Commit 7ac4205f authored by michael.simon's avatar michael.simon
Browse files

first 2fa Tests

parent 25fd2b79
package edu.kit.scc.webreg.service.twofa;
import java.util.HashMap;
import java.util.Map;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.inject.Named;
import javax.script.Invocable;
import javax.script.ScriptEngine;
import javax.script.ScriptEngineManager;
import javax.script.ScriptException;
import org.slf4j.Logger;
import edu.kit.scc.webreg.bootstrap.ApplicationConfig;
import edu.kit.scc.webreg.entity.ScriptEntity;
import edu.kit.scc.webreg.entity.UserEntity;
import edu.kit.scc.webreg.script.ScriptingEnv;
@Named("twoFaConfigurationResolver")
@ApplicationScoped
public class TwoFaConfigurationResolver {
@Inject
private Logger logger;
@Inject
private ApplicationConfig appConfig;
@Inject
private ScriptingEnv scriptingEnv;
public Map<String, String> resolveConfig(UserEntity user) throws TwoFaConfigurationResolverException {
try {
String scriptName = appConfig.getConfigValue("linotp_resolve_config");
ScriptEntity scriptEntity = scriptingEnv.getScriptDao().findByName(scriptName);
if (scriptEntity == null)
throw new TwoFaConfigurationResolverException("2fa not configured properly. script is missing.");
if (scriptEntity.getScriptType().equalsIgnoreCase("javascript")) {
ScriptEngine engine = (new ScriptEngineManager()).getEngineByName(scriptEntity.getScriptEngine());
if (engine == null)
throw new TwoFaConfigurationResolverException(
"2fa not configured properly. engine not found: " + scriptEntity.getScriptEngine());
engine.eval(scriptEntity.getScript());
Invocable invocable = (Invocable) engine;
Map<String, String> configMap = new HashMap<String, String>();
invocable.invokeFunction("resolveConfig", scriptingEnv, configMap, user, logger);
return configMap;
} else {
throw new TwoFaConfigurationResolverException("unkown script type: " + scriptEntity.getScriptType());
}
} catch (ScriptException e) {
throw new TwoFaConfigurationResolverException(e);
} catch (NoSuchMethodException e) {
throw new TwoFaConfigurationResolverException(e);
}
}
}
package edu.kit.scc.webreg.service.twofa;
public class TwoFaConfigurationResolverException extends TwoFaException {
private static final long serialVersionUID = 1L;
public TwoFaConfigurationResolverException() {
super();
}
public TwoFaConfigurationResolverException(String arg0, Throwable arg1) {
super(arg0, arg1);
}
public TwoFaConfigurationResolverException(String arg0) {
super(arg0);
}
public TwoFaConfigurationResolverException(Throwable arg0) {
super(arg0);
}
}
package edu.kit.scc.webreg.service.twofa;
public class TwoFaException extends Exception {
private static final long serialVersionUID = 1L;
public TwoFaException() {
super();
}
public TwoFaException(String arg0, Throwable arg1) {
super(arg0, arg1);
}
public TwoFaException(String arg0) {
super(arg0);
}
public TwoFaException(Throwable arg0) {
super(arg0);
}
}
package edu.kit.scc.webreg.service.twofa;
public interface TwoFaService {
void findByUserId(Long userId) throws TwoFaException;
}
package edu.kit.scc.webreg.service.twofa;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.ejb.Stateless;
import javax.inject.Inject;
import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.NameValuePair;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.AuthCache;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.client.BasicAuthCache;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import edu.kit.scc.webreg.dao.UserDao;
import edu.kit.scc.webreg.entity.UserEntity;
@Stateless
public class TwoFaServiceImpl implements TwoFaService {
@Inject
private Logger logger;
@Inject
private TwoFaConfigurationResolver configResolver;
@Inject
private UserDao userDao;
@Override
public void findByUserId(Long userId) throws TwoFaException {
UserEntity user = userDao.findById(userId);
Map<String, String> configMap = configResolver.resolveConfig(user);
try {
URI uri = new URI(configMap.get("url"));
HttpHost targetHost = new HttpHost(uri.getHost(), uri.getPort(), uri.getScheme());
AuthCache authCache = new BasicAuthCache();
authCache.put(targetHost, new BasicScheme());
CredentialsProvider credsProvider = new BasicCredentialsProvider();
UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(configMap.get("username"), configMap.get("password"));
credsProvider.setCredentials(AuthScope.ANY, credentials);
HttpClientContext context = HttpClientContext.create();
context.setCredentialsProvider(credsProvider);
context.setAuthCache(authCache);
RequestConfig config = RequestConfig.custom()
.setSocketTimeout(5000)
.setConnectTimeout(5000)
.build();
CloseableHttpClient httpClient = HttpClients.custom().setDefaultRequestConfig(config).build();
try {
HttpPost httpPost = new HttpPost(configMap.get("url") + "/admin/getsession");
CloseableHttpResponse response = httpClient.execute(httpPost, context);
try {
HttpEntity entity = response.getEntity();
String responseString = EntityUtils.toString(entity);
logger.debug(responseString);
} finally {
response.close();
}
httpPost = new HttpPost(configMap.get("url") + "/admin/show");
List<NameValuePair> nvps = new ArrayList <NameValuePair>();
nvps.add(new BasicNameValuePair("user", "test@kit.edu"));
httpPost.setEntity(new UrlEncodedFormEntity(nvps));
response = httpClient.execute(httpPost);
try {
HttpEntity entity = response.getEntity();
String responseString = EntityUtils.toString(entity);
logger.debug(responseString);
} finally {
response.close();
}
} finally {
httpClient.close();
}
} catch (IOException | URISyntaxException e) {
throw new TwoFaException(e);
}
}
}
/*******************************************************************************
* Copyright (c) 2014 Michael Simon.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*
* Contributors:
* Michael Simon - initial
******************************************************************************/
package edu.kit.scc.webreg.bean;
import java.io.Serializable;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.ViewScoped;
import javax.faces.event.ComponentSystemEvent;
import javax.inject.Inject;
import org.slf4j.Logger;
import edu.kit.scc.webreg.entity.UserEntity;
import edu.kit.scc.webreg.service.UserService;
import edu.kit.scc.webreg.service.twofa.TwoFaException;
import edu.kit.scc.webreg.service.twofa.TwoFaService;
import edu.kit.scc.webreg.session.SessionManager;
import edu.kit.scc.webreg.util.FacesMessageGenerator;
@ManagedBean
@ViewScoped
public class TwoFaUserBean implements Serializable {
private static final long serialVersionUID = 1L;
private UserEntity user;
@Inject
private Logger logger;
@Inject
private UserService userService;
@Inject
private TwoFaService twoFaService;
@Inject
private SessionManager sessionManager;
@Inject
private FacesMessageGenerator messageGenerator;
public void preRenderView(ComponentSystemEvent ev) {
if (user == null) {
user = userService.findById(sessionManager.getUserId());
try {
twoFaService.findByUserId(sessionManager.getUserId());
} catch (TwoFaException e) {
messageGenerator.addErrorMessage("Error", e.toString());
logger.debug("Exception happened", e);
}
}
}
public UserEntity getUser() {
return user;
}
}
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:bw="http://www.scc.kit.edu/bwfacelets"
xmlns:p="http://primefaces.org/ui"
xmlns:of="http://omnifaces.org/functions">
<head>
<title></title>
</head>
<body>
<f:view>
<f:metadata>
<f:event type="javax.faces.event.PreRenderViewEvent"
listener="#{twoFaUserBean.preRenderView}" />
</f:metadata>
<ui:composition template="/template/default.xhtml">
<ui:param name="title" value="#{messages.title}"/>
<ui:define name="content">
<h:form id="form">
<p:panel header="#{messages.twofa}">
<p:messages id="messageBox" for="key_error" showDetail="true" />
</p:panel>
</h:form>
</ui:define>
</ui:composition>
</f:view>
</body>
</html>
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment