001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.util;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.util.StringUtil;
020    import com.liferay.portal.kernel.util.Validator;
021    
022    import java.security.SecureRandom;
023    
024    /**
025     * @author Brian Wing Shun Chan
026     * @author Amos Fong
027     */
028    public class PwdGenerator {
029    
030            public static final String KEY1 = "0123456789";
031    
032            public static final String KEY2 = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
033    
034            public static final String KEY3 = "abcdefghijklmnopqrstuvwxyz";
035    
036            public static String getPassword() {
037                    return getPassword(8);
038            }
039    
040            public static String getPassword(int length) {
041                    return _getPassword(false, KEY1 + KEY2 + KEY3, length, true);
042            }
043    
044            public static String getPassword(String key, int length) {
045                    return getPassword(key, length, true);
046            }
047    
048            public static String getPassword(
049                    String key, int length, boolean useAllKeys) {
050    
051                    return _getPassword(false, key, length, useAllKeys);
052            }
053    
054            public static String getPinNumber() {
055                    return _getPassword(false, KEY1, 4, true);
056            }
057    
058            public static String getSecurePassword() {
059                    return getSecurePassword(8);
060            }
061    
062            public static String getSecurePassword(int length) {
063                    return _getPassword(true, KEY1 + KEY2 + KEY3, length, true);
064            }
065    
066            public static String getSecurePassword(String key, int length) {
067                    return getSecurePassword(key, length, true);
068            }
069    
070            public static String getSecurePassword(
071                    String key, int length, boolean useAllKeys) {
072    
073                    return _getPassword(true, key, length, useAllKeys);
074            }
075    
076            private static String _getPassword(
077                    boolean secure, String key, int length, boolean useAllKeys) {
078    
079                    int keysCount = 0;
080    
081                    if (key.contains(KEY1)) {
082                            keysCount++;
083                    }
084    
085                    if (key.contains(KEY2)) {
086                            keysCount++;
087                    }
088    
089                    if (key.contains(KEY3)) {
090                            keysCount++;
091                    }
092    
093                    if (keysCount > length) {
094                            if (_log.isWarnEnabled()) {
095                                    _log.warn("Length is too short");
096                            }
097    
098                            length = keysCount;
099                    }
100    
101                    StringBuilder sb = new StringBuilder(length);
102    
103                    for (int i = 0; i < length; i++) {
104                            sb.append(key.charAt((int)(_random(secure) * key.length())));
105                    }
106    
107                    String password = sb.toString();
108    
109                    if (!useAllKeys) {
110                            return password;
111                    }
112    
113                    boolean invalidPassword = false;
114    
115                    if (key.contains(KEY1)) {
116                            if (Validator.isNull(StringUtil.extractDigits(password))) {
117                                    invalidPassword = true;
118                            }
119                    }
120    
121                    if (key.contains(KEY2)) {
122                            if (password.equals(password.toLowerCase())) {
123                                    invalidPassword = true;
124                            }
125                    }
126    
127                    if (key.contains(KEY3)) {
128                            if (password.equals(password.toUpperCase())) {
129                                    invalidPassword = true;
130                            }
131                    }
132    
133                    if (invalidPassword) {
134                            return _getPassword(secure, key, length, useAllKeys);
135                    }
136    
137                    return password;
138            }
139    
140            private static double _random(boolean secure) {
141                    try {
142                            if (secure) {
143                                    if (_secureRandom == null) {
144                                            _secureRandom = new SecureRandom();
145                                    }
146    
147                                    return _secureRandom.nextDouble();
148                            }
149                    }
150                    catch (Exception e) {
151                            _log.error(e, e);
152                    }
153    
154                    return Math.random();
155            }
156    
157            private static Log _log = LogFactoryUtil.getLog(PwdGenerator.class);
158    
159            private static SecureRandom _secureRandom;
160    
161    }