Adding RestSecure features

.gitignore

@@ -15,9 +15,11 @@ SXPManager.xml
 /bootstrap.xml
 /build/
 .peer*
-.db-8081/*
+.db*
 src/main/javascript/client/SXP*
-derby.system.home
 /logs/
-derby.log
 /simpleDb/
+src/main/js/SXP-linux-x64/
+src/main/js/node_modules/
+certConfig.conf
+keystore.jks

.gitlab-ci.yml

@@ -2,19 +2,59 @@ stages:
     - build
     - test
 
-test:
+# caching per branch
+# To avoid to dl gradle each time
+cache:
+  key: "$CI_BUILD_REF_NAME"
+  paths:
+    - .gradle
+    - build
+    - config.properties
+
+# caching apt
+# To avoid to dl everything each time
+cache:
+  key: "apt-cache"
+  paths:
+    - apt-cache
+
+before_script:
+  - export APT_CACHE_DIR=`pwd`/apt-cache && mkdir -pv $APT_CACHE_DIR
+  - apt-get update -yq && apt-get -o dir::cache::archives="$APT_CACHE_DIR" install -y openjdk-8-jdk git
+
+# Main build 
+build: 
+  stage: build
   image: ubuntu:16.04
   tags:
     - docker 
   script:
-    - "apt-get update"
-    - "apt-get -y install openjdk-8-jdk"
     - ./gradlew assemble
-    - ./gradlew check
+
+
+ # Tests
+tests:
+  stage: test
+  image: ubuntu:16.04
+  tags:
+    - docker 
+  dependencies:
+    - build
+  script:
     - ./gradlew test    
-    - "cat build/reports/jacoco/test/html/index.html"
+  artifacts:
+    paths:
+      # Tests coverage report
+      - build/reports/jacoco/merge/html/index.html
+      # Unit test result
+      - build/reports/tests/test/index.html
+    expire_in: 8d
+  except:
+    - master
+
 
 #selenium:
+#  stage: test
 #  image: selenium/standalone-firefox
 #  tags:
 #    - docker 

.travis.yml

@@ -0,0 +1,11 @@
+language: java
+
+before_install:
+  - sudo apt-get update -qq
+  - sudo apt-get install default-jdk 
+
+script: ./gradlew test
+
+branches:
+    only:
+        - master

build.gradle

@@ -113,12 +113,15 @@ tasks.withType(Test) {
 }
 
 dependencies {
+	compile 'org.eclipse.jetty:jetty-webapp:9.3.13.M0'
 	compile 'org.hibernate:hibernate-validator:5.2.4.Final'
 
 	compile 'org.apache.logging.log4j:log4j-api:2.1'
   	compile 'org.apache.logging.log4j:log4j-core:2.1'
   	compile 'org.apache.logging.log4j:log4j-1.2-api:2.1'
   	compile 'org.apache.logging.log4j:log4j-web:2.5'
+    compile 'org.eclipse.jetty:jetty-util:9.2'
+
 
 	compile 'org.apache.commons:commons-collections4:4.0'
 	compile 'org.eclipse.jetty:jetty-server:9.2.3.v20140905'
@@ -137,6 +140,7 @@ dependencies {
 	compile 'org.jdom:jdom2:2.0.6'
 	compile fileTree(dir: './libs', include: '*.jar')
 	compile 'com.google.guava:guava:19.0'
+	compile 'org.shredzone.acme4j:acme4j-utils:0.8'
 	compile 'com.fasterxml.jackson.core:jackson-databind:2.6.3'
 	testCompile 'org.apache.commons:commons-lang3:3.1'
 	testCompile fileTree(dir: './libs', include: 'loremipsum-1.0.jar')
@@ -145,7 +149,10 @@ dependencies {
     testCompile group: 'org.json', name: 'json', version: '20160810'
     seleniumCompile group: 'org.seleniumhq.selenium', name: 'selenium-java', version: '3.0.1'
 }
-
+configurations.all {
+    exclude group: "log4j", module: "log4j"
+  }
+
 [compileJava, compileTestJava]*.options.collect {options -> 
 options.encoding = 'UTF-8'} 
 
@@ -167,4 +174,5 @@ task libs(type: Sync) {
 build.finalizedBy(libs)
 
 //Define jacoco report tasks
-test.finalizedBy(jacocoTestReport)
+test.finalizedBy(jacocoTestReport)
+

src/main/java/controller/Application.java

@@ -9,6 +9,8 @@
 import rest.factories.AuthentifierFactory;
 import rest.factories.RestServerFactory;
 
+import crypt.impl.certificate.X509V3Generator;
+
 /**
  * Main class
  * {@link Application} is a singleton
@@ -19,24 +21,24 @@ public class Application {
 	private static Application instance = null;
 	private Peer peer;
 	private Authentifier auth;
-	
+
 	public Application() {
 		if(instance != null) {
 			throw new RuntimeException("Application can be instanciate only once !");
 		}
 		instance = this;
 	}
-	
+
 	public static Application getInstance()	{
 		return instance;
 	}
-	
+
 	public void run() {
 		setPeer(PeerFactory.createDefaultAndStartPeer());
 		setAuth(AuthentifierFactory.createDefaultAuthentifier());
 		RestServerFactory.createAndStartDefaultRestServer(8080); //start the rest api
 	}
-	
+
 	public void runForTests(int restPort) {
 		Properties p = System.getProperties();
 		p.put("derby.system.home", "./.db-" + restPort + "/");
@@ -45,11 +47,11 @@ public void runForTests(int restPort) {
 		setAuth(AuthentifierFactory.createDefaultAuthentifier());
 		RestServerFactory.createAndStartDefaultRestServer(restPort);
 	}
-	
+
 	public static void main(String[] args) {
 		new Application();
 		Application.getInstance().runForTests(8081);
-		
+
 	}
 
 	public Peer getPeer() {

src/main/java/controller/CASingingRequest.java

@@ -0,0 +1,31 @@
+package controller;
+
+import javax.ws.rs.GET;  //REST-related dependencies
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+import java.io.File;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+
+import rest.api.ServletPath;
+
+@ServletPath("/.well-know/acme-challenge/*")
+@Path("/")
+public class CASingingRequest {   
+	@GET
+    @Path("/{input}") 
+    public String hash(@PathParam("input") String input) throws Exception
+	{
+		//Send the file for the CA. (let's encrypt)
+		File file = new File("." + input);
+		if( file.exists() )
+		{
+			String res = new String(Files.readAllBytes(file.toPath()));
+			return res;
+		}
+		else
+			return "404 not found";
+    }
+}

src/main/java/controller/CryptCommander.java

@@ -0,0 +1,22 @@
+package controller;
+
+import javax.ws.rs.GET;  //REST-related dependencies
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+
+import crypt.api.hashs.Hasher; //module to test dependencies
+import crypt.factories.HasherFactory;
+import rest.api.ServletPath;
+
+@ServletPath("/command/hash/*")  //url path. PREFIX WITH COMMAND/ !!!
+@Path("/")
+public class CryptCommander {   
+    @GET
+    @Path("/{input}") //a way to name the pieces of the query
+    public String hash(@PathParam("input") String input) { //this argument will be initialized with the piece of the query
+        Hasher hasher = HasherFactory.createDefaultHasher();
+        return new String(hasher.getHash(input.getBytes()));
+    }
+}

src/main/java/controller/Items.java

@@ -31,7 +31,7 @@
 @ServletPath("/api/items/*")
 @Path("/")
 public class Items {
-
+		
 	@POST
 	@Path("/")
 	@Consumes(MediaType.APPLICATION_JSON)

src/main/java/controller/Users.java

@@ -15,9 +15,6 @@
 import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.MediaType;
 
-import org.apache.log4j.LogManager;
-import org.apache.log4j.Logger;
-
 import com.fasterxml.jackson.core.type.TypeReference;
 
 import controller.tools.JsonTools;
@@ -35,14 +32,18 @@
 @ServletPath("/api/users/*")
 @Path("/")
 public class Users {
-	private final static Logger log = LogManager.getLogger(Users.class);
-	@GET
+	//@GET
+	@POST
 	@Path("/login")
-	@Produces(MediaType.APPLICATION_JSON)
-	public String login(
+	@Produces(MediaType.APPLICATION_JSON)	
+	public String login(String jsonCredentials) {
+		String[] credentials = jsonCredentials.split("&");
+		String login = credentials[0].split("=")[1];
+		String password = credentials[1].split("=")[1];
+/*	public String login(
 			@QueryParam("login") String login,
-			@QueryParam("password") String password) {
-		log.debug(login + " | " + password);
+			@QueryParam("password") String password) {*/
+
 		Authentifier auth = Application.getInstance().getAuth();
 		UserSyncManager em = new UserSyncManagerImpl();
 		User u = em.getUser(login, password);
@@ -84,12 +85,17 @@ public String logout(@HeaderParam(Authentifier.PARAM_NAME) String token) {
 		return null;
 	}
 
-	@GET
+	//@GET
+	@POST
 	@Path("/subscribe")
 	@Produces(MediaType.APPLICATION_JSON)
-	public String subscribe(
+	public String subscribe(String jsonCredentials) {
+		String[] credentials = jsonCredentials.split("&");
+		String login = credentials[0].split("=")[1];
+		String password = credentials[1].split("=")[1];
+	/*public String subscribe(
 			@QueryParam("login") String login,
-			@QueryParam("password") String password) {
+			@QueryParam("password") String password) {*/
 
 		User u = new User();
 		u.setNick(login);

src/main/java/crypt/api/certificate/CertificateGenerator.java

@@ -0,0 +1,60 @@
+package crypt.api.certificate;
+
+import java.security.KeyPair;
+import java.security.cert.Certificate;
+
+/**
+ * Use to create Certificate (objet and file (jks)
+ * @author Sébastien Pelletier
+ *
+ */
+public interface CertificateGenerator 
+{
+	/**
+	 * Get the keyPair used for the certificate.
+	 * @author Sébastien Pelletier
+	 */
+	public KeyPair getKeysPair() throws Exception;
+
+	/**
+	 * Get the Keystore password
+	 * @author Sébastien Pelletier
+	 */
+	public String getKsPassword() throws Exception;
+
+	/**
+	 * Set the configuration file. (containing certificate information).
+	 * @param file Path to the configuration file.
+	 * @author Sébastien Pelletier
+	 */
+	public void setConfigFile(String file) throws Exception;
+
+	/**
+	 * Initalization of datas from file.
+	 * @author Sébastien Pelletier
+	 */
+	public void initDatas() throws Exception;
+
+	/**
+	 * Create the certificate and keys for it.
+	 * @param Signature specifie what signature you want.
+	 * @return Return the newly created certificate.
+	 * @author Sébastien Pelletier, Antoine Boudermine
+	 */
+	public Certificate CreateCertificate(String signature) throws Exception;
+
+	/**
+	 * Create a certificate chain of one certificate.
+	 * @author Sébastien Pelletier
+	 */
+	public Certificate[] CreateChainCertificate() throws Exception;
+
+	/**
+	 * Store the created certificate in the specified file (keystore).
+	 * @param file_name The keystore file.
+	 * #Author Pelletier Sébastien
+	 */
+	public void StoreInKeystore(String file_name) throws Exception;
+
+
+}