mirror of
https://github.com/sismics/docs.git
synced 2024-11-25 15:17:57 +01:00
#84: Generate TOTP secret key
This commit is contained in:
parent
5de77e35dc
commit
718728a672
@ -40,6 +40,7 @@
|
|||||||
<com.twelvemonkeys.imageio.version>3.2.1</com.twelvemonkeys.imageio.version>
|
<com.twelvemonkeys.imageio.version>3.2.1</com.twelvemonkeys.imageio.version>
|
||||||
<com.levigo.jbig2.levigo-jbig2-imageio.version>1.6.5</com.levigo.jbig2.levigo-jbig2-imageio.version>
|
<com.levigo.jbig2.levigo-jbig2-imageio.version>1.6.5</com.levigo.jbig2.levigo-jbig2-imageio.version>
|
||||||
<com.github.jai-imageio.jai-imageio-core.version>1.3.1</com.github.jai-imageio.jai-imageio-core.version>
|
<com.github.jai-imageio.jai-imageio-core.version>1.3.1</com.github.jai-imageio.jai-imageio-core.version>
|
||||||
|
<com.warrenstrange.googleauth>0.6.0</com.warrenstrange.googleauth>
|
||||||
|
|
||||||
<org.eclipse.jetty.jetty-server.version>9.2.13.v20150730</org.eclipse.jetty.jetty-server.version>
|
<org.eclipse.jetty.jetty-server.version>9.2.13.v20150730</org.eclipse.jetty.jetty-server.version>
|
||||||
<org.eclipse.jetty.jetty-webapp.version>9.2.13.v20150730</org.eclipse.jetty.jetty-webapp.version>
|
<org.eclipse.jetty.jetty-webapp.version>9.2.13.v20150730</org.eclipse.jetty.jetty-webapp.version>
|
||||||
@ -395,18 +396,27 @@
|
|||||||
<version>${com.twelvemonkeys.imageio.version}</version>
|
<version>${com.twelvemonkeys.imageio.version}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency><!-- Only JBIG2 -->
|
<!-- Only JBIG2 -->
|
||||||
|
<dependency>
|
||||||
<groupId>com.levigo.jbig2</groupId>
|
<groupId>com.levigo.jbig2</groupId>
|
||||||
<artifactId>levigo-jbig2-imageio</artifactId>
|
<artifactId>levigo-jbig2-imageio</artifactId>
|
||||||
<version>${com.levigo.jbig2.levigo-jbig2-imageio.version}</version>
|
<version>${com.levigo.jbig2.levigo-jbig2-imageio.version}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency><!-- Essentially TIFF (for OCR) -->
|
<!-- Essentially TIFF (for OCR) -->
|
||||||
|
<dependency>
|
||||||
<groupId>com.github.jai-imageio</groupId>
|
<groupId>com.github.jai-imageio</groupId>
|
||||||
<artifactId>jai-imageio-core</artifactId>
|
<artifactId>jai-imageio-core</artifactId>
|
||||||
<version>${com.github.jai-imageio.jai-imageio-core.version}</version>
|
<version>${com.github.jai-imageio.jai-imageio-core.version}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
<!-- TOTP Authentication -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>com.warrenstrange</groupId>
|
||||||
|
<artifactId>googleauth</artifactId>
|
||||||
|
<version>${com.warrenstrange.googleauth}</version>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
</dependencies>
|
</dependencies>
|
||||||
</dependencyManagement>
|
</dependencyManagement>
|
||||||
|
|
||||||
|
@ -89,6 +89,11 @@
|
|||||||
<artifactId>servlet</artifactId>
|
<artifactId>servlet</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>com.warrenstrange</groupId>
|
||||||
|
<artifactId>googleauth</artifactId>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
<!-- Test dependencies -->
|
<!-- Test dependencies -->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>com.sismics.docs</groupId>
|
<groupId>com.sismics.docs</groupId>
|
||||||
|
@ -55,6 +55,8 @@ import com.sismics.rest.util.JsonUtil;
|
|||||||
import com.sismics.rest.util.ValidationUtil;
|
import com.sismics.rest.util.ValidationUtil;
|
||||||
import com.sismics.security.UserPrincipal;
|
import com.sismics.security.UserPrincipal;
|
||||||
import com.sismics.util.filter.TokenBasedSecurityFilter;
|
import com.sismics.util.filter.TokenBasedSecurityFilter;
|
||||||
|
import com.warrenstrange.googleauth.GoogleAuthenticator;
|
||||||
|
import com.warrenstrange.googleauth.GoogleAuthenticatorKey;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* User REST resources.
|
* User REST resources.
|
||||||
@ -639,6 +641,29 @@ public class UserResource extends BaseResource {
|
|||||||
return Response.ok().entity(response.build()).build();
|
return Response.ok().entity(response.build()).build();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@POST
|
||||||
|
@Path("enable_totp")
|
||||||
|
public Response enableTotp() {
|
||||||
|
if (!authenticate()) {
|
||||||
|
throw new ForbiddenClientException();
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create a new TOTP key and scratch codes
|
||||||
|
// TODO Copy library sources here to scrap useless dependencies and make verification code generation public for testing
|
||||||
|
GoogleAuthenticator gAuth = new GoogleAuthenticator();
|
||||||
|
final GoogleAuthenticatorKey key = gAuth.createCredentials();
|
||||||
|
|
||||||
|
JsonArrayBuilder scratchCodes = Json.createArrayBuilder();
|
||||||
|
for (int scratchCode : key.getScratchCodes()) {
|
||||||
|
scratchCodes.add(scratchCode);
|
||||||
|
}
|
||||||
|
|
||||||
|
JsonObjectBuilder response = Json.createObjectBuilder()
|
||||||
|
.add("secret", key.getKey())
|
||||||
|
.add("scratch_codes", scratchCodes);
|
||||||
|
return Response.ok().entity(response.build()).build();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the authentication token value.
|
* Returns the authentication token value.
|
||||||
*
|
*
|
||||||
|
@ -23,8 +23,6 @@ import com.sismics.util.filter.TokenBasedSecurityFilter;
|
|||||||
public class TestAclResource extends BaseJerseyTest {
|
public class TestAclResource extends BaseJerseyTest {
|
||||||
/**
|
/**
|
||||||
* Test the ACL resource.
|
* Test the ACL resource.
|
||||||
*
|
|
||||||
* @throws JSONException
|
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testAclResource() {
|
public void testAclResource() {
|
||||||
|
@ -21,8 +21,6 @@ import com.sismics.util.filter.TokenBasedSecurityFilter;
|
|||||||
public class TestAppResource extends BaseJerseyTest {
|
public class TestAppResource extends BaseJerseyTest {
|
||||||
/**
|
/**
|
||||||
* Test the API resource.
|
* Test the API resource.
|
||||||
*
|
|
||||||
* @throws JSONException
|
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testAppResource() {
|
public void testAppResource() {
|
||||||
@ -63,8 +61,6 @@ public class TestAppResource extends BaseJerseyTest {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Test the log resource.
|
* Test the log resource.
|
||||||
*
|
|
||||||
* @throws JSONException
|
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testLogResource() {
|
public void testLogResource() {
|
||||||
|
@ -20,8 +20,6 @@ import com.sismics.util.filter.TokenBasedSecurityFilter;
|
|||||||
public class TestAuditLogResource extends BaseJerseyTest {
|
public class TestAuditLogResource extends BaseJerseyTest {
|
||||||
/**
|
/**
|
||||||
* Test the audit log resource.
|
* Test the audit log resource.
|
||||||
*
|
|
||||||
* @throws JSONException
|
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testAuditLogResource() {
|
public void testAuditLogResource() {
|
||||||
|
@ -21,11 +21,9 @@ import com.sismics.util.filter.TokenBasedSecurityFilter;
|
|||||||
public class TestCommentResource extends BaseJerseyTest {
|
public class TestCommentResource extends BaseJerseyTest {
|
||||||
/**
|
/**
|
||||||
* Test the comment resource.
|
* Test the comment resource.
|
||||||
*
|
|
||||||
* @throws Exception
|
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testCommentResource() throws Exception {
|
public void testCommentResource() {
|
||||||
// Login comment1
|
// Login comment1
|
||||||
clientUtil.createUser("comment1");
|
clientUtil.createUser("comment1");
|
||||||
String comment1Token = clientUtil.login("comment1");
|
String comment1Token = clientUtil.login("comment1");
|
||||||
|
@ -359,9 +359,8 @@ public class TestDocumentResource extends BaseJerseyTest {
|
|||||||
* @param query Search query
|
* @param query Search query
|
||||||
* @param token Authentication token
|
* @param token Authentication token
|
||||||
* @return Number of documents found
|
* @return Number of documents found
|
||||||
* @throws Exception
|
|
||||||
*/
|
*/
|
||||||
private int searchDocuments(String query, String token) throws Exception {
|
private int searchDocuments(String query, String token) {
|
||||||
JsonObject json = target().path("/document/list")
|
JsonObject json = target().path("/document/list")
|
||||||
.queryParam("search", query)
|
.queryParam("search", query)
|
||||||
.request()
|
.request()
|
||||||
|
@ -198,6 +198,11 @@ public class TestFileResource extends BaseJerseyTest {
|
|||||||
Assert.assertEquals(1, files.size());
|
Assert.assertEquals(1, files.size());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test orphan files (without linked document).
|
||||||
|
*
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testOrphanFile() throws Exception {
|
public void testOrphanFile() throws Exception {
|
||||||
// Login file2
|
// Login file2
|
||||||
@ -283,6 +288,11 @@ public class TestFileResource extends BaseJerseyTest {
|
|||||||
Assert.assertEquals("ok", json.getString("status"));
|
Assert.assertEquals("ok", json.getString("status"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test user quota.
|
||||||
|
*
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testQuota() throws Exception {
|
public void testQuota() throws Exception {
|
||||||
// Login file_quota
|
// Login file_quota
|
||||||
|
@ -22,8 +22,6 @@ import com.sismics.util.filter.TokenBasedSecurityFilter;
|
|||||||
public class TestGroupResource extends BaseJerseyTest {
|
public class TestGroupResource extends BaseJerseyTest {
|
||||||
/**
|
/**
|
||||||
* Test the group resource.
|
* Test the group resource.
|
||||||
*
|
|
||||||
* @throws JSONException
|
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testGroupResource() {
|
public void testGroupResource() {
|
||||||
|
@ -21,8 +21,6 @@ import com.sismics.util.filter.TokenBasedSecurityFilter;
|
|||||||
public class TestSecurity extends BaseJerseyTest {
|
public class TestSecurity extends BaseJerseyTest {
|
||||||
/**
|
/**
|
||||||
* Test of the security layer.
|
* Test of the security layer.
|
||||||
*
|
|
||||||
* @throws JSONException
|
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testSecurity() {
|
public void testSecurity() {
|
||||||
|
@ -28,7 +28,6 @@ import com.sismics.util.filter.TokenBasedSecurityFilter;
|
|||||||
public class TestShareResource extends BaseJerseyTest {
|
public class TestShareResource extends BaseJerseyTest {
|
||||||
/**
|
/**
|
||||||
* Test the share resource.
|
* Test the share resource.
|
||||||
* @throws Exception
|
|
||||||
*
|
*
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
|
@ -21,8 +21,6 @@ import com.sismics.util.filter.TokenBasedSecurityFilter;
|
|||||||
public class TestTagResource extends BaseJerseyTest {
|
public class TestTagResource extends BaseJerseyTest {
|
||||||
/**
|
/**
|
||||||
* Test the tag resource.
|
* Test the tag resource.
|
||||||
*
|
|
||||||
* @throws JSONException
|
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testTagResource() {
|
public void testTagResource() {
|
||||||
|
@ -22,8 +22,6 @@ import com.sismics.util.filter.TokenBasedSecurityFilter;
|
|||||||
public class TestUserResource extends BaseJerseyTest {
|
public class TestUserResource extends BaseJerseyTest {
|
||||||
/**
|
/**
|
||||||
* Test the user resource.
|
* Test the user resource.
|
||||||
*
|
|
||||||
* @throws JSONException
|
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testUserResource() {
|
public void testUserResource() {
|
||||||
@ -229,8 +227,6 @@ public class TestUserResource extends BaseJerseyTest {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Test the user resource admin functions.
|
* Test the user resource admin functions.
|
||||||
*
|
|
||||||
* @throws JSONException
|
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testUserResourceAdmin() {
|
public void testUserResourceAdmin() {
|
||||||
@ -290,4 +286,18 @@ public class TestUserResource extends BaseJerseyTest {
|
|||||||
json = response.readEntity(JsonObject.class);
|
json = response.readEntity(JsonObject.class);
|
||||||
Assert.assertEquals("UserNotFound", json.getString("type"));
|
Assert.assertEquals("UserNotFound", json.getString("type"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testTotp() {
|
||||||
|
// Create totp1 user
|
||||||
|
clientUtil.createUser("totp1");
|
||||||
|
String totp1Token = clientUtil.login("totp1");
|
||||||
|
|
||||||
|
// Enable TOTP for totp1
|
||||||
|
JsonObject json = target().path("/user/enable_totp").request()
|
||||||
|
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, totp1Token)
|
||||||
|
.post(Entity.form(new Form()), JsonObject.class);
|
||||||
|
String secret = json.getString("secret");
|
||||||
|
Assert.assertNotNull(secret);
|
||||||
|
}
|
||||||
}
|
}
|
@ -19,11 +19,9 @@ import com.sismics.util.filter.TokenBasedSecurityFilter;
|
|||||||
public class TestVocabularyResource extends BaseJerseyTest {
|
public class TestVocabularyResource extends BaseJerseyTest {
|
||||||
/**
|
/**
|
||||||
* Test the vocabulary resource.
|
* Test the vocabulary resource.
|
||||||
*
|
|
||||||
* @throws Exception
|
|
||||||
*/
|
*/
|
||||||
@Test
|
@Test
|
||||||
public void testVocabularyResource() throws Exception {
|
public void testVocabularyResource() {
|
||||||
// Login vocabulary1
|
// Login vocabulary1
|
||||||
clientUtil.createUser("vocabulary1");
|
clientUtil.createUser("vocabulary1");
|
||||||
String vocabulary1Token = clientUtil.login("vocabulary1");
|
String vocabulary1Token = clientUtil.login("vocabulary1");
|
||||||
|
Loading…
Reference in New Issue
Block a user