diff --git a/ControlPlatform/aaa/.gitignore b/ControlPlatform/aaa/.gitignore
index 9b7c203a2..99d71a86d 100644
--- a/ControlPlatform/aaa/.gitignore
+++ b/ControlPlatform/aaa/.gitignore
@@ -4,7 +4,7 @@
# Mobile Tools for Java (J2ME)
.mtj.tmp/
-
+mvnExe.bat
# Package Files #
*.jar
*.war
diff --git a/ControlPlatform/aaa/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/AAAShiroProvider.java b/ControlPlatform/aaa/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/AAAShiroProvider.java
index 2168dbdcc..0cd90ecbf 100644
--- a/ControlPlatform/aaa/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/AAAShiroProvider.java
+++ b/ControlPlatform/aaa/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/AAAShiroProvider.java
@@ -163,7 +163,7 @@ public class AAAShiroProvider {
*
* @return IIDMStore data store
*/
- public static IIDMStore getIdmStore() {
+ public IIDMStore getIdmStore() {
return iidmStore;
}
@@ -172,7 +172,7 @@ public class AAAShiroProvider {
*
* @param store data store
*/
- public static void setIdmStore(final IIDMStore store) {
+ public void setIdmStore(final IIDMStore store) {
iidmStore = store;
}
diff --git a/ControlPlatform/aaa/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/idm/IdmLightApplication.java b/ControlPlatform/aaa/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/idm/IdmLightApplication.java
index d2023460b..81b2b411d 100644
--- a/ControlPlatform/aaa/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/idm/IdmLightApplication.java
+++ b/ControlPlatform/aaa/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/idm/IdmLightApplication.java
@@ -43,6 +43,7 @@ import java.util.Set;
*/
public class IdmLightApplication extends Application {
+ public static final int MIN_PASSWORD_LEN = 8;
private static final Logger LOG = LoggerFactory.getLogger(IdmLightApplication.class);
// TODO create a bug to address the fact that the implementation assumes 128
diff --git a/ControlPlatform/aaa/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/idm/UserHandler.java b/ControlPlatform/aaa/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/idm/UserHandler.java
index 009abecbc..0c802c12d 100644
--- a/ControlPlatform/aaa/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/idm/UserHandler.java
+++ b/ControlPlatform/aaa/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/idm/UserHandler.java
@@ -14,6 +14,8 @@
package org.opendaylight.aaa.shiro.idm;
+import org.apache.shiro.crypto.hash.Md5Hash;
+import org.immutables.value.internal.$processor$.meta.$ValueMirrors;
import org.opendaylight.aaa.AAAShiroProvider;
import org.opendaylight.aaa.api.IDMStoreException;
import org.opendaylight.aaa.api.model.IDMError;
@@ -21,42 +23,36 @@ import org.opendaylight.aaa.api.model.User;
import org.opendaylight.aaa.api.model.Users;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import sun.security.provider.MD5;
-import javax.ws.rs.Consumes;
-import javax.ws.rs.DELETE;
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
+import javax.ws.rs.*;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import java.util.Collection;
+import java.util.Objects;
/**
* @author Dong Xiancun
- *
+ * <p>
* REST application used to manipulate the H2 database users table. The REST
* endpoint is <code>/auth/v1/users</code>.
*
* <p>
* A wrapper script called <code>idmtool</code> is provided to manipulate AAA
* data.
- *
*/
@Path("/v1/users")
public class UserHandler {
private static final Logger LOG = LoggerFactory.getLogger(UserHandler.class);
-
+ private static final String PW_PATTERN = "/^(?![0-9]+$)(?![a-z]+$)(?![A-Z]+$)(?!([^(0-9a-zA-Z)])+$).{8,}$/";
/**
* If a user is created through the <code>/auth/v1/users</code> rest
* endpoint without a password, the default password is assigned to the
* user.
*/
- private static final String DEFAULT_PWD = "changeme";
+ private static final String DEFAULT_PWD = "changeme@10086";
/**
* When an HTTP GET is performed on <code>/auth/v1/users</code>, the
@@ -113,10 +109,9 @@ public class UserHandler {
* Extracts the user represented by <code>id</code>. The password and salt
* fields are redacted for security reasons.
*
- * @param id
- * the unique id of representing the user account
+ * @param id the unique id of representing the user account
* @return A response with the user information, or internal error if one
- * occurs
+ * occurs
*/
@GET
@Path("/{id}")
@@ -154,10 +149,8 @@ public class UserHandler {
* If a password is not provided, please ensure you change the default
* password ASAP for security reasons!
*
- * @param info
- * passed from Jersey
- * @param user
- * the user defined in the JSON payload
+ * @param info passed from Jersey
+ * @param user the user defined in the JSON payload
* @return A response stating success or failure of user creation
*/
@POST
@@ -221,14 +214,12 @@ public class UserHandler {
}
// TODO add a check on email format here.
- // The "password" field is optional and defaults to "changeme".
+ // The "password" field is optional and defaults to "changeme@10086".
final String userPassword = user.getPassword();
- if (userPassword == null) {
- user.setPassword(DEFAULT_PWD);
- } else if (userPassword.length() > IdmLightApplication.MAX_FIELD_LEN) {
- return providedFieldTooLong("password", IdmLightApplication.MAX_FIELD_LEN);
+ Response response = checkPasswordError(userPassword);
+ if (response.getStatus() != 200) {
+ return response;
}
-
try {
// At this point, fields have been properly verified. Create the
// user account
@@ -245,15 +236,28 @@ public class UserHandler {
return Response.status(201).entity(user).build();
}
+ private Response checkPasswordError(String userPassword) {
+ if (Objects.isNull(userPassword)) {
+ return providePasswordError("密码不能为空。");
+ } else if (userPassword.length() > IdmLightApplication.MAX_FIELD_LEN) {
+ return providePasswordError("密码的最大长度不能超过256个字节。");
+ } else if (userPassword.length() < IdmLightApplication.MIN_PASSWORD_LEN) {
+ return providePasswordError("密码的长度不能低于8个自己");
+ } else if (!userPassword.matches(PW_PATTERN)) {
+ return providePasswordError("密码必须包含大写字母、小写字母、特殊字符、数字中两种或多种组合");
+ }
+ return Response.status(200).build();
+ }
+
+ private Response providePasswordError(String s) {
+ return new IDMError(407, s).response();
+ }
/**
* REST endpoint to update a user account.
*
- * @param info
- * passed from Jersey
- * @param user
- * the user defined in the JSON payload
- * @param id
- * the unique id for the user that will be updated
+ * @param info passed from Jersey
+ * @param user the user defined in the JSON payload
+ * @param id the unique id for the user that will be updated
* @return A response stating success or failure of the user update
*/
@PUT
@@ -305,10 +309,8 @@ public class UserHandler {
/**
* REST endpoint to delete a user account.
*
- * @param info
- * passed from Jersey
- * @param id
- * the unique id of the user which is being deleted
+ * @param info passed from Jersey
+ * @param id the unique id of the user which is being deleted
* @return A response stating success or failure of user deletion
*/
@DELETE
@@ -335,10 +337,8 @@ public class UserHandler {
/**
* Creates a <code>Response</code> related to an internal server error.
*
- * @param verbal
- * such as "creating", "deleting", "updating"
- * @param ex
- * The exception, which is logged locally
+ * @param verbal such as "creating", "deleting", "updating"
+ * @param ex The exception, which is logged locally
* @return A response containing internal error with specific reasoning
*/
private Response internalError(final String verbal, final Exception ex) {
@@ -351,8 +351,7 @@ public class UserHandler {
* Creates a <code>Response</code> related to the user not providing a
* required field.
*
- * @param fieldName
- * the name of the field which is missing
+ * @param fieldName the name of the field which is missing
* @return A response explaining that the request is missing a field
*/
private Response missingRequiredField(final String fieldName) {
@@ -367,10 +366,8 @@ public class UserHandler {
* Creates a <code>Response</code> related to the user providing a field
* that is too long.
*
- * @param fieldName
- * the name of the field that is too long
- * @param maxFieldLength
- * the maximum length of <code>fieldName</code>
+ * @param fieldName the name of the field that is too long
+ * @param maxFieldLength the maximum length of <code>fieldName</code>
* @return A response containing the bad field and the maximum field length
*/
private Response providedFieldTooLong(final String fieldName, final int maxFieldLength) {
@@ -381,10 +378,8 @@ public class UserHandler {
* Creates the client-facing message related to the user providing a field
* that is too long.
*
- * @param fieldName
- * the name of the field that is too long
- * @param maxFieldLength
- * the maximum length of <code>fieldName</code>
+ * @param fieldName the name of the field that is too long
+ * @param maxFieldLength the maximum length of <code>fieldName</code>
* @return a response containing the too long field and its length
*/
private static String getProvidedFieldTooLongMessage(final String fieldName, final int maxFieldLength) {
@@ -397,8 +392,7 @@ public class UserHandler {
* Prepares a user account for output by redacting the appropriate fields.
* This method side-effects the <code>user</code> parameter.
*
- * @param user
- * the user account which will have fields redacted
+ * @param user the user account which will have fields redacted
*/
private static void redactUserPasswordInfo(final User user) {
user.setPassword(REDACTED_PASSWORD);
@@ -408,8 +402,7 @@ public class UserHandler {
/**
* Validate the input field length.
*
- * @param inputField
- * the field to check
+ * @param inputField the field to check
* @return true if input field bigger than the MAX_FIELD_LEN
*/
private boolean checkInputFieldLength(final String inputField) {
@@ -418,10 +411,10 @@ public class UserHandler {
}
/**
* Revision history
- *
+ * <p>
* -------------------------------------------------------------------------
* Date Author Note
- *
+ * <p>
* -------------------------------------------------------------------------
* 2019/7/3 Dong Xiancun creat
*/
diff --git a/ControlPlatform/aaa/aaa-shiro/impl/src/test/java/org/opendaylight/aaa/shiro/idm/rest/test/HandlerTest.java b/ControlPlatform/aaa/aaa-shiro/impl/src/test/java/org/opendaylight/aaa/shiro/idm/rest/test/HandlerTest.java
index f0c2dc24c..0b4cde8f7 100644
--- a/ControlPlatform/aaa/aaa-shiro/impl/src/test/java/org/opendaylight/aaa/shiro/idm/rest/test/HandlerTest.java
+++ b/ControlPlatform/aaa/aaa-shiro/impl/src/test/java/org/opendaylight/aaa/shiro/idm/rest/test/HandlerTest.java
@@ -48,7 +48,7 @@ public abstract class HandlerTest extends JerseyTest {
SLF4JBridgeHandler.install();
super.setUp();
new StoreBuilder(testStore).init();
- AAAShiroProvider.setIdmStore(testStore);
+ AAAShiroProvider.getInstance().setIdmStore(testStore);
}
}
/**