org.passay

Class HaveIBeenPwnedRule

java.lang.Object

org.passay.HaveIBeenPwnedRule

All Implemented Interfaces:

Rule

public class HaveIBeenPwnedRule
extends Object
implements Rule

Validates the password against the online database of haveibeenpwned.com optionally allowing the usage of found passwords, but returns the number of found matches in the metadata.

Author:

Wolfgang Jung (post@wolfgang-jung.net)

Field Summary

Fields

Modifier and Type	Field and Description
static String	ERROR_CODE Error code for exposed passwords.
static String	IO_ERROR_CODE Error code for API IO errors.

Constructor Summary

Constructors

Constructor and Description
HaveIBeenPwnedRule(String appName) Create the rule, appName is required by the API.
HaveIBeenPwnedRule(String appName, String address) Create the rule, appName is required by the API.

Method Summary

Modifier and Type	Method and Description
void	setAllowExposed(boolean allow) Whether passwords found in the API should be considered valid.
void	setAllowOnException(boolean allow) If an exception occurs during accessing the api, the password will be allowed, if set to true.
void	setConnectTimeout(Duration timeout) maximum Duration for connecting to the API.
void	setReadTimeout(Duration timeout) maximum Duration for reading from the API.
RuleResult	validate(PasswordData passwordData) Validates the supplied password data per the requirements of this rule.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ERROR_CODE

public static final String ERROR_CODE

Error code for exposed passwords.

See Also:

Constant Field Values

IO_ERROR_CODE

public static final String IO_ERROR_CODE

Error code for API IO errors.

See Also:

Constant Field Values

Constructor Detail

HaveIBeenPwnedRule

public HaveIBeenPwnedRule(String appName)

Create the rule, appName is required by the API.

Parameters:

appName - must not be null

HaveIBeenPwnedRule

public HaveIBeenPwnedRule(String appName,
                          String address)

Create the rule, appName is required by the API.

Parameters:

appName - must not be null

address - the URL must end with a /.

Method Detail

setAllowExposed

public void setAllowExposed(boolean allow)

Whether passwords found in the API should be considered valid.

Parameters:

allow - false: the rule does not allow previously pwned passwords, true: pwned passwords are allowed, but the number of matches is returned in the result.

setConnectTimeout

public void setConnectTimeout(Duration timeout)

maximum Duration for connecting to the API.

Parameters:

timeout - for connecting.

setReadTimeout

public void setReadTimeout(Duration timeout)

maximum Duration for reading from the API.

Parameters:

timeout - for reading.

setAllowOnException

public void setAllowOnException(boolean allow)

If an exception occurs during accessing the api, the password will be allowed, if set to true.

Parameters:

allow - true: if the API is not accessible, any password is accepted. false: Default, API must answer in time to allow the password.

validate

public RuleResult validate(PasswordData passwordData)

Description copied from interface: Rule

Validates the supplied password data per the requirements of this rule.

Specified by:

validate in interface Rule

Parameters:

passwordData - to verify (not null).

Returns:

details on password verification