java regular expression part ii
DESCRIPTION
This presentation explores and discusses the practical and useful of Regular Expressions covering username validation, complex and strong password validation, password strength checker, email validation, and finally image file extension validation.TRANSCRIPT
https://www.facebook.com/Oxus20
[email protected] Java
Regular Expression
PART II
» Validation » Username Validation
» Complex and Strong Password Validation
» Password Strength Checker
» Email Address Validation
» Image File Extension Validation
Abdul Rahman Sherzad
Agenda
» Overview
» Username Validation
» Strong and Complex Password Validation
» Password Strength Checker
» Email Address Validation
» Image File Extension Validation 2
https://www.facebook.com/Oxus20
Regular Expressions
» PART I
˃ http://www.slideshare.net/absherzad/java-regular-expression-part-I
» Regular Expression is not a programming language, it is the
art of the programing
» Regular Expression initially is hard to debug , learn and
understand, but its powers and magic still attract many
developers using Regular Expression.
» Let's explore and discuss the following practical and useful
Regular Expressions. 3
https://www.facebook.com/Oxus20
1. Username Validation
» Whenever you are developing an application that
requires authentication, in most cases, the users should
provide a username among other credentials
information.
» Common pattern for username that is widely use is as
follow:
˃ 3 to 15 characters in length
˃ with any lower case character, digit or special symbol underscore "_", hyphen "-"
and dot "." only. 4
https://www.facebook.com/Oxus20
1. Username Validation Pattern
^[a-z0-9._-]{3,15}$
5
https://www.facebook.com/Oxus20
Description
^ Start of the line
[a-z0-9._-] Match characters and symbols in the list, a-z, 0-9, underscore, hyphen and dot.
{3,15} Minimum 3 characters and maximum of 15 of characters in length
$ End of the line
1. Username Validation Example import java.util.regex.Pattern;
public class UsernameValidator {
private Pattern pattern;
private static final String USERNAME_PATTERN = "^[a-z0-9._-]{3,15}$";
public UsernameValidator() {
pattern = Pattern.compile(USERNAME_PATTERN);
}
public boolean validate(final String username) {
return pattern.matcher(username).matches();
}
}
6
https://www.facebook.com/Oxus20
1. Username Validation Demo public class UsernameValidatorDemo {
public static void main(String[] args) {
UsernameValidator validator = new UsernameValidator();
System.out.println(validator.validate("absherzad")); //true
System.out.println(validator.validate("ab.sherzad")); //true
System.out.println(validator.validate("ab-sherzad")); //true
System.out.println(validator.validate("ab_sherzad")); //true
System.out.println(validator.validate("oxus20")); //true
System.out.println(validator.validate("ars")); //true
System.out.println(validator.validate("Absherzad")); //false
System.out.println(validator.validate("ab sherzad")); //false
System.out.println(validator.validate("ab")); //false
System.out.println(validator.validate("abdulrahmansherzad")); //false
}
} 7
https://www.facebook.com/Oxus20
2. Password Complexity Validation » Strong and complex passwords are really important to
stop unauthorized access to your electronic accounts i.e. Facebook, Gmail, Yahoo, etc. and devices i.e. PC, Smartphone, etc.
» The purpose of choosing a password is to make it as difficult as possible for an intruder to identify your password, whether by guesses or automated attacks.
» Following rules are advised ˃ be at least 8 but no more than 50 characters in length
˃ use both UPPER CASE and lower case letters
˃ include at least one number
˃ punctuation mark (allowed symbols are: ! # $ @ _ + , ? . - );
8
https://www.facebook.com/Oxus20
2. Password Validation Pattern ((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!.#$@_+,?-]).{8,50})
9
https://www.facebook.com/Oxus20
Description ( Start of group
(?=.*\d) must contains one digit from 0-9
(?=.*[a-z]) must contains one lowercase characters
(?=.*[A-Z]) must contains one uppercase characters
(?=.*[!.#$@_+,?-]) must contains one special symbols in the list "!.#$@_+,?-"
. match anything with previous condition checking
{8,50} length at least 8 characters and maximum of 50
) End of group
2. Password Validation Example import java.util.regex.Pattern;
public class PasswordValidator {
private Pattern pattern;
private static final String PASSWORD_PATTERN =
"((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!.#$@_+,?-]).{8,50})";
public PasswordValidator() {
pattern = Pattern.compile(PASSWORD_PATTERN);
}
public boolean validate(final String password) {
return pattern.matcher(password).matches();
}
} 10
https://www.facebook.com/Oxus20
2. Password Validation Demo public class PasswordValidatorDemo {
public static void main(String[] args) {
PasswordValidator validator = new PasswordValidator();
System.out.println(validator.validate("Oxus20.2014")); // true
System.out.println(validator.validate("Oxus.20_14")); // true
System.out.println(validator.validate("OXUS20@Herat")); // true
System.out.println(validator.validate("Oxus20@2014")); // true
System.out.println(validator.validate("Oxus202014")); // false
System.out.println(validator.validate("Oxus20")); // false
System.out.println(validator.validate("Oxus@20")); // false
System.out.println(validator.validate("Oxus20@")); // false
}
} 11
https://www.facebook.com/Oxus20
3. Password Strength Checker
» In the previous example I discussed and explained, how to
validate Strong and Complex Passwords.
» But that was one side of the coin! I mean, that example was for
keeping the user accounts secure against intruder to identify the
users password, whether by guesses or automated attacks.
» As a programmer and developer; you have to make sure while
user registration is happening you inform the one who types
about the password quality and strength. You can provide
dynamic feedback as user types! 12
https://www.facebook.com/Oxus20
3. Password Strength Checker Pattern
13
https://www.facebook.com/Oxus20
Description
[A-Za-z0-9!.#$@_+,?-]{8,50} Checking valid characters and length for password
.*[a-z]+.* Checking for existence of lower case letter
.*[A-Z].* Checking for existence of upper case letter
.*[0-9]+. Checking for existence of number
.*[!.#$@_+,?-]+.* Checking for existence of symbol
3. Password Strength Checker Example public class PasswordStrengthChecker {
public static String checkPasswordStrength(String password) {
String msg = "Your Password is too weak!";
int strength = 0;
String lowerCaseCheck = ".*[a-z]+.*";
String upperCaseCheck = ".*[A-Z].*";
String numberExistenceCheck = ".*[0-9]+.*";
String symbolExistenceCheck = ".*[!.#$@_+,?-]+.*";
String validPassword = "[A-Za-z0-9!.#$@_+,?-]{8,50}";
// checking valid characters and length for password
if (password.matches(validPassword)) {
// checking for existence of upper case letter
if (password.matches(upperCaseCheck))
strength += 4; 14
https://www.facebook.com/Oxus20
15
https://www.facebook.com/Oxus20
// checking for existence of lower case letter
if (password.matches(lowerCaseCheck))
strength += 4;
// checking for existence of number
if (password.matches(numberExistenceCheck))
strength += 4;
// checking for existence of symbol
if (password.matches(symbolExistenceCheck))
strength += 4;
if (strength >= 16) {
msg = "Your Password is Very Strong!";
} else if (strength >= 12) {
msg = "Your Password is Strong!";
} else if (strength >= 8) {
msg = "Your Password is Normal!";
} else if (strength >= 4) {
msg = "Your Password is weak!";
} else {
msg = "Your Password is too weak!";
}
}
return msg;
}
}
3. Password Strength Checker Demo
public class PasswordStrengthCheckerDemo {
public static void main(String[] args) {
// Your Password is too weak!
System.out.println(PasswordStrengthChecker.checkPasswordStrength("1234"));
// Your Password is Normal!
System.out.println(PasswordStrengthChecker.checkPasswordStrength("OXUS201234"));
// Your Password is Strong!
System.out.println(PasswordStrengthChecker.checkPasswordStrength("OXUS20_2014"));
// Your Password is Very Strong!
System.out.println(PasswordStrengthChecker.checkPasswordStrength("Oxus20_2014"));
}
} 16
https://www.facebook.com/Oxus20
4. Email Address Validation » Email validation is a very common requirement and necessity in many
applications and it can be a tricky task.
» Basically the main policy for email format would be as follow:
˃ Start with characters, digits or '_', and '-' symbols
˃ The above group can be followed with a '.' and the same pattern as the first group.
˃ Then it must have exactly one '@' character.
˃ The domain name must start with characters, digits and the '-' character.
˃ Then it must be followed by a '.'.
˃ After the '.' you can have characters and digits.
˃ Optionally you can have a second level Top Level Domain that can start with a '.'
and the contain only characters. 17
https://www.facebook.com/Oxus20
4. Email Address Validation Pattern ^[_A-Za-z0-9-]+(\\.[_A-Za-z0-9-]+)*@[A-Za-z0-9-]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$
18
https://www.facebook.com/Oxus20
Description ^ start of the line
[_A-Za-z0-9-]+ must start with string in the bracket [ ], must contains
one or more
(\\.[_A-Za-z0-9-]+)* group #1 (optional) follow by a dot "." and string in the
bracket [ ], must contains one or more
@ must contains a "@" symbol
[A-Za-z0-9-]+ follow by string in the bracket [ ], must contains one or
more
(\\.[A-Za-z0-9]+)* group #2 (optional) follow by a dot "." and string in the
bracket [ ], must contains one or more (+)
(\\.[A-Za-z]{2,}) group #3 follow by a dot "." and string in the bracket [
], with minimum length of 2
$ end of the line
4. Email Address Validation Example import java.util.regex.Pattern;
public class EmailValidator {
private Pattern pattern;
private static final String EMAIL_PATTERN = "^[_A-Za-z0-9-]+(\\.[_A-Za-z0-9-]+)*@"[A-Za-z0-9-]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$";
public EmailValidator() {
pattern = Pattern.compile(EMAIL_PATTERN);
}
public boolean validate(final String email) {
return pattern.matcher(email).matches();
}
} 19
https://www.facebook.com/Oxus20
4. Email Address Validation Demo public class EmailValidatorDemo {
public static void main(String[] args) {
EmailValidator validator = new EmailValidator();
System.out.println(validator.validate("[email protected]")); // true
System.out.println(validator.validate("[email protected]")); // true
System.out.println(validator.validate("[email protected]")); // true
System.out.println(validator.validate("[email protected]")); // true
System.out.println(validator.validate("Oxus20@")); // false
System.out.println(validator.validate("Oxus20@gmail")); // false
System.out.println(validator.validate("Oxus20@gmail.")); // false
System.out.println(validator.validate("[email protected]")); // false
}
} 20
https://www.facebook.com/Oxus20
5. Image File Extension Validation
» Now I are going to explain and demonstrate how to validate image file format
with Java Regular Expressions.
» This is very beneficial for instance when you create an image uploader
application and you want to make sure that the users don't upload an illegal
file.
» Of course this is one of many countermeasures you should consider. The basic
policy about the format of image file is as follow:
˃ It should begin with a string of a least one character and not a white space.
˃ It must then be followed by dot '.'.
˃ And finally it should have one of the following file extensions i.e. jpg, jpeg, gif, png, bmp.
˃ Extension is not Case Sensitive 21
https://www.facebook.com/Oxus20
5. Image File Extension Pattern
([^\\s]+(\\.(?i)(jpg|jpeg|gif|png|bmp))$)
22
https://www.facebook.com/Oxus20
Description ( Start of group #1
[^\s]+ Must contains one or more anything (except white
space)
( Start of group #2
\. Follow by a dot '.'
(?i) Ignore the case sensitive checking for the
following characters
(jpg|jpeg|gif|png|bmp) Group #3 check that contains extension of "jpg"
or "jpeg" or "gif", "png" or "bmp".
) End of the group #2
$ End of the string
) End of the group #1
5. Image File Extension Example
import java.util.regex.Pattern;
public class ImageFileExtensionValidator {
private Pattern pattern;
private static final String IMAGE_PATTERN = "([^\\s]+(\\.(?i)(jpg|jpeg|gif|png|bmp))$)";
public ImageFileExtensionValidator() {
pattern = Pattern.compile(IMAGE_PATTERN);
}
public boolean validate(final String image_name) {
return pattern.matcher(image_name).matches();
}
}
23
https://www.facebook.com/Oxus20
5. Image File Extension Demo
public class ImageFileExtensionValidatorDemo {
public static void main(String[] args) { ImageFileExtensionValidator validator = new ImageFileExtensionValidator();
System.out.println(validator.validate("oxus20.jpg"));// true
System.out.println(validator.validate("oxus20.JPG"));// true
System.out.println(validator.validate("OXUS20.jpeg"));// true
System.out.println(validator.validate("oxus20.JPg"));// true
System.out.println(validator.validate("oxus.png"));// true
System.out.println(validator.validate("oxus.Bmp"));// true
System.out.println(validator.validate(".jpg"));// false
System.out.println(validator.validate("jpg"));// false
System.out.println(validator.validate("oxus20"));// false
}
} 24
https://www.facebook.com/Oxus20
END
https://www.facebook.com/Oxus20
25