001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.util;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.security.RandomUtil;
020    import com.liferay.portal.kernel.security.SecureRandomUtil;
021    import com.liferay.portal.kernel.util.StringUtil;
022    import com.liferay.portal.kernel.util.Validator;
023    
024    import java.util.Random;
025    
026    /**
027     * @author Brian Wing Shun Chan
028     * @author Amos Fong
029     * @author Shuyang Zhou
030     */
031    public class PwdGenerator {
032    
033            public static final String KEY1 = "0123456789";
034    
035            public static final String KEY2 = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
036    
037            public static final String KEY3 = "abcdefghijklmnopqrstuvwxyz";
038    
039            public static String getPassword() {
040                    return getPassword(8, KEYS);
041            }
042    
043            public static String getPassword(int length) {
044                    return getPassword(length, KEYS);
045            }
046    
047            public static String getPassword(int length, String... keys) {
048                    if (length < keys.length) {
049                            length = keys.length;
050                    }
051    
052                    StringBuilder sb = new StringBuilder(length);
053    
054                    // It is safe to use the regular Random class because each generated
055                    // password only consumes one secure random long
056    
057                    Random random = new Random(SecureRandomUtil.nextLong());
058    
059                    int fullKeyLength = 0;
060    
061                    for (String key : keys) {
062                            fullKeyLength += key.length();
063                    }
064    
065                    // Ensure every key contributes to the output by an even distribution
066    
067                    for (String key : keys) {
068                            int count = key.length() * length / fullKeyLength;
069    
070                            if (count == 0) {
071                                    count = 1;
072                            }
073    
074                            for (int i = 0; i < count; i++) {
075                                    sb.append(key.charAt(random.nextInt(key.length())));
076                            }
077                    }
078    
079                    // Round up the tail
080    
081                    for (int i = sb.length(); i < length; i++) {
082                            String key = keys[random.nextInt(keys.length)];
083    
084                            sb.append(key.charAt(random.nextInt(key.length())));
085                    }
086    
087                    // Shuffle
088    
089                    RandomUtil.shuffle(random, sb);
090    
091                    return sb.toString();
092            }
093    
094            public static String getPassword(String key, int length) {
095                    int keysCount = 0;
096    
097                    if (key.contains(KEY1)) {
098                            keysCount++;
099                    }
100    
101                    if (key.contains(KEY2)) {
102                            keysCount++;
103                    }
104    
105                    if (key.contains(KEY3)) {
106                            keysCount++;
107                    }
108    
109                    if (keysCount > length) {
110                            if (_log.isWarnEnabled()) {
111                                    _log.warn("Length is too short");
112                            }
113    
114                            length = keysCount;
115                    }
116    
117                    while (true) {
118                            String password = getPassword(length, key);
119    
120                            if (key.contains(KEY1)) {
121                                    if (Validator.isNull(StringUtil.extractDigits(password))) {
122                                            continue;
123                                    }
124                            }
125    
126                            if (key.contains(KEY2)) {
127                                    if (password.equals(StringUtil.toLowerCase(password))) {
128                                            continue;
129                                    }
130                            }
131    
132                            if (key.contains(KEY3)) {
133                                    if (password.equals(StringUtil.toUpperCase(password))) {
134                                            continue;
135                                    }
136                            }
137    
138                            return password;
139                    }
140            }
141    
142            public static String getPassword(
143                    String key, int length, boolean useAllKeys) {
144    
145                    if (useAllKeys) {
146                            return getPassword(key, length);
147                    }
148    
149                    return getPassword(length, key);
150            }
151    
152            public static String getPinNumber() {
153                    return getPassword(4, KEY1);
154            }
155    
156            private static final String[] KEYS = {KEY1, KEY2, KEY3};
157    
158            private static Log _log = LogFactoryUtil.getLog(PwdGenerator.class);
159    
160    }