001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.util;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.security.SecureRandomUtil;
020    import com.liferay.portal.kernel.util.StringUtil;
021    import com.liferay.portal.kernel.util.Validator;
022    
023    import java.util.Random;
024    
025    /**
026     * @author Brian Wing Shun Chan
027     * @author Amos Fong
028     * @author Shuyang Zhou
029     */
030    public class PwdGenerator {
031    
032            public static final String KEY1 = "0123456789";
033    
034            public static final String KEY2 = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
035    
036            public static final String KEY3 = "abcdefghijklmnopqrstuvwxyz";
037    
038            public static String getPassword() {
039                    return getPassword(8, KEYS);
040            }
041    
042            public static String getPassword(int length) {
043                    return getPassword(length, KEYS);
044            }
045    
046            public static String getPassword(int length, String... keys) {
047                    if (length < keys.length) {
048                            length = keys.length;
049                    }
050    
051                    StringBuilder sb = new StringBuilder(length);
052    
053                    // It is safe to use the regular Random class because each generated
054                    // password only consumes one secure random long
055    
056                    Random random = new Random(SecureRandomUtil.nextLong());
057    
058                    int fullKeyLength = 0;
059    
060                    for (String key : keys) {
061                            fullKeyLength += key.length();
062                    }
063    
064                    // Ensure every key contributes to the output by an even distribution
065    
066                    for (String key : keys) {
067                            int count = key.length() * length / fullKeyLength;
068    
069                            if (count == 0) {
070                                    count = 1;
071                            }
072    
073                            for (int i = 0; i < count; i++) {
074                                    sb.append(key.charAt(random.nextInt(key.length())));
075                            }
076                    }
077    
078                    // Round up the tail
079    
080                    for (int i = sb.length(); i < length; i++) {
081                            String key = keys[random.nextInt(keys.length)];
082    
083                            sb.append(key.charAt(random.nextInt(key.length())));
084                    }
085    
086                    // Shuffle
087    
088                    shuffle(random, sb);
089    
090                    return sb.toString();
091            }
092    
093            public static String getPassword(String key, int length) {
094                    int keysCount = 0;
095    
096                    if (key.contains(KEY1)) {
097                            keysCount++;
098                    }
099    
100                    if (key.contains(KEY2)) {
101                            keysCount++;
102                    }
103    
104                    if (key.contains(KEY3)) {
105                            keysCount++;
106                    }
107    
108                    if (keysCount > length) {
109                            if (_log.isWarnEnabled()) {
110                                    _log.warn("Length is too short");
111                            }
112    
113                            length = keysCount;
114                    }
115    
116                    while (true) {
117                            String password = getPassword(length, key);
118    
119                            if (key.contains(KEY1)) {
120                                    if (Validator.isNull(StringUtil.extractDigits(password))) {
121                                            continue;
122                                    }
123                            }
124    
125                            if (key.contains(KEY2)) {
126                                    if (password.equals(StringUtil.toLowerCase(password))) {
127                                            continue;
128                                    }
129                            }
130    
131                            if (key.contains(KEY3)) {
132                                    if (password.equals(StringUtil.toUpperCase(password))) {
133                                            continue;
134                                    }
135                            }
136    
137                            return password;
138                    }
139            }
140    
141            public static String getPassword(
142                    String key, int length, boolean useAllKeys) {
143    
144                    if (useAllKeys) {
145                            return getPassword(key, length);
146                    }
147    
148                    return getPassword(length, key);
149            }
150    
151            public static String getPinNumber() {
152                    return getPassword(4, KEY1);
153            }
154    
155            public static String shuffle(Random random, String s) {
156                    StringBuilder sb = new StringBuilder(s);
157    
158                    shuffle(random, sb);
159    
160                    return sb.toString();
161            }
162    
163            protected static void shuffle(Random random, StringBuilder sb) {
164                    for (int i = sb.length(); i > 1; i--) {
165                            int position = random.nextInt(i);
166    
167                            if (position != (i -1)) {
168                                    char c = sb.charAt(position);
169    
170                                    sb.setCharAt(position, sb.charAt(i - 1));
171                                    sb.setCharAt(i - 1, c);
172                            }
173                    }
174            }
175    
176            private static final String[] KEYS = {KEY1, KEY2, KEY3};
177    
178            private static Log _log = LogFactoryUtil.getLog(PwdGenerator.class);
179    
180    }