-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add some Baeldung to it! (1 test failing)
Added some Spring Security stuff. Gonna try and trim down the POM when I can. Article I nabbed stuff from: https://www.baeldung.com/securing-a-restful-web-service-with-spring-security The repo that has the source for these classes is linked to by the article. Signed-off-by: Ryan Cloherty <rcloherty@rocketsoftware.com>
- Loading branch information
Ryan Cloherty
committed
Aug 29, 2019
1 parent
907926c
commit e3398a9
Showing
122 changed files
with
13,136 additions
and
189 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
85 changes: 85 additions & 0 deletions
85
src/main/java/io/github/incplusplus/thermostat/captcha/CaptchaService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
package io.github.incplusplus.thermostat.captcha; | ||
|
||
import io.github.incplusplus.thermostat.web.error.ReCaptchaInvalidException; | ||
import io.github.incplusplus.thermostat.web.error.ReCaptchaUnavailableException; | ||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
import org.springframework.beans.factory.annotation.Autowired; | ||
import org.springframework.stereotype.Service; | ||
import org.springframework.util.StringUtils; | ||
import org.springframework.web.client.RestClientException; | ||
import org.springframework.web.client.RestOperations; | ||
|
||
import javax.servlet.http.HttpServletRequest; | ||
import java.net.URI; | ||
import java.util.regex.Pattern; | ||
|
||
@Service("captchaService") | ||
public class CaptchaService implements ICaptchaService { | ||
private final static Logger LOGGER = LoggerFactory.getLogger(CaptchaService.class); | ||
|
||
@Autowired | ||
private HttpServletRequest request; | ||
|
||
@Autowired | ||
private CaptchaSettings captchaSettings; | ||
|
||
@Autowired | ||
private ReCaptchaAttemptService reCaptchaAttemptService; | ||
|
||
@Autowired | ||
private RestOperations restTemplate; | ||
|
||
private static final Pattern RESPONSE_PATTERN = Pattern.compile("[A-Za-z0-9_-]+"); | ||
|
||
@Override | ||
public void processResponse(final String response) { | ||
LOGGER.debug("Attempting to validate response {}", response); | ||
|
||
if (reCaptchaAttemptService.isBlocked(getClientIP())) { | ||
throw new ReCaptchaInvalidException("Client exceeded maximum number of failed attempts"); | ||
} | ||
|
||
if (!responseSanityCheck(response)) { | ||
throw new ReCaptchaInvalidException("Response contains invalid characters"); | ||
} | ||
|
||
final URI verifyUri = URI.create(String.format("https://www.google.com/recaptcha/api/siteverify?secret=%s&response=%s&remoteip=%s", getReCaptchaSecret(), response, getClientIP())); | ||
try { | ||
final GoogleResponse googleResponse = restTemplate.getForObject(verifyUri, GoogleResponse.class); | ||
LOGGER.debug("Google's response: {} ", googleResponse.toString()); | ||
|
||
if (!googleResponse.isSuccess()) { | ||
if (googleResponse.hasClientError()) { | ||
reCaptchaAttemptService.reCaptchaFailed(getClientIP()); | ||
} | ||
throw new ReCaptchaInvalidException("reCaptcha was not successfully validated"); | ||
} | ||
} catch (RestClientException rce) { | ||
throw new ReCaptchaUnavailableException("Registration unavailable at this time. Please try again later.", rce); | ||
} | ||
reCaptchaAttemptService.reCaptchaSucceeded(getClientIP()); | ||
} | ||
|
||
private boolean responseSanityCheck(final String response) { | ||
return StringUtils.hasLength(response) && RESPONSE_PATTERN.matcher(response).matches(); | ||
} | ||
|
||
@Override | ||
public String getReCaptchaSite() { | ||
return captchaSettings.getSite(); | ||
} | ||
|
||
@Override | ||
public String getReCaptchaSecret() { | ||
return captchaSettings.getSecret(); | ||
} | ||
|
||
private String getClientIP() { | ||
final String xfHeader = request.getHeader("X-Forwarded-For"); | ||
if (xfHeader == null) { | ||
return request.getRemoteAddr(); | ||
} | ||
return xfHeader.split(",")[0]; | ||
} | ||
} |
31 changes: 31 additions & 0 deletions
31
src/main/java/io/github/incplusplus/thermostat/captcha/CaptchaSettings.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
package io.github.incplusplus.thermostat.captcha; | ||
|
||
import org.springframework.boot.context.properties.ConfigurationProperties; | ||
import org.springframework.stereotype.Component; | ||
|
||
@Component | ||
@ConfigurationProperties(prefix = "google.recaptcha.key") | ||
public class CaptchaSettings { | ||
|
||
private String site; | ||
private String secret; | ||
|
||
public CaptchaSettings() { | ||
} | ||
|
||
public String getSite() { | ||
return site; | ||
} | ||
|
||
public void setSite(String site) { | ||
this.site = site; | ||
} | ||
|
||
public String getSecret() { | ||
return secret; | ||
} | ||
|
||
public void setSecret(String secret) { | ||
this.secret = secret; | ||
} | ||
} |
Oops, something went wrong.