From 6e28963da25edf94a84468423f74acc381699542 Mon Sep 17 00:00:00 2001
From: Roberto Sánchez <roberto.sanchez@curisit.net>
Date: Thu, 26 Dec 2013 09:55:58 +0000
Subject: [PATCH] #333 feature - Added token helper
---
securis/src/main/java/net/curisit/securis/utils/TokenHelper.java | 91 ++++++++++++++++++++++
securis/src/main/resources/static/main.html | 85 ++++++++++++++-------
securis/src/main/resources/static/js/main.js | 18 ++++
securis/src/main/resources/static/login.html | 9 +
4 files changed, 173 insertions(+), 30 deletions(-)
diff --git a/securis/src/main/java/net/curisit/securis/utils/TokenHelper.java b/securis/src/main/java/net/curisit/securis/utils/TokenHelper.java
new file mode 100644
index 0000000..aa1006a
--- /dev/null
+++ b/securis/src/main/java/net/curisit/securis/utils/TokenHelper.java
@@ -0,0 +1,91 @@
+package net.curisit.securis.utils;
+
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.math.BigInteger;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Date;
+
+import javax.inject.Inject;
+import javax.inject.Singleton;
+
+import net.curisit.integrity.commons.Utils;
+
+import org.apache.commons.lang3.StringUtils;
+import org.jboss.resteasy.util.Base64;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+@Singleton
+public class TokenHelper {
+
+ private static final Logger log = LoggerFactory.getLogger(TokenHelper.class);
+
+ private static int VALID_TOKEN_PERIOD = 24;
+
+ @Inject
+ public TokenHelper() {
+ }
+
+ private static byte[] seed = "S3Cur15S33dForT0k3nG3n3r@tion".getBytes();
+
+ public String generateToken(String user) {
+ try {
+ Date date = new Date();
+ String secret = generateSecret(user, date);
+ StringBuffer sb = new StringBuffer();
+ sb.append(secret);
+ sb.append(' ');
+ sb.append(user);
+ sb.append(' ');
+ sb.append(Utils.toIsoFormat(date));
+ return Base64.encodeBytes(sb.toString().getBytes("utf-8"));
+ } catch (NoSuchAlgorithmException e) {
+ log.error("Error generating SHA-256 hash", e);
+ } catch (UnsupportedEncodingException e) {
+ log.error("Error generating SHA-256 hash", e);
+ }
+ return null;
+
+ }
+
+ public String generateSecret(String user, Date date) throws UnsupportedEncodingException, NoSuchAlgorithmException {
+ MessageDigest mDigest = MessageDigest.getInstance("SHA-256");
+ mDigest.update(seed, 0, seed.length);
+ byte[] userbytes = user.getBytes("utf-8");
+ mDigest.update(userbytes, 0, userbytes.length);
+ byte[] isodate = Utils.toIsoFormat(date).getBytes();
+ mDigest.update(isodate, 0, isodate.length);
+ BigInteger i = new BigInteger(1, mDigest.digest());
+ String secret = String.format("%1$064x", i);
+ return secret;
+ }
+
+ public boolean validateToken(String token) {
+ try {
+ String tokenDecoded = new String(Base64.decode(token));
+ String[] parts = StringUtils.split(tokenDecoded, ' ');
+ String secret = parts[0];
+ String user = parts[1];
+ Date date = Utils.toDateFromIso(parts[2]);
+ if (new Date(new Date().getTime() + 25 * 60 * 60 * 1000).after(new Date(date.getTime() + VALID_TOKEN_PERIOD * 60 * 60 * 1000)))
+ return false;
+ String newSecret = generateSecret(user, date);
+ return newSecret.equals(secret);
+ } catch (IOException e) {
+ log.error("Error decoding Bse64 token", e);
+ } catch (NoSuchAlgorithmException e) {
+ log.error("Error generation secret to compare with", e);
+ }
+ return false;
+ }
+
+ public static void main(String[] args) throws IOException {
+ TokenHelper th = new TokenHelper();
+ String token = th.generateToken("pepe");
+ System.out.println("Token: " + token);
+ System.out.println("Token: " + new String(Base64.decode(token)));
+ System.out.println("Valid Token: " + th.validateToken(token));
+ }
+}
diff --git a/securis/src/main/resources/static/js/main.js b/securis/src/main/resources/static/js/main.js
index ab5f5ab..ac9a886 100644
--- a/securis/src/main/resources/static/js/main.js
+++ b/securis/src/main/resources/static/js/main.js
@@ -1,4 +1,22 @@
(function() {
+ 'use strict';
+
+ var app = angular.module('app', ['ngRoute']);
+ app.controller('PacksCtrl', ['$scope', '$http',
+ function($scope, $http) {
+
+ }]);
+
+ app.controller('LicensesListCtrl', ['$scope', '$http',
+ function($scope, $http) {
+
+ }]);
+
+ app.controller('LicenseCtrl', ['$scope', '$http',
+ function($scope, $http) {
+
+ }]);
+
})();
\ No newline at end of file
diff --git a/securis/src/main/resources/static/login.html b/securis/src/main/resources/static/login.html
index 5570b9e..2f2bec0 100644
--- a/securis/src/main/resources/static/login.html
+++ b/securis/src/main/resources/static/login.html
@@ -57,7 +57,7 @@
<div class="col-md-8 col-md-offset-2">
<form role="form" class="form-horizontal" ng-controller="LoginCtrl"
ng-submit="submit()" name="loginForm">
- <p class="lead">Sign in application</p>
+ <p class="lead">Sign in SeCuris</p>
<fieldset>
<div class="form-group">
<label class="col-md-3 control-label" for="username">Username</label>
@@ -78,8 +78,13 @@
<button type="button" class="close" aria-hidden="true" ng-click="hideAlert()">×</button>
<span>{{$errormsg}}</span>
</div>
+ <div class="form-group">
+ <div class="col-md-offset-3 col-md-10">
+ <button type="submit" class="btn btn-primary">Sign in</button>
+ </div>
+ </div>
</fieldset>
- <button type="submit" class="btn btn-primary">Login</button>
+
</form>
</div>
</div>
diff --git a/securis/src/main/resources/static/main.html b/securis/src/main/resources/static/main.html
index 645690a..07467e8 100644
--- a/securis/src/main/resources/static/main.html
+++ b/securis/src/main/resources/static/main.html
@@ -29,13 +29,8 @@
<div class="navbar navbar-inverse navbar-fixed-top">
<div class="container">
<div class="navbar-header">
- <button type="button" class="navbar-toggle" data-toggle="collapse"
- data-target=".navbar-collapse">
- <span class="icon-bar"></span> <span class="icon-bar"></span> <span
- class="icon-bar"></span>
- </button>
<ul class="nav navbar-nav navbar-left">
- <li>SeCuris<li>
+ <li style="color:white;padding-top:15px;">SeCuris</li>
<li><a href="#licenses">Licenses</a></li>
<li><a href="#admin">Admin</a></li>
</ul>
@@ -49,13 +44,16 @@
</div>
</div>
- <!-- Main jumbotron for a primary marketing message or call to action -->
<div class="container">
+ <div class="col-md-12">
+
+ </div>
<div class="col-md-4">
<div class="panel panel-default">
- <div class="panel-heading">Packs</div>
+ <div class="panel-heading">Packs
+ <span class="badge pull-right">4</span></div>
- <table class="table table-striped table-hover">
+ <table class="table table-hover">
<thead>
<tr>
<th>Org.</th>
@@ -72,42 +70,73 @@
</tfoot>
</table>
</div>
+ <div class="panel panel-default">
+ <form role="form" class="form-horizontal " name="licenseForm">
+ <div class="form-group">
+ <label class="col-md-3 control-label" for="username">Date</label>
+ <div class="col-md-5">
+ <input type="text" id="username" name="username" placeholder=""
+ class="form-control" ng-model="username" required>
+ </div>
+ </div>
+ <div class="form-group">
+ <!-- Password-->
+ <label class="col-md-3 control-label" for="password">License</label>
+ <div class="col-md-5">
+ <input type="password" id="password" name="password"
+ placeholder="" class="form-control" ng-model="password" required>
+ </div>
+ </div>
+ <div class="form-group">
+ <div class="col-md-offset-3 col-md-10">
+ <button type="submit" class="btn btn-primary">Save</button>
+ </div>
+ </div>
+ </form>
+ </div>
+
</div>
<div class="col-md-8">
<div class="panel panel-default">
- <div class="panel-heading">Licenses</div>
+ <div class="panel-heading">Licenses for pack <strong>BP-CICS-002</strong>
+ <span class="badge pull-right" style="color:#ccffcc;">4</span>
+ <span class="badge pull-right">15</span>
+ </div>
- <table class="table table-hover">
+ <table class="table table-hover table-condensed">
<thead>
<tr>
<th>License</th>
<th>Email</th>
<th>Status</th>
+ <th></th>
</tr>
</thead>
- <tbody>
- <tr><td>BP-CICS-0028HAHAHA UK</td><td>user1@bp.com</td><td class="success"><span class="glyphicon glyphicon-ok-circle"></span></td></tr>
- <tr><td>BP-CICS-0029HAHAHA UK</td><td>user2@bp.com</td><td class="success"><span class="glyphicon glyphicon-ok-circle"></span></td></tr>
- <tr><td>BP-CICS-0028HAHAHA UK</td><td>user3@bp.com</td><td class="danger"><span class="glyphicon glyphicon-warning-sign"></span></td></tr>
- <tr><td>BP-CICS-0128HAHAHA UK</td><td>user4@bp.com</td><td class="danger"><span class="glyphicon glyphicon-warning-sign"></span></td></tr>
- <tr><td>BP-CICS-00qqasddHA UK</td><td>user5@bp.com</td><td class="success"><span class="glyphicon glyphicon-ok-circle"></span></td></tr>
- <tr><td>BP-CICS-0028HAaaHA UK</td><td>user6@bp.com</td><td class="warning"><span class="glyphicon glyphicon-question-sign"></span></td></tr>
- <tr><td>BP-CICS-0028aaaaHA UK</td><td>user7@bp.com</td><td class="warning"><span class="glyphicon glyphicon-question-sign"></span></td></tr>
- <tr><td>BP-CICS-0028HAHAHA UK</td><td>user8@bp.com</td><td class="success"><span class="glyphicon glyphicon-ok-circle"></span></td></tr>
- <tr><td>BP-CICS-0028HAHAHA UK</td><td>user9@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td></tr>
- <tr><td>BP-CICS-0028HAHAHA UK</td><td>user0@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td></tr>
- <tr><td>BP-CICS-0028HAHAHA UK</td><td>user11@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td></tr>
- <tr><td>BP-CICS-0028HAHAHA UK</td><td>user12@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td></tr>
- <tr><td>BP-CICS-0028HAHAHA UK</td><td>user13@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td></tr>
- <tr><td>BP-CICS-0028HAHAHA UK</td><td>user14@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td></tr>
- <tr><td>BP-CICS-0028HAHAHA UK</td><td>user15@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td></tr>
- <tr><td>BP-CICS-0028HAHAHA UK</td><td>user16@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td></tr>
+ <tbody>
+
+ <tr><td>BP-CICS-0028HAHAHA UK</td><td>user1@bp.com</td><td class="success"><span class="glyphicon glyphicon-ok-circle"></span></td><td><span ng-click="editRow()" class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-0029HAHAHA UK</td><td>user2@bp.com</td><td class="success"><span class="glyphicon glyphicon-ok-circle"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-0028HAHAHA UK</td><td>user3@bp.com</td><td class="danger"><span class="glyphicon glyphicon-warning-sign"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-0128HAHAHA UK</td><td>user4@bp.com</td><td class="danger"><span class="glyphicon glyphicon-warning-sign"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-00qqasddHA UK</td><td>user5@bp.com</td><td class="success"><span class="glyphicon glyphicon-ok-circle"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-0028HAaaHA UK</td><td>user6@bp.com</td><td class="warning"><span class="glyphicon glyphicon-question-sign"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-0028aaaaHA UK</td><td>user7@bp.com</td><td class="warning"><span class="glyphicon glyphicon-question-sign"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-0028HAHAHA UK</td><td>user8@bp.com</td><td class="success"><span class="glyphicon glyphicon-ok-circle"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-0028HAHAHA UK</td><td>user9@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-0028HAHAHA UK</td><td>user0@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-0028HAHAHA UK</td><td>user11@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-0028HAHAHA UK</td><td>user12@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-0028HAHAHA UK</td><td>user13@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-0028HAHAHA UK</td><td>user14@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-0028HAHAHA UK</td><td>user15@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
+ <tr><td>BP-CICS-0028HAHAHA UK</td><td>user16@bp.com</td><td><span class="glyphicon glyphicon-ok-circle"></span></td><td><span class="glyphicon glyphicon-pencil"></span></td></tr>
</tbody>
<tfoot>
</tfoot>
</table>
</div>
</div>
+
</div>
<hr>
--
Gitblit v1.3.2