#305 UserSessionData bean to provide stateful session data

2017-01-05 17:28:53 -05:00
parent dcab7d8abd
commit 00eeae911d
3 changed files with 46 additions and 4 deletions
--- a/webgoat-container/src/main/java/org/owasp/webgoat/WebGoat.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/WebGoat.java
@ -36,10 +36,7 @@ import org.owasp.webgoat.plugins.PluginClassLoader;
 import org.owasp.webgoat.plugins.PluginEndpointPublisher;
 import org.owasp.webgoat.plugins.PluginsExtractor;
 import org.owasp.webgoat.plugins.PluginsLoader;
-import org.owasp.webgoat.session.Course;
-import org.owasp.webgoat.session.UserTracker;
-import org.owasp.webgoat.session.WebSession;
-import org.owasp.webgoat.session.WebgoatContext;
+import org.owasp.webgoat.session.*;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.SpringApplication;
@ -87,6 +84,12 @@ public class WebGoat extends SpringBootServletInitializer {
        return new WebSession(webgoatContext);
    }

+    @Bean
+    @Scope(value = "session", proxyMode = ScopedProxyMode.TARGET_CLASS)
+    public UserSessionData userSessionData() {
+        return new UserSessionData("test","data");
+    }
+
    @Bean
    public PluginEndpointPublisher pluginEndpointPublisher(ApplicationContext applicationContext) {
        return new PluginEndpointPublisher(applicationContext);
--- a/webgoat-container/src/main/java/org/owasp/webgoat/endpoints/AssignmentEndpoint.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/endpoints/AssignmentEndpoint.java
@ -26,6 +26,7 @@
 package org.owasp.webgoat.endpoints;

 import org.owasp.webgoat.lessons.AttackResult;
+import org.owasp.webgoat.session.UserSessionData;
 import org.owasp.webgoat.session.UserTracker;
 import org.owasp.webgoat.session.WebSession;
 import org.springframework.beans.factory.annotation.Autowired;
@ -47,6 +48,8 @@ public abstract class AssignmentEndpoint extends Endpoint {
    private UserTracker userTracker;
    @Autowired
 	private WebSession webSession;
+    @Autowired
+    private UserSessionData userSessionData;

  
 	//// TODO: 11/13/2016 events better fit?
@ -63,6 +66,10 @@ public abstract class AssignmentEndpoint extends Endpoint {
  		return webSession;
  	}

+  	protected UserSessionData getUserSessionData() {
+        return userSessionData;
+    }
+
    @Override
    public final String getPath() {
        return this.getClass().getAnnotationsByType(Path.class)[0].value();
--- a/webgoat-container/src/main/java/org/owasp/webgoat/session/UserSessionData.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/session/UserSessionData.java
@ -0,0 +1,32 @@
+package org.owasp.webgoat.session;
+
+import java.util.HashMap;
+
+/**
+ * Created by jason on 1/4/17.
+ */
+public class UserSessionData {
+
+    private HashMap<String,String> userSessionData = new HashMap<>();
+
+    public UserSessionData() {
+    }
+
+    public UserSessionData(String key, String value) {
+        setValue(key,value);
+    }
+
+    //GETTERS & SETTERS
+    public String getValue(String key) {
+        return userSessionData.get(key);
+    }
+
+    public void setValue(String key, String value) {
+        if (userSessionData.containsKey(key)) {
+            userSessionData.replace(key,value);
+        } else {
+            userSessionData.put(key,value);
+        }
+    }
+
+}