init

2024-12-22 12:21:47 +01:00 · 2024-12-22 12:21:47 +01:00 · 380946f5a7
commit 380946f5a7
18 changed files with 568 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+/target/
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -0,0 +1,3 @@
+{
+    "java.configuration.updateBuildConfiguration": "automatic"
+}
--- a/pom.xml
+++ b/pom.xml
@ -0,0 +1,133 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+
+  <groupId>de.devloop</groupId>
+  <artifactId>mavor</artifactId>
+  <version>1.0-SNAPSHOT</version>
+  <packaging>war</packaging>
+
+  <name>mavor</name>
+  <!-- FIXME change it to the project's website -->
+  <url>http://www.example.com</url>
+
+  <properties>
+    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+    <maven.compiler.source>11</maven.compiler.source>
+    <maven.compiler.target>11</maven.compiler.target>
+    <maven.version>3.9.9</maven.version>
+  </properties>
+
+  <build>
+    <finalName>mavor</finalName>
+    <sourceDirectory>src/main</sourceDirectory>
+    <pluginManagement><!-- lock down plugins versions to avoid using Maven defaults (may be moved to parent pom) -->
+      <plugins>
+        <plugin>
+          <artifactId>maven-clean-plugin</artifactId>
+          <version>3.1.0</version>
+        </plugin>
+        <!-- see http://maven.apache.org/ref/current/maven-core/default-bindings.html#Plugin_bindings_for_war_packaging -->
+        <plugin>
+          <artifactId>maven-resources-plugin</artifactId>
+          <version>3.0.2</version>
+        </plugin>
+        <plugin>
+          <artifactId>maven-compiler-plugin</artifactId>
+          <version>3.8.0</version>
+        </plugin>
+        <plugin>
+          <artifactId>maven-surefire-plugin</artifactId>
+          <version>2.22.1</version>
+        </plugin>
+        <plugin>
+          <artifactId>maven-war-plugin</artifactId>
+          <version>3.2.2</version>
+        </plugin>
+        <plugin>
+          <artifactId>maven-install-plugin</artifactId>
+          <version>2.5.2</version>
+        </plugin>
+        <plugin>
+          <artifactId>maven-deploy-plugin</artifactId>
+          <version>2.8.2</version>
+        </plugin>
+      </plugins>
+    </pluginManagement>
+  </build>
+
+  <dependencies>
+    <!-- https://mvnrepository.com/artifact/jakarta.servlet/jakarta.servlet-api -->
+    <dependency>
+        <groupId>jakarta.servlet</groupId>
+        <artifactId>jakarta.servlet-api</artifactId>
+        <version>6.1.0</version>
+        <scope>provided</scope>
+    </dependency>
+    <!-- https://mvnrepository.com/artifact/jakarta.servlet.jsp.jstl/jakarta.servlet.jsp.jstl-api -->
+    <dependency>
+        <groupId>jakarta.servlet.jsp.jstl</groupId>
+        <artifactId>jakarta.servlet.jsp.jstl-api</artifactId>
+        <version>3.0.2</version>
+    </dependency>
+    <!-- https://mvnrepository.com/artifact/org.glassfish.web/jakarta.servlet.jsp.jstl -->
+    <dependency>
+        <groupId>org.glassfish.web</groupId>
+        <artifactId>jakarta.servlet.jsp.jstl</artifactId>
+        <version>3.0.1</version>
+    </dependency>
+    <!-- https://mvnrepository.com/artifact/jakarta.platform/jakarta.jakartaee-web-api -->
+    <dependency>
+        <groupId>jakarta.platform</groupId>
+        <artifactId>jakarta.jakartaee-web-api</artifactId>
+        <version>11.0.0-M4</version>
+        <scope>provided</scope>
+    </dependency>
+    <!-- https://mvnrepository.com/artifact/com.google.code.gson/gson -->
+    <dependency>
+        <groupId>com.google.code.gson</groupId>
+        <artifactId>gson</artifactId>
+        <version>2.11.0</version>
+    </dependency>
+<!-- https://mvnrepository.com/artifact/org.eclipse.sisu/org.eclipse.sisu.plexus -->
+<dependency>
+    <groupId>org.eclipse.sisu</groupId>
+    <artifactId>org.eclipse.sisu.plexus</artifactId>
+    <version>0.9.0.M3</version>
+</dependency>
+
+
+<!-- https://mvnrepository.com/artifact/org.apache.maven/maven-embedder -->
+<dependency>
+    <groupId>org.apache.maven</groupId>
+    <artifactId>maven-embedder</artifactId>
+    <version>3.9.9</version>
+</dependency>
+
+<!-- https://mvnrepository.com/artifact/org.apache.maven/maven-slf4j-provider -->
+<dependency>
+    <groupId>org.apache.maven</groupId>
+    <artifactId>maven-slf4j-provider</artifactId>
+    <version>3.9.9</version>
+</dependency>
+
+<!-- https://mvnrepository.com/artifact/org.apache.maven/maven-core -->
+<dependency>
+    <groupId>org.apache.maven</groupId>
+    <artifactId>maven-core</artifactId>
+    <version>3.9.9</version>
+</dependency>
+
+<!-- https://mvnrepository.com/artifact/org.apache.maven/maven-compat -->
+<dependency>
+    <groupId>org.apache.maven</groupId>
+    <artifactId>maven-compat</artifactId>
+    <version>3.9.9</version>
+</dependency>
+
+
+
+  </dependencies>
+</project>
--- a/src/main/de/devloop/mavor/AuthenticatedServlet.java
+++ b/src/main/de/devloop/mavor/AuthenticatedServlet.java
@ -0,0 +1,26 @@
+package de.devloop.mavor;
+
+import java.io.IOException;
+
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServlet;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+public class AuthenticatedServlet extends HttpServlet {
+    protected Session session;
+
+    @Override
+    protected final void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        session = new Session(req.getSession(true));
+        if (!session.isAuthenticated()) {
+            resp.sendRedirect("/mavor/authenticate");
+        } else {
+            doAuthenticatedGet(req, resp);
+        }
+    }
+
+    protected void doAuthenticatedGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        // nooooothing
+    }
+}
--- a/src/main/de/devloop/mavor/Session.java
+++ b/src/main/de/devloop/mavor/Session.java
@ -0,0 +1,57 @@
+package de.devloop.mavor;
+
+import jakarta.servlet.http.HttpSession;
+
+public class Session {
+    private HttpSession session;
+
+    private static final String ATTRIBUTE_USERNAME = "username";
+    private static final String ATTRIBUTE_OAUTH_STATE = "oauth.state";
+    private static final String ATTRIBUTE_OAUTH_TOKEN = "oauth.token";
+
+    public Session(HttpSession session) {
+        this.session = session;
+    }
+
+    private String getSafeString(String parameter) {
+        Object value = session.getAttribute(parameter);
+
+        if (value != null) {
+            return value.toString();
+        } else {
+            return null;
+        }
+    }
+
+    public Boolean isAuthenticated() {
+        return getUsername() != null;
+    }
+
+    public String getUsername() {
+        return getSafeString(ATTRIBUTE_USERNAME);
+    }
+
+    public void setUsername(String username) {
+        session.setAttribute(ATTRIBUTE_USERNAME, username);
+    }
+
+    public void setOAuthState(String state) {
+        session.setAttribute(ATTRIBUTE_OAUTH_STATE, state);
+    }
+
+    public String getOAuthState() {
+        return getSafeString(ATTRIBUTE_OAUTH_STATE);
+    }
+
+    public void clearOAuthState() {
+        session.removeAttribute(ATTRIBUTE_OAUTH_STATE);
+    }
+
+    public void setOAuthToken(String token) {
+        session.setAttribute(ATTRIBUTE_OAUTH_TOKEN, token);
+    }
+
+    public String getOAuthToken() {
+        return getSafeString(ATTRIBUTE_OAUTH_TOKEN);
+    }
+}
--- a/src/main/de/devloop/mavor/annotation/AuthenticationRequired.java
+++ b/src/main/de/devloop/mavor/annotation/AuthenticationRequired.java
@ -0,0 +1,12 @@
+package de.devloop.mavor.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target(ElementType.TYPE)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface AuthenticationRequired {
+    
+}
--- a/src/main/de/devloop/mavor/servlet/Authentication.java
+++ b/src/main/de/devloop/mavor/servlet/Authentication.java
@ -0,0 +1,54 @@
+package de.devloop.mavor.servlet;
+
+import java.io.IOException;
+
+import de.devloop.mavor.Session;
+import de.devloop.openid.AuthenticationUrl;
+import de.devloop.openid.OpenID;
+import de.devloop.openid.OpenIdRequestException;
+import de.devloop.openid.Token;
+import de.devloop.openid.UserInfo;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.annotation.WebServlet;
+import jakarta.servlet.http.HttpServlet;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+@WebServlet("/authenticate")
+public class Authentication extends HttpServlet {
+
+    private static final String PARAMETER_STATE = "state";
+    private static final String PARAMETER_CODE = "code";
+
+    @Override
+    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        Session session = new Session(req.getSession(true));
+
+        OpenID openID = new OpenID();
+
+        if (req.getParameter(PARAMETER_STATE) != null && req.getParameter(PARAMETER_CODE) != null) {
+            if (req.getParameter(PARAMETER_STATE).equals(session.getOAuthState())) {
+                session.clearOAuthState();
+
+                Token token;
+                UserInfo userInfo;
+                try {
+                    token = openID.requestToken(req.getParameter(PARAMETER_CODE));
+                    userInfo = openID.requestUserInfo(token);
+                } catch (OpenIdRequestException e) {
+                    throw new ServletException("Login failed", e);
+                }
+                
+                session.setOAuthToken(token.getAccessToken());
+                session.setUsername(userInfo.getEmail());
+                resp.sendRedirect("/mavor/");
+            } else {
+                throw new ServletException("OpenID state mismatch!");
+            }
+        } else {
+            AuthenticationUrl authenticationUrl = openID.getAuthenticationUrl();
+            session.setOAuthState(authenticationUrl.getState());
+            resp.sendRedirect(authenticationUrl.getUrl());
+        }
+    }
+}
--- a/src/main/de/devloop/mavor/servlet/Download.java
+++ b/src/main/de/devloop/mavor/servlet/Download.java
@ -0,0 +1,40 @@
+package de.devloop.mavor.servlet;
+
+import java.io.IOException;
+import java.io.PrintStream;
+
+import org.apache.maven.cli.MavenCli;
+
+import de.devloop.mavor.AuthenticatedServlet;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.annotation.WebServlet;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+@WebServlet("/download")
+public class Download extends AuthenticatedServlet {
+
+    private static final String PARAMETER_SITE = "site";
+    private static final String PARAMETER_GROUP_ID = "groupId";
+    private static final String PARAMETER_ARTEFACT_ID = "artefactId";
+    private static final String PARAMETER_VERSION = "version";
+
+    @Override
+    protected void doAuthenticatedGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        String groupId = req.getParameter(PARAMETER_GROUP_ID);
+        String artifactId = req.getParameter(PARAMETER_ARTEFACT_ID);
+        String version = req.getParameter(PARAMETER_VERSION);
+
+        PrintStream out = new PrintStream(resp.getOutputStream());
+
+        MavenCli cli = new MavenCli();
+        System.setProperty("maven.multiModuleProjectDirectory", "/home/damage/Temp");
+        cli.doMain(new String[]{"dependency:copy", "-Dartifact=com.google.code.gson:gson:2.11.0", "-DoutputDirectory=/home/damage/Temp"}, "/home/damage/Temp", out, out);
+
+        //RequestDispatcher view = req.getRequestDispatcher("/download.jsp");
+        
+
+        //view.forward(req, resp);
+
+    }
+}
--- a/src/main/de/devloop/mavor/servlet/Logout.java
+++ b/src/main/de/devloop/mavor/servlet/Logout.java
@ -0,0 +1,24 @@
+package de.devloop.mavor.servlet;
+
+import java.io.IOException;
+
+import jakarta.servlet.ServletException;
+import jakarta.servlet.annotation.WebServlet;
+import jakarta.servlet.http.HttpServlet;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpSession;
+
+@WebServlet("/logout")
+public class Logout extends HttpServlet {
+    private static final String OAUTH_LOGOUT_URL = "https://auth.devloop.de/application/o/devloop-mavor/end-session/";
+
+    @Override
+    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        HttpSession httpSession = req.getSession();
+        if (httpSession != null) {
+            httpSession.invalidate();
+        }
+        resp.sendRedirect(OAUTH_LOGOUT_URL);
+    }
+}
--- a/src/main/de/devloop/mavor/servlet/Main.java
+++ b/src/main/de/devloop/mavor/servlet/Main.java
@ -0,0 +1,22 @@
+package de.devloop.mavor.servlet;
+
+import java.io.IOException;
+
+import de.devloop.mavor.AuthenticatedServlet;
+import jakarta.servlet.RequestDispatcher;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.annotation.WebServlet;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+@WebServlet("")
+public class Main extends AuthenticatedServlet {
+
+    @Override
+    protected void doAuthenticatedGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        req.setAttribute("username", session.getUsername());
+        RequestDispatcher view = req.getRequestDispatcher("/main.jsp");
+        
+        view.forward(req, resp);
+    }    
+}
--- a/src/main/de/devloop/openid/AuthenticationUrl.java
+++ b/src/main/de/devloop/openid/AuthenticationUrl.java
@ -0,0 +1,19 @@
+package de.devloop.openid;
+
+public class AuthenticationUrl {
+    private String url;
+    private String state;
+
+    public AuthenticationUrl(String url, String state) {
+        this.url = url;
+        this.state = state;
+    }
+
+    public String getUrl() {
+        return url;
+    }    
+
+    public String getState() {
+        return state;
+    }
+}
--- a/src/main/de/devloop/openid/OpenID.java
+++ b/src/main/de/devloop/openid/OpenID.java
@ -0,0 +1,102 @@
+package de.devloop.openid;
+
+import java.io.IOException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.net.URLEncoder;
+import java.net.http.HttpClient;
+import java.net.http.HttpRequest;
+import java.net.http.HttpRequest.BodyPublishers;
+import java.net.http.HttpResponse;
+import java.net.http.HttpResponse.BodyHandlers;
+import java.nio.charset.StandardCharsets;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import com.google.gson.Gson;
+
+public class OpenID {
+    private static final String CLIENT_ID = "vP9xF2s1yy2n6sR05jV6dguyMeOvIxCg1GarV71O";
+    private static final String CLIENT_SECRET = "PrwGSMcucxYPkOdrb23jddWqyn31vphrxCUu9MGdLTCUnbk0OJI5oWCvO0khVhcnJNDbJaKWxNMxaC4bJ92jy8bDjtG6oaWG37qhuLRPMh5DKluZxsCMmCvQ8f9ZQckZ";
+
+    private static final String REDIRECT_URL = "http://localhost:8080/mavor/authenticate";
+
+    private static final String OAUTH_AUTH_URL = "https://auth.devloop.de/application/o/authorize/";
+    private static final String OAUTH_TOKEN_URL = "https://auth.devloop.de/application/o/token/";
+    private static final String OAUTH_USERINFO_URL = "https://auth.devloop.de/application/o/userinfo/";
+
+    public AuthenticationUrl getAuthenticationUrl() {
+        String state = UUID.randomUUID().toString();
+        String url = String.format("%s?response_type=code&client_id=%s&redirect_uri=%s&state=%s&scope=openid email", OAUTH_AUTH_URL, CLIENT_ID, REDIRECT_URL, state);
+        return new AuthenticationUrl(url, state);
+    }
+
+    private URI getUriObject(String url) throws OpenIdRequestException {
+        try {
+            return new URI(url);
+        } catch (URISyntaxException e) {
+            throw new OpenIdRequestException(String.format("Invalid URL: '%s'", url), e);
+        }
+    }
+
+    public Token requestToken(String code) throws OpenIdRequestException {
+        URI tokenUrl = getUriObject(OAUTH_TOKEN_URL);
+        HashMap<String, String> tokenParameter = new HashMap<>();
+        tokenParameter.put("grant_type", "authorization_code");
+        tokenParameter.put("client_id", CLIENT_ID);
+        tokenParameter.put("client_secret", CLIENT_SECRET);
+        tokenParameter.put("code", code);
+        tokenParameter.put("redirect_uri", REDIRECT_URL);
+
+        HttpRequest tokenRequest = HttpRequest.newBuilder()
+            .uri(tokenUrl)
+            .header("Content-Type", "application/x-www-form-urlencoded")
+            .header("Accept", "application/json")
+            .POST(BodyPublishers.ofString(getFormDataAsString(tokenParameter)))
+            .build();
+        HttpClient tokenClient = HttpClient.newHttpClient();
+        HttpResponse<String> tokenResponse;
+        try {
+            tokenResponse = tokenClient.send(tokenRequest, BodyHandlers.ofString());
+        } catch (IOException | InterruptedException e) {
+            throw new OpenIdRequestException("Requesting access token failed", e);
+        }
+
+        Gson gson = new Gson();
+        return gson.fromJson(tokenResponse.body(), Token.class);
+    }
+
+    public UserInfo requestUserInfo(Token token) throws OpenIdRequestException {
+        URI userInfoUrl = getUriObject(OAUTH_USERINFO_URL);
+        HttpRequest userInfoRequest = HttpRequest.newBuilder()
+            .uri(userInfoUrl)
+            .header("Accept", "application/json")
+            .header("Authorization", "Bearer " + token.getAccessToken())
+            .GET()
+            .build();
+        HttpClient userInfoClient = HttpClient.newHttpClient();
+        HttpResponse<String> userInfoResponse;
+        try {
+            userInfoResponse = userInfoClient.send(userInfoRequest, BodyHandlers.ofString());
+        } catch (IOException | InterruptedException e) {
+            throw new OpenIdRequestException("Requesting user info failed", e);
+        }
+
+        Gson gson = new Gson();
+        return gson.fromJson(userInfoResponse.body(), UserInfo.class);
+    }
+
+    private String getFormDataAsString(Map<String, String> formData) {
+        StringBuilder formBodyBuilder = new StringBuilder();
+        for (Map.Entry<String, String> singleEntry : formData.entrySet()) {
+            if (formBodyBuilder.length() > 0) {
+                formBodyBuilder.append("&");
+            }
+            formBodyBuilder.append(URLEncoder.encode(singleEntry.getKey(), StandardCharsets.UTF_8));
+            formBodyBuilder.append("=");
+            formBodyBuilder.append(URLEncoder.encode(singleEntry.getValue(), StandardCharsets.UTF_8));
+        }
+        return formBodyBuilder.toString();
+    }
+}
--- a/src/main/de/devloop/openid/OpenIdRequestException.java
+++ b/src/main/de/devloop/openid/OpenIdRequestException.java
@ -0,0 +1,7 @@
+package de.devloop.openid;
+
+public class OpenIdRequestException extends Exception {
+    public OpenIdRequestException(String message, Throwable cause) {
+        super(message, cause);
+    }
+}
--- a/src/main/de/devloop/openid/Token.java
+++ b/src/main/de/devloop/openid/Token.java
@ -0,0 +1,18 @@
+package de.devloop.openid;
+
+import com.google.gson.annotations.SerializedName;
+
+public class Token {
+    
+    @SerializedName("access_token")
+    private String accessToken;
+
+    public String getAccessToken() {
+        return accessToken;
+    }
+
+    public void setAccessToken(String accessToken) {
+        this.accessToken = accessToken;
+    }
+
+}
--- a/src/main/de/devloop/openid/UserInfo.java
+++ b/src/main/de/devloop/openid/UserInfo.java
@ -0,0 +1,15 @@
+package de.devloop.openid;
+
+public class UserInfo {
+    
+    private String email;
+
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+}
--- a/src/main/webapp/WEB-INF/web.xml
+++ b/src/main/webapp/WEB-INF/web.xml
@ -0,0 +1,12 @@
+<!DOCTYPE web-app PUBLIC
+ "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
+ "http://java.sun.com/dtd/web-app_2_3.dtd" >
+
+<web-app>
+  <display-name>Archetype Created Web Application</display-name>
+
+  <error-page>
+    <error-code>403</error-code>
+    <location>/authenticate</location>
+  </error-page>
+</web-app>
--- a/src/main/webapp/download.jsp
+++ b/src/main/webapp/download.jsp
@ -0,0 +1,8 @@
+<%@ taglib uri="jakarta.tags.core" prefix="c" %>
+<%@ page isELIgnored="false" %> 
+<html>
+    <body style="background-color:black; color:white">
+        Downloading ${foo}<br/>
+        <a href="/mavor/logout">logout</a>
+    </body>
+</html>
--- a/src/main/webapp/main.jsp
+++ b/src/main/webapp/main.jsp
@ -0,0 +1,15 @@
+<%@ taglib uri="jakarta.tags.core" prefix="c" %>
+<%@ page isELIgnored="false" %> 
+<html>
+<body style="background-color:black; color:white">
+<h2>Hello ${username}</h2>
+<form method="get" action="/mavor/download">
+    Site: <input type="text" name="site" value="https://source.devloop.de/api/packages/damage/maven/" /><br/>
+    Group ID: <input type="text" name="groupId" value="de.svenkubiak"/><br/>
+    Artifact ID: <input type="text" name="artifactId" value="jpushover11"/><br/>
+    Version: <input type="text" name="version" value="7.0.4"/><br/>
+    <input type="submit"/>
+</form>
+<a href="/mavor/logout">logout</a>
+</body>
+</html>