Skip to content
Snippets Groups Projects
Commit ffedb2b3 authored by Léo Banno-Cloutier's avatar Léo Banno-Cloutier
Browse files

fix: change User serialization

Change-Id: Iced4913e0739093f00718b579fc615111baabcc0
parent 827e46f3
No related branches found
No related tags found
No related merge requests found
......@@ -27,6 +27,8 @@ import lombok.Setter;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import com.google.gson.annotations.Expose;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
......@@ -34,6 +36,7 @@ import java.security.cert.X509Certificate;
@Setter
public class X509Entity {
private X509Certificate certificate;
@Expose(serialize = false)
private PrivateKey privateKey;
// These can be null because they are only used if this is a request.
private X509Fields x509Fields;
......
......@@ -36,6 +36,8 @@ import net.jami.jams.common.utils.X509Utils;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import com.google.gson.annotations.Expose;
@AllArgsConstructor
@NoArgsConstructor
@Getter
......@@ -43,14 +45,17 @@ import java.sql.ResultSet;
public class User extends X509Entity implements BlockchainEntity, DatabaseObject {
private String username;
@Expose(serialize = false)
private String password;
private AuthenticationSourceType userType;
private String realm; // sort of the domain.
private AccessLevel accessLevel = AccessLevel.USER;
private Boolean needsPasswordReset = false;
@Expose(serialize = false)
private String salt;
private String ethAddress;
@Expose(serialize = false)
private String ethKey;
private String jamiId;
......
......@@ -76,7 +76,7 @@ public class VersioningUtils {
log.info("Found version {} of {}", version, fileName);
} catch (Exception e1) {
log.error(
"Could detect version for file with error {}",
"Could not detect version for file with error {}",
e1.getMessage());
}
}
......
......@@ -65,6 +65,7 @@
"devDependencies": {
"@babel/core": "^7.11.6",
"@babel/plugin-proposal-private-property-in-object": "^7.21.11",
"@types/react-router-dom": "^5.3.3",
"babel-core": "^7.0.0-bridge.0",
"babel-plugin-i18next-extract": "^0.8.0",
"eslint-config-prettier": "6.11.0",
......
......@@ -85,13 +85,17 @@ public class UserServlet extends HttpServlet {
if (!user.getNeedsPasswordReset() && req.getParameter("needPW") != null) {
String pw = req.getParameter("password");
if (pw == null || pw.isEmpty()) {
resp.sendError(400, "Password is empty!");
return;
}
String password = PasswordUtil.hashPassword(pw, Base64.decodeBase64(user.getSalt()));
dataStore.getUserDao().updateObject(password, username);
user = dataStore.getUserDao().getByUsername(username).get();
user = dataStore.getUserDao().getByUsername(username).orElseThrow();
}
user.setPassword("");
user.setSalt("");
resp.getOutputStream().write(gson.toJson(user).getBytes());
resp.setStatus(200);
}
......
......@@ -25,6 +25,7 @@ package net.jami.jams.server.servlets.api.auth.contacts;
import static net.jami.jams.server.Server.dataStore;
import com.google.gson.Gson;
import com.google.gson.JsonObject;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
......@@ -37,16 +38,13 @@ import net.jami.jams.common.serialization.adapters.GsonFactory;
import net.jami.jams.common.serialization.tomcat.TomcatCustomErrorHandler;
import net.jami.jams.common.utils.ContactMerger;
import org.json.JSONObject;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import java.util.Scanner;
@WebServlet("/api/auth/contacts")
public class ContactServlet extends HttpServlet {
private final Gson gson = GsonFactory.createGson();
private static final Gson gson = GsonFactory.createGson();
/**
* @apiVersion 1.0.0
......@@ -83,19 +81,22 @@ public class ContactServlet extends HttpServlet {
@Override
protected void doPut(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
Scanner s = new Scanner(req.getInputStream()).useDelimiter("\\A");
String res = s.hasNext() ? s.next() : "";
final JSONObject obj = new JSONObject(res);
String owner = req.getAttribute("username").toString();
addContact(req, resp, owner);
}
public static void addContact(HttpServletRequest req, HttpServletResponse resp, String owner)
throws IOException {
JsonObject obj = gson.fromJson(req.getReader(), JsonObject.class);
// TODO: Replace with mergetool.
Contact contact = new Contact();
contact.setDisplayName(obj.get("displayName").toString());
contact.setTimestamp(System.currentTimeMillis() / 1000);
contact.setStatus('A');
contact.setOwner(req.getAttribute("username").toString());
contact.setOwner(owner);
contact.setUri(obj.get("uri").toString());
String owner = req.getAttribute("username").toString();
List<Contact> localList = dataStore.getContactDao().getByOwner(owner);
List<Contact> remoteList = List.of(contact);
......@@ -148,6 +149,11 @@ public class ContactServlet extends HttpServlet {
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
String owner = req.getAttribute("username").toString();
addContacts(req, resp, owner);
}
public static void addContacts(HttpServletRequest req, HttpServletResponse resp, String owner)
throws IOException {
List<Contact> localList = dataStore.getContactDao().getByOwner(owner);
List<Contact> remoteList = Arrays.asList(gson.fromJson(req.getReader(), Contact[].class));
......
......@@ -29,7 +29,7 @@
<maven.compiler.target>11</maven.compiler.target>
<maven.compiler.version>3.8.1</maven.compiler.version>
<java.version>11</java.version>
<bouncy.castle.version>1.65</bouncy.castle.version>
<bouncy.castle.version>1.70</bouncy.castle.version>
<lombok.version>1.18.28</lombok.version>
<log4j.version>1.7.30</log4j.version>
<jupiter.api.version>5.7.0-M1</jupiter.api.version>
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment