Code style (#696)
* Remove Guava dependency from WebGoat * Add Checkstyle to the project with very basic standards so we have a style across lessons. It does not interfere with basic Intellij formatting
This commit is contained in:
Nanne Baars
committed by
René Zubcevic
René Zubcevic
parent
66bd1d8c1a
commit
1a83e2825e
@ -1,7 +1,5 @@
|
||||
package org.owasp.webgoat.missing_ac;
|
||||
|
||||
|
||||
import lombok.Getter;
|
||||
import org.owasp.webgoat.users.WebGoatUser;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
@ -32,10 +30,8 @@ import java.util.Base64;
|
||||
* Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software
|
||||
* projects.
|
||||
* <p>
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
public class DisplayUser {
|
||||
//intended to provide a display version of WebGoatUser for admins to view user attributes
|
||||
|
||||
@ -63,7 +59,7 @@ public class DisplayUser {
|
||||
|
||||
}
|
||||
|
||||
protected String genUserHash (String username, String password) throws Exception {
|
||||
protected String genUserHash(String username, String password) throws Exception {
|
||||
MessageDigest md = MessageDigest.getInstance("SHA-256");
|
||||
// salting is good, but static & too predictable ... short too for a salt
|
||||
String salted = password + "DeliberatelyInsecure1234" + username;
|
||||
|
||||
@ -22,23 +22,14 @@
|
||||
|
||||
package org.owasp.webgoat.missing_ac;
|
||||
|
||||
import com.google.common.collect.Lists;
|
||||
import org.owasp.webgoat.assignments.AssignmentEndpoint;
|
||||
import org.owasp.webgoat.assignments.AssignmentHints;
|
||||
import org.owasp.webgoat.assignments.AssignmentPath;
|
||||
import org.owasp.webgoat.assignments.AttackResult;
|
||||
import org.owasp.webgoat.session.UserSessionData;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
|
||||
import java.util.Map;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
/**
|
||||
* Created by jason on 1/5/17.
|
||||
|
||||
@ -58,7 +58,6 @@ public class Users {
|
||||
|
||||
if ((results != null) && (results.first() == true)) {
|
||||
while (results.next()) {
|
||||
int id = results.getInt(0);
|
||||
HashMap<String, String> userMap = new HashMap<>();
|
||||
userMap.put("first", results.getString(1));
|
||||
userMap.put("last", results.getString(2));
|
||||
@ -66,7 +65,7 @@ public class Users {
|
||||
userMap.put("ccType", results.getString(4));
|
||||
userMap.put("cookie", results.getString(5));
|
||||
userMap.put("loginCount", Integer.toString(results.getInt(6)));
|
||||
allUsersMap.put(id, userMap);
|
||||
allUsersMap.put(results.getInt(0), userMap);
|
||||
}
|
||||
userSessionData.setValue("allUsers", allUsersMap);
|
||||
return allUsersMap;
|
||||
|
||||
Reference in New Issue
Block a user