public override bool ChangePassword(string username, string oldPassword, string newPassword) { SecUtility.CheckParameter(ref username, true, true, true, 256, "username"); SecUtility.CheckParameter(ref oldPassword, true, true, false, 128, "oldPassword"); SecUtility.CheckParameter(ref newPassword, true, true, false, 128, "newPassword"); //if (!CheckPassword(username, oldPassword, false)) //{ // return false; //} if (newPassword.Length < MinRequiredPasswordLength) { throw new ArgumentException(SR.GetString( SR.Password_too_short, "newPassword", MinRequiredPasswordLength.ToString(CultureInfo.InvariantCulture))); } int count = 0; for (int i = 0; i < newPassword.Length; i++) { if (!char.IsLetterOrDigit(newPassword, i)) { count++; } } if (count < MinRequiredNonAlphanumericCharacters) { throw new ArgumentException(SR.GetString( SR.Password_need_more_non_alpha_numeric_chars, "newPassword", MinRequiredNonAlphanumericCharacters.ToString(CultureInfo.InvariantCulture))); } if (PasswordStrengthRegularExpression.Length > 0) { if (!Regex.IsMatch(newPassword, PasswordStrengthRegularExpression)) { throw new ArgumentException(SR.GetString(SR.Password_does_not_match_regular_expression, "newPassword")); } } string pass = EncodePassword(newPassword); if (pass.Length > 128) { throw new ArgumentException(SR.GetString(SR.Membership_password_too_long), "newPassword"); } return(SqlHelper.ExecuteNonQuery(CommandType.Text, "update tbOper set cnvcPwd = '" + pass + "' where cnvcOperName = '" + username + "'") > 0); }
public void min_required_non_alpha_chars_returns_true_when_2_required_non_alpha_chars_are_required_and_3_are_found() { // Arrange string password = "******"; string username = "******"; int numOfRequiredNonAlphaChars = 2; // Act var rule = new MinRequiredNonAlphanumericCharacters(username, password, numOfRequiredNonAlphaChars); bool actual = rule.Validate(); // Assert Assert.IsTrue(actual); }
public void min_required_non_alpha_chars_returns_false_when_non_zero_amount_of_required_non_alpha_chars_are_required_and_none_are_found() { // Arrange string password = "******"; string username = "******"; int numOfRequiredNonAlphaChars = 1; // Act var rule = new MinRequiredNonAlphanumericCharacters(username, password, numOfRequiredNonAlphaChars); bool actual = rule.Validate(); // Assert Assert.IsFalse(actual); }
public void min_required_non_alpha_chars_returns_proper_error_message() { // Arrange string password = "******"; string username = "******"; int numOfRequiredNonAlphaChars = 1; // Act var rule = new MinRequiredNonAlphanumericCharacters(username, password, numOfRequiredNonAlphaChars); string actual = rule.ErrorMessage; // Assert Assert.AreEqual("The password for 'myusername' does not contain the minimum number of required alphanumeric characters.", actual); }
public void ValidateNewPassword(string username, string newPassword, bool isNewUser) { if (newPassword.Length < MinRequiredPasswordLength) { throw new ArgumentException(String.Format("The length of parameter 'newPassword' needs to be greater or equal to '{0}'.", MinRequiredPasswordLength.ToString(Invariants.NumberFormat))); } if (MinRequiredNonAlphanumericCharacters > 0) { int count = 0; for (int i = 0; i < newPassword.Length; i++) { if (!Char.IsLetterOrDigit(newPassword, i)) { count++; } } if (count < MinRequiredNonAlphanumericCharacters) { throw new ArgumentException(String.Format("Non alpha numeric characters in 'newPassword' needs to be greater than or equal to '{0}'.", MinRequiredNonAlphanumericCharacters.ToString(Invariants.NumberFormat))); } } if (!string.IsNullOrEmpty(PasswordStrengthRegularExpression) && !Regex.IsMatch(newPassword, PasswordStrengthRegularExpression)) { throw new ArgumentException("The parameter 'newPassword' does not match the regular expression specified in config file."); } ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, true); OnValidatingPassword(args); if (args.Cancel) { if (args.FailureInformation != null) { throw args.FailureInformation; } else { throw new MembershipPasswordException("Change password canceled due to new password validation failure."); } } }
public override bool ChangePassword(string username, string oldPassword, string newPassword) { if (!ValidateUser(username, oldPassword)) { return(false); } username = username.ToLower(); if (newPassword.Length < MinRequiredPasswordLength) { throw new ArgumentException(String.Format("The length of parameter 'newPassword' needs to be greater or equal to '{0}'.", MinRequiredPasswordLength.ToString(CultureInfo.InvariantCulture))); } int count = 0; for (int i = 0; i < newPassword.Length; i++) { if (!char.IsLetterOrDigit(newPassword, i)) { count++; } } if (count < MinRequiredNonAlphanumericCharacters) { throw new ArgumentException(String.Format("Non alpha numeric characters in 'newPassword' needs to be greater than or equal to '{0}'.", MinRequiredNonAlphanumericCharacters.ToString(CultureInfo.InvariantCulture))); } if (PasswordStrengthRegularExpression.Length > 0) { if (!Regex.IsMatch(newPassword, PasswordStrengthRegularExpression)) { throw new ArgumentException("The parameter 'newPassword' does not match the regular expression specified in config file."); } } ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, true); OnValidatingPassword(args); if (args.Cancel) { if (args.FailureInformation != null) { throw args.FailureInformation; } else { throw new MembershipPasswordException("Change password canceled due to new password validation failure."); } } return(this.SetPassword(username, newPassword)); }