import club.wpia.gigi.output.template.Form.CSRFException;
import club.wpia.gigi.output.template.Outputable;
import club.wpia.gigi.output.template.Template;
+import club.wpia.gigi.output.template.TranslateCommand;
import club.wpia.gigi.pages.AboutPage;
import club.wpia.gigi.pages.HandlesMixedRequest;
import club.wpia.gigi.pages.LoginPage;
import club.wpia.gigi.pages.orga.CreateOrgPage;
import club.wpia.gigi.pages.orga.ViewOrgPage;
import club.wpia.gigi.pages.statistics.StatisticsRoles;
-import club.wpia.gigi.pages.wot.AssurePage;
import club.wpia.gigi.pages.wot.Points;
import club.wpia.gigi.pages.wot.RequestTTPPage;
+import club.wpia.gigi.pages.wot.VerifyPage;
import club.wpia.gigi.ping.PingerDaemon;
import club.wpia.gigi.util.AuthorizationContext;
import club.wpia.gigi.util.DomainAssessment;
import club.wpia.gigi.util.PasswordHash;
import club.wpia.gigi.util.ServerConstants;
+import club.wpia.gigi.util.ServerConstants.Host;
import club.wpia.gigi.util.TimeConditions;
public final class Gigi extends HttpServlet {
public MenuBuilder() {}
- private void putPage(String path, Page p, String category) {
+ private void putPage(String path, Page p, Menu m) {
pages.put(path, p);
- if (category == null) {
+ if (m == null) {
return;
}
- Menu m = getMenu(category);
m.addItem(new PageMenuItem(p, path.replaceFirst("/?\\*$", "")));
}
- private Menu getMenu(String category) {
- Menu m = null;
- for (Menu menu : categories) {
- if (menu.getMenuName().equals(category)) {
- m = menu;
- break;
- }
- }
- if (m == null) {
- m = new Menu(category);
- categories.add(m);
- }
+ private Menu createMenu(String name) {
+ Menu m = new Menu(new TranslateCommand(name));
+ categories.add(m);
return m;
}
putPage("/denied", new AccessDenied(), null);
putPage("/error", new PageNotFound(), null);
putPage("/login", new LoginPage(), null);
- getMenu("SomeCA.org").addItem(new SimpleMenuItem("https://" + ServerConstants.getWwwHostNamePort() + "/login", "Password Login") {
+ Menu mainMenu = createMenu("SomeCA.org");
+ mainMenu.addItem(new SimpleMenuItem("https://" + ServerConstants.getHostNamePort(Host.WWW) + "/login", "Password Login") {
@Override
public boolean isPermitted(AuthorizationContext ac) {
return ac == null;
}
});
- getMenu("SomeCA.org").addItem(new SimpleMenuItem("https://" + ServerConstants.getSecureHostNamePortSecure() + "/login", "Certificate Login") {
+ mainMenu.addItem(new SimpleMenuItem("https://" + ServerConstants.getHostNamePortSecure(Host.SECURE) + "/login", "Certificate Login") {
@Override
public boolean isPermitted(AuthorizationContext ac) {
}
});
putPage("/", new MainPage(), null);
- putPage("/roots", new RootCertPage(truststore), "SomeCA.org");
- putPage(StatisticsRoles.PATH, new StatisticsRoles(), "SomeCA.org");
- putPage("/about", new AboutPage(), "SomeCA.org");
+ putPage("/roots", new RootCertPage(truststore), mainMenu);
+ putPage(StatisticsRoles.PATH, new StatisticsRoles(), mainMenu);
+ putPage("/about", new AboutPage(), mainMenu);
+ putPage(RegisterPage.PATH, new RegisterPage(), mainMenu);
putPage("/secure", new TestSecure(), null);
putPage(Verify.PATH, new Verify(), null);
- putPage(Certificates.PATH + "/*", new Certificates(false), "Certificates");
- putPage(RegisterPage.PATH, new RegisterPage(), "SomeCA.org");
- putPage(CertificateAdd.PATH, new CertificateAdd(), "Certificates");
- putPage(MailOverview.DEFAULT_PATH, new MailOverview(), "Certificates");
- putPage(DomainOverview.PATH, new DomainOverview(), "Certificates");
+ Menu certificates = createMenu("Certificates");
+ putPage(Certificates.PATH + "/*", new Certificates(false), certificates);
+ putPage(CertificateAdd.PATH, new CertificateAdd(), certificates);
+ putPage(MailOverview.DEFAULT_PATH, new MailOverview(), certificates);
+ putPage(DomainOverview.PATH, new DomainOverview(), certificates);
putPage(EditDomain.PATH + "*", new EditDomain(), null);
- putPage(AssurePage.PATH + "/*", new AssurePage(), "Web of Trust");
- putPage(Points.PATH, new Points(false), "Web of Trust");
- putPage(RequestTTPPage.PATH, new RequestTTPPage(), "Web of Trust");
+ Menu wot = createMenu("Verification");
+ putPage(VerifyPage.PATH + "/*", new VerifyPage(), wot);
+ putPage(Points.PATH, new Points(false), wot);
+ putPage(RequestTTPPage.PATH, new RequestTTPPage(), wot);
- putPage(TTPAdminPage.PATH + "/*", new TTPAdminPage(), "Admin");
- putPage(CreateOrgPage.DEFAULT_PATH, new CreateOrgPage(), "Organisation Admin");
- putPage(ViewOrgPage.DEFAULT_PATH + "/*", new ViewOrgPage(), "Organisation Admin");
+ Menu admMenu = createMenu("Admin");
+ Menu orgAdm = createMenu("Organisation Admin");
+ putPage(TTPAdminPage.PATH + "/*", new TTPAdminPage(), admMenu);
+ putPage(CreateOrgPage.DEFAULT_PATH, new CreateOrgPage(), orgAdm);
+ putPage(ViewOrgPage.DEFAULT_PATH + "/*", new ViewOrgPage(), orgAdm);
- putPage(SupportEnterTicketPage.PATH, new SupportEnterTicketPage(), "Support Console");
- putPage(FindUserByEmailPage.PATH, new FindUserByEmailPage(), "Support Console");
- putPage(FindUserByDomainPage.PATH, new FindUserByDomainPage(), "Support Console");
- putPage(FindCertPage.PATH, new FindCertPage(), "Support Console");
+ Menu support = createMenu("Support Console");
+ putPage(SupportEnterTicketPage.PATH, new SupportEnterTicketPage(), support);
+ putPage(FindUserByEmailPage.PATH, new FindUserByEmailPage(), support);
+ putPage(FindUserByDomainPage.PATH, new FindUserByDomainPage(), support);
+ putPage(FindCertPage.PATH, new FindCertPage(), support);
+ Menu account = createMenu("My Account");
putPage(SupportUserDetailsPage.PATH + "*", new SupportUserDetailsPage(), null);
- putPage(ChangePasswordPage.PATH, new ChangePasswordPage(), "My Account");
- putPage(History.PATH, new History(false), "My Account");
- putPage(FindAgentAccess.PATH, new OneFormPage("Access to Find Agent", FindAgentAccess.class), "My Account");
+ putPage(ChangePasswordPage.PATH, new ChangePasswordPage(), account);
+ putPage(History.PATH, new History(false), account);
+ putPage(FindAgentAccess.PATH, new OneFormPage("Access to Find Agent", FindAgentAccess.class), account);
putPage(History.SUPPORT_PATH, new History(true), null);
- putPage(UserTrainings.PATH, new UserTrainings(false), "My Account");
- putPage(MyDetails.PATH, new MyDetails(), "My Account");
+ putPage(UserTrainings.PATH, new UserTrainings(false), account);
+ putPage(MyDetails.PATH, new MyDetails(), account);
putPage(UserTrainings.SUPPORT_PATH, new UserTrainings(true), null);
putPage(Points.SUPPORT_PATH, new Points(true), null);
putPage(Certificates.SUPPORT_PATH + "/*", new Certificates(true), null);
Class<?> manager = Class.forName("club.wpia.gigi.pages.Manager");
Page p = (Page) manager.getMethod("getInstance").invoke(null);
String pa = (String) manager.getField("PATH").get(null);
- putPage(pa + "/*", p, "Gigi test server");
+ Menu testServer = createMenu("Gigi test server");
+ putPage(pa + "/*", p, testServer);
} catch (ReflectiveOperationException e) {
e.printStackTrace();
}
}
try {
- putPage("/wot/rules", new StaticPage("Web of Trust Rules", AssurePage.class.getResourceAsStream("Rules.templ")), "Web of Trust");
+ putPage("/wot/rules", new StaticPage("Verification Rules", VerifyPage.class.getResourceAsStream("Rules.templ")), wot);
} catch (UnsupportedEncodingException e) {
throw new ServletException(e);
}
rootMenu = new MenuCollector();
- Menu languages = new Menu("Language");
+ Menu languages = createMenu("Language");
addLanguages(languages);
- categories.add(languages);
for (Menu menu : categories) {
menu.prepare();
rootMenu.put(menu);
try (Link l = DatabaseConnection.newLink(false)) {
CACertificate.getById(1);
CertificateProfile.getById(1);
- CATSType.ASSURER_CHALLENGE.getDisplayName();
+ CATSType.AGENT_CHALLENGE.getDisplayName();
} catch (InterruptedException e) {
throw new Error(e);
}
}
- private static String staticTemplateVar = "//" + ServerConstants.getStaticHostNamePort();
+ private static String staticTemplateVar = "//" + ServerConstants.getHostNamePort(Host.STATIC);
- private static String staticTemplateVarSecure = "//" + ServerConstants.getStaticHostNamePortSecure();
+ private static String staticTemplateVarSecure = "//" + ServerConstants.getHostNamePortSecure(Host.STATIC);
@Override
protected void service(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
// it always
String originHeader = req.getHeader("Origin");
if (originHeader != null //
- && !(originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getWwwHostNamePortSecure()) + "(/.*|)") || //
- originHeader.matches("^" + Pattern.quote("http://" + ServerConstants.getWwwHostNamePort()) + "(/.*|)") || //
- originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getSecureHostNamePortSecure()) + "(/.*|)"))) {
+ && !(originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getHostNamePortSecure(Host.WWW)) + "(/.*|)") || //
+ originHeader.matches("^" + Pattern.quote("http://" + ServerConstants.getHostNamePort(Host.WWW)) + "(/.*|)") || //
+ originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getHostNamePortSecure(Host.SECURE)) + "(/.*|)"))) {
resp.setContentType("text/html; charset=utf-8");
resp.getWriter().println("<html><head><title>Alert</title></head><body>No cross domain access allowed.<br/><b>If you don't know why you're seeing this you may have been fished! Please change your password immediately!</b></body></html>");
return;
if (p != null) {
if ( !isSecure && (p.needsLogin() || p instanceof LoginPage || p instanceof RegisterPage)) {
- resp.sendRedirect("https://" + ServerConstants.getWwwHostNamePortSecure() + req.getPathInfo());
+ resp.sendRedirect("https://" + ServerConstants.getHostNamePortSecure(Host.WWW) + req.getPathInfo());
return;
}
AuthorizationContext currentAuthContext = LoginPage.getAuthorizationContext(req);
vars.put("year", Calendar.getInstance().get(Calendar.YEAR));
vars.put("content", content);
if (isSecure) {
- req.setAttribute(LINK_HOST, ServerConstants.getLinkHostNamePortSecure());
+ req.setAttribute(LINK_HOST, ServerConstants.getHostNamePortSecure(Host.LINK));
} else {
- req.setAttribute(LINK_HOST, ServerConstants.getLinkHostNamePort());
+ req.setAttribute(LINK_HOST, ServerConstants.getHostNamePort(Host.LINK));
}
if (currentAuthContext != null) {
// TODO maybe move this information into the AuthContext object
}
public static void addXSSHeaders(HttpServletResponse hsr, boolean doHttps) {
- hsr.addHeader("Access-Control-Allow-Origin", "https://" + ServerConstants.getWwwHostNamePortSecure() + " https://" + ServerConstants.getSecureHostNamePortSecure());
+ hsr.addHeader("Access-Control-Allow-Origin", "https://" + ServerConstants.getHostNamePortSecure(Host.WWW) + " https://" + ServerConstants.getHostNamePortSecure(Host.SECURE));
hsr.addHeader("Access-Control-Max-Age", "60");
if (doHttps) {
hsr.addHeader("Content-Security-Policy", httpsCSP);
private static String genHttpsCSP() {
StringBuffer csp = new StringBuffer();
csp.append("default-src 'none'");
- csp.append(";font-src https://" + ServerConstants.getStaticHostNamePortSecure());
- csp.append(";img-src https://" + ServerConstants.getStaticHostNamePortSecure());
+ csp.append(";font-src https://" + ServerConstants.getHostNamePortSecure(Host.STATIC));
+ csp.append(";img-src https://" + ServerConstants.getHostNamePortSecure(Host.STATIC));
csp.append(";media-src 'none'; object-src 'none'");
- csp.append(";script-src https://" + ServerConstants.getStaticHostNamePortSecure());
- csp.append(";style-src https://" + ServerConstants.getStaticHostNamePortSecure());
- csp.append(";form-action https://" + ServerConstants.getSecureHostNamePortSecure() + " https://" + ServerConstants.getWwwHostNamePortSecure());
+ csp.append(";script-src https://" + ServerConstants.getHostNamePortSecure(Host.STATIC));
+ csp.append(";style-src https://" + ServerConstants.getHostNamePortSecure(Host.STATIC));
+ csp.append(";form-action https://" + ServerConstants.getHostNamePortSecure(Host.SECURE) + " https://" + ServerConstants.getHostNamePortSecure(Host.WWW));
// csp.append(";report-url https://api.wpia.club/security/csp/report");
return csp.toString();
}
private static String genHttpCSP() {
StringBuffer csp = new StringBuffer();
csp.append("default-src 'none'");
- csp.append(";font-src http://" + ServerConstants.getStaticHostNamePort());
- csp.append(";img-src http://" + ServerConstants.getStaticHostNamePort());
+ csp.append(";font-src http://" + ServerConstants.getHostNamePort(Host.STATIC));
+ csp.append(";img-src http://" + ServerConstants.getHostNamePort(Host.STATIC));
csp.append(";media-src 'none'; object-src 'none'");
- csp.append(";script-src http://" + ServerConstants.getStaticHostNamePort());
- csp.append(";style-src http://" + ServerConstants.getStaticHostNamePort());
- csp.append(";form-action https://" + ServerConstants.getSecureHostNamePortSecure() + " https://" + ServerConstants.getWwwHostNamePort());
+ csp.append(";script-src http://" + ServerConstants.getHostNamePort(Host.STATIC));
+ csp.append(";style-src http://" + ServerConstants.getHostNamePort(Host.STATIC));
+ csp.append(";form-action http://" + ServerConstants.getHostNamePortSecure(Host.SECURE) + " http://" + ServerConstants.getHostNamePort(Host.WWW));
// csp.append(";report-url http://api.wpia.club/security/csp/report");
return csp.toString();
}
projects / gigi.git / blobdiff