gsd
/
Facti13.Web.Backend.Java.V2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

secretkey auth

master
gsd 2 years ago
parent
ae23e799e4
commit
a4b8fc6a0e
10 changed files with 47 additions and 25 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      src/main/java/app/annotations/exceptions/InvalidSecretKey.java
  2. 25
      src/main/java/app/annotations/impl/WebAccessAspect.java
  3. 2
      src/main/java/app/annotations/interfaces/CheckWebAccess.java
  4. 8
      src/main/java/app/controllers/admin/BanController.java
  5. 4
      src/main/java/app/controllers/admin/KickController.java
  6. 4
      src/main/java/app/controllers/admin/RconController.java
  7. 6
      src/main/java/app/controllers/user/DetailController.java
  8. 11
      src/main/java/app/controllers/user/ProfileController.java
  9. 7
      src/main/java/app/utils/SaltedCookie.java
  10. 1
      src/main/resources/application.yaml

4
src/main/java/app/annotations/exceptions/InvalidSecretKey.java
View File

@ -0,0 +1,4 @@
package app.annotations.exceptions;
public class InvalidSecretKey extends RuntimeException{
}

25
src/main/java/app/annotations/impl/CookieAspect.java → src/main/java/app/annotations/impl/WebAccessAspect.java
View File

@ -1,6 +1,7 @@
package app.annotations.impl; package app.annotations.impl;
import app.annotations.exceptions.InvalidCookie; import app.annotations.exceptions.InvalidCookie;
import app.annotations.exceptions.InvalidSecretKey;
import app.annotations.exceptions.NeedCookie; import app.annotations.exceptions.NeedCookie;
import app.utils.SaltedCookie; import app.utils.SaltedCookie;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
@ -11,17 +12,17 @@ import org.springframework.context.annotation.Configuration;
@Aspect @Aspect
@Configuration @Configuration
public class CookieAspect { public class WebAccessAspect {
SaltedCookie saltedCookie; SaltedCookie saltedCookie;
@Autowired @Autowired
public CookieAspect(SaltedCookie saltedCookie) { public WebAccessAspect(SaltedCookie saltedCookie) {
this.saltedCookie = saltedCookie; this.saltedCookie = saltedCookie;
} }
@Before("@annotation(app.annotations.interfaces.NeedValidCookie) && args(request,..)") @Before("@annotation(app.annotations.interfaces.CheckWebAccess) && args(request,..)")
public void before(HttpServletRequest request){ public void before(HttpServletRequest request){
System.out.println("check cookie"); System.out.println("check web access");
if(!(request instanceof HttpServletRequest)) { if(!(request instanceof HttpServletRequest)) {
throw new RuntimeException("cannot read cookie from invalid request"); throw new RuntimeException("cannot read cookie from invalid request");
} }
@ -32,9 +33,10 @@ public class CookieAspect {
String[] rawCookieParams = request.getHeader("Cookie").split(";"); String[] rawCookieParams = request.getHeader("Cookie").split(";");
String steam64 = ""; String steam64 = "";
String steam64_secured = ""; String steam64_secured = "";
String secret_key = "";
for(String rawCookie: rawCookieParams) { for(String rawCookie: rawCookieParams) {
if(!steam64.isEmpty() && !steam64_secured.isEmpty()) { if((!steam64.isEmpty() && !steam64_secured.isEmpty() || (!steam64.isEmpty() && !secret_key.isEmpty()))) {
break; break;
} }
if(rawCookie.contains("steam64=")) { if(rawCookie.contains("steam64=")) {
@ -45,6 +47,19 @@ public class CookieAspect {
steam64_secured = rawCookie.split("=")[1]; steam64_secured = rawCookie.split("=")[1];
continue; continue;
} }
if(rawCookie.contains("secretkey=")) {
secret_key = rawCookie.split("=")[1];
continue;
}
}
if (!secret_key.isEmpty() && !steam64.isEmpty()) {
if (saltedCookie.ValidateSecretKey(secret_key)) {
System.out.println("used secret key");
return;
} else {
throw new InvalidSecretKey();
}
} }
if (steam64.isEmpty() || steam64_secured.isEmpty()) { if (steam64.isEmpty() || steam64_secured.isEmpty()) {

2
src/main/java/app/annotations/interfaces/NeedValidCookie.java → src/main/java/app/annotations/interfaces/CheckWebAccess.java
View File

@ -7,5 +7,5 @@ import java.lang.annotation.Target;
@Retention(RetentionPolicy.RUNTIME) @Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD) @Target(ElementType.METHOD)
public @interface NeedValidCookie { public @interface CheckWebAccess {
} }

8
src/main/java/app/controllers/admin/BanController.java
View File

@ -1,9 +1,7 @@
package app.controllers.admin; package app.controllers.admin;
import app.annotations.interfaces.CheckPermitionFlag; import app.annotations.interfaces.CheckPermitionFlag;
import app.annotations.interfaces.NeedValidCookie; import app.annotations.interfaces.CheckWebAccess;
import app.entities.db.Ban;
import app.entities.other.SteamID;
import app.services.ProfileService; import app.services.ProfileService;
import app.services.db.BanService; import app.services.db.BanService;
import app.services.db.PermitionService; import app.services.db.PermitionService;
@ -33,7 +31,7 @@ public class BanController {
} }
@PostMapping @PostMapping
@NeedValidCookie @CheckWebAccess
@CheckPermitionFlag(flag = "d") @CheckPermitionFlag(flag = "d")
public ResponseEntity banPlayer( public ResponseEntity banPlayer(
HttpServletRequest request, HttpServletRequest request,
@ -51,7 +49,7 @@ public class BanController {
} }
@DeleteMapping @DeleteMapping
@NeedValidCookie @CheckWebAccess
@CheckPermitionFlag(flag = "e") @CheckPermitionFlag(flag = "e")
public ResponseEntity unbanPlayer( public ResponseEntity unbanPlayer(
HttpServletRequest request, HttpServletRequest request,

4
src/main/java/app/controllers/admin/KickController.java
View File

@ -1,7 +1,7 @@
package app.controllers.admin; package app.controllers.admin;
import app.annotations.interfaces.CheckPermitionFlag; import app.annotations.interfaces.CheckPermitionFlag;
import app.annotations.interfaces.NeedValidCookie; import app.annotations.interfaces.CheckWebAccess;
import app.services.ProfileService; import app.services.ProfileService;
import app.services.ServerService; import app.services.ServerService;
import app.services.db.BanService; import app.services.db.BanService;
@ -28,7 +28,7 @@ public class KickController {
} }
@PostMapping @PostMapping
@NeedValidCookie @CheckWebAccess
@CheckPermitionFlag(flag = "c") @CheckPermitionFlag(flag = "c")
public ResponseEntity kickPlayer( public ResponseEntity kickPlayer(
HttpServletRequest request, HttpServletRequest request,

4
src/main/java/app/controllers/admin/RconController.java
View File

@ -1,7 +1,7 @@
package app.controllers.admin; package app.controllers.admin;
import app.annotations.interfaces.CheckPermitionFlag; import app.annotations.interfaces.CheckPermitionFlag;
import app.annotations.interfaces.NeedValidCookie; import app.annotations.interfaces.CheckWebAccess;
import app.services.StatsService; import app.services.StatsService;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -21,7 +21,7 @@ public class RconController {
} }
@PostMapping @PostMapping
@NeedValidCookie @CheckWebAccess
@CheckPermitionFlag(flag = "m") @CheckPermitionFlag(flag = "m")
public ResponseEntity<String> rcon(HttpServletRequest request, public ResponseEntity<String> rcon(HttpServletRequest request,
@RequestParam String srv, @RequestParam String srv,

6
src/main/java/app/controllers/user/DetailController.java
View File

@ -1,7 +1,7 @@
package app.controllers.user; package app.controllers.user;
import app.annotations.interfaces.CheckPermitionFlag; import app.annotations.interfaces.CheckPermitionFlag;
import app.annotations.interfaces.NeedValidCookie; import app.annotations.interfaces.CheckWebAccess;
import app.entities.other.SteamID; import app.entities.other.SteamID;
import app.services.ProfileService; import app.services.ProfileService;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
@ -24,7 +24,7 @@ public class DetailController {
} }
@GetMapping @GetMapping
@NeedValidCookie @CheckWebAccess
@CheckPermitionFlag(flag = "z") @CheckPermitionFlag(flag = "z")
public ResponseEntity GetUser(HttpServletRequest request, public ResponseEntity GetUser(HttpServletRequest request,
@RequestParam String steam64) { @RequestParam String steam64) {
@ -32,7 +32,7 @@ public class DetailController {
} }
@GetMapping("/steam") @GetMapping("/steam")
@NeedValidCookie @CheckWebAccess
@CheckPermitionFlag(flag = "z") @CheckPermitionFlag(flag = "z")
public ResponseEntity<SteamID> GetSteam(HttpServletRequest request, public ResponseEntity<SteamID> GetSteam(HttpServletRequest request,
@RequestParam String any) { @RequestParam String any) {

11
src/main/java/app/controllers/user/ProfileController.java
View File

@ -1,13 +1,10 @@
package app.controllers.user; package app.controllers.user;
import app.annotations.interfaces.CheckPermitionFlag; import app.annotations.interfaces.CheckWebAccess;
import app.annotations.interfaces.NeedValidCookie;
import app.entities.SocialAuth; import app.entities.SocialAuth;
import app.entities.other.SteamID;
import app.services.ProfileService; import app.services.ProfileService;
import app.services.ReportService; import app.services.ReportService;
import app.services.db.FreeVIPService; import app.services.db.FreeVIPService;
import app.utils.SaltedCookie;
import app.utils.SteamIDConverter; import app.utils.SteamIDConverter;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -32,7 +29,7 @@ public class ProfileController {
} }
@GetMapping @GetMapping
@NeedValidCookie @CheckWebAccess
public ResponseEntity GetCurrentUser(HttpServletRequest request, public ResponseEntity GetCurrentUser(HttpServletRequest request,
@CookieValue(value = "steam64", defaultValue = "") String steam64, @CookieValue(value = "steam64", defaultValue = "") String steam64,
@RequestParam(value = "requests", defaultValue = "") String requests @RequestParam(value = "requests", defaultValue = "") String requests
@ -45,7 +42,7 @@ public class ProfileController {
} }
@PostMapping("/freevip") @PostMapping("/freevip")
@NeedValidCookie @CheckWebAccess
public ResponseEntity GetFreeVIP(HttpServletRequest request, public ResponseEntity GetFreeVIP(HttpServletRequest request,
@CookieValue(value = "steam64", defaultValue = "") String steam64, @CookieValue(value = "steam64", defaultValue = "") String steam64,
SocialAuth socialAuth) { SocialAuth socialAuth) {
@ -57,7 +54,7 @@ public class ProfileController {
} }
@PostMapping("/report") @PostMapping("/report")
@NeedValidCookie @CheckWebAccess
public ResponseEntity<Long> ReportUser(HttpServletRequest request, public ResponseEntity<Long> ReportUser(HttpServletRequest request,
@CookieValue(value = "steam64", defaultValue = "") String steam64, @CookieValue(value = "steam64", defaultValue = "") String steam64,
@RequestParam(value = "steam64", defaultValue = "") String reported_steam64, @RequestParam(value = "steam64", defaultValue = "") String reported_steam64,

7
src/main/java/app/utils/SaltedCookie.java
View File

@ -9,6 +9,9 @@ public class SaltedCookie {
@Value("${backend.auth.salt}") @Value("${backend.auth.salt}")
private String salt; private String salt;
@Value("${backend.secret_key}")
private String secret_key;
public String Hashed(String value) { public String Hashed(String value) {
return DigestUtils.md5DigestAsHex(String.format("%s+%s", value, salt).getBytes()); return DigestUtils.md5DigestAsHex(String.format("%s+%s", value, salt).getBytes());
} }
@ -20,4 +23,8 @@ public class SaltedCookie {
public boolean Validate(Long value, String hashed_value) { public boolean Validate(Long value, String hashed_value) {
return Validate(value.toString(), hashed_value); return Validate(value.toString(), hashed_value);
} }
public boolean ValidateSecretKey(String secret_key) {
return this.secret_key.equals(secret_key);
}
} }

1
src/main/resources/application.yaml
View File

@ -24,6 +24,7 @@ org:
enabled: true enabled: true
backend: backend:
secret_key: ${SECRET_KEY}
servers_file: ${SERVERS_FILE} servers_file: ${SERVERS_FILE}
geoip_file: ${GEOIP_FILE} geoip_file: ${GEOIP_FILE}
updates: updates:

Write Preview
Loading…
Cancel
Save