java regular expression part ii

https://www.facebook.com/Oxus20

[email protected] Java

Regular Expression

PART II

» Validation » Username Validation

» Complex and Strong Password Validation

» Password Strength Checker

» Email Address Validation

» Image File Extension Validation

Abdul Rahman Sherzad


mailto:[email protected]

mailto:[email protected]

Agenda

» Overview

» Username Validation

» Strong and Complex Password Validation

» Password Strength Checker

» Email Address Validation

» Image File Extension Validation 2


Regular Expressions

» PART I

˃ http://www.slideshare.net/absherzad/java-regular-expression-part-I

» Regular Expression is not a programming language, it is the

art of the programing

» Regular Expression initially is hard to debug , learn and

understand, but its powers and magic still attract many

developers using Regular Expression.

» Let's explore and discuss the following practical and useful

Regular Expressions. 3


http://www.slideshare.net/absherzad/java-regular-expression-part-I











1. Username Validation

» Whenever you are developing an application that

requires authentication, in most cases, the users should

provide a username among other credentials

information.

» Common pattern for username that is widely use is as

follow:

˃ 3 to 15 characters in length

˃ with any lower case character, digit or special symbol underscore "_", hyphen "-"

and dot "." only. 4


1. Username Validation Pattern

^[a-z0-9._-]{3,15}$

5


Description

^ Start of the line

[a-z0-9._-] Match characters and symbols in the list, a-z, 0-9, underscore, hyphen and dot.

{3,15} Minimum 3 characters and maximum of 15 of characters in length

$ End of the line

1. Username Validation Example import java.util.regex.Pattern;

public class UsernameValidator {

private Pattern pattern;

private static final String USERNAME_PATTERN = "^[a-z0-9._-]{3,15}$";

public UsernameValidator() {

pattern = Pattern.compile(USERNAME_PATTERN);

}

public boolean validate(final String username) {

return pattern.matcher(username).matches();

}

}

6


1. Username Validation Demo public class UsernameValidatorDemo {

public static void main(String[] args) {

UsernameValidator validator = new UsernameValidator();

System.out.println(validator.validate("absherzad")); //true

System.out.println(validator.validate("ab.sherzad")); //true

System.out.println(validator.validate("ab-sherzad")); //true

System.out.println(validator.validate("ab_sherzad")); //true

System.out.println(validator.validate("oxus20")); //true

System.out.println(validator.validate("ars")); //true

System.out.println(validator.validate("Absherzad")); //false

System.out.println(validator.validate("ab sherzad")); //false

System.out.println(validator.validate("ab")); //false

System.out.println(validator.validate("abdulrahmansherzad")); //false

}

} 7


2. Password Complexity Validation » Strong and complex passwords are really important to

stop unauthorized access to your electronic accounts i.e. Facebook, Gmail, Yahoo, etc. and devices i.e. PC, Smartphone, etc.

» The purpose of choosing a password is to make it as difficult as possible for an intruder to identify your password, whether by guesses or automated attacks.

» Following rules are advised ˃ be at least 8 but no more than 50 characters in length

˃ use both UPPER CASE and lower case letters

˃ include at least one number

˃ punctuation mark (allowed symbols are: ! # $ @ _ + , ? . - );

8


2. Password Validation Pattern ((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!.#$@_+,?-]).{8,50})

9


Description ( Start of group

(?=.*\d) must contains one digit from 0-9

(?=.*[a-z]) must contains one lowercase characters

(?=.*[A-Z]) must contains one uppercase characters

(?=.*[!.#$@_+,?-]) must contains one special symbols in the list "!.#$@_+,?-"

. match anything with previous condition checking

{8,50} length at least 8 characters and maximum of 50

) End of group

2. Password Validation Example import java.util.regex.Pattern;

public class PasswordValidator {


private static final String PASSWORD_PATTERN =

"((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!.#$@_+,?-]).{8,50})";

public PasswordValidator() {

pattern = Pattern.compile(PASSWORD_PATTERN);

}

public boolean validate(final String password) {

return pattern.matcher(password).matches();

}

} 10


2. Password Validation Demo public class PasswordValidatorDemo {


PasswordValidator validator = new PasswordValidator();

System.out.println(validator.validate("Oxus20.2014")); // true

System.out.println(validator.validate("Oxus.20_14")); // true

System.out.println(validator.validate("OXUS20@Herat")); // true

System.out.println(validator.validate("Oxus20@2014")); // true

System.out.println(validator.validate("Oxus202014")); // false

System.out.println(validator.validate("Oxus20")); // false

System.out.println(validator.validate("Oxus@20")); // false

System.out.println(validator.validate("Oxus20@")); // false

}

} 11


3. Password Strength Checker

» In the previous example I discussed and explained, how to

validate Strong and Complex Passwords.

» But that was one side of the coin! I mean, that example was for

keeping the user accounts secure against intruder to identify the

users password, whether by guesses or automated attacks.

» As a programmer and developer; you have to make sure while

user registration is happening you inform the one who types

about the password quality and strength. You can provide

dynamic feedback as user types! 12


3. Password Strength Checker Pattern

13


Description

[A-Za-z0-9!.#$@_+,?-]{8,50} Checking valid characters and length for password

.*[a-z]+.* Checking for existence of lower case letter

.*[A-Z].* Checking for existence of upper case letter

.*[0-9]+. Checking for existence of number

.*[!.#$@_+,?-]+.* Checking for existence of symbol

3. Password Strength Checker Example public class PasswordStrengthChecker {

public static String checkPasswordStrength(String password) {

String msg = "Your Password is too weak!";

int strength = 0;

String lowerCaseCheck = ".*[a-z]+.*";

String upperCaseCheck = ".*[A-Z].*";

String numberExistenceCheck = ".*[0-9]+.*";

String symbolExistenceCheck = ".*[!.#$@_+,?-]+.*";

String validPassword = "[A-Za-z0-9!.#$@_+,?-]{8,50}";

// checking valid characters and length for password

if (password.matches(validPassword)) {

// checking for existence of upper case letter

if (password.matches(upperCaseCheck))

strength += 4; 14


15


// checking for existence of lower case letter

if (password.matches(lowerCaseCheck))

strength += 4;

// checking for existence of number

if (password.matches(numberExistenceCheck))

strength += 4;

// checking for existence of symbol

if (password.matches(symbolExistenceCheck))

strength += 4;

if (strength >= 16) {

msg = "Your Password is Very Strong!";

} else if (strength >= 12) {

msg = "Your Password is Strong!";


msg = "Your Password is Normal!";


msg = "Your Password is weak!";

} else {

msg = "Your Password is too weak!";

}

}

return msg;

}

}

3. Password Strength Checker Demo

public class PasswordStrengthCheckerDemo {


// Your Password is too weak!

System.out.println(PasswordStrengthChecker.checkPasswordStrength("1234"));

// Your Password is Normal!

System.out.println(PasswordStrengthChecker.checkPasswordStrength("OXUS201234"));

// Your Password is Strong!

System.out.println(PasswordStrengthChecker.checkPasswordStrength("OXUS20_2014"));

// Your Password is Very Strong!

System.out.println(PasswordStrengthChecker.checkPasswordStrength("Oxus20_2014"));

}

} 16


4. Email Address Validation » Email validation is a very common requirement and necessity in many

applications and it can be a tricky task.

» Basically the main policy for email format would be as follow:

˃ Start with characters, digits or '_', and '-' symbols

˃ The above group can be followed with a '.' and the same pattern as the first group.

˃ Then it must have exactly one '@' character.

˃ The domain name must start with characters, digits and the '-' character.

˃ Then it must be followed by a '.'.

˃ After the '.' you can have characters and digits.

˃ Optionally you can have a second level Top Level Domain that can start with a '.'

and the contain only characters. 17


4. Email Address Validation Pattern ^[_A-Za-z0-9-]+(\\.[_A-Za-z0-9-]+)*@[A-Za-z0-9-]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$

18


Description ^ start of the line

[_A-Za-z0-9-]+ must start with string in the bracket [ ], must contains

one or more

(\\.[_A-Za-z0-9-]+)* group #1 (optional) follow by a dot "." and string in the

bracket [ ], must contains one or more

@ must contains a "@" symbol

[A-Za-z0-9-]+ follow by string in the bracket [ ], must contains one or

more

(\\.[A-Za-z0-9]+)* group #2 (optional) follow by a dot "." and string in the

bracket [ ], must contains one or more (+)

(\\.[A-Za-z]{2,}) group #3 follow by a dot "." and string in the bracket [

], with minimum length of 2

$ end of the line

4. Email Address Validation Example import java.util.regex.Pattern;

public class EmailValidator {


private static final String EMAIL_PATTERN = "^[_A-Za-z0-9-]+(\\.[_A-Za-z0-9-]+)*@"[A-Za-z0-9-]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$";

public EmailValidator() {

pattern = Pattern.compile(EMAIL_PATTERN);

}

public boolean validate(final String email) {

return pattern.matcher(email).matches();

}

} 19


4. Email Address Validation Demo public class EmailValidatorDemo {


EmailValidator validator = new EmailValidator();

System.out.println(validator.validate("[email protected]")); // true




System.out.println(validator.validate("Oxus20@")); // false

System.out.println(validator.validate("Oxus20@gmail")); // false

System.out.println(validator.validate("Oxus20@gmail.")); // false

System.out.println(validator.validate("[email protected]")); // false

}

} 20


5. Image File Extension Validation

» Now I are going to explain and demonstrate how to validate image file format

with Java Regular Expressions.

» This is very beneficial for instance when you create an image uploader

application and you want to make sure that the users don't upload an illegal

file.

» Of course this is one of many countermeasures you should consider. The basic

policy about the format of image file is as follow:

˃ It should begin with a string of a least one character and not a white space.

˃ It must then be followed by dot '.'.

˃ And finally it should have one of the following file extensions i.e. jpg, jpeg, gif, png, bmp.

˃ Extension is not Case Sensitive 21


5. Image File Extension Pattern

([^\\s]+(\\.(?i)(jpg|jpeg|gif|png|bmp))$)

22


Description ( Start of group #1

[^\s]+ Must contains one or more anything (except white

space)

( Start of group #2

\. Follow by a dot '.'

(?i) Ignore the case sensitive checking for the

following characters

(jpg|jpeg|gif|png|bmp) Group #3 check that contains extension of "jpg"

or "jpeg" or "gif", "png" or "bmp".

) End of the group #2

$ End of the string

) End of the group #1

5. Image File Extension Example

import java.util.regex.Pattern;

public class ImageFileExtensionValidator {


private static final String IMAGE_PATTERN = "([^\\s]+(\\.(?i)(jpg|jpeg|gif|png|bmp))$)";

public ImageFileExtensionValidator() {

pattern = Pattern.compile(IMAGE_PATTERN);

}

public boolean validate(final String image_name) {

return pattern.matcher(image_name).matches();

}

}

23


5. Image File Extension Demo

public class ImageFileExtensionValidatorDemo {

public static void main(String[] args) { ImageFileExtensionValidator validator = new ImageFileExtensionValidator();

System.out.println(validator.validate("oxus20.jpg"));// true

System.out.println(validator.validate("oxus20.JPG"));// true

System.out.println(validator.validate("OXUS20.jpeg"));// true

System.out.println(validator.validate("oxus20.JPg"));// true

System.out.println(validator.validate("oxus.png"));// true

System.out.println(validator.validate("oxus.Bmp"));// true

System.out.println(validator.validate(".jpg"));// false

System.out.println(validator.validate("jpg"));// false

System.out.println(validator.validate("oxus20"));// false

}

} 24


END


25

java regular expression part ii

Education