Adjust lesson template (#704)

* Remove method `getId()` from all lessons as it defaults to the class name * remove clean up endpoint * remove unused class `RequestParameter` * remove unused class `PluginLoadingFailure` * Move `CourseConfiguration` to lesson package * Add more content around the lesson template lesson and make it visible as a lesson in WebGoat * Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult` * Put original solution back as well for SQL string injection * review comments * Add
2019-11-17 13:39:56 +01:00
parent f40b6ffd31
commit 5dd6b31905
139 changed files with 769 additions and 870 deletions
--- a/webgoat-lessons/auth-bypass/src/main/java/org/owasp/webgoat/auth_bypass/AuthBypass.java
+++ b/webgoat-lessons/auth-bypass/src/main/java/org/owasp/webgoat/auth_bypass/AuthBypass.java
@ -38,10 +38,4 @@ public class AuthBypass extends Lesson {
    public String getTitle() {
        return "auth-bypass.title";
    }
-
-    @Override
-    public String getId() {
-        return "AuthBypass";
-    }
-
 }
--- a/webgoat-lessons/auth-bypass/src/main/java/org/owasp/webgoat/auth_bypass/VerifyAccount.java
+++ b/webgoat-lessons/auth-bypass/src/main/java/org/owasp/webgoat/auth_bypass/VerifyAccount.java
@ -24,7 +24,6 @@ package org.owasp.webgoat.auth_bypass;

 import org.owasp.webgoat.assignments.AssignmentEndpoint;
 import org.owasp.webgoat.assignments.AssignmentHints;
-import org.owasp.webgoat.assignments.AssignmentPath;
 import org.owasp.webgoat.assignments.AttackResult;
 import org.owasp.webgoat.session.UserSessionData;
 import org.owasp.webgoat.session.WebSession;
@ -61,22 +60,22 @@ public class VerifyAccount extends AssignmentEndpoint {
        AccountVerificationHelper verificationHelper = new AccountVerificationHelper();
        Map<String, String> submittedAnswers = parseSecQuestions(req);
        if (verificationHelper.didUserLikelylCheat((HashMap) submittedAnswers)) {
-            return trackProgress(failed()
+            return failed(this)
                    .feedback("verify-account.cheated")
                    .output("Yes, you guessed correctly, but see the feedback message")
-                    .build());
+                    .build();
        }

        // else
        if (verificationHelper.verifyAccount(Integer.valueOf(userId), (HashMap) submittedAnswers)) {
            userSessionData.setValue("account-verified-id", userId);
-            return trackProgress(success()
+            return success(this)
                    .feedback("verify-account.success")
-                    .build());
+                    .build();
        } else {
-            return trackProgress(failed()
+            return failed(this)
                    .feedback("verify-account.failed")
-                    .build());
+                    .build();
        }

    }