Add some Baeldung to it! (1 test failing)

Added some Spring Security stuff. Gonna try and trim down the POM when I can. Article I nabbed stuff from: https://www.baeldung.com/securing-a-restful-web-service-with-spring-security The repo that has the source for these classes is linked to by the article. Signed-off-by: Ryan Cloherty <rcloherty@rocketsoftware.com>
IncPlusPlus · Aug 29, 2019 · e3398a9 · e3398a9
1 parent 907926c
commit e3398a9
Show file tree

Hide file tree

Showing 122 changed files with 13,136 additions and 189 deletions.
diff --git a/pom.xml b/pom.xml
@@ -9,12 +9,19 @@
     <version>1.0-SNAPSHOT</version>
 
     <properties>
-        <java.version>11</java.version>
-        <maven.compiler.source>11</maven.compiler.source>
-        <maven.compiler.target>11</maven.compiler.target>
+<!--        <java.version>11</java.version>-->
+<!--        <maven.compiler.source>11</maven.compiler.source>-->
+<!--        <maven.compiler.target>11</maven.compiler.target>-->
+        <maven.compiler.verbose>true</maven.compiler.verbose>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     </properties>
 
+    <parent>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-parent</artifactId>
+        <version>2.0.4.RELEASE</version>
+    </parent>
+
     <repositories>
         <repository>
             <id>JFrog</id>
@@ -27,56 +34,36 @@
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-data-mongodb</artifactId>
-            <version>2.1.6.RELEASE</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-security</artifactId>
-            <version>RELEASE</version>
-            <scope>compile</scope>
+            <artifactId>spring-boot-test-autoconfigure</artifactId>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-web</artifactId>
-            <version>2.1.6.RELEASE</version>
+            <artifactId>spring-boot-starter-security</artifactId>
+            <scope>compile</scope>
         </dependency>
         <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-actuator</artifactId>
-            <version>2.1.6.RELEASE</version>
+            <groupId>org.thymeleaf.extras</groupId>
+            <artifactId>thymeleaf-extras-springsecurity4</artifactId>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-test</artifactId>
-            <version>2.1.6.RELEASE</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>junit</groupId>
-            <artifactId>junit</artifactId>
-            <version>4.12</version>
+            <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-test</artifactId>
-            <version>2.1.6.RELEASE</version>
+            <artifactId>spring-boot-starter-mail</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.springframework</groupId>
-            <artifactId>spring-test</artifactId>
-            <version>5.1.8.RELEASE</version>
-        </dependency>
-        <dependency>
-            <groupId>org.assertj</groupId>
-            <artifactId>assertj-core</artifactId>
-            <version>3.12.2</version>
-            <scope>compile</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.data</groupId>
-            <artifactId>spring-data-mongodb</artifactId>
-            <version>2.1.9.RELEASE</version>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-thymeleaf</artifactId>
         </dependency>
+<!--        <dependency>-->
+<!--            <groupId>org.springframework.boot</groupId>-->
+<!--            <artifactId>spring-boot-starter-actuator</artifactId>-->
+<!--        </dependency>-->
         <dependency>
             <groupId>io.springfox</groupId>
             <artifactId>springfox-swagger2</artifactId>
@@ -92,6 +79,68 @@
             <artifactId>springfox-data-rest</artifactId>
             <version>3.0.0-SNAPSHOT</version>
         </dependency>
+        <dependency>
+            <groupId>org.jboss.aerogear</groupId>
+            <artifactId>aerogear-otp-java</artifactId>
+            <version>1.0.0</version>
+        </dependency>
+        <dependency>
+            <groupId>com.maxmind.geoip2</groupId>
+            <artifactId>geoip2</artifactId>
+            <version>2.12.0</version>
+        </dependency>
+        <dependency>
+            <groupId>com.google.guava</groupId>
+            <artifactId>guava</artifactId>
+            <version>28.0-jre</version>
+        </dependency>
+        <dependency>
+            <groupId>com.github.ua-parser</groupId>
+            <artifactId>uap-java</artifactId>
+            <version>1.4.3</version>
+        </dependency>
+        <dependency>
+            <groupId>org.passay</groupId>
+            <artifactId>passay</artifactId>
+            <version>1.5.0</version>
+        </dependency>
+        <dependency>
+            <groupId>nz.net.ultraq.thymeleaf</groupId>
+            <artifactId>thymeleaf-layout-dialect</artifactId>
+        </dependency>
+
+
+        <!-- test -->
+
+        <dependency>
+            <groupId>de.flapdoodle.embed</groupId>
+            <artifactId>de.flapdoodle.embed.mongo</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>io.rest-assured</groupId>
+            <artifactId>rest-assured</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>net.logstash.logback</groupId>
+            <artifactId>logstash-logback-encoder</artifactId>
+            <version>4.8</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-configuration-processor</artifactId>
+            <optional>true</optional>
+        </dependency>
+<!--        <dependency>-->
+<!--            <groupId>nz.net.ultraq.thymeleaf</groupId>-->
+<!--            <artifactId>thymeleaf-layout-dialect</artifactId>-->
+<!--        </dependency>-->
     </dependencies>
 
 
@@ -112,7 +161,7 @@
             <plugin>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>
-                <version>2.1.6.RELEASE</version>
+                <version>2.1.7.RELEASE</version>
             </plugin>
         </plugins>
     </build>

diff --git a/src/main/java/io/github/incplusplus/thermostat/Application.java b/src/main/java/io/github/incplusplus/thermostat/Application.java
@@ -4,9 +4,11 @@
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.AutoConfigurationPackage;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.context.annotation.Bean;
 
+@AutoConfigurationPackage
 @SpringBootApplication
 public class Application
 {

diff --git a/src/main/java/io/github/incplusplus/thermostat/captcha/CaptchaService.java b/src/main/java/io/github/incplusplus/thermostat/captcha/CaptchaService.java
@@ -0,0 +1,85 @@
+package io.github.incplusplus.thermostat.captcha;
+
+import io.github.incplusplus.thermostat.web.error.ReCaptchaInvalidException;
+import io.github.incplusplus.thermostat.web.error.ReCaptchaUnavailableException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.util.StringUtils;
+import org.springframework.web.client.RestClientException;
+import org.springframework.web.client.RestOperations;
+
+import javax.servlet.http.HttpServletRequest;
+import java.net.URI;
+import java.util.regex.Pattern;
+
+@Service("captchaService")
+public class CaptchaService implements ICaptchaService {
+    private final static Logger LOGGER = LoggerFactory.getLogger(CaptchaService.class);
+
+    @Autowired
+    private HttpServletRequest request;
+
+    @Autowired
+    private CaptchaSettings captchaSettings;
+
+    @Autowired
+    private ReCaptchaAttemptService reCaptchaAttemptService;
+
+    @Autowired
+    private RestOperations restTemplate;
+
+    private static final Pattern RESPONSE_PATTERN = Pattern.compile("[A-Za-z0-9_-]+");
+
+    @Override
+    public void processResponse(final String response) {
+        LOGGER.debug("Attempting to validate response {}", response);
+
+        if (reCaptchaAttemptService.isBlocked(getClientIP())) {
+            throw new ReCaptchaInvalidException("Client exceeded maximum number of failed attempts");
+        }
+
+        if (!responseSanityCheck(response)) {
+            throw new ReCaptchaInvalidException("Response contains invalid characters");
+        }
+
+        final URI verifyUri = URI.create(String.format("https://www.google.com/recaptcha/api/siteverify?secret=%s&response=%s&remoteip=%s", getReCaptchaSecret(), response, getClientIP()));
+        try {
+            final GoogleResponse googleResponse = restTemplate.getForObject(verifyUri, GoogleResponse.class);
+            LOGGER.debug("Google's response: {} ", googleResponse.toString());
+
+            if (!googleResponse.isSuccess()) {
+                if (googleResponse.hasClientError()) {
+                    reCaptchaAttemptService.reCaptchaFailed(getClientIP());
+                }
+                throw new ReCaptchaInvalidException("reCaptcha was not successfully validated");
+            }
+        } catch (RestClientException rce) {
+            throw new ReCaptchaUnavailableException("Registration unavailable at this time.  Please try again later.", rce);
+        }
+        reCaptchaAttemptService.reCaptchaSucceeded(getClientIP());
+    }
+
+    private boolean responseSanityCheck(final String response) {
+        return StringUtils.hasLength(response) && RESPONSE_PATTERN.matcher(response).matches();
+    }
+
+    @Override
+    public String getReCaptchaSite() {
+        return captchaSettings.getSite();
+    }
+
+    @Override
+    public String getReCaptchaSecret() {
+        return captchaSettings.getSecret();
+    }
+
+    private String getClientIP() {
+        final String xfHeader = request.getHeader("X-Forwarded-For");
+        if (xfHeader == null) {
+            return request.getRemoteAddr();
+        }
+        return xfHeader.split(",")[0];
+    }
+}
diff --git a/src/main/java/io/github/incplusplus/thermostat/captcha/CaptchaSettings.java b/src/main/java/io/github/incplusplus/thermostat/captcha/CaptchaSettings.java
@@ -0,0 +1,31 @@
+package io.github.incplusplus.thermostat.captcha;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+@Component
+@ConfigurationProperties(prefix = "google.recaptcha.key")
+public class CaptchaSettings {
+
+    private String site;
+    private String secret;
+
+    public CaptchaSettings() {
+    }
+
+    public String getSite() {
+        return site;
+    }
+
+    public void setSite(String site) {
+        this.site = site;
+    }
+
+    public String getSecret() {
+        return secret;
+    }
+
+    public void setSecret(String secret) {
+        this.secret = secret;
+    }
+}