dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Renamed to passwordreset

Browse Source
This commit is contained in:
Àngel Ollé Blázquez 2022-07-30 20:16:54 +02:00
parent 4f911c64a1
commit 37d684fdd3
28 changed files with 20 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/org/owasp/webgoat/lessons/password_reset/PasswordReset.java → src/main/java/org/owasp/webgoat/lessons/passwordreset/PasswordReset.java
View File

@ -20,7 +20,7 @@
* Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects. * Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects.
*/ */
package org.owasp.webgoat.lessons.password_reset; package org.owasp.webgoat.lessons.passwordreset;
import org.owasp.webgoat.container.lessons.Category; import org.owasp.webgoat.container.lessons.Category;
import org.owasp.webgoat.container.lessons.Lesson; import org.owasp.webgoat.container.lessons.Lesson;

2
src/main/java/org/owasp/webgoat/lessons/password_reset/PasswordResetEmail.java → src/main/java/org/owasp/webgoat/lessons/passwordreset/PasswordResetEmail.java
View File

@ -20,7 +20,7 @@
* Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects. * Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects.
*/ */
package org.owasp.webgoat.lessons.password_reset; package org.owasp.webgoat.lessons.passwordreset;
import lombok.Builder; import lombok.Builder;
import lombok.Data; import lombok.Data;

2
src/main/java/org/owasp/webgoat/lessons/password_reset/QuestionsAssignment.java → src/main/java/org/owasp/webgoat/lessons/passwordreset/QuestionsAssignment.java
View File

@ -20,7 +20,7 @@
* Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects. * Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects.
*/ */
package org.owasp.webgoat.lessons.password_reset; package org.owasp.webgoat.lessons.passwordreset;
import org.owasp.webgoat.container.assignments.AssignmentEndpoint; import org.owasp.webgoat.container.assignments.AssignmentEndpoint;
import org.owasp.webgoat.container.assignments.AttackResult; import org.owasp.webgoat.container.assignments.AttackResult;

6
src/main/java/org/owasp/webgoat/lessons/password_reset/ResetLinkAssignment.java → src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignment.java
View File

@ -20,13 +20,13 @@
* Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects. * Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects.
*/ */
package org.owasp.webgoat.lessons.password_reset; package org.owasp.webgoat.lessons.passwordreset;
import com.google.common.collect.Maps; import com.google.common.collect.Maps;
import org.owasp.webgoat.container.assignments.AssignmentEndpoint; import org.owasp.webgoat.container.assignments.AssignmentEndpoint;
import org.owasp.webgoat.container.assignments.AssignmentHints; import org.owasp.webgoat.container.assignments.AssignmentHints;
import org.owasp.webgoat.container.assignments.AttackResult; import org.owasp.webgoat.container.assignments.AttackResult;
import org.owasp.webgoat.lessons.password_reset.resetlink.PasswordChangeForm; import org.owasp.webgoat.lessons.passwordreset.resetlink.PasswordChangeForm;
import org.springframework.ui.Model; import org.springframework.ui.Model;
import org.springframework.validation.BindingResult; import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.GetMapping;
@ -120,7 +120,7 @@ public class ResetLinkAssignment extends AssignmentEndpoint {
if (checkIfLinkIsFromTom(form.getResetLink())) { if (checkIfLinkIsFromTom(form.getResetLink())) {
usersToTomPassword.put(getWebSession().getUserName(), form.getPassword()); usersToTomPassword.put(getWebSession().getUserName(), form.getPassword());
} }
modelAndView.setViewName("lessons/password_reset/templates/success.html"); modelAndView.setViewName("lessons/passwordreset/templates/success.html");
return modelAndView; return modelAndView;
} }

2
src/main/java/org/owasp/webgoat/lessons/password_reset/ResetLinkAssignmentForgotPassword.java → src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignmentForgotPassword.java
View File

@ -20,7 +20,7 @@
* Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects. * Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects.
*/ */
package org.owasp.webgoat.lessons.password_reset; package org.owasp.webgoat.lessons.passwordreset;
import org.owasp.webgoat.container.assignments.AssignmentEndpoint; import org.owasp.webgoat.container.assignments.AssignmentEndpoint;
import org.owasp.webgoat.container.assignments.AttackResult; import org.owasp.webgoat.container.assignments.AttackResult;

2
src/main/java/org/owasp/webgoat/lessons/password_reset/SecurityQuestionAssignment.java → src/main/java/org/owasp/webgoat/lessons/passwordreset/SecurityQuestionAssignment.java
View File

@ -20,7 +20,7 @@
* Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects. * Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects.
*/ */
package org.owasp.webgoat.lessons.password_reset; package org.owasp.webgoat.lessons.passwordreset;
import org.owasp.webgoat.container.assignments.AssignmentEndpoint; import org.owasp.webgoat.container.assignments.AssignmentEndpoint;
import org.owasp.webgoat.container.assignments.AttackResult; import org.owasp.webgoat.container.assignments.AttackResult;

2
src/main/java/org/owasp/webgoat/lessons/password_reset/SimpleMailAssignment.java → src/main/java/org/owasp/webgoat/lessons/passwordreset/SimpleMailAssignment.java
View File

@ -20,7 +20,7 @@
* Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects. * Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects.
*/ */
package org.owasp.webgoat.lessons.password_reset; package org.owasp.webgoat.lessons.passwordreset;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.owasp.webgoat.container.assignments.AssignmentEndpoint; import org.owasp.webgoat.container.assignments.AssignmentEndpoint;

2
src/main/java/org/owasp/webgoat/lessons/password_reset/TriedQuestions.java → src/main/java/org/owasp/webgoat/lessons/passwordreset/TriedQuestions.java
View File

@ -20,7 +20,7 @@
* Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects. * Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software projects.
*/ */
package org.owasp.webgoat.lessons.password_reset; package org.owasp.webgoat.lessons.passwordreset;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.web.context.annotation.SessionScope; import org.springframework.web.context.annotation.SessionScope;

2
src/main/java/org/owasp/webgoat/lessons/password_reset/resetlink/PasswordChangeForm.java → src/main/java/org/owasp/webgoat/lessons/passwordreset/resetlink/PasswordChangeForm.java
View File

@ -1,4 +1,4 @@
package org.owasp.webgoat.lessons.password_reset.resetlink; package org.owasp.webgoat.lessons.passwordreset.resetlink;
import lombok.Getter; import lombok.Getter;
import lombok.Setter; import lombok.Setter;

0
src/main/resources/lessons/password_reset/css/password.css → src/main/resources/lessons/passwordreset/css/password.css
View File

0
src/main/resources/lessons/password_reset/documentation/PasswordReset_SecurityQuestions.adoc → src/main/resources/lessons/passwordreset/documentation/PasswordReset_SecurityQuestions.adoc
View File

0
src/main/resources/lessons/password_reset/documentation/PasswordReset_host_header.adoc → src/main/resources/lessons/passwordreset/documentation/PasswordReset_host_header.adoc
View File

0
src/main/resources/lessons/password_reset/documentation/PasswordReset_known_questions.adoc → src/main/resources/lessons/passwordreset/documentation/PasswordReset_known_questions.adoc
View File

0
src/main/resources/lessons/password_reset/documentation/PasswordReset_mitigation.adoc → src/main/resources/lessons/passwordreset/documentation/PasswordReset_mitigation.adoc
View File

0
src/main/resources/lessons/password_reset/documentation/PasswordReset_plan.adoc → src/main/resources/lessons/passwordreset/documentation/PasswordReset_plan.adoc
View File

0
src/main/resources/lessons/password_reset/documentation/PasswordReset_simple.adoc → src/main/resources/lessons/passwordreset/documentation/PasswordReset_simple.adoc
View File

0
src/main/resources/lessons/password_reset/documentation/PasswordReset_wrong_message.adoc → src/main/resources/lessons/passwordreset/documentation/PasswordReset_wrong_message.adoc
View File

14
src/main/resources/lessons/password_reset/html/PasswordReset.html → src/main/resources/lessons/passwordreset/html/PasswordReset.html
View File

@ -3,10 +3,10 @@
<html xmlns:th="http://www.thymeleaf.org"> <html xmlns:th="http://www.thymeleaf.org">
<div class="lesson-page-wrapper"> <div class="lesson-page-wrapper">
<div class="adoc-content" th:replace="doc:lessons/password_reset/documentation/PasswordReset_plan.adoc"></div> <div class="adoc-content" th:replace="doc:lessons/passwordreset/documentation/PasswordReset_plan.adoc"></div>
</div> </div>
<div class="lesson-page-wrapper"> <div class="lesson-page-wrapper">
<div class="adoc-content" th:replace="doc:lessons/password_reset/documentation/PasswordReset_simple.adoc"></div> <div class="adoc-content" th:replace="doc:lessons/passwordreset/documentation/PasswordReset_simple.adoc"></div>
<link rel="stylesheet" type="text/css" th:href="@{/lesson_css/password.css}"/> <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/password.css}"/>
<script th:src="@{/lesson_js/bootstrap.min.js}" language="JavaScript"></script> <script th:src="@{/lesson_js/bootstrap.min.js}" language="JavaScript"></script>
@ -90,11 +90,11 @@
</div> </div>
<div class="lesson-page-wrapper"> <div class="lesson-page-wrapper">
<div class="adoc-content" th:replace="doc:lessons/password_reset/documentation/PasswordReset_wrong_message.adoc"></div> <div class="adoc-content" th:replace="doc:lessons/passwordreset/documentation/PasswordReset_wrong_message.adoc"></div>
</div> </div>
<div class="lesson-page-wrapper"> <div class="lesson-page-wrapper">
<div class="adoc-content" th:replace="doc:lessons/password_reset/documentation/PasswordReset_known_questions.adoc"></div> <div class="adoc-content" th:replace="doc:lessons/passwordreset/documentation/PasswordReset_known_questions.adoc"></div>
<link rel="stylesheet" type="text/css" th:href="@{/lesson_css/password.css}"/> <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/password.css}"/>
<script th:src="@{/lesson_js/bootstrap.min.js}" language="JavaScript"></script> <script th:src="@{/lesson_js/bootstrap.min.js}" language="JavaScript"></script>
@ -138,7 +138,7 @@
</div> </div>
<div class="lesson-page-wrapper"> <div class="lesson-page-wrapper">
<div class="adoc-content" th:replace="doc:lessons/password_reset/documentation/PasswordReset_SecurityQuestions.adoc"></div> <div class="adoc-content" th:replace="doc:lessons/passwordreset/documentation/PasswordReset_SecurityQuestions.adoc"></div>
<div class="attack-container"> <div class="attack-container">
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div> <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
<form class="attack-form" accept-charset="UNKNOWN" <form class="attack-form" accept-charset="UNKNOWN"
@ -168,7 +168,7 @@
</div> </div>
<div class="lesson-page-wrapper"> <div class="lesson-page-wrapper">
<div class="adoc-content" th:replace="doc:lessons/password_reset/documentation/PasswordReset_host_header.adoc"></div> <div class="adoc-content" th:replace="doc:lessons/passwordreset/documentation/PasswordReset_host_header.adoc"></div>
<div class="attack-container"> <div class="attack-container">
<img th:src="@{/images/wolf-enabled.png}" class="webwolf-enabled"/> <img th:src="@{/images/wolf-enabled.png}" class="webwolf-enabled"/>
<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div> <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
@ -260,6 +260,6 @@
</div> </div>
<div class="lesson-page-wrapper"> <div class="lesson-page-wrapper">
<div class="adoc-content" th:replace="doc:lessons/password_reset/documentation/PasswordReset_mitigation.adoc"></div> <div class="adoc-content" th:replace="doc:lessons/passwordreset/documentation/PasswordReset_mitigation.adoc"></div>
</div> </div>
</html> </html>

0
src/main/resources/lessons/password_reset/i18n/WebGoatLabels.properties → src/main/resources/lessons/passwordreset/i18n/WebGoatLabels.properties
View File

0
src/main/resources/lessons/password_reset/images/reset1.png → src/main/resources/lessons/passwordreset/images/reset1.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 23 KiB

After

Width:  |  Height:  |  Size: 23 KiB

0
src/main/resources/lessons/password_reset/images/reset2.png → src/main/resources/lessons/passwordreset/images/reset2.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 20 KiB

After

Width:  |  Height:  |  Size: 20 KiB

0
src/main/resources/lessons/password_reset/images/slack1.png → src/main/resources/lessons/passwordreset/images/slack1.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 24 KiB

After

Width:  |  Height:  |  Size: 24 KiB

0
src/main/resources/lessons/password_reset/images/slack2.png → src/main/resources/lessons/passwordreset/images/slack2.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 24 KiB

After

Width:  |  Height:  |  Size: 24 KiB

0
src/main/resources/lessons/password_reset/js/password-reset-simple.js → src/main/resources/lessons/passwordreset/js/password-reset-simple.js
View File

0
src/main/resources/lessons/password_reset/templates/password_link_not_found.html → src/main/resources/lessons/passwordreset/templates/password_link_not_found.html
View File

0
src/main/resources/lessons/password_reset/templates/password_reset.html → src/main/resources/lessons/passwordreset/templates/password_reset.html
View File

0
src/main/resources/lessons/password_reset/templates/success.html → src/main/resources/lessons/passwordreset/templates/success.html
View File

3
src/test/java/org/owasp/webgoat/lessons/password_reset/SecurityQuestionAssignmentTest.java → src/test/java/org/owasp/webgoat/lessons/passwordreset/SecurityQuestionAssignmentTest.java
View File

@ -1,10 +1,11 @@
package org.owasp.webgoat.lessons.password_reset; package org.owasp.webgoat.lessons.passwordreset;
import org.hamcrest.CoreMatchers; import org.hamcrest.CoreMatchers;
import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith; import org.junit.jupiter.api.extension.ExtendWith;
import org.owasp.webgoat.container.plugins.LessonTest; import org.owasp.webgoat.container.plugins.LessonTest;
import org.owasp.webgoat.lessons.passwordreset.PasswordReset;
import org.springframework.mock.web.MockHttpSession; import org.springframework.mock.web.MockHttpSession;
import org.springframework.test.context.junit.jupiter.SpringExtension; import org.springframework.test.context.junit.jupiter.SpringExtension;
import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.MockMvc;