init sonar

This commit is contained in:
Anthony Stirling 2024-06-02 11:42:30 +01:00
parent 995de6abc3
commit c4a620e3f5
4 changed files with 24 additions and 17 deletions

View file

@ -10,7 +10,7 @@ import io.github.pixee.security.SystemCommand;
public class LibreOfficeListener { public class LibreOfficeListener {
private static final long ACTIVITY_TIMEOUT = 20 * 60 * 1000; // 20 minutes private static final long ACTIVITY_TIMEOUT = 20L * 60 * 1000; // 20 minutes
private static final LibreOfficeListener INSTANCE = new LibreOfficeListener(); private static final LibreOfficeListener INSTANCE = new LibreOfficeListener();
private static final int LISTENER_PORT = 2002; private static final int LISTENER_PORT = 2002;
@ -29,11 +29,11 @@ public class LibreOfficeListener {
private boolean isListenerRunning() { private boolean isListenerRunning() {
try { try {
System.out.println("waiting for listener to start"); System.out.println("waiting for listener to start");
Socket socket = new Socket(); try (Socket socket = new Socket()) {
socket.connect( socket.connect(
new InetSocketAddress("localhost", 2002), 1000); // Timeout after 1 second new InetSocketAddress("localhost", 2002), 1000); // Timeout after 1 second
socket.close(); return true;
return true; }
} catch (IOException e) { } catch (IOException e) {
return false; return false;
} }
@ -63,6 +63,7 @@ public class LibreOfficeListener {
try { try {
Thread.sleep(5000); // Check for inactivity every 5 seconds Thread.sleep(5000); // Check for inactivity every 5 seconds
} catch (InterruptedException e) { } catch (InterruptedException e) {
Thread.currentThread().interrupt();
break; break;
} }
} }
@ -80,7 +81,7 @@ public class LibreOfficeListener {
try { try {
Thread.sleep(1000); Thread.sleep(1000);
} catch (InterruptedException e) { } catch (InterruptedException e) {
// TODO Auto-generated catch block Thread.currentThread().interrupt();
e.printStackTrace(); e.printStackTrace();
} // Check every 1 second } // Check every 1 second
} }

View file

@ -47,12 +47,14 @@ public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationF
response.sendRedirect("/login?error=oauth2AuthenticationError"); response.sendRedirect("/login?error=oauth2AuthenticationError");
return; return;
} }
String username = request.getParameter("username"); String username = request.getParameter("username");
if (username != null && !isDemoUser(username)) { Optional<User> optUser = userService.findByUsernameIgnoreCase(username);
if (username != null && optUser.isPresent() && !isDemoUser(optUser) ) {
logger.info( logger.info(
"Remaining attempts for user {}: {}", "Remaining attempts for user {}: {}",
username, optUser.get().getUsername(),
loginAttemptService.getRemainingAttempts(username)); loginAttemptService.getRemainingAttempts(username));
loginAttemptService.loginFailed(username); loginAttemptService.loginFailed(username);
if (loginAttemptService.isBlocked(username) if (loginAttemptService.isBlocked(username)
@ -70,8 +72,7 @@ public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationF
super.onAuthenticationFailure(request, response, exception); super.onAuthenticationFailure(request, response, exception);
} }
private boolean isDemoUser(String username) { private boolean isDemoUser(Optional<User> user) {
Optional<User> user = userService.findByUsernameIgnoreCase(username);
return user.isPresent() return user.isPresent()
&& user.get().getAuthorities().stream() && user.get().getAuthorities().stream()
.anyMatch(authority -> "ROLE_DEMO_USER".equals(authority.getAuthority())); .anyMatch(authority -> "ROLE_DEMO_USER".equals(authority.getAuthority()));

View file

@ -33,7 +33,6 @@ public class LoginAttemptService {
} }
public void loginSucceeded(String key) { public void loginSucceeded(String key) {
logger.info(key + " " + attemptsCache.mappingCount());
if (key == null || key.trim().isEmpty()) { if (key == null || key.trim().isEmpty()) {
return; return;
} }

View file

@ -60,13 +60,13 @@ public class CustomOAuth2LogoutSuccessHandler extends SimpleUrlLogoutSuccessHand
issuer = oauth.getIssuer(); issuer = oauth.getIssuer();
clientId = oauth.getClientId(); clientId = oauth.getClientId();
} }
String errorMessage = "";
if (request.getParameter("oauth2AuthenticationErrorWeb") != null) { if (request.getParameter("oauth2AuthenticationErrorWeb") != null) {
param = "erroroauth=oauth2AuthenticationErrorWeb"; param = "erroroauth=oauth2AuthenticationErrorWeb";
} else if (request.getParameter("error") != null) { } else if ((errorMessage = request.getParameter("error")) != null) {
param = "error=" + request.getParameter("error"); param = "error=" + sanitizeInput(errorMessage);
} else if (request.getParameter("erroroauth") != null) { } else if ((errorMessage = request.getParameter("erroroauth")) != null) {
param = "erroroauth=" + request.getParameter("erroroauth"); param = "erroroauth=" + sanitizeInput(errorMessage);
} else if (request.getParameter("oauth2AutoCreateDisabled") != null) { } else if (request.getParameter("oauth2AutoCreateDisabled") != null) {
param = "error=oauth2AutoCreateDisabled"; param = "error=oauth2AutoCreateDisabled";
} }
@ -115,4 +115,10 @@ public class CustomOAuth2LogoutSuccessHandler extends SimpleUrlLogoutSuccessHand
break; break;
} }
} }
private String sanitizeInput(String input) {
return input.replaceAll("[^a-zA-Z0-9 ]", "");
}
} }