Wrong message for password policies

[RomainL972]

PassCore Server

• OS: Windows
• Provider: Active Directory

Describe the bug
When I try to change my password but my password policies don't accept the new password (ex. password too recent), the error message I get is "Failed due to password complex policies: New password length is shorter than AD minimum password length".

To Reproduce
Steps to reproduce the behavior:

1. Have a Windows Server (2019) with default security policies
2. Change the password of user 'test'
3. Install PassCore
4. Try to change the password of user 'test' again

Expected behavior
There should have been an error message saying there was an error due to my password policies, instead of a message "my new password is too short"

Desktop (please complete the following information):

• OS: Arch Linux
• Browser: Mozilla Firefox
• Version: 91.0.1

Additional context
It seems to be because when there is a PasswordException during the password change, it returns the same error as when the password is too short:

passcore/src/Unosquare.PassCore.PasswordProvider/PasswordChangeProvider.cs

Lines 106 to 113 in cd559d3

	catch (PasswordException passwordEx)
	{
	var item = new ApiErrorItem(ApiErrorCode.ComplexPassword, passwordEx.Message);
	_logger.LogWarning(item.Message, passwordEx);
	return item;
	}

When the password is too short:

passcore/src/Unosquare.PassCore.PasswordProvider/PasswordChangeProvider.cs

Lines 56 to 61 in cd559d3

	if (newPassword.Length < minPwdLength)
	{
	_logger.LogError("Failed due to password complex policies: New password length is shorter than AD minimum password length");
	return new ApiErrorItem(ApiErrorCode.ComplexPassword);
	}

[simonai1254]

I noted that behavior as well and solved it with a custom error message. But if you could distinguish the errors itself, then I guess one should have also two different error messages to display to the user...

[RomainL972]

Yes I think aveing something like ApiErrorCode.TooShortPassword for the first and ApiErrorCode.ComplexPassword for the other could allow a different error message in the UI. If you want I can make a pull request for this change

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[simonai1254]

Keepalive