RandomPasswordUtil.java

/*
 * Copyright 2018 Global Crop Diversity Trust
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.genesys.util;

import java.security.SecureRandom;
import java.util.Random;

/**
 * Utility class for generating secure random passwords.
 * <p>
 * Passwords generated by this utility are guaranteed to contain at least one uppercase letter,
 * one lowercase letter, one digit, and one special character.
 *
 * @author Maxym Borodenko
 */
public class RandomPasswordUtil {
	private static final String UPPER = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
	private static final String LOWER = "abcdefghijklmnopqrstuvwxyz";
	private static final String DIGITS = "0123456789";
	private static final String SPECIAL = "$&@?~!%#";
	private static final String ALL_CHARS = UPPER + LOWER + DIGITS + SPECIAL;

	private static final Random random = new SecureRandom();

	/**
	 * Generates a random password with the specified length.
	 *
	 * The generated password will contain at least one special character, one digit,
	 * one lowercase letter, and one uppercase letter.
	 *
	 * @param length the password length that should be generated
	 * @return a string with the generated password
	 * @throws IllegalArgumentException if the 'length' parameter is lower than 4
	 * characters
	 */
	public static String generatePassword(final int length) {
		if (length < 4) {
			throw new IllegalArgumentException("Password must be at least 4 characters");
		}
		final char[] password = new char[length];

		// 1. Ensure at least one of each required character type
		password[0] = UPPER.charAt(random.nextInt(UPPER.length()));
		password[1] = LOWER.charAt(random.nextInt(LOWER.length()));
		password[2] = DIGITS.charAt(random.nextInt(DIGITS.length()));
		password[3] = SPECIAL.charAt(random.nextInt(SPECIAL.length()));

		// 2. Fill the rest of the password with random characters from the full set
		for (int i = 4; i < length; i++) {
			password[i] = ALL_CHARS.charAt(random.nextInt(ALL_CHARS.length()));
		}

		// 3. Shuffle the array to avoid predictable character positions
		for (int i = 0; i < password.length; i++) {
			int randomIndex = random.nextInt(password.length);
			char temp = password[i];
			password[i] = password[randomIndex];
			password[randomIndex] = temp;
		}

		return new String(password);
	}
}