You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by gi...@apache.org on 2016/01/21 13:35:11 UTC
[1/3] syncope git commit: [SYNCOPE-719] Improving responsiveness
Repository: syncope
Updated Branches:
refs/heads/master 6ca9d6ea0 -> e4373b321
[SYNCOPE-719] Improving responsiveness
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/1c3ed0b0
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/1c3ed0b0
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/1c3ed0b0
Branch: refs/heads/master
Commit: 1c3ed0b06b9eb658005cb4548f9c338bf42bcdbc
Parents: 6ca9d6e
Author: giacomolm <gi...@hotmail.it>
Authored: Wed Jan 20 09:25:19 2016 +0100
Committer: giacomolm <gi...@hotmail.it>
Committed: Thu Jan 21 08:58:46 2016 +0100
----------------------------------------------------------------------
.../main/resources/META-INF/resources/app/css/app.css | 4 ++++
.../resources/META-INF/resources/app/css/editUser.css | 13 ++++++++-----
.../META-INF/resources/app/views/captcha.html | 8 ++++----
.../resources/app/views/user-plain-schemas.html | 4 ++--
.../META-INF/resources/app/views/user-resources.html | 4 ++--
.../resources/app/views/user-virtual-schemas.html | 4 ++--
6 files changed, 22 insertions(+), 15 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/1c3ed0b0/client/enduser/src/main/resources/META-INF/resources/app/css/app.css
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/resources/META-INF/resources/app/css/app.css b/client/enduser/src/main/resources/META-INF/resources/app/css/app.css
index 2f18d47..197a8e7 100644
--- a/client/enduser/src/main/resources/META-INF/resources/app/css/app.css
+++ b/client/enduser/src/main/resources/META-INF/resources/app/css/app.css
@@ -53,4 +53,8 @@ under the License.
}
#resetpassword:hover {
background: #658D5D;
+}
+#captchaImg{
+ display: block;
+ margin: 0 auto;
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/syncope/blob/1c3ed0b0/client/enduser/src/main/resources/META-INF/resources/app/css/editUser.css
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/resources/META-INF/resources/app/css/editUser.css b/client/enduser/src/main/resources/META-INF/resources/app/css/editUser.css
index 6383d03..4f87707 100644
--- a/client/enduser/src/main/resources/META-INF/resources/app/css/editUser.css
+++ b/client/enduser/src/main/resources/META-INF/resources/app/css/editUser.css
@@ -40,8 +40,9 @@ under the License.
box-shadow: 0px 2px 2px rgba(0, 0, 0, 0.3);
}
#form-container .breadcrumb-header {
- margin: 1% 11%;
- width: 80%; padding:10px;
+ margin: auto;
+ width: 80%;
+ padding:10px;
}
.signup-form {
@@ -50,7 +51,9 @@ under the License.
}
#attribute {
- padding: 0 255px;
+ margin: auto;
+ max-width:480px;
+ padding: 10px;
}
#attribute-derived,
@@ -221,8 +224,8 @@ under the License.
}
.text-validation-error{
- color: #dd301b;
- font-weight: 600;
+ color: #dd301b;
+ font-weight: 600;
}
/* ANIMATIONS
============================================================================= */
http://git-wip-us.apache.org/repos/asf/syncope/blob/1c3ed0b0/client/enduser/src/main/resources/META-INF/resources/app/views/captcha.html
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/resources/META-INF/resources/app/views/captcha.html b/client/enduser/src/main/resources/META-INF/resources/app/views/captcha.html
index c40e8dc..02ebcce 100644
--- a/client/enduser/src/main/resources/META-INF/resources/app/views/captcha.html
+++ b/client/enduser/src/main/resources/META-INF/resources/app/views/captcha.html
@@ -1,7 +1,7 @@
-<div style="padding-left: 29%">
+<div>
<nav class="navbar">
- <div class="container-fluid">
- <div class="navbar-header">
+ <div class="container-fluid" style="text-align: center">
+ <div style="text-align:center">
<img id="captchaImg" alt="captcha" ng-src="{{captchaUrl}}'"/>
<div style="margin-top: 5%">
<button id="refresh" type="button" class="btn btn-default btn-xs glyphicon glyphicon-refresh"
@@ -11,7 +11,7 @@
</div>
<input class="form-control" style="margin-top: 5%" type="text" ng-model="input.value"/>
</div>
- <div class="navbar-header">
+ <div>
<span class="help-block">Please enter the code displayed within the image.</span>
</div>
</div>
http://git-wip-us.apache.org/repos/asf/syncope/blob/1c3ed0b0/client/enduser/src/main/resources/META-INF/resources/app/views/user-plain-schemas.html
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/resources/META-INF/resources/app/views/user-plain-schemas.html b/client/enduser/src/main/resources/META-INF/resources/app/views/user-plain-schemas.html
index cfd6011..11f047a 100644
--- a/client/enduser/src/main/resources/META-INF/resources/app/views/user-plain-schemas.html
+++ b/client/enduser/src/main/resources/META-INF/resources/app/views/user-plain-schemas.html
@@ -28,8 +28,8 @@ under the License.
<!--</div>-->
<div id="attribute" class="form-group row">
- <navigation-buttons ng-show="createMode" next="create.resources" previous="create.groups"></navigation-buttons>
- <navigation-buttons ng-show="!createMode" next="update.resources" previous="update.groups"></navigation-buttons>
+ <navigation-buttons ng-show="createMode" next="create.derivedSchemas" previous="create.groups"></navigation-buttons>
+ <navigation-buttons ng-show="!createMode" next="update.derivedSchemas" previous="update.groups"></navigation-buttons>
<div class="pull-left">
<a id="cancel" href="#/self" class="btn btn-danger pull-left">Cancel</a>
</div>
http://git-wip-us.apache.org/repos/asf/syncope/blob/1c3ed0b0/client/enduser/src/main/resources/META-INF/resources/app/views/user-resources.html
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/resources/META-INF/resources/app/views/user-resources.html b/client/enduser/src/main/resources/META-INF/resources/app/views/user-resources.html
index 205cc1f..a301f02 100644
--- a/client/enduser/src/main/resources/META-INF/resources/app/views/user-resources.html
+++ b/client/enduser/src/main/resources/META-INF/resources/app/views/user-resources.html
@@ -21,8 +21,8 @@ under the License.
<resources form="dynamicForm" user="user"></resources>
</div>
<div id="attribute" class="form-group row">
- <navigation-buttons ng-show="createMode" next="create.finish" previous="create.plainSchemas"></navigation-buttons>
- <navigation-buttons ng-show="!createMode" next="update.finish" previous="update.plainSchemas"></navigation-buttons>
+ <navigation-buttons ng-show="createMode" next="create.finish" previous="create.virtualSchemas"></navigation-buttons>
+ <navigation-buttons ng-show="!createMode" next="update.finish" previous="update.virtualSchemas"></navigation-buttons>
<div class="pull-left">
<a id="cancel" href="#/self" class="btn btn-danger">Cancel</a>
</div>
http://git-wip-us.apache.org/repos/asf/syncope/blob/1c3ed0b0/client/enduser/src/main/resources/META-INF/resources/app/views/user-virtual-schemas.html
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/resources/META-INF/resources/app/views/user-virtual-schemas.html b/client/enduser/src/main/resources/META-INF/resources/app/views/user-virtual-schemas.html
index 3a99ffa..ac8e9ca 100644
--- a/client/enduser/src/main/resources/META-INF/resources/app/views/user-virtual-schemas.html
+++ b/client/enduser/src/main/resources/META-INF/resources/app/views/user-virtual-schemas.html
@@ -26,8 +26,8 @@ under the License.
</div>-->
<!--</div>-->
<div id="attribute" class="form-group row">
- <navigation-buttons ng-show="createMode" next="create.groups" previous="create.derivedSchemas"></navigation-buttons>
- <navigation-buttons ng-show="!createMode" next="update.groups" previous="update.derivedSchemas"></navigation-buttons>
+ <navigation-buttons ng-show="createMode" next="create.resources" previous="create.derivedSchemas"></navigation-buttons>
+ <navigation-buttons ng-show="!createMode" next="update.resources" previous="update.derivedSchemas"></navigation-buttons>
<div class="pull-left">
<a id="cancel" href="#/self" class="btn btn-danger">Cancel</a>
</div>
[2/3] syncope git commit: [SYNCOPE-719] Captcha and XSRF checks now
are optional
Posted by gi...@apache.org.
[SYNCOPE-719] Captcha and XSRF checks now are optional
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/5d35181a
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/5d35181a
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/5d35181a
Branch: refs/heads/master
Commit: 5d35181a18765b49a9fecc5cf18d5300a289c4b9
Parents: 1c3ed0b
Author: giacomolm <gi...@hotmail.it>
Authored: Thu Jan 21 13:00:58 2016 +0100
Committer: giacomolm <gi...@hotmail.it>
Committed: Thu Jan 21 13:00:58 2016 +0100
----------------------------------------------------------------------
.../enduser/SyncopeEnduserApplication.java | 30 +++--
.../enduser/adapters/SyncopeTOAdapter.java | 2 +
.../client/enduser/model/SyncopeTORequest.java | 10 ++
.../client/enduser/model/UserTORequest.java | 15 +++
.../enduser/resources/AbstractBaseResource.java | 24 +++-
.../resources/CaptchaValidateResource.java | 91 --------------
.../resources/UserSelfCreateResource.java | 9 +-
.../resources/UserSelfPasswordReset.java | 10 ++
.../resources/META-INF/resources/app/js/app.js | 2 +
.../app/js/controllers/UserController.js | 120 +++++++------------
.../resources/app/js/directives/captcha.js | 3 +-
.../resources/app/js/services/captchaService.js | 12 --
.../META-INF/resources/app/views/captcha.html | 8 +-
.../resources/app/views/passwordreset.html | 2 +-
.../resources/app/views/user-form-finish.html | 2 +-
.../src/main/resources/enduser.properties | 3 +
.../src/main/resources/enduser.properties | 3 +
17 files changed, 146 insertions(+), 200 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserApplication.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserApplication.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserApplication.java
index 902a276..7917c86 100644
--- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserApplication.java
+++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserApplication.java
@@ -28,7 +28,6 @@ import java.util.Locale;
import java.util.Properties;
import org.apache.commons.io.FileUtils;
import org.apache.syncope.client.enduser.resources.CaptchaResource;
-import org.apache.syncope.client.enduser.resources.CaptchaValidateResource;
import org.apache.syncope.client.enduser.resources.InfoResource;
import org.apache.syncope.client.enduser.resources.LoginResource;
import org.apache.syncope.client.enduser.resources.LogoutResource;
@@ -78,6 +77,10 @@ public class SyncopeEnduserApplication extends WebApplication implements Seriali
private String anonymousKey;
+ private boolean captchaEnabled;
+
+ private boolean xsrfEnabled;
+
private SyncopeClientFactoryBean clientFactory;
@Override
@@ -110,6 +113,12 @@ public class SyncopeEnduserApplication extends WebApplication implements Seriali
anonymousKey = props.getProperty("anonymousKey");
Assert.notNull(anonymousKey, "<anonymousKey> not set");
+ captchaEnabled = Boolean.parseBoolean(props.getProperty("captcha"));
+ Assert.notNull(captchaEnabled, "<captcha> not set");
+
+ xsrfEnabled = Boolean.parseBoolean(props.getProperty("xsrf"));
+ Assert.notNull(xsrfEnabled, "<xsrf> not set");
+
String scheme = props.getProperty("scheme");
Assert.notNull(scheme, "<scheme> not set");
String host = props.getProperty("host");
@@ -248,17 +257,6 @@ public class SyncopeEnduserApplication extends WebApplication implements Seriali
}
});
- // resource to validate current captcha
- mountResource("/api/captcha/validate", new ResourceReference("captchaValidate") {
-
- private static final long serialVersionUID = -128426276529456602L;
-
- @Override
- public IResource getResource() {
- return new CaptchaValidateResource();
- }
- });
-
mountResource("/api/groups", new ResourceReference("groups") {
private static final long serialVersionUID = -128426276529456602L;
@@ -325,4 +323,12 @@ public class SyncopeEnduserApplication extends WebApplication implements Seriali
return clientFactory;
}
+ public boolean isCaptchaEnabled() {
+ return captchaEnabled;
+ }
+
+ public boolean isXsrfEnabled() {
+ return xsrfEnabled;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/java/org/apache/syncope/client/enduser/adapters/SyncopeTOAdapter.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/adapters/SyncopeTOAdapter.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/adapters/SyncopeTOAdapter.java
index f6103e2..d075b27 100644
--- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/adapters/SyncopeTOAdapter.java
+++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/adapters/SyncopeTOAdapter.java
@@ -18,6 +18,7 @@
*/
package org.apache.syncope.client.enduser.adapters;
+import org.apache.syncope.client.enduser.SyncopeEnduserApplication;
import org.apache.syncope.client.enduser.model.SyncopeTORequest;
import org.apache.syncope.common.lib.to.SyncopeTO;
import org.slf4j.Logger;
@@ -34,6 +35,7 @@ public class SyncopeTOAdapter {
syncopeTORequest.setSelfRegAllowed(syncopeTO.isSelfRegAllowed());
syncopeTORequest.setPwdResetRequiringSecurityQuestions(syncopeTO.isPwdResetRequiringSecurityQuestions());
syncopeTORequest.setVersion(syncopeTO.getVersion());
+ syncopeTORequest.setCaptchaEnabled(SyncopeEnduserApplication.get().isCaptchaEnabled());
return syncopeTORequest;
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/java/org/apache/syncope/client/enduser/model/SyncopeTORequest.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/model/SyncopeTORequest.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/model/SyncopeTORequest.java
index 0b3dbff..d9ce45c 100644
--- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/model/SyncopeTORequest.java
+++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/model/SyncopeTORequest.java
@@ -32,6 +32,8 @@ public class SyncopeTORequest implements Serializable {
private boolean pwdResetRequiringSecurityQuestions;
+ private boolean captchaEnabled;
+
public SyncopeTORequest() {
}
@@ -47,6 +49,10 @@ public class SyncopeTORequest implements Serializable {
return pwdResetAllowed;
}
+ public boolean isCaptchaEnabled() {
+ return captchaEnabled;
+ }
+
public boolean isPwdResetRequiringSecurityQuestions() {
return pwdResetRequiringSecurityQuestions;
}
@@ -67,4 +73,8 @@ public class SyncopeTORequest implements Serializable {
this.pwdResetRequiringSecurityQuestions = pwdResetRequiringSecurityQuestions;
}
+ public void setCaptchaEnabled(final boolean captchaEnabled) {
+ this.captchaEnabled = captchaEnabled;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/java/org/apache/syncope/client/enduser/model/UserTORequest.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/model/UserTORequest.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/model/UserTORequest.java
index 0af6a76..375bc21 100644
--- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/model/UserTORequest.java
+++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/model/UserTORequest.java
@@ -57,6 +57,8 @@ public class UserTORequest implements Serializable {
private List<String> auxClasses = new ArrayList<>();
+ private String captcha;
+
public UserTORequest() {
}
@@ -156,6 +158,14 @@ public class UserTORequest implements Serializable {
this.auxClasses = auxClasses;
}
+ public String getCaptcha() {
+ return captcha;
+ }
+
+ public void setCaptcha(final String captcha) {
+ this.captcha = captcha;
+ }
+
public UserTORequest key(final Long value) {
this.key = value;
return this;
@@ -211,6 +221,11 @@ public class UserTORequest implements Serializable {
return this;
}
+ public UserTORequest captcha(final String value) {
+ this.captcha = value;
+ return this;
+ }
+
@Override
public String toString() {
return ToStringBuilder.reflectionToString(this);
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AbstractBaseResource.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AbstractBaseResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AbstractBaseResource.java
index 3f9e037..fbde3c6 100644
--- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AbstractBaseResource.java
+++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AbstractBaseResource.java
@@ -20,6 +20,7 @@ package org.apache.syncope.client.enduser.resources;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
+import org.apache.syncope.client.enduser.SyncopeEnduserApplication;
import org.apache.syncope.client.enduser.SyncopeEnduserConstants;
import org.apache.syncope.client.enduser.SyncopeEnduserSession;
import org.apache.syncope.common.lib.SyncopeClientException;
@@ -48,9 +49,26 @@ public abstract class AbstractBaseResource extends AbstractResource {
protected final boolean xsrfCheck(final HttpServletRequest request) {
final String requestXSRFHeader = request.getHeader(SyncopeEnduserConstants.XSRF_HEADER_NAME);
- return StringUtils.isNotBlank(requestXSRFHeader)
- && SyncopeEnduserSession.get().getCookieUtils().getCookie(SyncopeEnduserConstants.XSRF_COOKIE).
- getValue().equals(requestXSRFHeader);
+ if (SyncopeEnduserApplication.get().isXsrfEnabled()) {
+ return StringUtils.isNotBlank(requestXSRFHeader)
+ && SyncopeEnduserSession.get().getCookieUtils().getCookie(SyncopeEnduserConstants.XSRF_COOKIE).
+ getValue().equals(requestXSRFHeader);
+ } else {
+ //if xsfr is disabled, we return always true
+ return true;
+ }
}
+ protected final boolean captchaCheck(final String enteredCaptcha, final String currentCaptcha) {
+ if (SyncopeEnduserApplication.get().isCaptchaEnabled()) {
+ if (StringUtils.isBlank(currentCaptcha) || enteredCaptcha == null) {
+ return false;
+ } else {
+ return enteredCaptcha.equals(currentCaptcha);
+ }
+ } else {
+ //if captcha is disabled, we return always true
+ return true;
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/CaptchaValidateResource.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/CaptchaValidateResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/CaptchaValidateResource.java
deleted file mode 100644
index e8749b8..0000000
--- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/CaptchaValidateResource.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.syncope.client.enduser.resources;
-
-import java.io.IOException;
-import javax.servlet.http.HttpServletRequest;
-import javax.ws.rs.core.Response;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.syncope.client.enduser.SyncopeEnduserConstants;
-import org.apache.syncope.client.enduser.model.CaptchaRequest;
-import org.apache.syncope.core.misc.serialization.POJOHelper;
-import org.apache.wicket.request.resource.AbstractResource;
-import org.apache.wicket.request.resource.IResource;
-import org.apache.wicket.util.io.IOUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class CaptchaValidateResource extends AbstractBaseResource {
-
- private static final Logger LOG = LoggerFactory.getLogger(CaptchaValidateResource.class);
-
- private static final long serialVersionUID = 6453101466981543020L;
-
- @Override
- protected ResourceResponse newResourceResponse(final IResource.Attributes attributes) {
-
- LOG.debug("Validate captcha request");
-
- AbstractResource.ResourceResponse response = new AbstractResource.ResourceResponse();
- try {
- HttpServletRequest currentRequest = (HttpServletRequest) attributes.getRequest().getContainerRequest();
-
- if (!xsrfCheck(currentRequest)) {
- LOG.error("XSRF TOKEN does not match");
- response.setError(Response.Status.BAD_REQUEST.getStatusCode(), "XSRF TOKEN does not match");
- return response;
- }
-
- final CaptchaRequest enteredCaptcha = POJOHelper.deserialize(IOUtils.toString(currentRequest.
- getInputStream()), CaptchaRequest.class);
-
- final String currentCaptcha = currentRequest.getSession().getAttribute(
- SyncopeEnduserConstants.CAPTCHA_SESSION_KEY) == null
- ? null
- : currentRequest.getSession().getAttribute(SyncopeEnduserConstants.CAPTCHA_SESSION_KEY).
- toString();
-
- if (StringUtils.isBlank(currentCaptcha) || enteredCaptcha == null) {
- LOG.info("Could not validate captcha: current session captcha or inserted captcha are empty or null");
- response.setError(Response.Status.BAD_REQUEST.getStatusCode(),
- "ErrorMessage{{ Could not validate captcha: current session captcha or entered captcha are "
- + "empty or null }}");
- } else {
- LOG.info("Is entered captcha equal to current session captcha? {}", enteredCaptcha.getValue().equals(
- currentCaptcha));
-
- response.setWriteCallback(new WriteCallback() {
-
- @Override
- public void writeData(final IResource.Attributes attributes) throws IOException {
- attributes.getResponse().
- write(String.valueOf(enteredCaptcha.getValue().equals(currentCaptcha)));
- }
- });
- response.setStatusCode(Response.Status.OK.getStatusCode());
- }
- } catch (Exception e) {
- LOG.error("Could not validate captcha", e);
- response.setError(Response.Status.BAD_REQUEST.getStatusCode(), new StringBuilder().append(
- "ErrorMessage{{ Could not validate captcha ")
- .append(e.getMessage()).append(" }}").toString());
- }
- return response;
- }
-}
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java
index 5328666..57c2836 100644
--- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java
+++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java
@@ -21,6 +21,7 @@ package org.apache.syncope.client.enduser.resources;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.Response;
+import org.apache.syncope.client.enduser.SyncopeEnduserConstants;
import org.apache.syncope.client.enduser.SyncopeEnduserSession;
import org.apache.syncope.client.enduser.adapters.UserTOAdapter;
import org.apache.syncope.client.enduser.model.UserTORequest;
@@ -60,9 +61,15 @@ public class UserSelfCreateResource extends AbstractBaseResource {
}
String jsonString = request.getReader().readLine();
-
+
final UserTORequest userTORequest = POJOHelper.deserialize(jsonString, UserTORequest.class);
+ if (!captchaCheck(userTORequest.getCaptcha(), request.getSession().getAttribute(
+ SyncopeEnduserConstants.CAPTCHA_SESSION_KEY).toString())) {
+ LOG.error("Entered captcha is not matching");
+ throw new Exception("Entered captcha is not matching");
+ }
+
if (isSelfRegistrationAllowed() && userTORequest != null) {
LOG.debug("Received user self registration request for user: [{}]", userTORequest.getUsername());
LOG.trace("Received user self registration request is: [{}]", userTORequest);
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfPasswordReset.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfPasswordReset.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfPasswordReset.java
index 5198ba7..28b7fcb 100644
--- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfPasswordReset.java
+++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfPasswordReset.java
@@ -22,6 +22,7 @@ import java.io.IOException;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.Response;
+import org.apache.syncope.client.enduser.SyncopeEnduserConstants;
import org.apache.syncope.client.enduser.SyncopeEnduserSession;
import org.apache.syncope.common.rest.api.service.UserSelfService;
import org.apache.wicket.request.resource.AbstractResource;
@@ -53,10 +54,19 @@ public class UserSelfPasswordReset extends AbstractBaseResource {
response.setError(Response.Status.BAD_REQUEST.getStatusCode(), "XSRF TOKEN does not match");
return response;
}
+
Map<String, String[]> parameters = request.getParameterMap();
if (parameters.get("username") == null || parameters.get("username").length == 0) {
throw new Exception("A valid username should be provided");
}
+
+ if (parameters.get("captcha") == null || parameters.get("captcha").length == 0 || !captchaCheck(parameters.
+ get("captcha")[0], request.getSession().getAttribute(SyncopeEnduserConstants.CAPTCHA_SESSION_KEY).
+ toString())) {
+ LOG.error("Entered captcha is not matching");
+ throw new Exception("Entered captcha is not matching");
+ }
+
if (SyncopeEnduserSession.get().getSyncopeTO().isPwdResetRequiringSecurityQuestions()) {
if (parameters.get("securityanswer") == null || parameters.get("securityanswer").length == 0) {
throw new Exception("A correct security answer should be provided");
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/resources/META-INF/resources/app/js/app.js
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/resources/META-INF/resources/app/js/app.js b/client/enduser/src/main/resources/META-INF/resources/app/js/app.js
index 113fc86..25c16df 100644
--- a/client/enduser/src/main/resources/META-INF/resources/app/js/app.js
+++ b/client/enduser/src/main/resources/META-INF/resources/app/js/app.js
@@ -283,6 +283,7 @@ app.controller('ApplicationController', ['$scope', '$rootScope', 'InfoService',
$rootScope.pwdResetAllowed = false;
$rootScope.version = "";
$rootScope.pwdResetRequiringSecurityQuestions = false;
+ $rootScope.captchaEnabled = false;
//info settings are initialized every time an user open the login page
InfoService.getInfo().then(
function (response) {
@@ -290,6 +291,7 @@ app.controller('ApplicationController', ['$scope', '$rootScope', 'InfoService',
$rootScope.selfRegAllowed = response.selfRegAllowed;
$rootScope.version = response.version;
$rootScope.pwdResetRequiringSecurityQuestions = response.pwdResetRequiringSecurityQuestions;
+ $rootScope.captchaEnabled = response.captchaEnabled;
},
function (response) {
console.log("Something went wrong while accessing info resource", response);
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/resources/META-INF/resources/app/js/controllers/UserController.js
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/resources/META-INF/resources/app/js/controllers/UserController.js b/client/enduser/src/main/resources/META-INF/resources/app/js/controllers/UserController.js
index 0390b7a..b4b80ba 100644
--- a/client/enduser/src/main/resources/META-INF/resources/app/js/controllers/UserController.js
+++ b/client/enduser/src/main/resources/META-INF/resources/app/js/controllers/UserController.js
@@ -324,63 +324,48 @@ angular.module("self").controller("UserController", ['$scope', '$rootScope', '$l
$scope.saveUser = function (user) {
console.log("Save user: ", user);
- // validate captcha and then save user
- CaptchaService.validate($scope.captchaInput).then(function (response) {
- if (!(response === 'true')) {
- $scope.showError("Captcha inserted is not valid, please digit the correct captcha", $scope.notification);
- return;
- }
+ // setting captcha value while saving user
+ user.captcha = $scope.captchaInput.value;
- if ($scope.createMode) {
+ if ($scope.createMode) {
- UserSelfService.create(user).then(function (response) {
- console.log("Created user: ", response);
- $scope.showSuccess("User " + $scope.user.username + " successfully created", $scope.notification);
- $location.path('/self');
- }, function (response) {
- console.log("Error during user creation: ", response);
- var errorMessage;
- // parse error response
- if (response !== undefined) {
- errorMessage = response.split("ErrorMessage{{")[1];
- errorMessage = errorMessage.split("}}")[0];
- }
- $scope.showError("Error: " + (errorMessage || response), $scope.notification);
- });
+ UserSelfService.create(user).then(function (response) {
+ console.log("Created user: ", response);
+ $scope.showSuccess("User " + $scope.user.username + " successfully created", $scope.notification);
+ $location.path('/self');
+ }, function (response) {
+ console.log("Error during user creation: ", response);
+ var errorMessage;
+ // parse error response
+ if (response !== undefined) {
+ errorMessage = response.split("ErrorMessage{{")[1];
+ errorMessage = errorMessage.split("}}")[0];
+ }
+ $scope.showError("Error: " + (errorMessage || response), $scope.notification);
+ });
- } else {
-
- UserSelfService.update(user).then(function (response) {
- console.log("Updated user: ", response);
- AuthService.logout().then(function (response) {
- console.log("LOGOUT SUCCESS: ", response);
- $location.path('/self');
- $scope.showSuccess("User " + $scope.user.username + " successfully updated", $scope.notification);
- }, function () {
- console.log("LOGOUT FAILED");
- });
- }, function (response) {
- console.log("Error during user update: ", response);
- var errorMessage;
- // parse error response
- if (response !== undefined) {
- errorMessage = response.split("ErrorMessage{{")[1];
- errorMessage = errorMessage.split("}}")[0];
- }
- $scope.showError("Error: " + (errorMessage || response), $scope.notification);
+ } else {
+
+ UserSelfService.update(user).then(function (response) {
+ console.log("Updated user: ", response);
+ AuthService.logout().then(function (response) {
+ console.log("LOGOUT SUCCESS: ", response);
+ $location.path('/self');
+ $scope.showSuccess("User " + $scope.user.username + " successfully updated", $scope.notification);
+ }, function () {
+ console.log("LOGOUT FAILED");
});
- }
- }, function (response) {
- console.log("Error during validate captcha ", response);
- var errorMessage;
- // parse error response
- if (response !== undefined) {
- errorMessage = response.split("ErrorMessage{{")[1];
- errorMessage = errorMessage.split("}}")[0];
- }
- $scope.showError("Error: " + (errorMessage || response), $scope.notification);
- return;
- });
+ }, function (response) {
+ console.log("Error during user update: ", response);
+ var errorMessage;
+ // parse error response
+ if (response !== undefined) {
+ errorMessage = response.split("ErrorMessage{{")[1];
+ errorMessage = errorMessage.split("}}")[0];
+ }
+ $scope.showError("Error: " + (errorMessage || response), $scope.notification);
+ });
+ }
};
$scope.retrieveSecurityQuestion = function (user) {
if ($rootScope.pwdResetRequiringSecurityQuestions) {
@@ -407,34 +392,21 @@ angular.module("self").controller("UserController", ['$scope', '$rootScope', '$l
$scope.resetPassword = function (user) {
if (user && user.username) {
$scope.retrieveSecurityQuestion(user);
- CaptchaService.validate($scope.captchaInput).then(function (response) {
- if (!(response === 'true')) {
- $scope.showError("Captcha inserted is not valid, please digit the correct captcha", $scope.notification);
- return;
- }
- UserSelfService.passwordReset(user).then(function (data) {
- $scope.showSuccess(data, $scope.notification);
- $location.path('/self');
- }, function (response) {
- var errorMessage;
- // parse error response
- if (response !== undefined) {
- errorMessage = response.split("ErrorMessage{{")[1];
- errorMessage = errorMessage.split("}}")[0];
- $scope.showError("An error occured during password reset: " + errorMessage, $scope.notification);
- //we need to refresh captcha after a valid request
- $scope.$broadcast("refreshCaptcha");
- }
- });
+ // setting captcha value while saving user
+ user.captcha = $scope.captchaInput.value;
+ UserSelfService.passwordReset(user).then(function (data) {
+ $scope.showSuccess(data, $scope.notification);
+ $location.path('/self');
}, function (response) {
var errorMessage;
// parse error response
if (response !== undefined) {
errorMessage = response.split("ErrorMessage{{")[1];
errorMessage = errorMessage.split("}}")[0];
+ $scope.showError("An error occured during password reset: " + errorMessage, $scope.notification);
+ //we need to refresh captcha after a valid request
+ $scope.$broadcast("refreshCaptcha");
}
- $scope.showError("Error: " + (errorMessage || response), $scope.notification);
- return;
});
} else {
$scope.showError("You should use a valid and non-empty username", $scope.notification);
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/resources/META-INF/resources/app/js/directives/captcha.js
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/resources/META-INF/resources/app/js/directives/captcha.js b/client/enduser/src/main/resources/META-INF/resources/app/js/directives/captcha.js
index 00720fa..466d1d8 100644
--- a/client/enduser/src/main/resources/META-INF/resources/app/js/directives/captcha.js
+++ b/client/enduser/src/main/resources/META-INF/resources/app/js/directives/captcha.js
@@ -25,10 +25,11 @@ angular.module('self')
templateUrl: 'views/captcha.html',
scope: {
input: "=",
+ captchaEnabled : '=enabled'
},
controller: function ($scope) {
$scope.captchaUrl = '';
-
+
//initialize captcha
$scope.refreshCaptcha = function () {
console.log("REFRESH CAPTCHA")
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/resources/META-INF/resources/app/js/services/captchaService.js
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/resources/META-INF/resources/app/js/services/captchaService.js b/client/enduser/src/main/resources/META-INF/resources/app/js/services/captchaService.js
index 6361d92..4bcd20e 100644
--- a/client/enduser/src/main/resources/META-INF/resources/app/js/services/captchaService.js
+++ b/client/enduser/src/main/resources/META-INF/resources/app/js/services/captchaService.js
@@ -35,18 +35,6 @@ angular.module('self')
});
};
- captchaService.validate = function (captcha) {
- return $http
- .post('/syncope-enduser/api/captcha/validate', captcha)
- .then(function (response) {
- return response.data;
- }, function (response) {
- console.log("Something went wrong during validation of captcha: , exit with status: ", captcha,
- response.statusText);
- return $q.reject(response.data || response.statusText);
- });
- };
-
return captchaService;
}]);
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/resources/META-INF/resources/app/views/captcha.html
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/resources/META-INF/resources/app/views/captcha.html b/client/enduser/src/main/resources/META-INF/resources/app/views/captcha.html
index 02ebcce..cf2c15f 100644
--- a/client/enduser/src/main/resources/META-INF/resources/app/views/captcha.html
+++ b/client/enduser/src/main/resources/META-INF/resources/app/views/captcha.html
@@ -1,15 +1,15 @@
-<div>
+<div ng-show="{{captchaEnabled}}">
<nav class="navbar">
<div class="container-fluid" style="text-align: center">
- <div style="text-align:center">
+ <div style="text-align:center;">
<img id="captchaImg" alt="captcha" ng-src="{{captchaUrl}}'"/>
- <div style="margin-top: 5%">
+ <div style="margin-top: 5%; margin-bottom: 10px">
<button id="refresh" type="button" class="btn btn-default btn-xs glyphicon glyphicon-refresh"
ng-click="refreshCaptcha()" title="Refresh Captcha"></button>
<a id="refresh" class="btn btn-default btn-xs glyphicon glyphicon-question-sign" title="What is?"
href="https://it.wikipedia.org/wiki/CAPTCHA"/>
</div>
- <input class="form-control" style="margin-top: 5%" type="text" ng-model="input.value"/>
+ <input class="form-control" style="margin:auto; max-width: 260px" type="text" ng-model="input.value"/>
</div>
<div>
<span class="help-block">Please enter the code displayed within the image.</span>
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/resources/META-INF/resources/app/views/passwordreset.html
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/resources/META-INF/resources/app/views/passwordreset.html b/client/enduser/src/main/resources/META-INF/resources/app/views/passwordreset.html
index f4fdc57..c3fa05c 100644
--- a/client/enduser/src/main/resources/META-INF/resources/app/views/passwordreset.html
+++ b/client/enduser/src/main/resources/META-INF/resources/app/views/passwordreset.html
@@ -60,7 +60,7 @@ under the License.
<div id="attribute" class="form-group row">
<!--captcha-->
<div class="form-group row">
- <captcha input="captchaInput"></captcha>
+ <captcha input="captchaInput" enabled="captchaEnabled"></captcha>
</div>
<button id="resetpassword" type="submit" class="btn btn-default pull-right">Submit</button>
<div class="pull-left">
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/resources/META-INF/resources/app/views/user-form-finish.html
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/resources/META-INF/resources/app/views/user-form-finish.html b/client/enduser/src/main/resources/META-INF/resources/app/views/user-form-finish.html
index a786707..fba87fe 100644
--- a/client/enduser/src/main/resources/META-INF/resources/app/views/user-form-finish.html
+++ b/client/enduser/src/main/resources/META-INF/resources/app/views/user-form-finish.html
@@ -21,7 +21,7 @@ under the License.
<div id="attribute" class="form-group row">
<!--captcha-->
<div class="form-group row">
- <captcha input="captchaInput"></captcha>
+ <captcha input="captchaInput" enabled="captchaEnabled"></captcha>
</div>
<button id="save" type="submit" class="btn btn-default pull-right">Save</button>
<navigation-buttons ng-show="createMode" next="none" previous="create.resources"></navigation-buttons>
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/client/enduser/src/main/resources/enduser.properties
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/resources/enduser.properties b/client/enduser/src/main/resources/enduser.properties
index 30f4028..837f1e5 100644
--- a/client/enduser/src/main/resources/enduser.properties
+++ b/client/enduser/src/main/resources/enduser.properties
@@ -27,3 +27,6 @@ scheme=http
host=localhost
port=8080
rootPath=/syncope/rest/
+
+captcha=true
+xsrf=true
http://git-wip-us.apache.org/repos/asf/syncope/blob/5d35181a/fit/enduser-reference/src/main/resources/enduser.properties
----------------------------------------------------------------------
diff --git a/fit/enduser-reference/src/main/resources/enduser.properties b/fit/enduser-reference/src/main/resources/enduser.properties
index 81d137e..e9484b1 100644
--- a/fit/enduser-reference/src/main/resources/enduser.properties
+++ b/fit/enduser-reference/src/main/resources/enduser.properties
@@ -27,3 +27,6 @@ scheme=http
host=localhost
port=9080
rootPath=/syncope/rest/
+
+captcha=true
+xsrf=true
[3/3] syncope git commit: [SYNCOPE-719] Fixing session cache problem
during creation of a new session
Posted by gi...@apache.org.
[SYNCOPE-719] Fixing session cache problem during creation of a new session
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/e4373b32
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/e4373b32
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/e4373b32
Branch: refs/heads/master
Commit: e4373b321d9dc9072d8ee7f53e6d506d2f350589
Parents: 5d35181
Author: giacomolm <gi...@hotmail.it>
Authored: Thu Jan 21 13:02:26 2016 +0100
Committer: giacomolm <gi...@hotmail.it>
Committed: Thu Jan 21 13:02:26 2016 +0100
----------------------------------------------------------------------
.../org/apache/syncope/client/enduser/SyncopeEnduserSession.java | 2 ++
1 file changed, 2 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/e4373b32/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserSession.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserSession.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserSession.java
index 89b566b..5fa24b9 100644
--- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserSession.java
+++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserSession.java
@@ -100,6 +100,8 @@ public class SyncopeEnduserSession extends WebSession {
// for every request
this.bind();
authenticated = true;
+ //we should clear all the previous services
+ services.clear();
} catch (Exception e) {
LOG.error("Authentication failed", e);
}