5 files changed, 30 insertions, 26 deletions

diff --git a/src/rabbit_credential_validation.erl b/src/rabbit_credential_validation.erl
index 696024548a..4a629da14f 100644
--- a/src/rabbit_credential_validation.erl
+++ b/src/rabbit_credential_validation.erl
@@ -25,21 +25,22 @@
 %% API
 %%
 
--export([validate_password/1, backend/0]).
+-export([validate/2, backend/0]).
 
--spec validate_password(rabbit_types:password()) -> 'ok' | {'error', string()}.
+-spec validate(rabbit_types:username(), rabbit_types:password()) -> 'ok' | {'error', string()}.
 
-%% Validates a password by delegating to the effective
+%% Validates a username/password pair by delegating to the effective
 %% `rabbit_credential_validator`. Used by `rabbit_auth_backend_internal`.
+%% Note that some validators may choose to only validate passwords.
 %%
 %% Possible return values:
 %%
-%% * ok: provided password passed validation.
+%% * ok: provided credentials passed validation.
 %% * {error, Error, Args}: provided password password failed validation.
 
-validate_password(Value) ->
+validate(Username, Password) ->
     Backend = backend(),
-    Backend:validate_password(Value).
+    Backend:validate(Username, Password).
 
 -spec backend() -> atom().
 
diff --git a/src/rabbit_credential_validator.erl b/src/rabbit_credential_validator.erl
index b556995f51..dd12f6d2d6 100644
--- a/src/rabbit_credential_validator.erl
+++ b/src/rabbit_credential_validator.erl
@@ -25,4 +25,4 @@
 %% * ok: provided password passed validation.
 %% * {error, Error, Args}: provided password password failed validation.
 
--callback validate_password(rabbit_types:password()) -> 'ok' | {'error', string()}.
+-callback validate(rabbit_types:username(), rabbit_types:password()) -> 'ok' | {'error', string()}.
diff --git a/src/rabbit_credential_validator_accept_everything.erl b/src/rabbit_credential_validator_accept_everything.erl
index ea04d09ce1..f572d67e7f 100644
--- a/src/rabbit_credential_validator_accept_everything.erl
+++ b/src/rabbit_credential_validator_accept_everything.erl
@@ -24,9 +24,9 @@
 %% API
 %%
 
--export([validate_password/1]).
+-export([validate/2]).
 
--spec validate_password(rabbit_types:password()) -> 'ok' | {'error', string()}.
+-spec validate(rabbit_types:username(), rabbit_types:password()) -> 'ok' | {'error', string()}.
 
-validate_password(_Password) ->
+validate(_Username, _Password) ->
     ok.
diff --git a/src/rabbit_credential_validator_min_length.erl b/src/rabbit_credential_validator_min_password_length.erl
index 3a66239138..78239fc71b 100644
--- a/src/rabbit_credential_validator_min_length.erl
+++ b/src/rabbit_credential_validator_min_password_length.erl
@@ -14,7 +14,7 @@
 %% Copyright (c) 2007-2016 Pivotal Software, Inc.  All rights reserved.
 %%
 
--module(rabbit_credential_validator_min_length).
+-module(rabbit_credential_validator_min_password_length).
 
 -include("rabbit.hrl").
 
@@ -28,13 +28,13 @@
 %% API
 %%
 
--export([validate_password/1]).
+-export([validate/2]).
 %% for tests
--export([validate_password/2]).
+-export([validate/3]).
 
--spec validate_password(rabbit_types:password()) -> 'ok' | {'error', string()}.
+-spec validate(rabbit_types:username(), rabbit_types:password()) -> 'ok' | {'error', string()}.
 
-validate_password(Password) ->
+validate(Username, Password) ->
     MinLength = case application:get_env(rabbit, credential_validator) of
                     undefined ->
                         ?DEFAULT_MIN_LENGTH;
@@ -44,12 +44,12 @@ validate_password(Password) ->
                             Value     -> rabbit_data_coercion:to_integer(Value)
                         end
                 end,
-    validate_password(Password, MinLength).
+    validate(Username, Password, MinLength).
 
 
--spec validate_password(rabbit_types:password(), integer()) -> 'ok' | {'error', string(), [any()]}.
+-spec validate(rabbit_types:username(), rabbit_types:password(), integer()) -> 'ok' | {'error', string(), [any()]}.
 
-validate_password(Password, MinLength) ->
+validate(_Username, Password, MinLength) ->
     case size(Password) >= MinLength of
         true  -> ok;
         false -> {error, rabbit_misc:format("minimum required password length is ~B", [MinLength])}
diff --git a/src/rabbit_credential_validator_regexp.erl b/src/rabbit_credential_validator_password_regexp.erl
index 3c58529bf3..a23e7a47a7 100644
--- a/src/rabbit_credential_validator_regexp.erl
+++ b/src/rabbit_credential_validator_password_regexp.erl
@@ -14,7 +14,10 @@
 %% Copyright (c) 2007-2016 Pivotal Software, Inc.  All rights reserved.
 %%
 
--module(rabbit_credential_validator_regexp).
+
+%% A `rabbit_credential_validator` implementation that matches
+%% password against a pre-configured regular expression.
+-module(rabbit_credential_validator_password_regexp).
 
 -include("rabbit.hrl").
 
@@ -24,24 +27,24 @@
 %% API
 %%
 
--export([validate_password/1]).
+-export([validate/2]).
 %% for tests
--export([validate_password/2]).
+-export([validate/3]).
 
--spec validate_password(rabbit_types:password()) -> 'ok' | {'error', string()}.
+-spec validate(rabbit_types:username(), rabbit_types:password()) -> 'ok' | {'error', string()}.
 
-validate_password(Password) ->
+validate(Username, Password) ->
     {ok, Proplist} = application:get_env(rabbit, credential_validator),
     Regexp         = case proplists:get_value(regexp, Proplist) of
                          undefined -> {error, "rabbit.credential_validator.regexp config key is undefined"};
                          Value     -> rabbit_data_coercion:to_list(Value)
                      end,
-    validate_password(Password, Regexp).
+    validate(Username, Password, Regexp).
 
 
--spec validate_password(rabbit_types:password(), string()) -> 'ok' | {'error', string(), [any()]}.
+-spec validate(rabbit_types:username(), rabbit_types:password(), string()) -> 'ok' | {'error', string(), [any()]}.
 
-validate_password(Password, Pattern) ->
+validate(Username, Password, Pattern) ->
     case re:run(rabbit_data_coercion:to_list(Password), Pattern) of
         {match, _} -> ok;
         nomatch    -> {error, "provided password does not match the validator regular expression"}