diff --git a/blocks/identity-block/components/form-password-confirm/index.jsx b/blocks/identity-block/components/form-password-confirm/index.jsx index 6732cc34f..fe135ada9 100644 --- a/blocks/identity-block/components/form-password-confirm/index.jsx +++ b/blocks/identity-block/components/form-password-confirm/index.jsx @@ -19,6 +19,12 @@ const FormPasswordConfirm = ({ }) => { const [password, setPassword] = useState(""); + const escapeForHtmlPattern = (value) =>{ + const specialChars = /[.*+?^${}()|[\]\\]/g; + const newValue = value.replace(specialChars, '\\$&'); + return newValue; + }; + const fieldParameters = { ...(autoComplete ? { autoComplete } : {}), ...(placeholder ? { placeholder } : {}), @@ -55,7 +61,7 @@ const FormPasswordConfirm = ({ name={`${name}-confirmation`} required type="password" - validationPattern={`^${password}$`} + validationPattern={escapeForHtmlPattern(password)} className={className} /> diff --git a/blocks/identity-block/components/social-sign-on/_children/AppleSignIn.jsx b/blocks/identity-block/components/social-sign-on/_children/AppleSignIn.jsx index 7e5742aad..90f3cbd6f 100644 --- a/blocks/identity-block/components/social-sign-on/_children/AppleSignIn.jsx +++ b/blocks/identity-block/components/social-sign-on/_children/AppleSignIn.jsx @@ -9,7 +9,7 @@ function AppleSignIn({ customButtons, socialSignOnIn, className, oidcClients = [ const phrases = usePhrases(); const { Identity } = useIdentity(); - const appleOIDCClient = oidcClients.find((oidcClient) => { + const appleOIDCClient = oidcClients && oidcClients.find((oidcClient) => { const parsedClientId = oidcClient.clientId.split(';')[0]; return oidcClient.protocol === 'Apple' && parsedClientId === appleClientId; diff --git a/blocks/identity-block/utils/validate-password-pattern.js b/blocks/identity-block/utils/validate-password-pattern.js index 8d0299a5b..8001ede15 100644 --- a/blocks/identity-block/utils/validate-password-pattern.js +++ b/blocks/identity-block/utils/validate-password-pattern.js @@ -1,4 +1,9 @@ -const SPECIAL_CHARACTERS_ALLOWED = "@$!%*?&"; +const SPECIAL_CHARACTERS_ALLOWED = + ".@$!%*+?&#<=>^:;,-" + + "\\/\\(\\)\\{\\}\\[\\]\\|\\`\\\\" + + "~_" + + '"' + + "'"; // positive lookahead (?= ) // with a non-capturing group within (?: ) @@ -12,7 +17,7 @@ const validatePasswordPattern = ( pwMinLength, pwPwNumbers, pwSpecialCharacters, - pwUppercase + pwUppercase, ) => `(?=(?:.*[a-z]){${pwLowercase},})(?=(?:.*[A-Z]){${pwUppercase},})(?=(?:.*\\d){${pwPwNumbers},})(?=(?:.*[${SPECIAL_CHARACTERS_ALLOWED}]){${pwSpecialCharacters},}).{${pwMinLength},}`; diff --git a/blocks/identity-block/utils/validate-password-pattern.test.js b/blocks/identity-block/utils/validate-password-pattern.test.js index 2e2dc9b79..420cc5d06 100644 --- a/blocks/identity-block/utils/validate-password-pattern.test.js +++ b/blocks/identity-block/utils/validate-password-pattern.test.js @@ -111,8 +111,9 @@ describe("Validate Password", () => { it("Takes matching special characters", () => { const pattern = new RegExp(validatePasswordPattern(0, 1, 0, 7, 0)); - expect(pattern.test("@$!%*?&")).toBe(true); - expect(pattern.test("---------")).toBe(false); - expect(pattern.test("^^^^^^^^^^^^^^^^^^^^^^^")).toBe(false); + expect(pattern.test("@$!%*?&")).toBe(true); + expect(pattern.test("---")).toBe(false); + expect(pattern.test("---------")).toBe(true); + expect(pattern.test("^^^^^^^^^^^^^^^^^^^^^^^")).toBe(true); }); });