2021-01-04 13:52:13 +00:00
|
|
|
package command
|
2020-12-11 14:49:19 +00:00
|
|
|
|
|
|
|
import (
|
2022-03-28 08:05:09 +00:00
|
|
|
"regexp"
|
|
|
|
|
2022-04-26 23:01:45 +00:00
|
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
|
|
"github.com/zitadel/zitadel/internal/errors"
|
|
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
|
|
|
"github.com/zitadel/zitadel/internal/repository/policy"
|
2020-12-11 14:49:19 +00:00
|
|
|
)
|
|
|
|
|
2022-03-28 08:05:09 +00:00
|
|
|
var (
|
|
|
|
hasStringLowerCase = regexp.MustCompile(`[a-z]`).MatchString
|
|
|
|
hasStringUpperCase = regexp.MustCompile(`[A-Z]`).MatchString
|
|
|
|
hasNumber = regexp.MustCompile(`[0-9]`).MatchString
|
|
|
|
hasSymbol = regexp.MustCompile(`[^A-Za-z0-9]`).MatchString
|
|
|
|
)
|
|
|
|
|
2021-01-04 13:52:13 +00:00
|
|
|
type PasswordComplexityPolicyWriteModel struct {
|
2020-12-11 14:49:19 +00:00
|
|
|
eventstore.WriteModel
|
|
|
|
|
|
|
|
MinLength uint64
|
|
|
|
HasLowercase bool
|
2021-01-18 10:24:15 +00:00
|
|
|
HasUppercase bool
|
2020-12-11 14:49:19 +00:00
|
|
|
HasNumber bool
|
|
|
|
HasSymbol bool
|
2021-01-07 15:06:45 +00:00
|
|
|
State domain.PolicyState
|
2020-12-11 14:49:19 +00:00
|
|
|
}
|
|
|
|
|
2021-01-04 13:52:13 +00:00
|
|
|
func (wm *PasswordComplexityPolicyWriteModel) Reduce() error {
|
2020-12-11 14:49:19 +00:00
|
|
|
for _, event := range wm.Events {
|
|
|
|
switch e := event.(type) {
|
2021-01-04 13:52:13 +00:00
|
|
|
case *policy.PasswordComplexityPolicyAddedEvent:
|
2020-12-11 14:49:19 +00:00
|
|
|
wm.MinLength = e.MinLength
|
|
|
|
wm.HasLowercase = e.HasLowercase
|
2021-01-18 10:24:15 +00:00
|
|
|
wm.HasUppercase = e.HasUppercase
|
2020-12-11 14:49:19 +00:00
|
|
|
wm.HasNumber = e.HasNumber
|
|
|
|
wm.HasSymbol = e.HasSymbol
|
2021-01-07 15:06:45 +00:00
|
|
|
wm.State = domain.PolicyStateActive
|
2021-01-04 13:52:13 +00:00
|
|
|
case *policy.PasswordComplexityPolicyChangedEvent:
|
2021-01-06 10:12:56 +00:00
|
|
|
if e.MinLength != nil {
|
|
|
|
wm.MinLength = *e.MinLength
|
|
|
|
}
|
|
|
|
if e.HasLowercase != nil {
|
|
|
|
wm.HasLowercase = *e.HasLowercase
|
|
|
|
}
|
2021-01-18 10:24:15 +00:00
|
|
|
if e.HasUppercase != nil {
|
|
|
|
wm.HasUppercase = *e.HasUppercase
|
2021-01-06 10:12:56 +00:00
|
|
|
}
|
|
|
|
if e.HasNumber != nil {
|
|
|
|
wm.HasNumber = *e.HasNumber
|
|
|
|
}
|
|
|
|
if e.HasSymbol != nil {
|
|
|
|
wm.HasSymbol = *e.HasSymbol
|
|
|
|
}
|
2021-01-04 13:52:13 +00:00
|
|
|
case *policy.PasswordComplexityPolicyRemovedEvent:
|
2021-01-07 15:06:45 +00:00
|
|
|
wm.State = domain.PolicyStateRemoved
|
2020-12-11 14:49:19 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
return wm.WriteModel.Reduce()
|
|
|
|
}
|
2022-03-28 08:05:09 +00:00
|
|
|
|
|
|
|
func (wm *PasswordComplexityPolicyWriteModel) Validate(password string) error {
|
|
|
|
if wm.MinLength != 0 && uint64(len(password)) < wm.MinLength {
|
|
|
|
return errors.ThrowInvalidArgument(nil, "COMMA-HuJf6", "Errors.User.PasswordComplexityPolicy.MinLength")
|
|
|
|
}
|
|
|
|
|
|
|
|
if wm.HasLowercase && !hasStringLowerCase(password) {
|
|
|
|
return errors.ThrowInvalidArgument(nil, "COMMA-co3Xw", "Errors.User.PasswordComplexityPolicy.HasLower")
|
|
|
|
}
|
|
|
|
|
|
|
|
if wm.HasUppercase && !hasStringUpperCase(password) {
|
|
|
|
return errors.ThrowInvalidArgument(nil, "COMMA-VoaRj", "Errors.User.PasswordComplexityPolicy.HasUpper")
|
|
|
|
}
|
|
|
|
|
|
|
|
if wm.HasNumber && !hasNumber(password) {
|
|
|
|
return errors.ThrowInvalidArgument(nil, "COMMA-ZBv4H", "Errors.User.PasswordComplexityPolicy.HasNumber")
|
|
|
|
}
|
|
|
|
|
|
|
|
if wm.HasSymbol && !hasSymbol(password) {
|
|
|
|
return errors.ThrowInvalidArgument(nil, "COMMA-ZDLwA", "Errors.User.PasswordComplexityPolicy.HasSymbol")
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|