001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.util;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.security.SecureRandomUtil;
020    import com.liferay.portal.kernel.util.StringUtil;
021    import com.liferay.portal.kernel.util.Validator;
022    
023    import java.util.Random;
024    
025    /**
026     * @author Brian Wing Shun Chan
027     * @author Amos Fong
028     * @author Shuyang Zhou
029     */
030    public class PwdGenerator {
031    
032            public static final String KEY1 = "0123456789";
033    
034            public static final String KEY2 = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
035    
036            public static final String KEY3 = "abcdefghijklmnopqrstuvwxyz";
037    
038            public static String getPassword() {
039                    return getPassword(8, KEYS);
040            }
041    
042            public static String getPassword(int length) {
043                    return getPassword(length, KEYS);
044            }
045    
046            public static String getPassword(int length, String... keys) {
047                    if (length < keys.length) {
048                            length = keys.length;
049                    }
050    
051                    StringBuilder sb = new StringBuilder(length);
052    
053                    // It is safe to use the regular Random class because each generated
054                    // password only consumes one secure random long
055    
056                    Random random = new Random(SecureRandomUtil.nextLong());
057    
058                    int fullKeyLength = 0;
059    
060                    for (String key : keys) {
061                            fullKeyLength += key.length();
062                    }
063    
064                    // Ensure every key contributes to the output by an even distribution
065    
066                    for (String key : keys) {
067                            int count = key.length() * length / fullKeyLength;
068    
069                            if (count == 0) {
070                                    count = 1;
071                            }
072    
073                            for (int i = 0; i < count; i++) {
074                                    sb.append(key.charAt(random.nextInt(key.length())));
075                            }
076                    }
077    
078                    // Round up the tail
079    
080                    for (int i = sb.length(); i < length; i++) {
081                            String key = keys[random.nextInt(keys.length)];
082    
083                            sb.append(key.charAt(random.nextInt(key.length())));
084                    }
085    
086                    // Shuffle
087    
088                    for (int i = length; i > 1; i--) {
089                            int position = random.nextInt(i);
090    
091                            if (position != (i -1)) {
092                                    char c = sb.charAt(position);
093    
094                                    sb.setCharAt(position, sb.charAt(i - 1));
095                                    sb.setCharAt(i - 1, c);
096                            }
097                    }
098    
099                    return sb.toString();
100            }
101    
102            public static String getPassword(String key, int length) {
103                    int keysCount = 0;
104    
105                    if (key.contains(KEY1)) {
106                            keysCount++;
107                    }
108    
109                    if (key.contains(KEY2)) {
110                            keysCount++;
111                    }
112    
113                    if (key.contains(KEY3)) {
114                            keysCount++;
115                    }
116    
117                    if (keysCount > length) {
118                            if (_log.isWarnEnabled()) {
119                                    _log.warn("Length is too short");
120                            }
121    
122                            length = keysCount;
123                    }
124    
125                    while (true) {
126                            String password = getPassword(length, key);
127    
128                            if (key.contains(KEY1)) {
129                                    if (Validator.isNull(StringUtil.extractDigits(password))) {
130                                            continue;
131                                    }
132                            }
133    
134                            if (key.contains(KEY2)) {
135                                    if (password.equals(password.toLowerCase())) {
136                                            continue;
137                                    }
138                            }
139    
140                            if (key.contains(KEY3)) {
141                                    if (password.equals(password.toUpperCase())) {
142                                            continue;
143                                    }
144                            }
145    
146                            return password;
147                    }
148            }
149    
150            public static String getPassword(
151                    String key, int length, boolean useAllKeys) {
152    
153                    if (useAllKeys) {
154                            return getPassword(key, length);
155                    }
156    
157                    return getPassword(length, key);
158            }
159    
160            public static String getPinNumber() {
161                    return getPassword(4, KEY1);
162            }
163    
164            private static final String[] KEYS = {KEY1, KEY2, KEY3};
165    
166            private static Log _log = LogFactoryUtil.getLog(PwdGenerator.class);
167    
168    }