encrypted message test

This commit is contained in:
Rohan Sircar 2019-09-27 20:42:27 +05:30
parent b65237d9eb
commit 216c429e1f
5 changed files with 94 additions and 5 deletions

View File

@ -4,13 +4,13 @@ import org.ros.chatto.security.MyUserDetailsService;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider; import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@ -42,22 +42,27 @@ public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override @Override
protected void configure(HttpSecurity httpSecurity) throws Exception { protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity.authorizeRequests() httpSecurity.authorizeRequests()
.antMatchers(HttpMethod.POST, "/api/**").permitAll()
.antMatchers("/","/login*","/registration","/perform_registration","/css/**", "/js/**", "/images/**").permitAll() .antMatchers("/","/login*","/registration","/perform_registration","/css/**", "/js/**", "/images/**").permitAll()
// .antMatchers("/","/api**","/api/**","/login*","/registration","/perform_registration","/css/**", "/js/**", "/images/**").permitAll()
.antMatchers("/user/**").hasAnyRole("USER", "ADMIN","SUPER_USER") .antMatchers("/user/**").hasAnyRole("USER", "ADMIN","SUPER_USER")
.antMatchers("/admin/**","/api/**").hasAnyRole("ADMIN","SUPER_USER") .antMatchers("/admin/**").hasAnyRole("ADMIN","SUPER_USER")
.anyRequest() .anyRequest()
.authenticated() .authenticated()
.and() .and()
.formLogin() .formLogin()
// .loginPage("/login").permitAll() // .loginPage("/login").permitAll()
.loginProcessingUrl("/perform_login") .loginProcessingUrl("/perform_login")
.successHandler(authenticationSuccessHandler) // .successHandler(authenticationSuccessHandler)
.failureUrl("/?login_error") .failureUrl("/?login_error")
.and() .and()
.logout().invalidateHttpSession(true) .logout().invalidateHttpSession(true)
.clearAuthentication(true) .clearAuthentication(true)
.logoutRequestMatcher(new AntPathRequestMatcher("/perform_logout")) .logoutRequestMatcher(new AntPathRequestMatcher("/perform_logout"))
.logoutSuccessUrl("/").permitAll();; .logoutSuccessUrl("/").permitAll()
.and().cors().and().csrf().disable();

View File

@ -2,16 +2,22 @@ package org.ros.chatto.controller;
import org.ros.chatto.repository.UserRepositoryCustom; import org.ros.chatto.repository.UserRepositoryCustom;
import org.ros.chatto.repository.UserRoleRepository; import org.ros.chatto.repository.UserRoleRepository;
import org.ros.chatto.repository.MessageCipherRepository;
import org.ros.chatto.repository.RoleRepository; import org.ros.chatto.repository.RoleRepository;
import org.ros.chatto.repository.UserRepository; import org.ros.chatto.repository.UserRepository;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController; import org.springframework.web.bind.annotation.RestController;
import java.util.List; import java.util.List;
import org.ros.chatto.model.ChatUser; import org.ros.chatto.model.ChatUser;
import org.ros.chatto.model.MessageCipher;
import org.ros.chatto.model.UserRole; import org.ros.chatto.model.UserRole;
@RestController @RestController
@ -26,6 +32,8 @@ public class DemoRestController {
RoleRepository roleRepository; RoleRepository roleRepository;
@Autowired @Autowired
UserRoleRepository userRoleRepository; UserRoleRepository userRoleRepository;
@Autowired
MessageCipherRepository messageCipherRepository;
@GetMapping("/users") @GetMapping("/users")
public List<ChatUser> getAllUsers() { public List<ChatUser> getAllUsers() {
@ -48,4 +56,29 @@ public class DemoRestController {
return userRoleRepository.findAll(); return userRoleRepository.findAll();
} }
@GetMapping("/messages")
public List<MessageCipher> getAllCiphers()
{
return messageCipherRepository.findAll();
}
// @RequestMapping(value = "/", method = RequestMethod.POST)
// public ResponseEntity<Car> update(@RequestBody Car car) {
//
// if (car != null) {
// car.setMiles(car.getMiles() + 100);
// }
//
// // TODO: call persistence layer to update
// return new ResponseEntity<Car>(car, HttpStatus.OK);
// }
@PostMapping(value="/post-message", consumes = {"application/json"})
public ResponseEntity<MessageCipher> postMessage(@RequestBody MessageCipher messageCipher)
{
System.out.println("Message cipher = " + messageCipher);
messageCipherRepository.save(messageCipher);
return new ResponseEntity<MessageCipher>(HttpStatus.OK);
}
} }

View File

@ -14,7 +14,6 @@ import javax.persistence.Temporal;
import javax.persistence.TemporalType; import javax.persistence.TemporalType;
import lombok.Data; import lombok.Data;
import net.bytebuddy.asm.Advice.This;
@Data @Data
@Entity @Entity

View File

@ -0,0 +1,42 @@
package org.ros.chatto.model;
import javax.persistence.Entity;
import javax.persistence.EntityListeners;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
import org.springframework.data.jpa.domain.support.AuditingEntityListener;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.Data;
/*Object { iv: "2rtnuXaJXFuQGO9ncaVkmA==", v: 1, iter: 10000, ks: 128, ts: 64, mode: "ccm", adata: "", cipher: "aes", salt: "H1z7o3f6qlQ=", ct: "lF9Uno7ihjVv01M8" }
this is what the json will look like*/
@Data
@Entity
@Table(name = "message_ciphers")
@EntityListeners(AuditingEntityListener.class)
@JsonIgnoreProperties(value = { "id"}, allowGetters = false)
public class MessageCipher {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private int id;
private String iv;
private int v;
@JsonProperty("iter")
private int iterations;
@JsonProperty("ks")
private int keySize;
@JsonProperty("ts")
private int tagSize;
private String mode;
private String adata;
private String cipher;
private String salt;
@JsonProperty("ct")
private String cipherText;
}

View File

@ -0,0 +1,10 @@
package org.ros.chatto.repository;
import org.ros.chatto.model.MessageCipher;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository;
@Repository
public interface MessageCipherRepository extends JpaRepository<MessageCipher, Long>{
}