updated dependencies on srsoftware.de packages
Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
This commit is contained in:
@@ -3,7 +3,8 @@ description = 'SRSoftware OIDC: api'
|
||||
|
||||
dependencies {
|
||||
implementation 'de.srsoftware:tools.optionals:1.0.0'
|
||||
implementation 'de.srsoftware:tools.util:1.1.0'
|
||||
implementation 'de.srsoftware:tools.result:1.0.0'
|
||||
implementation 'de.srsoftware:tools.util:1.3.1'
|
||||
implementation 'org.bitbucket.b_c:jose4j:0.9.6'
|
||||
implementation 'org.json:json:20240303'
|
||||
implementation 'com.sun.mail:jakarta.mail:2.0.1'
|
||||
|
||||
@@ -6,7 +6,7 @@ import static java.util.Optional.empty;
|
||||
import de.srsoftware.oidc.api.data.AccessToken;
|
||||
import de.srsoftware.oidc.api.data.Lock;
|
||||
import de.srsoftware.oidc.api.data.User;
|
||||
import de.srsoftware.tools.Result;
|
||||
import de.srsoftware.tools.result.Result;
|
||||
import java.time.Instant;
|
||||
import java.util.*;
|
||||
|
||||
|
||||
@@ -6,10 +6,10 @@ plugins {
|
||||
|
||||
dependencies{
|
||||
implementation("org.json:json:20240303")
|
||||
implementation("de.srsoftware:tools.http:1.0.1")
|
||||
implementation("de.srsoftware:tools.logging:1.0.1")
|
||||
implementation("de.srsoftware:tools.http:1.3.0")
|
||||
implementation("de.srsoftware:tools.logging:1.2.0")
|
||||
implementation("de.srsoftware:tools.optionals:1.0.0")
|
||||
implementation("de.srsoftware:tools.util:1.1.0")
|
||||
implementation("de.srsoftware:tools.util:1.3.1")
|
||||
implementation(project(":de.srsoftware.oidc.api"))
|
||||
implementation(project(":de.srsoftware.oidc.backend"))
|
||||
implementation(project(":de.srsoftware.oidc.datastore.encrypted"))
|
||||
|
||||
@@ -2,9 +2,10 @@ description = "SRSoftware OIDC: backend"
|
||||
|
||||
dependencies{
|
||||
implementation("com.sun.mail:jakarta.mail:2.0.1")
|
||||
implementation("de.srsoftware:tools.http:1.0.1")
|
||||
implementation("de.srsoftware:tools.http:1.3.0")
|
||||
implementation("de.srsoftware:tools.optionals:1.0.0")
|
||||
implementation("de.srsoftware:tools.util:1.1.0")
|
||||
implementation("de.srsoftware:tools.result:1.0.0")
|
||||
implementation("de.srsoftware:tools.util:1.3.1")
|
||||
implementation("org.bitbucket.b_c:jose4j:0.9.6")
|
||||
implementation("org.json:json:20240303")
|
||||
|
||||
|
||||
@@ -3,6 +3,7 @@ package de.srsoftware.oidc.backend;
|
||||
|
||||
import static de.srsoftware.oidc.api.Constants.*;
|
||||
import static de.srsoftware.oidc.api.data.Permission.MANAGE_CLIENTS;
|
||||
import static de.srsoftware.tools.Error.error;
|
||||
import static java.net.HttpURLConnection.*;
|
||||
|
||||
import com.sun.net.httpserver.HttpExchange;
|
||||
@@ -11,7 +12,6 @@ import de.srsoftware.oidc.api.data.AuthorizedScopes;
|
||||
import de.srsoftware.oidc.api.data.Client;
|
||||
import de.srsoftware.oidc.api.data.Session;
|
||||
import de.srsoftware.oidc.api.data.User;
|
||||
import de.srsoftware.tools.Error;
|
||||
import de.srsoftware.tools.Optionals;
|
||||
import java.io.IOException;
|
||||
import java.time.Duration;
|
||||
@@ -42,15 +42,15 @@ public class ClientController extends Controller {
|
||||
var user = optUser.get();
|
||||
var json = json(ex);
|
||||
var state = json.has(STATE) ? json.getString(STATE) : null;
|
||||
if (!json.has(CLIENT_ID)) return badRequest(ex, Error.of(ERROR_MISSING_PARAMETER).addData(PARAM, CLIENT_ID, STATE, state));
|
||||
if (!json.has(CLIENT_ID)) return badRequest(ex, error(ERROR_MISSING_PARAMETER).addData(PARAM, CLIENT_ID, STATE, state));
|
||||
var clientId = json.getString(CLIENT_ID);
|
||||
var optClient = clients.getClient(clientId);
|
||||
if (optClient.isEmpty()) return badRequest(ex, Error.of(ERROR_UNKNOWN_CLIENT).addData(CLIENT_ID, clientId, STATE, state));
|
||||
if (optClient.isEmpty()) return badRequest(ex, error(ERROR_UNKNOWN_CLIENT).addData(CLIENT_ID, clientId, STATE, state));
|
||||
for (String param : List.of(SCOPE, RESPONSE_TYPE, REDIRECT_URI)) {
|
||||
if (!json.has(param)) return badRequest(ex, Error.of(ERROR_MISSING_PARAMETER).addData(PARAM, param, STATE, state));
|
||||
if (!json.has(param)) return badRequest(ex, error(ERROR_MISSING_PARAMETER).addData(PARAM, param, STATE, state));
|
||||
}
|
||||
var scopes = toList(json, SCOPE);
|
||||
if (!scopes.contains(OPENID)) return badRequest(ex, Error.of(ERROR_MISSING_PARAMETER).addData(PARAM, "Scope: openid", STATE, state));
|
||||
if (!scopes.contains(OPENID)) return badRequest(ex, error(ERROR_MISSING_PARAMETER).addData(PARAM, "Scope: openid", STATE, state));
|
||||
var responseTypes = toList(json, RESPONSE_TYPE);
|
||||
var types = 0;
|
||||
for (var responseType : responseTypes) {
|
||||
@@ -60,15 +60,15 @@ public class ClientController extends Controller {
|
||||
types++;
|
||||
break;
|
||||
default:
|
||||
return badRequest(ex, Error.of(ERROR_UNSUPPORTED_RESPONSE_TYPE).addData(RESPONSE_TYPE, responseType, STATE, state));
|
||||
return badRequest(ex, error(ERROR_UNSUPPORTED_RESPONSE_TYPE).addData(RESPONSE_TYPE, responseType, STATE, state));
|
||||
}
|
||||
}
|
||||
if (types < 1) return badRequest(ex, Error.of(ERROR_MISSING_CODE_RESPONSE_TYPE).addData(STATE, state));
|
||||
if (types < 1) return badRequest(ex, error(ERROR_MISSING_CODE_RESPONSE_TYPE).addData(STATE, state));
|
||||
|
||||
var client = optClient.get();
|
||||
var redirect = json.getString(REDIRECT_URI);
|
||||
|
||||
if (!client.redirectUris().contains(redirect)) return badRequest(ex, Error.of(ERROR_INVALID_REDIRECT).addData(REDIRECT_URI, redirect, STATE, state));
|
||||
if (!client.redirectUris().contains(redirect)) return badRequest(ex, error(ERROR_INVALID_REDIRECT).addData(REDIRECT_URI, redirect, STATE, state));
|
||||
|
||||
if (json.has(AUTHORZED)) { // user did consent
|
||||
var authorized = json.getJSONObject(AUTHORZED);
|
||||
|
||||
@@ -14,9 +14,8 @@ import de.srsoftware.oidc.api.*;
|
||||
import de.srsoftware.oidc.api.data.Permission;
|
||||
import de.srsoftware.oidc.api.data.Session;
|
||||
import de.srsoftware.oidc.api.data.User;
|
||||
import de.srsoftware.tools.Payload;
|
||||
import de.srsoftware.tools.Result;
|
||||
import de.srsoftware.tools.SessionToken;
|
||||
import de.srsoftware.tools.result.*;
|
||||
import jakarta.mail.*;
|
||||
import jakarta.mail.internet.*;
|
||||
import java.io.IOException;
|
||||
@@ -228,7 +227,7 @@ public class UserController extends Controller {
|
||||
var user = optUser.get();
|
||||
users.updatePassword(user, newPass);
|
||||
var session = sessions.createSession(user, false);
|
||||
new SessionToken(session.id(), session.expiration(), session.trustBrowser()).addTo(ex);
|
||||
new SessionToken(session.id(), "/api", session.expiration(), session.trustBrowser()).addTo(ex);
|
||||
return sendRedirect(ex, "/");
|
||||
}
|
||||
|
||||
@@ -267,7 +266,7 @@ public class UserController extends Controller {
|
||||
}
|
||||
|
||||
private boolean sendUserAndCookie(HttpExchange ex, Session session, User user) throws IOException {
|
||||
new SessionToken(session.id(), session.expiration(), session.trustBrowser()).addTo(ex);
|
||||
new SessionToken(session.id(), "/api", session.expiration(), session.trustBrowser()).addTo(ex);
|
||||
return sendContent(ex, user.map(false));
|
||||
}
|
||||
|
||||
|
||||
@@ -3,7 +3,8 @@ description = "SRSoftware OIDC: encrypted datastore module"
|
||||
dependencies{
|
||||
implementation("com.sun.mail:jakarta.mail:2.0.1")
|
||||
implementation("de.srsoftware:tools.optionals:1.0.0")
|
||||
implementation("de.srsoftware:tools.util:1.1.0")
|
||||
implementation("de.srsoftware:tools.result:1.0.0")
|
||||
implementation("de.srsoftware:tools.util:1.3.1")
|
||||
|
||||
implementation(project(":de.srsoftware.oidc.api"))
|
||||
testImplementation(project(":de.srsoftware.oidc.api","testBundle"))
|
||||
|
||||
@@ -2,16 +2,18 @@
|
||||
package de.srsoftware.oidc.datastore.encrypted;
|
||||
|
||||
import static de.srsoftware.oidc.api.Constants.*;
|
||||
import static de.srsoftware.tools.result.Error.error;
|
||||
import static java.lang.System.Logger.Level.WARNING;
|
||||
import static java.util.Optional.empty;
|
||||
|
||||
import de.srsoftware.oidc.api.UserService;
|
||||
import de.srsoftware.oidc.api.data.AccessToken;
|
||||
import de.srsoftware.oidc.api.data.User;
|
||||
import de.srsoftware.tools.Error;
|
||||
import de.srsoftware.tools.PasswordHasher;
|
||||
import de.srsoftware.tools.Payload;
|
||||
import de.srsoftware.tools.Result;
|
||||
import de.srsoftware.tools.result.*;
|
||||
import de.srsoftware.tools.result.Error;
|
||||
import de.srsoftware.tools.result.Payload;
|
||||
import de.srsoftware.tools.result.Result;
|
||||
import java.util.*;
|
||||
|
||||
public class EncryptedUserService extends EncryptedConfig implements UserService {
|
||||
@@ -98,12 +100,13 @@ public class EncryptedUserService extends EncryptedConfig implements UserService
|
||||
|
||||
@Override
|
||||
public Result<User> login(String username, String password) {
|
||||
if (username == null || username.isBlank()) return Error.of(ERROR_NO_USERNAME);
|
||||
if (username == null || username.isBlank()) return error(ERROR_NO_USERNAME);
|
||||
var optLock = getLock(username);
|
||||
if (optLock.isPresent()) {
|
||||
var lock = optLock.get();
|
||||
LOG.log(WARNING, "{0} is locked after {1} failed logins. Lock will be released at {2}", username, lock.attempts(), lock.releaseTime());
|
||||
return new Error<User>(ERROR_LOCKED).addData(ATTEMPTS, lock.attempts(), RELEASE, lock.releaseTime());
|
||||
Error<User> err = error(ERROR_LOCKED);
|
||||
return err.addData(ATTEMPTS, lock.attempts(), RELEASE, lock.releaseTime());
|
||||
}
|
||||
for (var encryptedUser : backend.list()) {
|
||||
var decryptedUser = decrypt(encryptedUser);
|
||||
@@ -116,7 +119,8 @@ public class EncryptedUserService extends EncryptedConfig implements UserService
|
||||
|
||||
var lock = lock(username);
|
||||
LOG.log(WARNING, "Login failed for {0} → locking account until {1}", username, lock.releaseTime());
|
||||
return new Error<User>(ERROR_LOGIN_FAILED).addData(RELEASE, lock.releaseTime());
|
||||
Error<User> err = error(ERROR_LOGIN_FAILED);
|
||||
return err.addData(RELEASE, lock.releaseTime());
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -3,15 +3,16 @@ package de.srsoftware.oidc.datastore.encrypted; /* © SRSoftware 2024 */
|
||||
import static de.srsoftware.oidc.api.Constants.*;
|
||||
import static de.srsoftware.tools.Optionals.nullable;
|
||||
import static de.srsoftware.tools.Strings.uuid;
|
||||
import static de.srsoftware.tools.result.Error.error;
|
||||
import static java.lang.System.Logger.Level.WARNING;
|
||||
|
||||
import de.srsoftware.oidc.api.*;
|
||||
import de.srsoftware.oidc.api.data.AccessToken;
|
||||
import de.srsoftware.oidc.api.data.User;
|
||||
import de.srsoftware.tools.Error;
|
||||
import de.srsoftware.tools.PasswordHasher;
|
||||
import de.srsoftware.tools.Payload;
|
||||
import de.srsoftware.tools.Result;
|
||||
import de.srsoftware.tools.result.Error;
|
||||
import de.srsoftware.tools.result.Payload;
|
||||
import de.srsoftware.tools.result.Result;
|
||||
import java.io.File;
|
||||
import java.util.*;
|
||||
import java.util.stream.Collectors;
|
||||
@@ -76,7 +77,8 @@ public class EncryptedUserServiceTest extends UserServiceTest {
|
||||
if (optLock.isPresent()) {
|
||||
var lock = optLock.get();
|
||||
LOG.log(WARNING, "{} is locked after {} failed logins. Lock will be released at {}", username, lock.attempts(), lock.releaseTime());
|
||||
return new Error<User>(ERROR_LOCKED).addData(ATTEMPTS, lock.attempts(), RELEASE, lock.releaseTime());
|
||||
Error<User> err = error(ERROR_LOCKED);
|
||||
return err.addData(ATTEMPTS, lock.attempts(), RELEASE, lock.releaseTime());
|
||||
}
|
||||
|
||||
for (var entry : users.entrySet()) {
|
||||
@@ -88,7 +90,8 @@ public class EncryptedUserServiceTest extends UserServiceTest {
|
||||
}
|
||||
var lock = lock(username);
|
||||
LOG.log(WARNING, "Login failed for {0} → locking account until {1}", username, lock.releaseTime());
|
||||
return new Error<User>(ERROR_LOGIN_FAILED).addData(RELEASE, lock.releaseTime());
|
||||
Error<User> err = error(ERROR_LOGIN_FAILED);
|
||||
return err.addData(RELEASE, lock.releaseTime());
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -3,7 +3,8 @@ description = "SRSoftware OIDC: file datastore module"
|
||||
dependencies{
|
||||
implementation("com.sun.mail:jakarta.mail:2.0.1")
|
||||
implementation("de.srsoftware:tools.optionals:1.0.0")
|
||||
implementation("de.srsoftware:tools.util:1.1.0")
|
||||
implementation("de.srsoftware:tools.result:1.0.0")
|
||||
implementation("de.srsoftware:tools.util:1.3.1")
|
||||
implementation("org.json:json:20240303")
|
||||
|
||||
implementation(project(":de.srsoftware.oidc.api"))
|
||||
|
||||
@@ -4,16 +4,16 @@ import static de.srsoftware.oidc.api.Constants.*;
|
||||
import static de.srsoftware.oidc.api.data.User.*;
|
||||
import static de.srsoftware.tools.Optionals.nullable;
|
||||
import static de.srsoftware.tools.Strings.uuid;
|
||||
import static de.srsoftware.tools.result.Error.error;
|
||||
import static java.lang.System.Logger.Level.*;
|
||||
import static java.time.temporal.ChronoUnit.SECONDS;
|
||||
import static java.util.Optional.empty;
|
||||
|
||||
import de.srsoftware.oidc.api.*;
|
||||
import de.srsoftware.oidc.api.data.*;
|
||||
import de.srsoftware.tools.Error;
|
||||
import de.srsoftware.tools.PasswordHasher;
|
||||
import de.srsoftware.tools.Payload;
|
||||
import de.srsoftware.tools.Result;
|
||||
import de.srsoftware.tools.result.*;
|
||||
import de.srsoftware.tools.result.Error;
|
||||
import jakarta.mail.Authenticator;
|
||||
import jakarta.mail.PasswordAuthentication;
|
||||
import java.io.File;
|
||||
@@ -181,13 +181,14 @@ public class FileStore implements AuthorizationService, ClientService, SessionSe
|
||||
|
||||
@Override
|
||||
public Result<User> login(String username, String password) {
|
||||
if (!json.has(USERS)) return Error.of(ERROR_LOGIN_FAILED);
|
||||
if (username == null || username.isBlank()) return Error.of(ERROR_NO_USERNAME);
|
||||
if (!json.has(USERS)) return error(ERROR_LOGIN_FAILED);
|
||||
if (username == null || username.isBlank()) return error(ERROR_NO_USERNAME);
|
||||
var optLock = getLock(username);
|
||||
if (optLock.isPresent()) {
|
||||
var lock = optLock.get();
|
||||
LOG.log(WARNING, "{0} is locked after {1} failed logins. Lock will be released at {2}", username, lock.attempts(), lock.releaseTime());
|
||||
return new Error<User>(ERROR_LOCKED).addData(ATTEMPTS, lock.attempts(), RELEASE, lock.releaseTime());
|
||||
Error<User> err = error(ERROR_LOCKED);
|
||||
return err.addData(ATTEMPTS, lock.attempts(), RELEASE, lock.releaseTime());
|
||||
}
|
||||
try {
|
||||
var users = json.getJSONObject(USERS);
|
||||
@@ -203,9 +204,10 @@ public class FileStore implements AuthorizationService, ClientService, SessionSe
|
||||
}
|
||||
var lock = lock(username);
|
||||
LOG.log(WARNING, "Login failed for {0} → locking account until {1}", username, lock.releaseTime());
|
||||
return new Error<User>(ERROR_LOGIN_FAILED).addData(RELEASE, lock.releaseTime());
|
||||
Error<User> err = error(ERROR_LOGIN_FAILED);
|
||||
return err.addData(RELEASE, lock.releaseTime());
|
||||
} catch (Exception e) {
|
||||
return Error.of(ERROR_LOGIN_FAILED);
|
||||
return error(ERROR_LOGIN_FAILED);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,8 +1,7 @@
|
||||
description = "SRSoftware OIDC: web module"
|
||||
|
||||
dependencies{
|
||||
implementation("de.srsoftware:tools.http:1.0.1")
|
||||
|
||||
implementation("de.srsoftware:tools.http:1.3.0")
|
||||
implementation(project(":de.srsoftware.oidc.api"))
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user