Skip to content

Commit

Permalink
Merge remote-tracking branch 'upstream/main'
Browse files Browse the repository at this point in the history
  • Loading branch information
nwoodward committed Oct 23, 2023
2 parents cc1041c + c58cc52 commit 53246b1
Show file tree
Hide file tree
Showing 11 changed files with 139 additions and 19 deletions.
4 changes: 2 additions & 2 deletions account-management-app/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,15 @@
<parent>
<groupId>org.duracloud</groupId>
<artifactId>duracloud-mc</artifactId>
<version>7.1.1</version>
<version>7.2.0</version>
<relativePath>../pom.xml</relativePath>
</parent>

<modelVersion>4.0.0</modelVersion>
<groupId>org.duracloud</groupId>
<artifactId>ama</artifactId>
<packaging>war</packaging>
<version>7.1.1</version>
<version>7.2.0</version>
<name>Account Management App</name>
<url>http://duraspace.org</url>

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,30 @@
*/
package org.duracloud.account.app.controller;

import java.io.IOException;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Set;

import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.io.IOUtils;
import org.apache.http.HttpStatus;
import org.apache.http.NameValuePair;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.duracloud.account.db.model.DuracloudUser;
import org.duracloud.account.db.model.Role;
import org.duracloud.account.db.util.DuracloudUserService;
import org.duracloud.account.util.UserFeedbackUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.servlet.ModelAndView;
Expand All @@ -30,6 +46,16 @@
public abstract class AbstractController {

protected Logger log = LoggerFactory.getLogger(AbstractController.class);

@Value("${recaptcha.enabled:false}")
private boolean recaptchaEnabled;

@Value("${recaptcha.siteKey:placeholderSiteKey}")
private String recaptchaSiteKey;

@Value("${recaptcha.secret:placeholderSecret}")
private String recaptchaSecret;

public static final String USERS_MAPPING = "/users";
public static final String USER_MAPPING = "/byid/{username:[a-z0-9.\\-_@]*}";

Expand Down Expand Up @@ -63,6 +89,20 @@ public Role getUserRole() {
return Role.ROLE_USER;
}

@ModelAttribute("recaptchaSiteKey")
public String getRecaptchaSiteKey() {
return recaptchaSiteKey;
}

@ModelAttribute("recaptchaEnabled")
protected boolean isRecaptchaEnabled() {
return recaptchaEnabled;
}

public String getRecaptchaSecret() {
return recaptchaSecret;
}

protected void setUserRights(DuracloudUserService userService,
Long accountId, Long userId, Role role) {
Set<Role> roles = role.getRoleHierarchy();
Expand Down Expand Up @@ -136,4 +176,29 @@ protected void setFailureFeedback(String message, RedirectAttributes redirectAtt
UserFeedbackUtil.addFailureFlash(message, redirectAttributes);
}

protected boolean validateRecaptcha(final String recaptchaResponse) throws IOException {
log.info("recaptcha response from form = {}", recaptchaResponse);
boolean success = false;
final HttpPost httpPost = new HttpPost("https://www.google.com/recaptcha/api/siteverify");
final List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new BasicNameValuePair("response", recaptchaResponse));
params.add(new BasicNameValuePair("secret", getRecaptchaSecret()));
httpPost.setEntity(new UrlEncodedFormEntity(params));

try (CloseableHttpClient client = HttpClients.createDefault();
CloseableHttpResponse response = (CloseableHttpResponse) client
.execute(httpPost)) {
var statusLine = response.getStatusLine();
log.info("http status from recaptcha = {}", statusLine.toString());
var jsonStr = IOUtils.toString(response.getEntity().getContent(), Charset.defaultCharset());
log.info("http response body from recaptcha = {}", jsonStr);
final int statusCode = statusLine.getStatusCode();
if (statusCode == HttpStatus.SC_OK) {
var map = new ObjectMapper().readValue(jsonStr, Map.class);
success = (boolean) map.get("success");

}
}
return success;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,14 @@ public class NewUserForm {
private String securityAnswer;

private String redemptionCode;
private String recaptchaResponse;
public String getRecaptchaResponse() {
return recaptchaResponse;
}

public void setRecaptchaResponse(String recaptchaResponse) {
this.recaptchaResponse = recaptchaResponse;
}

public String getUsername() {
return username;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -453,6 +453,14 @@ public ModelAndView add(@ModelAttribute(NEW_USER_FORM_KEY) @Valid NewUserForm ne
return new ModelAndView(NEW_USER_VIEW, model.asMap());
}

if (isRecaptchaEnabled()) {
var recaptchaResponse = newUserForm.getRecaptchaResponse();
final boolean recaptchaIsValid = validateRecaptcha(recaptchaResponse);
if (!recaptchaIsValid) {
return new ModelAndView(NEW_USER_VIEW, model.asMap());
}
}

DuracloudUser user = this.userService.createNewUser(newUserForm.getUsername(),
newUserForm.getPassword(),
newUserForm.getFirstName(),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,47 @@
<tiles:putAttribute
name="title"
value="New User Signup" />

<tiles:putAttribute
name="header-extensions">
<c:choose>
<c:when test="${recaptchaEnabled}">
<script src="https://www.google.com/recaptcha/api.js?render=${recaptchaSiteKey}"><!-- comment --></script>
<script>
$(function() {
(function() {
var test = "test";
$("input").bind("keypress", function (e) {
if (e.keyCode == 13) {
return false;
}
});

$("#create-user-button").click(function(e) {
e.preventDefault();
grecaptcha.ready(function() {
grecaptcha.execute('${recaptchaSiteKey}', {action: 'submit'}).then(function(token) {
$("#recaptcha-response").val(token)
document.forms["new-user-form"].submit();
});
});
});
})();
});
</script>
</c:when>
<c:otherwise>
<script>
$(function() {
(function() {
$("#create-user-button").click(function(e) {
e.preventDefault();
document.forms["new-user-form"].submit();
});
})();
});
</script>
</c:otherwise>
</c:choose>
</tiles:putAttribute>

<tiles:putAttribute
Expand Down Expand Up @@ -203,13 +241,14 @@
<td align="right">
<button
id="create-user-button"
class="save"
type="submit">Create Profile</button>
class="save g-recaptcha"
type="button">Create Profile</button>
<a
class="button"
id="cancel-button"
href="${pageContext.request.contextPath}">
Cancel</a>
<form:hidden path="recaptchaResponse" id="recaptcha-response"/>
</td>
</tr>

Expand Down
4 changes: 2 additions & 2 deletions account-management-common/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,14 @@
<parent>
<groupId>org.duracloud</groupId>
<artifactId>duracloud-mc</artifactId>
<version>7.1.1</version>
<version>7.2.0</version>
<relativePath>../pom.xml</relativePath>
</parent>

<modelVersion>4.0.0</modelVersion>
<groupId>org.duracloud</groupId>
<artifactId>account-management-common</artifactId>
<version>7.1.1</version>
<version>7.2.0</version>
<name>Account Management Common</name>

<!-- Dependencies -->
Expand Down
4 changes: 2 additions & 2 deletions account-management-db-util/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,15 @@
<parent>
<groupId>org.duracloud</groupId>
<artifactId>duracloud-mc</artifactId>
<version>7.1.1</version>
<version>7.2.0</version>
<relativePath>../pom.xml</relativePath>
</parent>

<modelVersion>4.0.0</modelVersion>
<groupId>org.duracloud</groupId>
<artifactId>account-management-db-util</artifactId>
<packaging>jar</packaging>
<version>7.1.1</version>
<version>7.2.0</version>
<name>Account Management Database Utility</name>

<build>
Expand Down
4 changes: 2 additions & 2 deletions account-management-monitor/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,15 @@
<parent>
<groupId>org.duracloud</groupId>
<artifactId>duracloud-mc</artifactId>
<version>7.1.1</version>
<version>7.2.0</version>
<relativePath>../pom.xml</relativePath>
</parent>

<modelVersion>4.0.0</modelVersion>
<groupId>org.duracloud</groupId>
<artifactId>account-management-monitor</artifactId>
<packaging>jar</packaging>
<version>7.1.1</version>
<version>7.2.0</version>
<name>Account Management Monitor</name>

<build>
Expand Down
4 changes: 2 additions & 2 deletions account-management-security/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,14 @@
<parent>
<artifactId>duracloud-mc</artifactId>
<groupId>org.duracloud</groupId>
<version>7.1.1</version>
<version>7.2.0</version>
<relativePath>../pom.xml</relativePath>
</parent>

<modelVersion>4.0.0</modelVersion>
<groupId>org.duracloud</groupId>
<artifactId>account-management-security</artifactId>
<version>7.1.1</version>
<version>7.2.0</version>
<packaging>jar</packaging>
<name>Account Management Security</name>

Expand Down
4 changes: 2 additions & 2 deletions account-management-util/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,15 @@
<parent>
<groupId>org.duracloud</groupId>
<artifactId>duracloud-mc</artifactId>
<version>7.1.1</version>
<version>7.2.0</version>
<relativePath>../pom.xml</relativePath>
</parent>

<modelVersion>4.0.0</modelVersion>
<groupId>org.duracloud</groupId>
<artifactId>account-management-util</artifactId>
<packaging>jar</packaging>
<version>7.1.1</version>
<version>7.2.0</version>
<name>Account Management Datastore Access Utilities</name>

<dependencies>
Expand Down
8 changes: 4 additions & 4 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
<groupId>org.duracloud</groupId>
<artifactId>duracloud-mc</artifactId>
<packaging>pom</packaging>
<version>7.1.1</version>
<version>7.2.0</version>
<name>DuraCloud Management Console</name>
<description>Management console for the DuraCloud service</description>
<url>https://duracloud.org</url>
Expand Down Expand Up @@ -330,7 +330,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>2.3</version>
<version>3.3.2</version>
<configuration>
<warName>${project.artifactId}-${project.version}</warName>
<webResources>
Expand Down Expand Up @@ -361,7 +361,7 @@
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<version>2.3.4</version>
<version>5.1.8</version>
<extensions>true</extensions>

<executions>
Expand Down Expand Up @@ -635,7 +635,7 @@
<dependency>
<groupId>com.thoughtworks.xstream</groupId>
<artifactId>xstream</artifactId>
<version>1.4.18</version>
<version>1.4.19</version>
</dependency>

<dependency>
Expand Down

0 comments on commit 53246b1

Please sign in to comment.