting(policy *PasswordComplexityPolicy, passwordAlg crypto.HashAlgorithm) error { | 
					
						
							| 
									
										
										
										
											2021-01-05 09:33:45 +01:00
										 |  |  | 	if p.SecretString == "" { | 
					
						
							|  |  |  | 		return nil | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if policy == nil { | 
					
						
							|  |  |  | 		return caos_errs.ThrowPreconditionFailed(nil, "DOMAIN-s8ifS", "Errors.User.PasswordComplexityPolicy.NotFound") | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if err := policy.Check(p.SecretString); err != nil { | 
					
						
							|  |  |  | 		return err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	secret, err := crypto.Hash([]byte(p.SecretString), passwordAlg) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	p.SecretCrypto = secret | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							| 
									
										
										
										
											2021-01-07 16:06:45 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | func NewPasswordCode(passwordGenerator crypto.Generator) (*PasswordCode, error) { | 
					
						
							|  |  |  | 	passwordCodeCrypto, _, err := crypto.NewCode(passwordGenerator) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return &PasswordCode{ | 
					
						
							|  |  |  | 		Code:   passwordCodeCrypto, | 
					
						
							|  |  |  | 		Expiry: passwordGenerator.Expiry(), | 
					
						
							|  |  |  | 	}, nil | 
					
						
							|  |  |  | } |