2021-01-05 08:33:45 +00:00
|
|
|
package domain
|
|
|
|
|
|
|
|
import (
|
|
|
|
"time"
|
2022-04-26 23:01:45 +00:00
|
|
|
|
|
|
|
"github.com/zitadel/zitadel/internal/crypto"
|
|
|
|
caos_errs "github.com/zitadel/zitadel/internal/errors"
|
|
|
|
es_models "github.com/zitadel/zitadel/internal/eventstore/v1/models"
|
2021-01-05 08:33:45 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
type Password struct {
|
|
|
|
es_models.ObjectRoot
|
|
|
|
|
|
|
|
SecretString string
|
|
|
|
SecretCrypto *crypto.CryptoValue
|
|
|
|
ChangeRequired bool
|
|
|
|
}
|
|
|
|
|
2021-01-08 10:33:45 +00:00
|
|
|
func NewPassword(password string) *Password {
|
|
|
|
return &Password{
|
|
|
|
SecretString: password,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-01-05 08:33:45 +00:00
|
|
|
type PasswordCode struct {
|
|
|
|
es_models.ObjectRoot
|
|
|
|
|
|
|
|
Code *crypto.CryptoValue
|
|
|
|
Expiry time.Duration
|
|
|
|
NotificationType NotificationType
|
|
|
|
}
|
|
|
|
|
2021-01-07 15:06:45 +00:00
|
|
|
func (p *Password) HashPasswordIfExisting(policy *PasswordComplexityPolicy, passwordAlg crypto.HashAlgorithm) error {
|
2021-01-05 08:33:45 +00:00
|
|
|
if p.SecretString == "" {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
if policy == nil {
|
|
|
|
return caos_errs.ThrowPreconditionFailed(nil, "DOMAIN-s8ifS", "Errors.User.PasswordComplexityPolicy.NotFound")
|
|
|
|
}
|
|
|
|
if err := policy.Check(p.SecretString); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
secret, err := crypto.Hash([]byte(p.SecretString), passwordAlg)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
p.SecretCrypto = secret
|
|
|
|
return nil
|
|
|
|
}
|
2021-01-07 15:06:45 +00:00
|
|
|
|
|
|
|
func NewPasswordCode(passwordGenerator crypto.Generator) (*PasswordCode, error) {
|
|
|
|
passwordCodeCrypto, _, err := crypto.NewCode(passwordGenerator)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return &PasswordCode{
|
|
|
|
Code: passwordCodeCrypto,
|
|
|
|
Expiry: passwordGenerator.Expiry(),
|
|
|
|
}, nil
|
|
|
|
}
|