From: Roland Häder Date: Sat, 21 Jan 2023 20:33:04 +0000 (+0100) Subject: Continued: X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=52462f3688a588f76720bc9e4f7ff52c04c964dc;p=juser-login-core.git Continued: - moved to proper package - also check if clear-text password is empty --- diff --git a/src/org/mxchange/juserlogincore/login/UserLoginUtils.java b/src/org/mxchange/juserlogincore/login/UserLoginUtils.java deleted file mode 100644 index 43505ba..0000000 --- a/src/org/mxchange/juserlogincore/login/UserLoginUtils.java +++ /dev/null @@ -1,428 +0,0 @@ -/* - * Copyright (C) 2016 - 2022 Free Software Foundation - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -package org.mxchange.juserlogincore.login; - -import java.io.Serializable; -import java.security.SecureRandom; -import java.text.MessageFormat; -import java.util.Random; -import java.util.regex.Matcher; -import java.util.regex.Pattern; -import org.apache.commons.codec.digest.Crypt; -import org.apache.commons.codec.digest.DigestUtils; -import org.mxchange.jcontacts.model.contact.Contact; -import org.mxchange.jusercore.model.user.User; -import org.mxchange.jusercore.model.utils.UserUtils; -import org.mxchange.juserlogincore.container.login.LoginContainer; - -/** - * An utilities class for user logins - *

- * @author Roland Häder - */ -public class UserLoginUtils implements Serializable { - - /** - * Password alphabet - */ - private static final String PASSWORD_ALPHABET; - - /** - * Password alphabet parts - */ - private static final String[] PASSWORD_ALPHABET_PARTS = { - // lower-case - "abcdefghijklmnopqrstuvwxyz", //NOI18N - - // upper-case - "ABCDEFGHIJKLMNOPQRSTUVWXYZ", //NOI18N - - // numbers - "0123456789", //NOI18N - - // characters - "~^!$%&/()=?{[]}@+*#-_,.;:<|>" //NOI18N - }; - - /** - * Hard-coded minimum password length - */ - private static final Integer PASSWORD_MINIMUM_LENGTH = 5; - - /** - * Random number generator - */ - private static final Random RANDOM_NUMBER_GENERATOR; - - /** - * Serial number - */ - private static final long serialVersionUID = 18_356_847_120_972L; - - /** - * Static initializer - */ - static { - // Init RNG - RANDOM_NUMBER_GENERATOR = new SecureRandom(); - - // Init alphabet - PASSWORD_ALPHABET = UserLoginUtils.PASSWORD_ALPHABET_PARTS[0] + - UserLoginUtils.PASSWORD_ALPHABET_PARTS[1] + - UserLoginUtils.PASSWORD_ALPHABET_PARTS[2] + - UserLoginUtils.PASSWORD_ALPHABET_PARTS[3]; - } - - /** - * Calculates entropy value for given password, higher means better. This - * method is based on - * http://stackoverflow.com/questions/14591701/how-to-check-password-strength-in-vaadin - *

- * @param password Clear text password - *

- * @return Entropy factor - */ - public static double calculateEntropyFactor (final String password) { - // Should not be null - if (null == password) { - // Throw NPE - throw new NullPointerException("password is null"); //NOI18N - } - - // Calculate it - double entropyFactor = password.length() * Math.log10(PASSWORD_ALPHABET.length()) / Math.log10(2); - - // Return it - return entropyFactor; - } - - /** - * Determines given password's strength: 0 = worst, 100 = best. This method - * is based on - * http://stackoverflow.com/questions/1614811/how-do-i-measure-the-strength-of-a-password - *

- * @param password Clear-text password - *

- * @return Strength of password - */ - public static double calculatePasswordScore (final String password) { - // Should not be null - if (null == password) { - // Throw NPE - throw new NullPointerException("password is null"); //NOI18N - } else if (password.isEmpty()) { - // Is empty - return 0.0f; - } - - // Init score - double score = 0.0f; - - // Password length - score += password.length() * calculateEntropyFactor(password) / 100; - - // Password has 3 numbers - if (ifRegExFoundInString("(.*[0-9].*[0-9].*[0-9].*)+", password)) { //NOI18N - score += 5; - } - - // Password has 2 symbols - if (ifRegExFoundInString("(.*[!,@,#,$,%,^,&,*,/,?,_,~,=,.,-,;,:].*[!,@,#,$,%,^,&,*,/,?,_,~,=,.,-,;,:].*)+", password)) { //NOI18N - score += 5; - } - - // Password has Upper and Lower chars - if (ifRegExFoundInString("(.*[a-z].*[A-Z])|([A-Z].*[a-z].*)+", password)) { //NOI18N - score += 10; - } - - // Password has number and chars - if (ifRegExFoundInString("(.*[a-zA-Z].*)+", password) && ifRegExFoundInString("(.*[0-9].*)+", password)) { //NOI18N - score += 15; - } - - // Password has number and symbol - if (ifRegExFoundInString("(.*[!,@,#,$,%,^,&,*,/,?,_,~,=,.,-,;,:].*)+", password) && ifRegExFoundInString("(.*[0-9].*)+", password)) { //NOI18N - score += 15; - } - - // Password has char and symbol - if (ifRegExFoundInString("(.*[!,@,#,$,%,^,&,*,/,?,_,~,=,.,-,;,:].*)+", password) && ifRegExFoundInString("(.*[a-zA-Z].*)+", password)) { //NOI18N - score += 15; - } - - // Password is just numbers or chars - if (ifRegExFoundInString("^[a-zA-Z]+$", password) || ifRegExFoundInString("^[0-9]+$", password)) { //NOI18N - score -= 10; - } - - // Larger than 100 is not allowed - score = Math.max(Math.min(score, 100.0f), 0.0f); - - // Return it - return score; - } - - /** - * Creates a pseudo-random password with given length - *

- * @param length Length of the password - *

- * @return Pseudo-random password - */ - public static String createRandomPassword (final Integer length) { - // Parameter should be valid - if (null == length) { - // Throw NPE - throw new NullPointerException("length is null"); //NOI18N - } else if (length < PASSWORD_MINIMUM_LENGTH) { - // To weak passwords - throw new IllegalArgumentException(MessageFormat.format("Password length {0} is to short, minimum: {1}", length, PASSWORD_MINIMUM_LENGTH)); //NOI18N - } - - // Init variable - final StringBuilder password = new StringBuilder(length); - - // Start creating it - for (int i = 0; i < length; i++) { - // Take random part - final String alphabet = PASSWORD_ALPHABET_PARTS[RANDOM_NUMBER_GENERATOR.nextInt(PASSWORD_ALPHABET_PARTS.length)]; - - // Generate random number - final int pos = RANDOM_NUMBER_GENERATOR.nextInt(alphabet.length()); - - // Get char at this position and add it to the final password - password.append(String.valueOf(alphabet.charAt(pos))); - } - - // Should have the wanted length - assert (password.length() == length) : MessageFormat.format("Password length {0} doesn't match requested: {1}", password.length(), length); //NOI18N - - // Return it - return password.toString(); - } - - /** - * Hashes given user password and adds a salt to it - *

- * @param userPassword User password to be hashed - *

- * @return Hashed user password - */ - public static String encryptPassword (final String userPassword) { - // Is it null or empty? - if (null == userPassword) { - // Throw NPE - throw new NullPointerException("userPassword is null"); //NOI18N - } else if (userPassword.isEmpty()) { - // Empty passwords are hardcoded not allowed due to security risks - throw new IllegalArgumentException("userPassword is empty"); //NOI18N - } - - // Generate large number - final String number = Long.toString(RANDOM_NUMBER_GENERATOR.nextLong() * 10_000_000_000L); - - // Generate salt - final String salt = Crypt.crypt(number); - - // First encrypt password - final String encryptedPassword = Crypt.crypt(userPassword, salt); - - // Return it - return encryptedPassword; - } - - /** - * Generate a key suitable for confirmation. This is basicly a large and - * strong hash with a lop entropy. - *

- * @param user User instance to use as additional entropy source - *

- * @return Generated key - */ - public static String generatedConfirmationKey (final User user) { - /** - * Generates random string by creating a random, encrypted password - * which gives nice entropy to start with. - */ - final StringBuilder key = new StringBuilder(encryptPassword(UserUtils.generateRandomUserName())); - - // Is user set? - if (user instanceof User) { - // Add it's name, too - key.append(":").append(user); //NOI18N - - // Is user name set? - if (user.getUserName() instanceof String) { - // Add it - key.append(":").append(user.getUserName()); //NOI18N - } - - // Is password set? - if (user.getUserEncryptedPassword() instanceof String) { - // Add it, too - key.append(":").append(user.getUserEncryptedPassword()); //NOI18N - } - - // Get contact instance - final Contact contact = user.getUserContact(); - - // Is contact set? - if (contact instanceof Contact) { - // Add it, too - key.append(":").append(contact); //NOI18N - - // Is email address set? - if (contact.getContactEmailAddress() instanceof String) { - // Add it, too - key.append(":").append(contact.getContactEmailAddress()); //NOI18N - } - } - } - - // Hash key - final String hash = DigestUtils.sha256Hex(key.toString()); - - // Return it - return hash; - } - - /** - * Checks if password from container matches the updatedUser's password - *

- * @param container Container holding user instance and clear-text - * password - * @param updatedUser Updated user instance from database - *

- * @return Whether the password matches - */ - public static boolean ifPasswordMatches (final LoginContainer container, final User updatedUser) { - // Validate parameters - if (null == container) { - // Throw NPE - throw new NullPointerException("container is null"); //NOI18N - } else if (null == updatedUser) { - // And again NPE ... - throw new NullPointerException("updatedUser is null"); //NOI18N - } else if (container.getUser() == null) { - // NPE for user in container - throw new NullPointerException("container.user is null"); //NOI18N - } else if (container.getUserPassword() == null) { - // NPE for user password in container - throw new NullPointerException("container.userPassword is null"); //NOI18N - } else if (container.getUserPassword().isEmpty()) { - // Empty password in container - throw new IllegalArgumentException("container.userPassword is empty"); //NOI18N - } - - // Call below method - return ifPasswordMatches(container.getUserPassword(), updatedUser); - } - - /** - * Checks if direct password the updatedUser's password - *

- * @param clearTextPassword Clear-text (direct) password - * @param updatedUser Updated user instance from database - *

- * @return Whether the password matches - */ - public static boolean ifPasswordMatches (final String clearTextPassword, final User updatedUser) { - // Validate parameters - if (null == clearTextPassword) { - // Throw NPE - throw new NullPointerException("clearTextPassword is null"); //NOI18N - } else if (clearTextPassword.isEmpty()) { - // NPE for user in container - throw new NullPointerException("clearTextPassword is empty."); //NOI18N - } else if (null == updatedUser) { - // And again NPE ... - throw new NullPointerException("updatedUser is null"); //NOI18N - } - - // First encrypt password - final String encryptedPassword = Crypt.crypt(clearTextPassword, updatedUser.getUserEncryptedPassword()); - - // Is it matching? - return encryptedPassword.equals(updatedUser.getUserEncryptedPassword()); - } - - /** - * Checks if password from container matches with from user instance. - *

- * @param container Container holding user instance and clear-text password - *

- * @return Whether it maches - */ - public static boolean ifPasswordMatches (final LoginContainer container) { - // Validate parameters - if (null == container) { - // Throw NPE - throw new NullPointerException("container is null"); //NOI18N - } else if (container.getUser() == null) { - // NPE for user in container - throw new NullPointerException("container.user is null"); //NOI18N - } else if (container.getUserPassword() == null) { - // NPE for user password in container - throw new NullPointerException("container.userPassword is null"); //NOI18N - } else if (container.getUserPassword().isEmpty()) { - // Empty password in container - throw new IllegalArgumentException("container.userPassword is empty"); //NOI18N - } - - // Call other method - return ifPasswordMatches(container.getUserPassword(), container.getUser()); - } - - /** - * Checks if the regular expression is found in given string - *

- * @param pattern Regular expression - * @param str String - *

- * @return Whether it is found - */ - private static boolean ifRegExFoundInString (final String pattern, final String str) { - // Mus be valid parameters - if (null == pattern) { - // Throw NPE - throw new NullPointerException("pattern is null"); //NOI18N - } else if (pattern.isEmpty()) { - // Is empty - throw new IllegalArgumentException("pattern is empty"); //NOI18N - } else if (null == str) { - // Throw NPE - throw new NullPointerException("str is null"); //NOI18N - } - - // Compile pattern - Pattern r = Pattern.compile(pattern); - - // Get matcher - Matcher m = r.matcher(str); - - // Check if it is found - return m.find(); - } - - /** - * No instance from this class - */ - private UserLoginUtils () { - } - -} diff --git a/src/org/mxchange/juserlogincore/utils/UserLoginUtils.java b/src/org/mxchange/juserlogincore/utils/UserLoginUtils.java new file mode 100644 index 0000000..1c2883f --- /dev/null +++ b/src/org/mxchange/juserlogincore/utils/UserLoginUtils.java @@ -0,0 +1,431 @@ +/* + * Copyright (C) 2016 - 2022 Free Software Foundation + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ +package org.mxchange.juserlogincore.utils; + +import java.io.Serializable; +import java.security.SecureRandom; +import java.text.MessageFormat; +import java.util.Random; +import java.util.regex.Matcher; +import java.util.regex.Pattern; +import org.apache.commons.codec.digest.Crypt; +import org.apache.commons.codec.digest.DigestUtils; +import org.mxchange.jcontacts.model.contact.Contact; +import org.mxchange.jusercore.model.user.User; +import org.mxchange.jusercore.model.utils.UserUtils; +import org.mxchange.juserlogincore.container.login.LoginContainer; + +/** + * An utilities class for user logins + *

+ * @author Roland Häder + */ +public class UserLoginUtils implements Serializable { + + /** + * Password alphabet + */ + private static final String PASSWORD_ALPHABET; + + /** + * Password alphabet parts + */ + private static final String[] PASSWORD_ALPHABET_PARTS = { + // lower-case + "abcdefghijklmnopqrstuvwxyz", //NOI18N + + // upper-case + "ABCDEFGHIJKLMNOPQRSTUVWXYZ", //NOI18N + + // numbers + "0123456789", //NOI18N + + // characters + "~^!$%&/()=?{[]}@+*#-_,.;:<|>" //NOI18N + }; + + /** + * Hard-coded minimum password length + */ + private static final Integer PASSWORD_MINIMUM_LENGTH = 5; + + /** + * Random number generator + */ + private static final Random RANDOM_NUMBER_GENERATOR; + + /** + * Serial number + */ + private static final long serialVersionUID = 18_356_847_120_972L; + + /** + * Static initializer + */ + static { + // Init RNG + RANDOM_NUMBER_GENERATOR = new SecureRandom(); + + // Init alphabet + PASSWORD_ALPHABET = UserLoginUtils.PASSWORD_ALPHABET_PARTS[0] + + UserLoginUtils.PASSWORD_ALPHABET_PARTS[1] + + UserLoginUtils.PASSWORD_ALPHABET_PARTS[2] + + UserLoginUtils.PASSWORD_ALPHABET_PARTS[3]; + } + + /** + * Calculates entropy value for given password, higher means better. This + * method is based on + * http://stackoverflow.com/questions/14591701/how-to-check-password-strength-in-vaadin + *

+ * @param password Clear text password + *

+ * @return Entropy factor + */ + public static double calculateEntropyFactor (final String password) { + // Should not be null + if (null == password) { + // Throw NPE + throw new NullPointerException("password is null"); //NOI18N + } else if (password.isEmpty()) { + // Is empty + return 0.0f; + } + + // Calculate it + double entropyFactor = password.length() * Math.log10(PASSWORD_ALPHABET.length()) / Math.log10(2); + + // Return it + return entropyFactor; + } + + /** + * Determines given password's strength: 0 = worst, 100 = best. This method + * is based on + * http://stackoverflow.com/questions/1614811/how-do-i-measure-the-strength-of-a-password + *

+ * @param password Clear-text password + *

+ * @return Strength of password + */ + public static double calculatePasswordScore (final String password) { + // Should not be null + if (null == password) { + // Throw NPE + throw new NullPointerException("password is null"); //NOI18N + } else if (password.isEmpty()) { + // Is empty + return 0.0f; + } + + // Init score + double score = 0.0f; + + // Password length + score += password.length() * calculateEntropyFactor(password) / 100; + + // Password has 3 numbers + if (ifRegExFoundInString("(.*[0-9].*[0-9].*[0-9].*)+", password)) { //NOI18N + score += 5; + } + + // Password has 2 symbols + if (ifRegExFoundInString("(.*[!,@,#,$,%,^,&,*,/,?,_,~,=,.,-,;,:].*[!,@,#,$,%,^,&,*,/,?,_,~,=,.,-,;,:].*)+", password)) { //NOI18N + score += 5; + } + + // Password has Upper and Lower chars + if (ifRegExFoundInString("(.*[a-z].*[A-Z])|([A-Z].*[a-z].*)+", password)) { //NOI18N + score += 10; + } + + // Password has number and chars + if (ifRegExFoundInString("(.*[a-zA-Z].*)+", password) && ifRegExFoundInString("(.*[0-9].*)+", password)) { //NOI18N + score += 15; + } + + // Password has number and symbol + if (ifRegExFoundInString("(.*[!,@,#,$,%,^,&,*,/,?,_,~,=,.,-,;,:].*)+", password) && ifRegExFoundInString("(.*[0-9].*)+", password)) { //NOI18N + score += 15; + } + + // Password has char and symbol + if (ifRegExFoundInString("(.*[!,@,#,$,%,^,&,*,/,?,_,~,=,.,-,;,:].*)+", password) && ifRegExFoundInString("(.*[a-zA-Z].*)+", password)) { //NOI18N + score += 15; + } + + // Password is just numbers or chars + if (ifRegExFoundInString("^[a-zA-Z]+$", password) || ifRegExFoundInString("^[0-9]+$", password)) { //NOI18N + score -= 10; + } + + // Larger than 100 is not allowed + score = Math.max(Math.min(score, 100.0f), 0.0f); + + // Return it + return score; + } + + /** + * Creates a pseudo-random password with given length + *

+ * @param length Length of the password + *

+ * @return Pseudo-random password + */ + public static String createRandomPassword (final Integer length) { + // Parameter should be valid + if (null == length) { + // Throw NPE + throw new NullPointerException("length is null"); //NOI18N + } else if (length < PASSWORD_MINIMUM_LENGTH) { + // To weak passwords + throw new IllegalArgumentException(MessageFormat.format("Password length {0} is to short, minimum: {1}", length, PASSWORD_MINIMUM_LENGTH)); //NOI18N + } + + // Init variable + final StringBuilder password = new StringBuilder(length); + + // Start creating it + for (int i = 0; i < length; i++) { + // Take random part + final String alphabet = PASSWORD_ALPHABET_PARTS[RANDOM_NUMBER_GENERATOR.nextInt(PASSWORD_ALPHABET_PARTS.length)]; + + // Generate random number + final int pos = RANDOM_NUMBER_GENERATOR.nextInt(alphabet.length()); + + // Get char at this position and add it to the final password + password.append(String.valueOf(alphabet.charAt(pos))); + } + + // Should have the wanted length + assert (password.length() == length) : MessageFormat.format("Password length {0} doesn't match requested: {1}", password.length(), length); //NOI18N + + // Return it + return password.toString(); + } + + /** + * Hashes given user password and adds a salt to it + *

+ * @param userPassword User password to be hashed + *

+ * @return Hashed user password + */ + public static String encryptPassword (final String userPassword) { + // Is it null or empty? + if (null == userPassword) { + // Throw NPE + throw new NullPointerException("userPassword is null"); //NOI18N + } else if (userPassword.isEmpty()) { + // Empty passwords are hardcoded not allowed due to security risks + throw new IllegalArgumentException("userPassword is empty"); //NOI18N + } + + // Generate large number + final String number = Long.toString(RANDOM_NUMBER_GENERATOR.nextLong() * 10_000_000_000L); + + // Generate salt + final String salt = Crypt.crypt(number); + + // First encrypt password + final String encryptedPassword = Crypt.crypt(userPassword, salt); + + // Return it + return encryptedPassword; + } + + /** + * Generate a key suitable for confirmation. This is basicly a large and + * strong hash with a lop entropy. + *

+ * @param user User instance to use as additional entropy source + *

+ * @return Generated key + */ + public static String generatedConfirmationKey (final User user) { + /** + * Generates random string by creating a random, encrypted password + * which gives nice entropy to start with. + */ + final StringBuilder key = new StringBuilder(encryptPassword(UserUtils.generateRandomUserName())); + + // Is user set? + if (user instanceof User) { + // Add it's name, too + key.append(":").append(user); //NOI18N + + // Is user name set? + if (user.getUserName() instanceof String) { + // Add it + key.append(":").append(user.getUserName()); //NOI18N + } + + // Is password set? + if (user.getUserEncryptedPassword() instanceof String) { + // Add it, too + key.append(":").append(user.getUserEncryptedPassword()); //NOI18N + } + + // Get contact instance + final Contact contact = user.getUserContact(); + + // Is contact set? + if (contact instanceof Contact) { + // Add it, too + key.append(":").append(contact); //NOI18N + + // Is email address set? + if (contact.getContactEmailAddress() instanceof String) { + // Add it, too + key.append(":").append(contact.getContactEmailAddress()); //NOI18N + } + } + } + + // Hash key + final String hash = DigestUtils.sha256Hex(key.toString()); + + // Return it + return hash; + } + + /** + * Checks if password from container matches the updatedUser's password + *

+ * @param container Container holding user instance and clear-text + * password + * @param updatedUser Updated user instance from database + *

+ * @return Whether the password matches + */ + public static boolean ifPasswordMatches (final LoginContainer container, final User updatedUser) { + // Validate parameters + if (null == container) { + // Throw NPE + throw new NullPointerException("container is null"); //NOI18N + } else if (null == updatedUser) { + // And again NPE ... + throw new NullPointerException("updatedUser is null"); //NOI18N + } else if (container.getUser() == null) { + // NPE for user in container + throw new NullPointerException("container.user is null"); //NOI18N + } else if (container.getUserPassword() == null) { + // NPE for user password in container + throw new NullPointerException("container.userPassword is null"); //NOI18N + } else if (container.getUserPassword().isEmpty()) { + // Empty password in container + throw new IllegalArgumentException("container.userPassword is empty"); //NOI18N + } + + // Call below method + return ifPasswordMatches(container.getUserPassword(), updatedUser); + } + + /** + * Checks if direct password the updatedUser's password + *

+ * @param clearTextPassword Clear-text (direct) password + * @param updatedUser Updated user instance from database + *

+ * @return Whether the password matches + */ + public static boolean ifPasswordMatches (final String clearTextPassword, final User updatedUser) { + // Validate parameters + if (null == clearTextPassword) { + // Throw NPE + throw new NullPointerException("clearTextPassword is null"); //NOI18N + } else if (clearTextPassword.isEmpty()) { + // NPE for user in container + throw new NullPointerException("clearTextPassword is empty."); //NOI18N + } else if (null == updatedUser) { + // And again NPE ... + throw new NullPointerException("updatedUser is null"); //NOI18N + } + + // First encrypt password + final String encryptedPassword = Crypt.crypt(clearTextPassword, updatedUser.getUserEncryptedPassword()); + + // Is it matching? + return encryptedPassword.equals(updatedUser.getUserEncryptedPassword()); + } + + /** + * Checks if password from container matches with from user instance. + *

+ * @param container Container holding user instance and clear-text password + *

+ * @return Whether it maches + */ + public static boolean ifPasswordMatches (final LoginContainer container) { + // Validate parameters + if (null == container) { + // Throw NPE + throw new NullPointerException("container is null"); //NOI18N + } else if (container.getUser() == null) { + // NPE for user in container + throw new NullPointerException("container.user is null"); //NOI18N + } else if (container.getUserPassword() == null) { + // NPE for user password in container + throw new NullPointerException("container.userPassword is null"); //NOI18N + } else if (container.getUserPassword().isEmpty()) { + // Empty password in container + throw new IllegalArgumentException("container.userPassword is empty"); //NOI18N + } + + // Call other method + return ifPasswordMatches(container.getUserPassword(), container.getUser()); + } + + /** + * Checks if the regular expression is found in given string + *

+ * @param pattern Regular expression + * @param str String + *

+ * @return Whether it is found + */ + private static boolean ifRegExFoundInString (final String pattern, final String str) { + // Mus be valid parameters + if (null == pattern) { + // Throw NPE + throw new NullPointerException("pattern is null"); //NOI18N + } else if (pattern.isEmpty()) { + // Is empty + throw new IllegalArgumentException("pattern is empty"); //NOI18N + } else if (null == str) { + // Throw NPE + throw new NullPointerException("str is null"); //NOI18N + } + + // Compile pattern + Pattern r = Pattern.compile(pattern); + + // Get matcher + Matcher m = r.matcher(str); + + // Check if it is found + return m.find(); + } + + /** + * No instance from this class + */ + private UserLoginUtils () { + } + +}