From e9adcde4648b54db8d40f314ca938dca5080bb9c Mon Sep 17 00:00:00 2001
From: Dylan William Hardison <dylan@hardison.net>
Date: Fri, 15 Sep 2017 14:30:40 -0400
Subject: Bug 1391702 - Replace Bugzilla::User::validate_password() with calls
 to Data::Password::passwdqc

---
 Bugzilla.pm | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

(limited to 'Bugzilla.pm')

diff --git a/Bugzilla.pm b/Bugzilla.pm
index 65508cb6f..0ffd63e04 100644
--- a/Bugzilla.pm
+++ b/Bugzilla.pm
@@ -322,6 +322,41 @@ sub github_secret {
     return $cache->{github_secret};
 }
 
+sub passwdqc {
+    my ($class) = @_;
+    require Data::Password::passwdqc;
+
+    my $cache  = $class->request_cache;
+    my $params = $class->params;
+
+    return $cache->{passwdqc} if $cache->{passwdqc};
+
+    my @min = map { $_ eq 'undef' ? undef : $_ }
+        split( /\s*,\s*/, $params->{passwdqc_min} );
+
+    return $cache->{passwdqc} = Data::Password::passwdqc->new(
+        min              => \@min,
+        max              => $params->{passwdqc_max},
+        passphrase_words => $params->{passwdqc_passphrase_words},
+        match_length     => $params->{passwdqc_match_length},
+        random_bits      => $params->{passwdqc_random_bits},
+    );
+}
+
+sub assert_password_is_secure {
+    my ( $class, $password1 ) = @_;
+
+    my $pwqc = $class->passwdqc;
+    ThrowUserError( 'password_insecure', { reason => $pwqc->reason } )
+        unless $pwqc->validate_password($password1);
+}
+
+sub assert_passwords_match {
+    my ( $class, $password1, $password2 ) = @_;
+
+    ThrowUserError('password_mismatch') if $password1 ne $password2;
+}
+
 sub login {
     my ($class, $type) = @_;
 
-- 
cgit v1.2.3-24-g4f1b