diff --git a/packages/toolkit/core-kit/src/password-policy.test.ts b/packages/toolkit/core-kit/src/password-policy.test.ts index 018d41144..b7a44c2a1 100644 --- a/packages/toolkit/core-kit/src/password-policy.test.ts +++ b/packages/toolkit/core-kit/src/password-policy.test.ts @@ -54,10 +54,10 @@ describe('PasswordPolicyChecker -> check()', () => { expect(await checker.check('aL1!aL1!', { name: 'aL1!' })).toEqual([ { code: 'password_rejected.restricted.user_info' }, ]); - expect(await checker.check('lo9KI8mJu78911', {})).toEqual([ + expect(await checker.check('lo9KI8mju78911', {})).toEqual([ { code: 'password_rejected.restricted.sequence' }, ]); - expect(await checker.check('lo9KI8mJu789111', {})).toEqual([ + expect(await checker.check('lo9KI8MJU789111', {})).toEqual([ { code: 'password_rejected.restricted.sequence' }, { code: 'password_rejected.restricted.repetition' }, ]); @@ -78,7 +78,7 @@ describe('PasswordPolicyChecker -> check()', () => { { code: 'password_rejected.restricted.user_info' }, ]); - expect(await checker.check('aAaAaAaAaAaAaAaAaAteABcOK', { name: 'CO' })).toEqual([ + expect(await checker.check('aaaaaaaaAAAAAAAAbcdCOK', { name: 'CO' })).toEqual([ { code: 'password_rejected.too_long', interpolation: { max: 15 } }, { code: 'password_rejected.character_types', interpolation: { min: 3 } }, { code: 'password_rejected.restricted.repetition' }, @@ -146,12 +146,13 @@ describe('PasswordPolicyChecker -> repetitionLength()', () => { it('should recognize repeated characters that start at the beginning', () => { expect(checker.repetitionLength('aaaa')).toBe(4); expect(checker.repetitionLength('aaa12')).toBe(3); - expect(checker.repetitionLength('aaAaAa😀')).toBe(6); + expect(checker.repetitionLength('AAAAAA😀')).toBe(6); }); it('should ignore repeated characters that do not start at the beginning or are too short', () => { expect(checker.repetitionLength('a')).toBe(0); expect(checker.repetitionLength('aa')).toBe(0); + expect(checker.repetitionLength('aaAaaAaa')).toBe(0); expect(checker.repetitionLength('aL!bbbbb')).toBe(0); expect(checker.repetitionLength('aL1!')).toBe(0); expect(checker.repetitionLength('aL1!bbbbbbbbbbbb')).toBe(0); @@ -240,7 +241,7 @@ describe('PasswordPolicyChecker -> sequenceLength()', () => { expect(checker.sequenceLength('1234')).toBe(4); expect(checker.sequenceLength('edcba')).toBe(5); expect(checker.sequenceLength('BCDEDC')).toBe(4); - expect(checker.sequenceLength('yuIOp##')).toBe(5); + expect(checker.sequenceLength('YUIOP##')).toBe(5); expect(checker.sequenceLength('2wsx3edc1')).toBe(4); expect(checker.sequenceLength('lo9KI8mJu7890')).toBe(3); }); diff --git a/packages/toolkit/core-kit/src/password-policy.ts b/packages/toolkit/core-kit/src/password-policy.ts index cf580e963..ca2dd5647 100644 --- a/packages/toolkit/core-kit/src/password-policy.ts +++ b/packages/toolkit/core-kit/src/password-policy.ts @@ -322,11 +322,15 @@ export class PasswordPolicyChecker { /* eslint-disable @silverhand/fp/no-let, @silverhand/fp/no-mutation */ repetitionLength(password: string): number { const { repetitionAndSequenceThreshold } = PasswordPolicyChecker; - const firstChar = password[0]?.toLowerCase(); + const firstChar = password[0]; let length = 0; + if (firstChar === undefined) { + return 0; + } + for (const char of password) { - if (char.toLowerCase() === firstChar) { + if (char === firstChar) { length += 1; } else { break; @@ -445,11 +449,16 @@ export class PasswordPolicyChecker { */ protected isSequential(value: string): boolean { const { sequence } = PasswordPolicyChecker; - const lowercased = value.toLowerCase(); for (const seq of sequence) { // eslint-disable-next-line @silverhand/fp/no-mutating-methods -- created a new array before mutating - if (seq.includes(lowercased) || [...seq].reverse().join('').includes(lowercased)) { + const reversedSeq = [...seq].reverse().join(''); + + if ( + [seq, reversedSeq, seq.toUpperCase(), reversedSeq.toUpperCase()].some((item) => + item.includes(value) + ) + ) { return true; } }