created a has-special-characters constraint

2026-02-17 14:07:46 +08:00 · 2017-01-28 14:10:04 -07:00
parent 59a7e4179b
commit 5280ef32cd
6 changed files with 128 additions and 0 deletions
--- a/mRemoteNGTests/Security/PasswordCreation/PasswordIncludesSpecialCharactersConstraintTests.cs
+++ b/mRemoteNGTests/Security/PasswordCreation/PasswordIncludesSpecialCharactersConstraintTests.cs
@@ -0,0 +1,73 @@
+using System;
+using mRemoteNG.Security;
+using mRemoteNG.Security.PasswordCreation;
+using NUnit.Framework;
+
+
+namespace mRemoteNGTests.Security.PasswordCreation
+{
+    public class PasswordIncludesSpecialCharactersConstraintTests
+    {
+        private PasswordIncludesSpecialCharactersConstraint _specialCharactersConstraint;
+
+        [Test]
+        public void PasswordWithMinimumSpecialCharsPassesValidation()
+        {
+            var password = "hello$".ConvertToSecureString();
+            _specialCharactersConstraint = new PasswordIncludesSpecialCharactersConstraint();
+            Assert.That(_specialCharactersConstraint.Validate(password), Is.True);
+        }
+
+        [Test]
+        public void PasswordExceedingMinimumSpecialCharsPassesValidation()
+        {
+            var password = "hello!#%$".ConvertToSecureString();
+            _specialCharactersConstraint = new PasswordIncludesSpecialCharactersConstraint(3);
+            Assert.That(_specialCharactersConstraint.Validate(password), Is.True);
+        }
+
+        [Test]
+        public void PasswordUnderMinimumSpecialCharsFailsValidation()
+        {
+            var password = "hello!".ConvertToSecureString();
+            _specialCharactersConstraint = new PasswordIncludesSpecialCharactersConstraint(2);
+            Assert.That(_specialCharactersConstraint.Validate(password), Is.False);
+        }
+
+        [Test]
+        public void PasswordWithoutSpecialCharsFailsValidation()
+        {
+            var password = "hello".ConvertToSecureString();
+            _specialCharactersConstraint = new PasswordIncludesSpecialCharactersConstraint();
+            Assert.That(_specialCharactersConstraint.Validate(password), Is.False);
+        }
+
+        [Test]
+        public void PasswordMatchingCustomCharsPassesValidation()
+        {
+            var password = "hello(".ConvertToSecureString();
+            _specialCharactersConstraint = new PasswordIncludesSpecialCharactersConstraint(new[] {'('});
+            Assert.That(_specialCharactersConstraint.Validate(password), Is.True);
+        }
+
+        [Test]
+        public void PasswordWithoutCustomCharsFailsValidation()
+        {
+            var password = "hello!".ConvertToSecureString();
+            _specialCharactersConstraint = new PasswordIncludesSpecialCharactersConstraint(new[] { '(' });
+            Assert.That(_specialCharactersConstraint.Validate(password), Is.False);
+        }
+
+        [Test]
+        public void CantProvideNullListOfCharacters()
+        {
+            Assert.Throws<ArgumentNullException>(() => new PasswordIncludesSpecialCharactersConstraint(null));
+        }
+
+        [Test]
+        public void MinimumCountMustBeAPositiveValue()
+        {
+            Assert.Throws<ArgumentException>(() => new PasswordIncludesSpecialCharactersConstraint(-1));
+        }
+    }
+}
--- a/mRemoteNGTests/mRemoteNGTests.csproj
+++ b/mRemoteNGTests/mRemoteNGTests.csproj
@@ -140,6 +140,7 @@
    <Compile Include="NUnitExtensions\SecureTextBoxTester.cs" />
    <Compile Include="Security\Authentication\PasswordAuthenticatorTests.cs" />
    <Compile Include="Security\KeyDerivation\Pkcs5S2KeyGeneratorTests.cs" />
+    <Compile Include="Security\PasswordCreation\PasswordIncludesSpecialCharactersConstraintTests.cs" />
    <Compile Include="Security\PasswordCreation\PasswordIncludesUpperCaseConstraintTests.cs" />
    <Compile Include="Security\PasswordCreation\PasswordIncludesLowerCaseConstraintTests.cs" />
    <Compile Include="Security\PasswordCreation\PasswordIncludesNumbersConstraintTests.cs" />
--- a/mRemoteV1/Resources/Language/Language.Designer.cs
+++ b/mRemoteV1/Resources/Language/Language.Designer.cs
@@ -3820,6 +3820,15 @@ namespace mRemoteNG {
            }
        }
        
+        /// <summary>
+        ///   Looks up a localized string similar to Password must contain at least {0} of the following characters: {1}.
+        /// </summary>
+        internal static string strPasswordConstainsSpecialCharactersConstraintHint {
+            get {
+                return ResourceManager.GetString("strPasswordConstainsSpecialCharactersConstraintHint", resourceCulture);
+            }
+        }
+        
        /// <summary>
        ///   Looks up a localized string similar to Password must contain at least {0} lower case character(s).
        /// </summary>
--- a/mRemoteV1/Resources/Language/Language.resx
+++ b/mRemoteV1/Resources/Language/Language.resx
@@ -2463,6 +2463,9 @@ mRemoteNG will now quit and begin with the installation.</value>
  <data name="strPropertyNameRDPAlertIdleTimeout" xml:space="preserve">
    <value>Alert on Idle Disconnect</value>
  </data>
+  <data name="strPasswordConstainsSpecialCharactersConstraintHint" xml:space="preserve">
+    <value>Password must contain at least {0} of the following characters: {1}</value>
+  </data>
  <data name="strPasswordContainsLowerCaseConstraintHint" xml:space="preserve">
    <value>Password must contain at least {0} lower case character(s)</value>
  </data>
--- a/mRemoteV1/Security/PasswordCreation/PasswordIncludesSpecialCharactersConstraint.cs
+++ b/mRemoteV1/Security/PasswordCreation/PasswordIncludesSpecialCharactersConstraint.cs
@@ -0,0 +1,41 @@
+using System;
+using System.Collections.Generic;
+using System.Security;
+using System.Text.RegularExpressions;
+
+
+namespace mRemoteNG.Security.PasswordCreation
+{
+    public class PasswordIncludesSpecialCharactersConstraint : IPasswordConstraint
+    {
+        private readonly int _minimumCount;
+
+        public IEnumerable<char> SpecialCharacters { get; } = new []{'!','@','#','$','%','^','&','*'};
+
+        public string ConstraintHint { get; }
+
+        public PasswordIncludesSpecialCharactersConstraint(int minimumCount = 1)
+        {
+            if (minimumCount < 0)
+                throw new ArgumentException($"{nameof(minimumCount)} must be a positive value");
+
+            _minimumCount = minimumCount;
+        }
+
+        public PasswordIncludesSpecialCharactersConstraint(IEnumerable<char> specialCharacters,  int minimumCount = 1)
+            : this(minimumCount)
+        {
+            if (specialCharacters == null)
+                throw new ArgumentNullException(nameof(specialCharacters));
+
+            SpecialCharacters = specialCharacters;
+            ConstraintHint = string.Format(Language.strPasswordConstainsSpecialCharactersConstraintHint, _minimumCount, string.Concat(SpecialCharacters));
+        }
+
+        public bool Validate(SecureString password)
+        {
+            var regex = new Regex($"[{string.Concat(SpecialCharacters)}]");
+            return regex.Matches(password.ConvertToUnsecureString()).Count >= _minimumCount;
+        }
+    }
+}
--- a/mRemoteV1/mRemoteV1.csproj
+++ b/mRemoteV1/mRemoteV1.csproj
@@ -226,6 +226,7 @@
    <Compile Include="Security\PasswordCreation\IPasswordConstraint.cs" />
    <Compile Include="Security\KeyDerivation\IKeyDerivationFunction.cs" />
    <Compile Include="Security\KeyDerivation\Pkcs5S2KeyGenerator.cs" />
+    <Compile Include="Security\PasswordCreation\PasswordIncludesSpecialCharactersConstraint.cs" />
    <Compile Include="Security\PasswordCreation\PasswordIncludesUpperCaseConstraint.cs" />
    <Compile Include="Security\PasswordCreation\PasswordIncludesLowerCaseConstraint.cs" />
    <Compile Include="Security\PasswordCreation\PasswordIncludesNumbersConstraint.cs" />