OCM-1294 | feat: Added password validator and tests

openshift-online · Aug 29, 2023 · 0cdafa6 · 0cdafa6
1 parent 183b855
commit 0cdafa6
Show file tree

Hide file tree

Showing 5 changed files with 153 additions and 30 deletions.
diff --git a/go.mod b/go.mod
@@ -3,17 +3,16 @@ module github.com/openshift-online/ocm-common
 go 1.19
 
 require (
-	github.com/golang/mock v1.6.0
 	github.com/onsi/ginkgo/v2 v2.11.0
 	github.com/onsi/gomega v1.27.8
-	github.com/sirupsen/logrus v1.9.3
 )
 
 require (
 	github.com/go-logr/logr v1.2.4 // indirect
 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
 	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 // indirect
+	github.com/stretchr/testify v1.7.0 // indirect
 	golang.org/x/net v0.10.0 // indirect
 	golang.org/x/sys v0.9.0 // indirect
 	golang.org/x/text v0.9.0 // indirect

diff --git a/go.sum b/go.sum
@@ -8,8 +8,6 @@ github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
 github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
 github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
 github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls=
-github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc=
-github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
 github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
@@ -22,46 +20,20 @@ github.com/onsi/gomega v1.27.8 h1:gegWiwZjBsf2DgiSbf5hpokZ98JVDMcWkUiigk6/KXc=
 github.com/onsi/gomega v1.27.8/go.mod h1:2J8vzI/s+2shY9XHRApDkdgPo1TKT7P2u6fXeJKFnNQ=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
-github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
 golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
-golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s=
 golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE=
 golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
-golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM=
 golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc=
-golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

diff --git a/pkg/idp/validations/passwordValidator.go b/pkg/idp/validations/passwordValidator.go
@@ -0,0 +1,45 @@
+package validations
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+)
+
+func PasswordValidator(val interface{}) error {
+	if password, ok := val.(string); ok {
+		re := regexp.MustCompile(`[^\x20-\x7E]`)
+		invalidChars := re.FindAllString(password, -1)
+		notAsciiOnly := len(invalidChars) > 0
+		containsSpace := strings.Contains(password, " ")
+		tooShort := len(password) < 14
+		pwdErrors := []string{}
+		if notAsciiOnly {
+			pwdErrors = append(pwdErrors, fmt.Sprintf("must not contain special characters [%s]",
+				strings.Join(invalidChars, ", ")))
+		}
+		if containsSpace {
+			pwdErrors = append(pwdErrors, "must not contain whitespace")
+		}
+		if tooShort {
+			pwdErrors = append(pwdErrors, fmt.Sprintf("must be at least 14 characters (got %d)", len(password)))
+		}
+		if notAsciiOnly || containsSpace || tooShort {
+			if len(pwdErrors) > 1 {
+				pwdErrors[len(pwdErrors)-1] = "and " + pwdErrors[len(pwdErrors)-1]
+			}
+
+			return fmt.Errorf("Password " + strings.Join(pwdErrors, ", "))
+		}
+		hasUppercase, _ := regexp.MatchString(`[A-Z]`, password)
+		hasLowercase, _ := regexp.MatchString(`[a-z]`, password)
+		hasNumberOrSymbol, _ := regexp.MatchString(`[^a-zA-Z]`, password)
+		if !hasUppercase || !hasLowercase || !hasNumberOrSymbol {
+			return fmt.Errorf(
+				"Password must include uppercase letters, lowercase letters, and numbers " +
+					"or symbols (ASCII-standard characters only)")
+		}
+		return nil
+	}
+	return fmt.Errorf("can only validate strings, got '%v'", val)
+}
diff --git a/pkg/idp/validations/passwordValidator_test.go b/pkg/idp/validations/passwordValidator_test.go
@@ -0,0 +1,94 @@
+package validations
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+)
+
+var _ = Describe("Password Validator", func() {
+    Context("Valid password", func() {
+        It("should not return an error", func() {
+            err := PasswordValidator("Abcdefg123456@")
+            Expect(err).NotTo(HaveOccurred())
+        })
+    })
+
+    Context("Password contains special characters", func() {
+        It("should return an error", func() {
+            password := "AbcdefAbcdef@日本語"
+            err := PasswordValidator(password)
+            re := regexp.MustCompile(`[^\x20-\x7E]`)
+		    invalidChars := re.FindAllString(password, -1)
+            expectedErrMsg := fmt.Sprintf("Password must not contain special characters [%s]", strings.Join(invalidChars, ", "))
+            Expect(err.Error()).To(Equal(expectedErrMsg))
+        })
+    })
+
+
+    Context("Password contains whitespace", func() {
+        It("should return an error", func() {
+            expectedErrMsg := "Password must not contain whitespace"
+            err := PasswordValidator("Abc defg123456@")
+            Expect(err.Error()).To(Equal(expectedErrMsg))
+        })
+    })
+
+    Context("Password is too short", func() {
+        It("should return an error", func() {
+            password := "Abcd12@"
+            expectedErrMsg := fmt.Sprintf("Password must be at least 14 characters (got %d)", len(password))
+            err := PasswordValidator(password)
+            Expect(err.Error()).To(Equal(expectedErrMsg))
+        })
+    })
+
+    Context("Password does not contain uppercase letters", func() {
+        It("should return an error", func() {
+            expectedErrMsg := "Password must include uppercase letters, lowercase letters, and numbers or symbols (ASCII-standard characters only)"
+            err := PasswordValidator("abcdefg123456@")
+            Expect(err.Error()).To(Equal(expectedErrMsg))
+        })
+    })
+
+    Context("Password does not contain lowercase letters", func() {
+        It("should return an error", func() {
+            expectedErrMsg := "Password must include uppercase letters, lowercase letters, and numbers or symbols (ASCII-standard characters only)"
+            err := PasswordValidator("ABCDEFG123456@")
+            Expect(err.Error()).To(Equal(expectedErrMsg))
+        })
+    })
+
+    Context("Password does not contain numbers or symbols", func() {
+        It("should return an error", func() {
+            expectedErrMsg := "Password must include uppercase letters, lowercase letters, and numbers or symbols (ASCII-standard characters only)"
+            err := PasswordValidator("Abcdefgabcdefg")
+            Expect(err.Error()).To(Equal(expectedErrMsg))
+        })
+    })
+
+    Context("White space and too short password errors", func() {
+        It("should return an error", func() {
+            password := "Abc def"
+            err := PasswordValidator(password)
+
+            expectedErrMsg := "Password must not contain whitespace, and must be at least 14 characters (got 7)"
+            Expect(err.Error()).To(Equal(expectedErrMsg))
+        })
+    })
+
+    Context("Multiple password errors", func() {
+        It("should return an error", func() {
+            password := "Abc 語def"
+            err := PasswordValidator(password)
+            re := regexp.MustCompile(`[^\x20-\x7E]`)
+		    invalidChars := re.FindAllString(password, -1)
+
+            expectedErrMsg := fmt.Sprintf("Password must not contain special characters [%s], must not contain whitespace, and must be at least 14 characters (got %d)", strings.Join(invalidChars, ", "), len(password))
+            Expect(err.Error()).To(Equal(expectedErrMsg))
+        })
+    })
+})
diff --git a/pkg/idp/validations/validation_suite_test.go b/pkg/idp/validations/validation_suite_test.go
@@ -0,0 +1,13 @@
+package validations
+
+import (
+    "testing"
+
+    . "github.com/onsi/ginkgo/v2"
+    . "github.com/onsi/gomega"
+)
+
+func TestValidations(t *testing.T) {
+    RegisterFailHandler(Fail)
+    RunSpecs(t, "Validations Suite")
+}