diff --git a/go.mod b/go.mod index 7c9cfed..7eed205 100644 --- a/go.mod +++ b/go.mod @@ -3,10 +3,8 @@ module github.com/openshift-online/ocm-common go 1.19 require ( - github.com/golang/mock v1.6.0 github.com/onsi/ginkgo/v2 v2.11.0 github.com/onsi/gomega v1.27.8 - github.com/sirupsen/logrus v1.9.3 ) require ( @@ -14,6 +12,7 @@ require ( github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect github.com/google/go-cmp v0.5.9 // indirect github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38 // indirect + github.com/stretchr/testify v1.7.0 // indirect golang.org/x/net v0.10.0 // indirect golang.org/x/sys v0.9.0 // indirect golang.org/x/text v0.9.0 // indirect diff --git a/go.sum b/go.sum index 2c2016c..9f1c206 100644 --- a/go.sum +++ b/go.sum @@ -8,8 +8,6 @@ github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= -github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc= -github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= @@ -22,46 +20,20 @@ github.com/onsi/gomega v1.27.8 h1:gegWiwZjBsf2DgiSbf5hpokZ98JVDMcWkUiigk6/KXc= github.com/onsi/gomega v1.27.8/go.mod h1:2J8vzI/s+2shY9XHRApDkdgPo1TKT7P2u6fXeJKFnNQ= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= -github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s= golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM= golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/pkg/idp/validations/passwordValidator.go b/pkg/idp/validations/passwordValidator.go new file mode 100644 index 0000000..315e8f5 --- /dev/null +++ b/pkg/idp/validations/passwordValidator.go @@ -0,0 +1,45 @@ +package validations + +import ( + "fmt" + "regexp" + "strings" +) + +func PasswordValidator(val interface{}) error { + if password, ok := val.(string); ok { + re := regexp.MustCompile(`[^\x20-\x7E]`) + invalidChars := re.FindAllString(password, -1) + notAsciiOnly := len(invalidChars) > 0 + containsSpace := strings.Contains(password, " ") + tooShort := len(password) < 14 + pwdErrors := []string{} + if notAsciiOnly { + pwdErrors = append(pwdErrors, fmt.Sprintf("must not contain special characters [%s]", + strings.Join(invalidChars, ", "))) + } + if containsSpace { + pwdErrors = append(pwdErrors, "must not contain whitespace") + } + if tooShort { + pwdErrors = append(pwdErrors, fmt.Sprintf("must be at least 14 characters (got %d)", len(password))) + } + if notAsciiOnly || containsSpace || tooShort { + if len(pwdErrors) > 1 { + pwdErrors[len(pwdErrors)-1] = "and " + pwdErrors[len(pwdErrors)-1] + } + + return fmt.Errorf("Password " + strings.Join(pwdErrors, ", ")) + } + hasUppercase, _ := regexp.MatchString(`[A-Z]`, password) + hasLowercase, _ := regexp.MatchString(`[a-z]`, password) + hasNumberOrSymbol, _ := regexp.MatchString(`[^a-zA-Z]`, password) + if !hasUppercase || !hasLowercase || !hasNumberOrSymbol { + return fmt.Errorf( + "Password must include uppercase letters, lowercase letters, and numbers " + + "or symbols (ASCII-standard characters only)") + } + return nil + } + return fmt.Errorf("can only validate strings, got '%v'", val) +} \ No newline at end of file diff --git a/pkg/idp/validations/passwordValidator_test.go b/pkg/idp/validations/passwordValidator_test.go new file mode 100644 index 0000000..a76e3ac --- /dev/null +++ b/pkg/idp/validations/passwordValidator_test.go @@ -0,0 +1,94 @@ +package validations + +import ( + "fmt" + "regexp" + "strings" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" +) + +var _ = Describe("Password Validator", func() { + Context("Valid password", func() { + It("should not return an error", func() { + err := PasswordValidator("Abcdefg123456@") + Expect(err).NotTo(HaveOccurred()) + }) + }) + + Context("Password contains special characters", func() { + It("should return an error", func() { + password := "AbcdefAbcdef@日本語" + err := PasswordValidator(password) + re := regexp.MustCompile(`[^\x20-\x7E]`) + invalidChars := re.FindAllString(password, -1) + expectedErrMsg := fmt.Sprintf("Password must not contain special characters [%s]", strings.Join(invalidChars, ", ")) + Expect(err.Error()).To(Equal(expectedErrMsg)) + }) + }) + + + Context("Password contains whitespace", func() { + It("should return an error", func() { + expectedErrMsg := "Password must not contain whitespace" + err := PasswordValidator("Abc defg123456@") + Expect(err.Error()).To(Equal(expectedErrMsg)) + }) + }) + + Context("Password is too short", func() { + It("should return an error", func() { + password := "Abcd12@" + expectedErrMsg := fmt.Sprintf("Password must be at least 14 characters (got %d)", len(password)) + err := PasswordValidator(password) + Expect(err.Error()).To(Equal(expectedErrMsg)) + }) + }) + + Context("Password does not contain uppercase letters", func() { + It("should return an error", func() { + expectedErrMsg := "Password must include uppercase letters, lowercase letters, and numbers or symbols (ASCII-standard characters only)" + err := PasswordValidator("abcdefg123456@") + Expect(err.Error()).To(Equal(expectedErrMsg)) + }) + }) + + Context("Password does not contain lowercase letters", func() { + It("should return an error", func() { + expectedErrMsg := "Password must include uppercase letters, lowercase letters, and numbers or symbols (ASCII-standard characters only)" + err := PasswordValidator("ABCDEFG123456@") + Expect(err.Error()).To(Equal(expectedErrMsg)) + }) + }) + + Context("Password does not contain numbers or symbols", func() { + It("should return an error", func() { + expectedErrMsg := "Password must include uppercase letters, lowercase letters, and numbers or symbols (ASCII-standard characters only)" + err := PasswordValidator("Abcdefgabcdefg") + Expect(err.Error()).To(Equal(expectedErrMsg)) + }) + }) + + Context("White space and too short password errors", func() { + It("should return an error", func() { + password := "Abc def" + err := PasswordValidator(password) + + expectedErrMsg := "Password must not contain whitespace, and must be at least 14 characters (got 7)" + Expect(err.Error()).To(Equal(expectedErrMsg)) + }) + }) + + Context("Multiple password errors", func() { + It("should return an error", func() { + password := "Abc 語def" + err := PasswordValidator(password) + re := regexp.MustCompile(`[^\x20-\x7E]`) + invalidChars := re.FindAllString(password, -1) + + expectedErrMsg := fmt.Sprintf("Password must not contain special characters [%s], must not contain whitespace, and must be at least 14 characters (got %d)", strings.Join(invalidChars, ", "), len(password)) + Expect(err.Error()).To(Equal(expectedErrMsg)) + }) + }) +}) diff --git a/pkg/idp/validations/validation_suite_test.go b/pkg/idp/validations/validation_suite_test.go new file mode 100644 index 0000000..e1dd3c4 --- /dev/null +++ b/pkg/idp/validations/validation_suite_test.go @@ -0,0 +1,13 @@ +package validations + +import ( + "testing" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" +) + +func TestValidations(t *testing.T) { + RegisterFailHandler(Fail) + RunSpecs(t, "Validations Suite") +} \ No newline at end of file