diff --git a/src/main/java/org/owasp/webgoat/container/assignments/AssignmentEndpoint.java b/src/main/java/org/owasp/webgoat/container/assignments/AssignmentEndpoint.java index da3edbab5..9f81039fe 100644 --- a/src/main/java/org/owasp/webgoat/container/assignments/AssignmentEndpoint.java +++ b/src/main/java/org/owasp/webgoat/container/assignments/AssignmentEndpoint.java @@ -25,4 +25,4 @@ package org.owasp.webgoat.container.assignments; -public abstract class AssignmentEndpoint {} +public interface AssignmentEndpoint {} diff --git a/src/main/java/org/owasp/webgoat/container/assignments/AttackResult.java b/src/main/java/org/owasp/webgoat/container/assignments/AttackResult.java index 2473533f4..e9fcd1196 100644 --- a/src/main/java/org/owasp/webgoat/container/assignments/AttackResult.java +++ b/src/main/java/org/owasp/webgoat/container/assignments/AttackResult.java @@ -41,7 +41,7 @@ public class AttackResult { private final String assignment; private boolean attemptWasMade; - public AttackResult( + private AttackResult( boolean lessonCompleted, String feedback, String output, diff --git a/src/main/java/org/owasp/webgoat/container/assignments/AttackResultBuilder.java b/src/main/java/org/owasp/webgoat/container/assignments/AttackResultBuilder.java index b7367dcdc..99e06a5cd 100644 --- a/src/main/java/org/owasp/webgoat/container/assignments/AttackResultBuilder.java +++ b/src/main/java/org/owasp/webgoat/container/assignments/AttackResultBuilder.java @@ -96,14 +96,6 @@ public class AttackResultBuilder { * @return a builder for creating a result from a lesson * @param assignment */ - public AttackResultBuilder oldSuccess(AssignmentEndpoint assignment) { - return this.lessonCompleted(true) - .assignmentCompleted(true) - .attemptWasMade() - .feedback("assignment.solved") - .assignment(assignment); - } - public static AttackResultBuilder success(AssignmentEndpoint assignment) { return new AttackResultBuilder() .lessonCompleted(true) diff --git a/src/main/java/org/owasp/webgoat/lessons/authbypass/VerifyAccount.java b/src/main/java/org/owasp/webgoat/lessons/authbypass/VerifyAccount.java index 8210e459f..41e6e4e0c 100644 --- a/src/main/java/org/owasp/webgoat/lessons/authbypass/VerifyAccount.java +++ b/src/main/java/org/owasp/webgoat/lessons/authbypass/VerifyAccount.java @@ -49,7 +49,7 @@ import org.springframework.web.bind.annotation.RestController; "auth-bypass.hints.verify.3", "auth-bypass.hints.verify.4" }) -public class VerifyAccount extends AssignmentEndpoint { +public class VerifyAccount implements AssignmentEndpoint { private final LessonSession userSessionData; diff --git a/src/main/java/org/owasp/webgoat/lessons/bypassrestrictions/BypassRestrictionsFieldRestrictions.java b/src/main/java/org/owasp/webgoat/lessons/bypassrestrictions/BypassRestrictionsFieldRestrictions.java index 0178d5a2a..9f28f2305 100644 --- a/src/main/java/org/owasp/webgoat/lessons/bypassrestrictions/BypassRestrictionsFieldRestrictions.java +++ b/src/main/java/org/owasp/webgoat/lessons/bypassrestrictions/BypassRestrictionsFieldRestrictions.java @@ -33,7 +33,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class BypassRestrictionsFieldRestrictions extends AssignmentEndpoint { +public class BypassRestrictionsFieldRestrictions implements AssignmentEndpoint { @PostMapping("/BypassRestrictions/FieldRestrictions") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/bypassrestrictions/BypassRestrictionsFrontendValidation.java b/src/main/java/org/owasp/webgoat/lessons/bypassrestrictions/BypassRestrictionsFrontendValidation.java index cbf2f3948..71f200228 100644 --- a/src/main/java/org/owasp/webgoat/lessons/bypassrestrictions/BypassRestrictionsFrontendValidation.java +++ b/src/main/java/org/owasp/webgoat/lessons/bypassrestrictions/BypassRestrictionsFrontendValidation.java @@ -33,7 +33,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class BypassRestrictionsFrontendValidation extends AssignmentEndpoint { +public class BypassRestrictionsFrontendValidation implements AssignmentEndpoint { @PostMapping("/BypassRestrictions/frontendValidation") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/challenges/FlagController.java b/src/main/java/org/owasp/webgoat/lessons/challenges/FlagController.java index d7af3d9df..81bb924d6 100644 --- a/src/main/java/org/owasp/webgoat/lessons/challenges/FlagController.java +++ b/src/main/java/org/owasp/webgoat/lessons/challenges/FlagController.java @@ -34,7 +34,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class FlagController extends AssignmentEndpoint { +public class FlagController implements AssignmentEndpoint { private final Flags flags; diff --git a/src/main/java/org/owasp/webgoat/lessons/challenges/challenge1/Assignment1.java b/src/main/java/org/owasp/webgoat/lessons/challenges/challenge1/Assignment1.java index 84456ff31..0b79c0b16 100644 --- a/src/main/java/org/owasp/webgoat/lessons/challenges/challenge1/Assignment1.java +++ b/src/main/java/org/owasp/webgoat/lessons/challenges/challenge1/Assignment1.java @@ -43,7 +43,7 @@ import org.springframework.web.bind.annotation.RestController; * @since August 11, 2016 */ @RestController -public class Assignment1 extends AssignmentEndpoint { +public class Assignment1 implements AssignmentEndpoint { private final Flags flags; diff --git a/src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java b/src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java index d1d00b854..db52392bf 100644 --- a/src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java +++ b/src/main/java/org/owasp/webgoat/lessons/challenges/challenge5/Assignment5.java @@ -42,7 +42,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @Slf4j @RequiredArgsConstructor -public class Assignment5 extends AssignmentEndpoint { +public class Assignment5 implements AssignmentEndpoint { private final LessonDataSource dataSource; private final Flags flags; diff --git a/src/main/java/org/owasp/webgoat/lessons/challenges/challenge7/Assignment7.java b/src/main/java/org/owasp/webgoat/lessons/challenges/challenge7/Assignment7.java index 96c0c9bda..fab9d7482 100644 --- a/src/main/java/org/owasp/webgoat/lessons/challenges/challenge7/Assignment7.java +++ b/src/main/java/org/owasp/webgoat/lessons/challenges/challenge7/Assignment7.java @@ -31,7 +31,7 @@ import org.springframework.web.client.RestTemplate; */ @RestController @Slf4j -public class Assignment7 extends AssignmentEndpoint { +public class Assignment7 implements AssignmentEndpoint { public static final String ADMIN_PASSWORD_LINK = "375afe1104f4a487a73823c50a9292a2"; diff --git a/src/main/java/org/owasp/webgoat/lessons/challenges/challenge8/Assignment8.java b/src/main/java/org/owasp/webgoat/lessons/challenges/challenge8/Assignment8.java index 6623ea1a0..0bf9edeb9 100644 --- a/src/main/java/org/owasp/webgoat/lessons/challenges/challenge8/Assignment8.java +++ b/src/main/java/org/owasp/webgoat/lessons/challenges/challenge8/Assignment8.java @@ -19,7 +19,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @Slf4j @RequiredArgsConstructor -public class Assignment8 extends AssignmentEndpoint { +public class Assignment8 implements AssignmentEndpoint { private static final Map votes = new HashMap<>(); diff --git a/src/main/java/org/owasp/webgoat/lessons/chromedevtools/NetworkDummy.java b/src/main/java/org/owasp/webgoat/lessons/chromedevtools/NetworkDummy.java index 491c2d7a7..cff6ab647 100644 --- a/src/main/java/org/owasp/webgoat/lessons/chromedevtools/NetworkDummy.java +++ b/src/main/java/org/owasp/webgoat/lessons/chromedevtools/NetworkDummy.java @@ -40,7 +40,7 @@ import org.springframework.web.bind.annotation.RestController; * @since 30.11.18 */ @RestController -public class NetworkDummy extends AssignmentEndpoint { +public class NetworkDummy implements AssignmentEndpoint { private final LessonSession lessonSession; diff --git a/src/main/java/org/owasp/webgoat/lessons/chromedevtools/NetworkLesson.java b/src/main/java/org/owasp/webgoat/lessons/chromedevtools/NetworkLesson.java index 817e20dbc..106c03ceb 100644 --- a/src/main/java/org/owasp/webgoat/lessons/chromedevtools/NetworkLesson.java +++ b/src/main/java/org/owasp/webgoat/lessons/chromedevtools/NetworkLesson.java @@ -43,7 +43,7 @@ import org.springframework.web.bind.annotation.RestController; */ @RestController @AssignmentHints({"networkHint1", "networkHint2"}) -public class NetworkLesson extends AssignmentEndpoint { +public class NetworkLesson implements AssignmentEndpoint { @PostMapping( value = "/ChromeDevTools/network", diff --git a/src/main/java/org/owasp/webgoat/lessons/cia/CIAQuiz.java b/src/main/java/org/owasp/webgoat/lessons/cia/CIAQuiz.java index 377c12a2c..35d462d24 100644 --- a/src/main/java/org/owasp/webgoat/lessons/cia/CIAQuiz.java +++ b/src/main/java/org/owasp/webgoat/lessons/cia/CIAQuiz.java @@ -12,7 +12,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class CIAQuiz extends AssignmentEndpoint { +public class CIAQuiz implements AssignmentEndpoint { private final String[] solutions = {"Solution 3", "Solution 1", "Solution 4", "Solution 2"}; boolean[] guesses = new boolean[solutions.length]; diff --git a/src/main/java/org/owasp/webgoat/lessons/clientsidefiltering/ClientSideFilteringAssignment.java b/src/main/java/org/owasp/webgoat/lessons/clientsidefiltering/ClientSideFilteringAssignment.java index f786deb54..6dcb154c8 100644 --- a/src/main/java/org/owasp/webgoat/lessons/clientsidefiltering/ClientSideFilteringAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/clientsidefiltering/ClientSideFilteringAssignment.java @@ -40,7 +40,7 @@ import org.springframework.web.bind.annotation.RestController; "ClientSideFilteringHint3", "ClientSideFilteringHint4" }) -public class ClientSideFilteringAssignment extends AssignmentEndpoint { +public class ClientSideFilteringAssignment implements AssignmentEndpoint { @PostMapping("/clientSideFiltering/attack1") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/clientsidefiltering/ClientSideFilteringFreeAssignment.java b/src/main/java/org/owasp/webgoat/lessons/clientsidefiltering/ClientSideFilteringFreeAssignment.java index 9bd11d61b..bc4a66ca1 100644 --- a/src/main/java/org/owasp/webgoat/lessons/clientsidefiltering/ClientSideFilteringFreeAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/clientsidefiltering/ClientSideFilteringFreeAssignment.java @@ -43,7 +43,7 @@ import org.springframework.web.bind.annotation.RestController; "client.side.filtering.free.hint2", "client.side.filtering.free.hint3" }) -public class ClientSideFilteringFreeAssignment extends AssignmentEndpoint { +public class ClientSideFilteringFreeAssignment implements AssignmentEndpoint { public static final String SUPER_COUPON_CODE = "get_it_for_free"; @PostMapping("/clientSideFiltering/getItForFree") diff --git a/src/main/java/org/owasp/webgoat/lessons/cryptography/EncodingAssignment.java b/src/main/java/org/owasp/webgoat/lessons/cryptography/EncodingAssignment.java index 23546e4ca..4df2b97e2 100644 --- a/src/main/java/org/owasp/webgoat/lessons/cryptography/EncodingAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/cryptography/EncodingAssignment.java @@ -38,7 +38,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class EncodingAssignment extends AssignmentEndpoint { +public class EncodingAssignment implements AssignmentEndpoint { public static String getBasicAuth(String username, String password) { return Base64.getEncoder().encodeToString(username.concat(":").concat(password).getBytes()); diff --git a/src/main/java/org/owasp/webgoat/lessons/cryptography/HashingAssignment.java b/src/main/java/org/owasp/webgoat/lessons/cryptography/HashingAssignment.java index dde490858..19f00b748 100644 --- a/src/main/java/org/owasp/webgoat/lessons/cryptography/HashingAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/cryptography/HashingAssignment.java @@ -42,7 +42,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints({"crypto-hashing.hints.1", "crypto-hashing.hints.2"}) -public class HashingAssignment extends AssignmentEndpoint { +public class HashingAssignment implements AssignmentEndpoint { public static final String[] SECRETS = {"secret", "admin", "password", "123456", "passw0rd"}; @RequestMapping(path = "/crypto/hashing/md5", produces = MediaType.TEXT_HTML_VALUE) diff --git a/src/main/java/org/owasp/webgoat/lessons/cryptography/SecureDefaultsAssignment.java b/src/main/java/org/owasp/webgoat/lessons/cryptography/SecureDefaultsAssignment.java index 01cad0b34..d30708bbc 100644 --- a/src/main/java/org/owasp/webgoat/lessons/cryptography/SecureDefaultsAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/cryptography/SecureDefaultsAssignment.java @@ -40,7 +40,7 @@ import org.springframework.web.bind.annotation.RestController; "crypto-secure-defaults.hints.2", "crypto-secure-defaults.hints.3" }) -public class SecureDefaultsAssignment extends AssignmentEndpoint { +public class SecureDefaultsAssignment implements AssignmentEndpoint { @PostMapping("/crypto/secure/defaults") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/cryptography/SigningAssignment.java b/src/main/java/org/owasp/webgoat/lessons/cryptography/SigningAssignment.java index 64d62c481..7a27cae61 100644 --- a/src/main/java/org/owasp/webgoat/lessons/cryptography/SigningAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/cryptography/SigningAssignment.java @@ -50,7 +50,7 @@ import org.springframework.web.bind.annotation.RestController; "crypto-signing.hints.4" }) @Slf4j -public class SigningAssignment extends AssignmentEndpoint { +public class SigningAssignment implements AssignmentEndpoint { @RequestMapping(path = "/crypto/signing/getprivate", produces = MediaType.TEXT_HTML_VALUE) @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/cryptography/XOREncodingAssignment.java b/src/main/java/org/owasp/webgoat/lessons/cryptography/XOREncodingAssignment.java index e77c5b093..a2807b4e6 100644 --- a/src/main/java/org/owasp/webgoat/lessons/cryptography/XOREncodingAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/cryptography/XOREncodingAssignment.java @@ -35,7 +35,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints({"crypto-encoding-xor.hints.1"}) -public class XOREncodingAssignment extends AssignmentEndpoint { +public class XOREncodingAssignment implements AssignmentEndpoint { @PostMapping("/crypto/encoding/xor") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/csrf/CSRFConfirmFlag1.java b/src/main/java/org/owasp/webgoat/lessons/csrf/CSRFConfirmFlag1.java index 00ea70878..f46c23862 100644 --- a/src/main/java/org/owasp/webgoat/lessons/csrf/CSRFConfirmFlag1.java +++ b/src/main/java/org/owasp/webgoat/lessons/csrf/CSRFConfirmFlag1.java @@ -36,7 +36,7 @@ import org.springframework.web.bind.annotation.RestController; /** Created by jason on 9/29/17. */ @RestController @AssignmentHints({"csrf-get.hint1", "csrf-get.hint2", "csrf-get.hint3", "csrf-get.hint4"}) -public class CSRFConfirmFlag1 extends AssignmentEndpoint { +public class CSRFConfirmFlag1 implements AssignmentEndpoint { private final LessonSession userSessionData; diff --git a/src/main/java/org/owasp/webgoat/lessons/csrf/CSRFFeedback.java b/src/main/java/org/owasp/webgoat/lessons/csrf/CSRFFeedback.java index 5960b430e..2154ed34d 100644 --- a/src/main/java/org/owasp/webgoat/lessons/csrf/CSRFFeedback.java +++ b/src/main/java/org/owasp/webgoat/lessons/csrf/CSRFFeedback.java @@ -46,7 +46,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints({"csrf-feedback-hint1", "csrf-feedback-hint2", "csrf-feedback-hint3"}) -public class CSRFFeedback extends AssignmentEndpoint { +public class CSRFFeedback implements AssignmentEndpoint { private final LessonSession userSessionData; private final ObjectMapper objectMapper; diff --git a/src/main/java/org/owasp/webgoat/lessons/csrf/CSRFLogin.java b/src/main/java/org/owasp/webgoat/lessons/csrf/CSRFLogin.java index 665efc6ee..78fb16a10 100644 --- a/src/main/java/org/owasp/webgoat/lessons/csrf/CSRFLogin.java +++ b/src/main/java/org/owasp/webgoat/lessons/csrf/CSRFLogin.java @@ -35,7 +35,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints({"csrf-login-hint1", "csrf-login-hint2", "csrf-login-hint3"}) -public class CSRFLogin extends AssignmentEndpoint { +public class CSRFLogin implements AssignmentEndpoint { @PostMapping( path = "/csrf/login", diff --git a/src/main/java/org/owasp/webgoat/lessons/csrf/ForgedReviews.java b/src/main/java/org/owasp/webgoat/lessons/csrf/ForgedReviews.java index 33e7fb8bc..50dcb8915 100644 --- a/src/main/java/org/owasp/webgoat/lessons/csrf/ForgedReviews.java +++ b/src/main/java/org/owasp/webgoat/lessons/csrf/ForgedReviews.java @@ -47,7 +47,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints({"csrf-review-hint1", "csrf-review-hint2", "csrf-review-hint3"}) -public class ForgedReviews extends AssignmentEndpoint { +public class ForgedReviews implements AssignmentEndpoint { private static DateTimeFormatter fmt = DateTimeFormatter.ofPattern("yyyy-MM-dd, HH:mm:ss"); diff --git a/src/main/java/org/owasp/webgoat/lessons/deserialization/InsecureDeserializationTask.java b/src/main/java/org/owasp/webgoat/lessons/deserialization/InsecureDeserializationTask.java index df7c4d0fb..22dd18a1f 100644 --- a/src/main/java/org/owasp/webgoat/lessons/deserialization/InsecureDeserializationTask.java +++ b/src/main/java/org/owasp/webgoat/lessons/deserialization/InsecureDeserializationTask.java @@ -45,7 +45,7 @@ import org.springframework.web.bind.annotation.RestController; "insecure-deserialization.hints.2", "insecure-deserialization.hints.3" }) -public class InsecureDeserializationTask extends AssignmentEndpoint { +public class InsecureDeserializationTask implements AssignmentEndpoint { @PostMapping("/InsecureDeserialization/task") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/hijacksession/HijackSessionAssignment.java b/src/main/java/org/owasp/webgoat/lessons/hijacksession/HijackSessionAssignment.java index ab1a583d8..7817022f0 100644 --- a/src/main/java/org/owasp/webgoat/lessons/hijacksession/HijackSessionAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/hijacksession/HijackSessionAssignment.java @@ -53,7 +53,7 @@ import org.springframework.web.bind.annotation.RestController; "hijacksession.hints.4", "hijacksession.hints.5" }) -public class HijackSessionAssignment extends AssignmentEndpoint { +public class HijackSessionAssignment implements AssignmentEndpoint { private static final String COOKIE_NAME = "hijack_cookie"; private final HijackSessionAuthenticationProvider provider; diff --git a/src/main/java/org/owasp/webgoat/lessons/htmltampering/HtmlTamperingTask.java b/src/main/java/org/owasp/webgoat/lessons/htmltampering/HtmlTamperingTask.java index 0cd73c037..2042ea0f6 100644 --- a/src/main/java/org/owasp/webgoat/lessons/htmltampering/HtmlTamperingTask.java +++ b/src/main/java/org/owasp/webgoat/lessons/htmltampering/HtmlTamperingTask.java @@ -35,7 +35,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints({"hint1", "hint2", "hint3"}) -public class HtmlTamperingTask extends AssignmentEndpoint { +public class HtmlTamperingTask implements AssignmentEndpoint { @PostMapping("/HtmlTampering/task") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/httpbasics/HttpBasicsLesson.java b/src/main/java/org/owasp/webgoat/lessons/httpbasics/HttpBasicsLesson.java index c1d56e171..f73e3ae06 100644 --- a/src/main/java/org/owasp/webgoat/lessons/httpbasics/HttpBasicsLesson.java +++ b/src/main/java/org/owasp/webgoat/lessons/httpbasics/HttpBasicsLesson.java @@ -35,7 +35,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints({"http-basics.hints.http_basics_lesson.1"}) -public class HttpBasicsLesson extends AssignmentEndpoint { +public class HttpBasicsLesson implements AssignmentEndpoint { @PostMapping("/HttpBasics/attack1") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/httpbasics/HttpBasicsQuiz.java b/src/main/java/org/owasp/webgoat/lessons/httpbasics/HttpBasicsQuiz.java index ce80179e7..eb497c7e6 100644 --- a/src/main/java/org/owasp/webgoat/lessons/httpbasics/HttpBasicsQuiz.java +++ b/src/main/java/org/owasp/webgoat/lessons/httpbasics/HttpBasicsQuiz.java @@ -37,7 +37,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints({"http-basics.hints.http_basic_quiz.1", "http-basics.hints.http_basic_quiz.2"}) @AssignmentPath("HttpBasics/attack2") -public class HttpBasicsQuiz extends AssignmentEndpoint { +public class HttpBasicsQuiz implements AssignmentEndpoint { @PostMapping("/HttpBasics/attack2") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/httpproxies/HttpBasicsInterceptRequest.java b/src/main/java/org/owasp/webgoat/lessons/httpproxies/HttpBasicsInterceptRequest.java index f8f85a7f8..3731dec4e 100644 --- a/src/main/java/org/owasp/webgoat/lessons/httpproxies/HttpBasicsInterceptRequest.java +++ b/src/main/java/org/owasp/webgoat/lessons/httpproxies/HttpBasicsInterceptRequest.java @@ -37,7 +37,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class HttpBasicsInterceptRequest extends AssignmentEndpoint { +public class HttpBasicsInterceptRequest implements AssignmentEndpoint { @RequestMapping( path = "/HttpProxies/intercept-request", diff --git a/src/main/java/org/owasp/webgoat/lessons/idor/IDORDiffAttributes.java b/src/main/java/org/owasp/webgoat/lessons/idor/IDORDiffAttributes.java index 00885761b..7b641a228 100644 --- a/src/main/java/org/owasp/webgoat/lessons/idor/IDORDiffAttributes.java +++ b/src/main/java/org/owasp/webgoat/lessons/idor/IDORDiffAttributes.java @@ -40,7 +40,7 @@ import org.springframework.web.bind.annotation.RestController; "idor.hints.idorDiffAttributes2", "idor.hints.idorDiffAttributes3" }) -public class IDORDiffAttributes extends AssignmentEndpoint { +public class IDORDiffAttributes implements AssignmentEndpoint { @PostMapping("/IDOR/diff-attributes") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/idor/IDOREditOtherProfile.java b/src/main/java/org/owasp/webgoat/lessons/idor/IDOREditOtherProfile.java index 720491c5d..e0b9debf8 100644 --- a/src/main/java/org/owasp/webgoat/lessons/idor/IDOREditOtherProfile.java +++ b/src/main/java/org/owasp/webgoat/lessons/idor/IDOREditOtherProfile.java @@ -48,7 +48,7 @@ import org.springframework.web.bind.annotation.RestController; "idor.hints.otherProfile8", "idor.hints.otherProfile9" }) -public class IDOREditOtherProfile extends AssignmentEndpoint { +public class IDOREditOtherProfile implements AssignmentEndpoint { private final LessonSession userSessionData; diff --git a/src/main/java/org/owasp/webgoat/lessons/idor/IDORLogin.java b/src/main/java/org/owasp/webgoat/lessons/idor/IDORLogin.java index 77158c43d..febfb2f50 100644 --- a/src/main/java/org/owasp/webgoat/lessons/idor/IDORLogin.java +++ b/src/main/java/org/owasp/webgoat/lessons/idor/IDORLogin.java @@ -39,7 +39,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints({"idor.hints.idor_login"}) -public class IDORLogin extends AssignmentEndpoint { +public class IDORLogin implements AssignmentEndpoint { private final LessonSession lessonSession; public IDORLogin(LessonSession lessonSession) { diff --git a/src/main/java/org/owasp/webgoat/lessons/idor/IDORViewOtherProfile.java b/src/main/java/org/owasp/webgoat/lessons/idor/IDORViewOtherProfile.java index 0be4563bb..2bd783807 100644 --- a/src/main/java/org/owasp/webgoat/lessons/idor/IDORViewOtherProfile.java +++ b/src/main/java/org/owasp/webgoat/lessons/idor/IDORViewOtherProfile.java @@ -47,7 +47,7 @@ import org.springframework.web.bind.annotation.RestController; "idor.hints.otherProfile8", "idor.hints.otherProfile9" }) -public class IDORViewOtherProfile extends AssignmentEndpoint { +public class IDORViewOtherProfile implements AssignmentEndpoint { private final LessonSession userSessionData; diff --git a/src/main/java/org/owasp/webgoat/lessons/idor/IDORViewOwnProfileAltUrl.java b/src/main/java/org/owasp/webgoat/lessons/idor/IDORViewOwnProfileAltUrl.java index 964657c8a..970b33932 100644 --- a/src/main/java/org/owasp/webgoat/lessons/idor/IDORViewOwnProfileAltUrl.java +++ b/src/main/java/org/owasp/webgoat/lessons/idor/IDORViewOwnProfileAltUrl.java @@ -41,7 +41,7 @@ import org.springframework.web.bind.annotation.RestController; "idor.hints.ownProfileAltUrl2", "idor.hints.ownProfileAltUrl3" }) -public class IDORViewOwnProfileAltUrl extends AssignmentEndpoint { +public class IDORViewOwnProfileAltUrl implements AssignmentEndpoint { private final LessonSession userSessionData; public IDORViewOwnProfileAltUrl(LessonSession userSessionData) { diff --git a/src/main/java/org/owasp/webgoat/lessons/insecurelogin/InsecureLoginTask.java b/src/main/java/org/owasp/webgoat/lessons/insecurelogin/InsecureLoginTask.java index 8478105b5..24f5ac7f6 100644 --- a/src/main/java/org/owasp/webgoat/lessons/insecurelogin/InsecureLoginTask.java +++ b/src/main/java/org/owasp/webgoat/lessons/insecurelogin/InsecureLoginTask.java @@ -31,7 +31,7 @@ import org.springframework.http.HttpStatus; import org.springframework.web.bind.annotation.*; @RestController -public class InsecureLoginTask extends AssignmentEndpoint { +public class InsecureLoginTask implements AssignmentEndpoint { @PostMapping("/InsecureLogin/task") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/jwt/JWTDecodeEndpoint.java b/src/main/java/org/owasp/webgoat/lessons/jwt/JWTDecodeEndpoint.java index d052000d2..75bfd6171 100644 --- a/src/main/java/org/owasp/webgoat/lessons/jwt/JWTDecodeEndpoint.java +++ b/src/main/java/org/owasp/webgoat/lessons/jwt/JWTDecodeEndpoint.java @@ -11,7 +11,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class JWTDecodeEndpoint extends AssignmentEndpoint { +public class JWTDecodeEndpoint implements AssignmentEndpoint { @PostMapping("/JWT/decode") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/jwt/JWTQuiz.java b/src/main/java/org/owasp/webgoat/lessons/jwt/JWTQuiz.java index d0286a24c..d73765cb4 100644 --- a/src/main/java/org/owasp/webgoat/lessons/jwt/JWTQuiz.java +++ b/src/main/java/org/owasp/webgoat/lessons/jwt/JWTQuiz.java @@ -12,7 +12,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class JWTQuiz extends AssignmentEndpoint { +public class JWTQuiz implements AssignmentEndpoint { private final String[] solutions = {"Solution 1", "Solution 2"}; private final boolean[] guesses = new boolean[solutions.length]; diff --git a/src/main/java/org/owasp/webgoat/lessons/jwt/JWTRefreshEndpoint.java b/src/main/java/org/owasp/webgoat/lessons/jwt/JWTRefreshEndpoint.java index 2f114b04b..03691dee1 100644 --- a/src/main/java/org/owasp/webgoat/lessons/jwt/JWTRefreshEndpoint.java +++ b/src/main/java/org/owasp/webgoat/lessons/jwt/JWTRefreshEndpoint.java @@ -58,7 +58,7 @@ import org.springframework.web.bind.annotation.RestController; "jwt-refresh-hint3", "jwt-refresh-hint4" }) -public class JWTRefreshEndpoint extends AssignmentEndpoint { +public class JWTRefreshEndpoint implements AssignmentEndpoint { public static final String PASSWORD = "bm5nhSkxCXZkKRy4"; private static final String JWT_PASSWORD = "bm5n3SkxCX4kKRy4"; diff --git a/src/main/java/org/owasp/webgoat/lessons/jwt/JWTSecretKeyEndpoint.java b/src/main/java/org/owasp/webgoat/lessons/jwt/JWTSecretKeyEndpoint.java index 595026474..4eb46d6e7 100644 --- a/src/main/java/org/owasp/webgoat/lessons/jwt/JWTSecretKeyEndpoint.java +++ b/src/main/java/org/owasp/webgoat/lessons/jwt/JWTSecretKeyEndpoint.java @@ -47,7 +47,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints({"jwt-secret-hint1", "jwt-secret-hint2", "jwt-secret-hint3"}) -public class JWTSecretKeyEndpoint extends AssignmentEndpoint { +public class JWTSecretKeyEndpoint implements AssignmentEndpoint { public static final String[] SECRETS = { "victory", "business", "available", "shipping", "washington" diff --git a/src/main/java/org/owasp/webgoat/lessons/jwt/JWTVotesEndpoint.java b/src/main/java/org/owasp/webgoat/lessons/jwt/JWTVotesEndpoint.java index ec69ad3e4..4b4d6486e 100644 --- a/src/main/java/org/owasp/webgoat/lessons/jwt/JWTVotesEndpoint.java +++ b/src/main/java/org/owasp/webgoat/lessons/jwt/JWTVotesEndpoint.java @@ -68,7 +68,7 @@ import org.springframework.web.bind.annotation.RestController; "jwt-change-token-hint4", "jwt-change-token-hint5" }) -public class JWTVotesEndpoint extends AssignmentEndpoint { +public class JWTVotesEndpoint implements AssignmentEndpoint { public static final String JWT_PASSWORD = TextCodec.BASE64.encode("victory"); private static String validUsers = "TomJerrySylvester"; diff --git a/src/main/java/org/owasp/webgoat/lessons/jwt/claimmisuse/JWTHeaderJKUEndpoint.java b/src/main/java/org/owasp/webgoat/lessons/jwt/claimmisuse/JWTHeaderJKUEndpoint.java index 9d85cf960..4ff2e13ca 100644 --- a/src/main/java/org/owasp/webgoat/lessons/jwt/claimmisuse/JWTHeaderJKUEndpoint.java +++ b/src/main/java/org/owasp/webgoat/lessons/jwt/claimmisuse/JWTHeaderJKUEndpoint.java @@ -31,7 +31,7 @@ import org.springframework.web.bind.annotation.RestController; "jwt-jku-hint4", "jwt-jku-hint5" }) -public class JWTHeaderJKUEndpoint extends AssignmentEndpoint { +public class JWTHeaderJKUEndpoint implements AssignmentEndpoint { @PostMapping("jku/follow/{user}") public @ResponseBody String follow(@PathVariable("user") String user) { diff --git a/src/main/java/org/owasp/webgoat/lessons/jwt/claimmisuse/JWTHeaderKIDEndpoint.java b/src/main/java/org/owasp/webgoat/lessons/jwt/claimmisuse/JWTHeaderKIDEndpoint.java index 41909057d..904f2656f 100644 --- a/src/main/java/org/owasp/webgoat/lessons/jwt/claimmisuse/JWTHeaderKIDEndpoint.java +++ b/src/main/java/org/owasp/webgoat/lessons/jwt/claimmisuse/JWTHeaderKIDEndpoint.java @@ -56,7 +56,7 @@ import org.springframework.web.bind.annotation.RestController; "jwt-kid-hint6" }) @RequestMapping("/JWT/") -public class JWTHeaderKIDEndpoint extends AssignmentEndpoint { +public class JWTHeaderKIDEndpoint implements AssignmentEndpoint { private final LessonDataSource dataSource; private JWTHeaderKIDEndpoint(LessonDataSource dataSource) { diff --git a/src/main/java/org/owasp/webgoat/lessons/lessontemplate/SampleAttack.java b/src/main/java/org/owasp/webgoat/lessons/lessontemplate/SampleAttack.java index 7015888ca..d4f0c1b86 100644 --- a/src/main/java/org/owasp/webgoat/lessons/lessontemplate/SampleAttack.java +++ b/src/main/java/org/owasp/webgoat/lessons/lessontemplate/SampleAttack.java @@ -41,7 +41,7 @@ import org.springframework.web.bind.annotation.RestController; /** Created by jason on 1/5/17. */ @RestController @AssignmentHints({"lesson-template.hints.1", "lesson-template.hints.2", "lesson-template.hints.3"}) -public class SampleAttack extends AssignmentEndpoint { +public class SampleAttack implements AssignmentEndpoint { private static final String secretValue = "secr37Value"; private final LessonSession userSessionData; diff --git a/src/main/java/org/owasp/webgoat/lessons/logging/LogBleedingTask.java b/src/main/java/org/owasp/webgoat/lessons/logging/LogBleedingTask.java index 5eee7b450..7b1f68937 100644 --- a/src/main/java/org/owasp/webgoat/lessons/logging/LogBleedingTask.java +++ b/src/main/java/org/owasp/webgoat/lessons/logging/LogBleedingTask.java @@ -39,7 +39,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class LogBleedingTask extends AssignmentEndpoint { +public class LogBleedingTask implements AssignmentEndpoint { private static final Logger log = LoggerFactory.getLogger(LogBleedingTask.class); private final String password; diff --git a/src/main/java/org/owasp/webgoat/lessons/logging/LogSpoofingTask.java b/src/main/java/org/owasp/webgoat/lessons/logging/LogSpoofingTask.java index b88abf073..bcce8a57a 100644 --- a/src/main/java/org/owasp/webgoat/lessons/logging/LogSpoofingTask.java +++ b/src/main/java/org/owasp/webgoat/lessons/logging/LogSpoofingTask.java @@ -34,7 +34,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class LogSpoofingTask extends AssignmentEndpoint { +public class LogSpoofingTask implements AssignmentEndpoint { @PostMapping("/LogSpoofing/log-spoofing") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/missingac/MissingFunctionACHiddenMenus.java b/src/main/java/org/owasp/webgoat/lessons/missingac/MissingFunctionACHiddenMenus.java index 1ef798fe2..2bbb06687 100644 --- a/src/main/java/org/owasp/webgoat/lessons/missingac/MissingFunctionACHiddenMenus.java +++ b/src/main/java/org/owasp/webgoat/lessons/missingac/MissingFunctionACHiddenMenus.java @@ -39,7 +39,7 @@ import org.springframework.web.bind.annotation.RestController; "access-control.hidden-menus.hint2", "access-control.hidden-menus.hint3" }) -public class MissingFunctionACHiddenMenus extends AssignmentEndpoint { +public class MissingFunctionACHiddenMenus implements AssignmentEndpoint { @PostMapping( path = "/access-control/hidden-menu", diff --git a/src/main/java/org/owasp/webgoat/lessons/missingac/MissingFunctionACYourHash.java b/src/main/java/org/owasp/webgoat/lessons/missingac/MissingFunctionACYourHash.java index 28eb11cf6..722e376f9 100644 --- a/src/main/java/org/owasp/webgoat/lessons/missingac/MissingFunctionACYourHash.java +++ b/src/main/java/org/owasp/webgoat/lessons/missingac/MissingFunctionACYourHash.java @@ -41,7 +41,7 @@ import org.springframework.web.bind.annotation.RestController; "access-control.hash.hint4", "access-control.hash.hint5" }) -public class MissingFunctionACYourHash extends AssignmentEndpoint { +public class MissingFunctionACYourHash implements AssignmentEndpoint { private final MissingAccessControlUserRepository userRepository; diff --git a/src/main/java/org/owasp/webgoat/lessons/missingac/MissingFunctionACYourHashAdmin.java b/src/main/java/org/owasp/webgoat/lessons/missingac/MissingFunctionACYourHashAdmin.java index 3027b860b..c36442a2a 100644 --- a/src/main/java/org/owasp/webgoat/lessons/missingac/MissingFunctionACYourHashAdmin.java +++ b/src/main/java/org/owasp/webgoat/lessons/missingac/MissingFunctionACYourHashAdmin.java @@ -44,7 +44,7 @@ import org.springframework.web.bind.annotation.RestController; "access-control.hash.hint12", "access-control.hash.hint13" }) -public class MissingFunctionACYourHashAdmin extends AssignmentEndpoint { +public class MissingFunctionACYourHashAdmin implements AssignmentEndpoint { private final MissingAccessControlUserRepository userRepository; diff --git a/src/main/java/org/owasp/webgoat/lessons/passwordreset/QuestionsAssignment.java b/src/main/java/org/owasp/webgoat/lessons/passwordreset/QuestionsAssignment.java index 9e441a7de..02a9475da 100644 --- a/src/main/java/org/owasp/webgoat/lessons/passwordreset/QuestionsAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/passwordreset/QuestionsAssignment.java @@ -40,7 +40,7 @@ import org.springframework.web.bind.annotation.RestController; * @since 8/20/17. */ @RestController -public class QuestionsAssignment extends AssignmentEndpoint { +public class QuestionsAssignment implements AssignmentEndpoint { private static final Map COLORS = new HashMap<>(); diff --git a/src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignment.java b/src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignment.java index 8b6c18908..3fe8af534 100644 --- a/src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignment.java @@ -60,7 +60,7 @@ import org.springframework.web.servlet.ModelAndView; "password-reset-hint5", "password-reset-hint6" }) -public class ResetLinkAssignment extends AssignmentEndpoint { +public class ResetLinkAssignment implements AssignmentEndpoint { private static final String VIEW_FORMATTER = "lessons/passwordreset/templates/%s.html"; static final String PASSWORD_TOM_9 = diff --git a/src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignmentForgotPassword.java b/src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignmentForgotPassword.java index 5fe6cd84d..1a2780467 100644 --- a/src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignmentForgotPassword.java +++ b/src/main/java/org/owasp/webgoat/lessons/passwordreset/ResetLinkAssignmentForgotPassword.java @@ -47,7 +47,7 @@ import org.springframework.web.client.RestTemplate; * @since 8/20/17. */ @RestController -public class ResetLinkAssignmentForgotPassword extends AssignmentEndpoint { +public class ResetLinkAssignmentForgotPassword implements AssignmentEndpoint { private final RestTemplate restTemplate; private final String webWolfHost; diff --git a/src/main/java/org/owasp/webgoat/lessons/passwordreset/SecurityQuestionAssignment.java b/src/main/java/org/owasp/webgoat/lessons/passwordreset/SecurityQuestionAssignment.java index 63d17ea1f..f08bc7890 100644 --- a/src/main/java/org/owasp/webgoat/lessons/passwordreset/SecurityQuestionAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/passwordreset/SecurityQuestionAssignment.java @@ -42,7 +42,7 @@ import org.springframework.web.bind.annotation.RestController; * @since 11.12.18 */ @RestController -public class SecurityQuestionAssignment extends AssignmentEndpoint { +public class SecurityQuestionAssignment implements AssignmentEndpoint { private final TriedQuestions triedQuestions; diff --git a/src/main/java/org/owasp/webgoat/lessons/passwordreset/SimpleMailAssignment.java b/src/main/java/org/owasp/webgoat/lessons/passwordreset/SimpleMailAssignment.java index 32554f417..cd862d49b 100644 --- a/src/main/java/org/owasp/webgoat/lessons/passwordreset/SimpleMailAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/passwordreset/SimpleMailAssignment.java @@ -46,7 +46,7 @@ import org.springframework.web.client.RestTemplate; * @since 8/20/17. */ @RestController -public class SimpleMailAssignment extends AssignmentEndpoint { +public class SimpleMailAssignment implements AssignmentEndpoint { private final String webWolfURL; private RestTemplate restTemplate; diff --git a/src/main/java/org/owasp/webgoat/lessons/pathtraversal/ProfileUploadBase.java b/src/main/java/org/owasp/webgoat/lessons/pathtraversal/ProfileUploadBase.java index 78662b46e..f212b170e 100644 --- a/src/main/java/org/owasp/webgoat/lessons/pathtraversal/ProfileUploadBase.java +++ b/src/main/java/org/owasp/webgoat/lessons/pathtraversal/ProfileUploadBase.java @@ -25,7 +25,7 @@ import org.springframework.util.StringUtils; import org.springframework.web.multipart.MultipartFile; @Getter -public class ProfileUploadBase extends AssignmentEndpoint { +public class ProfileUploadBase implements AssignmentEndpoint { private final String webGoatHomeDirectory; diff --git a/src/main/java/org/owasp/webgoat/lessons/pathtraversal/ProfileUploadRetrieval.java b/src/main/java/org/owasp/webgoat/lessons/pathtraversal/ProfileUploadRetrieval.java index 02674c12b..2225c4d50 100644 --- a/src/main/java/org/owasp/webgoat/lessons/pathtraversal/ProfileUploadRetrieval.java +++ b/src/main/java/org/owasp/webgoat/lessons/pathtraversal/ProfileUploadRetrieval.java @@ -43,7 +43,7 @@ import org.springframework.web.bind.annotation.RestController; "path-traversal-profile-retrieve.hint6" }) @Slf4j -public class ProfileUploadRetrieval extends AssignmentEndpoint { +public class ProfileUploadRetrieval implements AssignmentEndpoint { private final File catPicturesDirectory; public ProfileUploadRetrieval(@Value("${webgoat.server.directory}") String webGoatHomeDirectory) { diff --git a/src/main/java/org/owasp/webgoat/lessons/securepasswords/SecurePasswordsAssignment.java b/src/main/java/org/owasp/webgoat/lessons/securepasswords/SecurePasswordsAssignment.java index 3178407d0..b90adf437 100644 --- a/src/main/java/org/owasp/webgoat/lessons/securepasswords/SecurePasswordsAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/securepasswords/SecurePasswordsAssignment.java @@ -38,7 +38,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class SecurePasswordsAssignment extends AssignmentEndpoint { +public class SecurePasswordsAssignment implements AssignmentEndpoint { @PostMapping("SecurePasswords/assignment") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/spoofcookie/SpoofCookieAssignment.java b/src/main/java/org/owasp/webgoat/lessons/spoofcookie/SpoofCookieAssignment.java index 437641fbf..6d68423b8 100644 --- a/src/main/java/org/owasp/webgoat/lessons/spoofcookie/SpoofCookieAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/spoofcookie/SpoofCookieAssignment.java @@ -52,7 +52,7 @@ import org.springframework.web.bind.annotation.RestController; @AssignmentHints({"spoofcookie.hint1", "spoofcookie.hint2", "spoofcookie.hint3"}) @RestController -public class SpoofCookieAssignment extends AssignmentEndpoint { +public class SpoofCookieAssignment implements AssignmentEndpoint { private static final String COOKIE_NAME = "spoof_auth"; private static final String COOKIE_INFO = diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionChallenge.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionChallenge.java index 19c0d953b..f5b0a88ba 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionChallenge.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionChallenge.java @@ -45,7 +45,7 @@ import org.springframework.web.bind.annotation.RestController; @AssignmentHints( value = {"SqlInjectionChallenge1", "SqlInjectionChallenge2", "SqlInjectionChallenge3"}) @Slf4j -public class SqlInjectionChallenge extends AssignmentEndpoint { +public class SqlInjectionChallenge implements AssignmentEndpoint { private final LessonDataSource dataSource; diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionChallengeLogin.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionChallengeLogin.java index f071ae6d6..4a6374851 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionChallengeLogin.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionChallengeLogin.java @@ -42,7 +42,7 @@ import org.springframework.web.bind.annotation.RestController; "SqlInjectionChallengeHint3", "SqlInjectionChallengeHint4" }) -public class SqlInjectionChallengeLogin extends AssignmentEndpoint { +public class SqlInjectionChallengeLogin implements AssignmentEndpoint { private final LessonDataSource dataSource; public SqlInjectionChallengeLogin(LessonDataSource dataSource) { diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionLesson6a.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionLesson6a.java index 78c9351dd..96f090ff7 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionLesson6a.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionLesson6a.java @@ -49,7 +49,7 @@ import org.springframework.web.bind.annotation.RestController; "SqlStringInjectionHint-advanced-6a-4", "SqlStringInjectionHint-advanced-6a-5" }) -public class SqlInjectionLesson6a extends AssignmentEndpoint { +public class SqlInjectionLesson6a implements AssignmentEndpoint { private final LessonDataSource dataSource; private static final String YOUR_QUERY_WAS = "
Your query was: "; diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionLesson6b.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionLesson6b.java index 90d19af7f..36e8530ab 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionLesson6b.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionLesson6b.java @@ -39,7 +39,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class SqlInjectionLesson6b extends AssignmentEndpoint { +public class SqlInjectionLesson6b implements AssignmentEndpoint { private final LessonDataSource dataSource; public SqlInjectionLesson6b(LessonDataSource dataSource) { diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionQuiz.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionQuiz.java index 2aa031ab2..841bafbbf 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionQuiz.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/advanced/SqlInjectionQuiz.java @@ -40,7 +40,7 @@ import org.springframework.web.bind.annotation.RestController; * implement the quiz go to the quiz.js file in webgoat-container -> js */ @RestController -public class SqlInjectionQuiz extends AssignmentEndpoint { +public class SqlInjectionQuiz implements AssignmentEndpoint { String[] solutions = {"Solution 4", "Solution 3", "Solution 2", "Solution 3", "Solution 4"}; boolean[] guesses = new boolean[solutions.length]; diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java index ff141b389..215a00bf3 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java @@ -48,7 +48,7 @@ import org.springframework.web.bind.annotation.RestController; "SqlStringInjectionHint.10.5", "SqlStringInjectionHint.10.6" }) -public class SqlInjectionLesson10 extends AssignmentEndpoint { +public class SqlInjectionLesson10 implements AssignmentEndpoint { private final LessonDataSource dataSource; diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson2.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson2.java index 6431774d8..15f595960 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson2.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson2.java @@ -47,7 +47,7 @@ import org.springframework.web.bind.annotation.RestController; "SqlStringInjectionHint2-3", "SqlStringInjectionHint2-4" }) -public class SqlInjectionLesson2 extends AssignmentEndpoint { +public class SqlInjectionLesson2 implements AssignmentEndpoint { private final LessonDataSource dataSource; diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson3.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson3.java index 3d562c3bd..352fa5e2c 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson3.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson3.java @@ -42,7 +42,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints(value = {"SqlStringInjectionHint3-1", "SqlStringInjectionHint3-2"}) -public class SqlInjectionLesson3 extends AssignmentEndpoint { +public class SqlInjectionLesson3 implements AssignmentEndpoint { private final LessonDataSource dataSource; diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson4.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson4.java index bdb8cf9eb..24a64d287 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson4.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson4.java @@ -43,7 +43,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints( value = {"SqlStringInjectionHint4-1", "SqlStringInjectionHint4-2", "SqlStringInjectionHint4-3"}) -public class SqlInjectionLesson4 extends AssignmentEndpoint { +public class SqlInjectionLesson4 implements AssignmentEndpoint { private final LessonDataSource dataSource; diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5.java index 289430a2f..aa6e29200 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5.java @@ -46,7 +46,7 @@ import org.springframework.web.bind.annotation.RestController; "SqlStringInjectionHint5-3", "SqlStringInjectionHint5-4" }) -public class SqlInjectionLesson5 extends AssignmentEndpoint { +public class SqlInjectionLesson5 implements AssignmentEndpoint { private final LessonDataSource dataSource; diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java index e3a224a91..74431a9bf 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5a.java @@ -37,7 +37,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints(value = {"SqlStringInjectionHint5a1"}) -public class SqlInjectionLesson5a extends AssignmentEndpoint { +public class SqlInjectionLesson5a implements AssignmentEndpoint { private static final String EXPLANATION = "
Explanation: This injection works, because or '1' =" diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5b.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5b.java index 85e775a6f..4e4d3c41b 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5b.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson5b.java @@ -44,7 +44,7 @@ import org.springframework.web.bind.annotation.RestController; "SqlStringInjectionHint5b3", "SqlStringInjectionHint5b4" }) -public class SqlInjectionLesson5b extends AssignmentEndpoint { +public class SqlInjectionLesson5b implements AssignmentEndpoint { private final LessonDataSource dataSource; diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java index 35ad87eb1..56f81ff56 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson8.java @@ -48,7 +48,7 @@ import org.springframework.web.bind.annotation.RestController; "SqlStringInjectionHint.8.4", "SqlStringInjectionHint.8.5" }) -public class SqlInjectionLesson8 extends AssignmentEndpoint { +public class SqlInjectionLesson8 implements AssignmentEndpoint { private final LessonDataSource dataSource; diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java index 4dc1e6a1b..79ec3bb0a 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson9.java @@ -49,7 +49,7 @@ import org.springframework.web.bind.annotation.RestController; "SqlStringInjectionHint.9.4", "SqlStringInjectionHint.9.5" }) -public class SqlInjectionLesson9 extends AssignmentEndpoint { +public class SqlInjectionLesson9 implements AssignmentEndpoint { private final LessonDataSource dataSource; diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlInjectionLesson10a.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlInjectionLesson10a.java index e2e44b95f..d4dc18d2c 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlInjectionLesson10a.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlInjectionLesson10a.java @@ -38,7 +38,7 @@ import org.springframework.web.bind.annotation.RestController; @Slf4j @AssignmentHints( value = {"SqlStringInjectionHint-mitigation-10a-1", "SqlStringInjectionHint-mitigation-10a-2"}) -public class SqlInjectionLesson10a extends AssignmentEndpoint { +public class SqlInjectionLesson10a implements AssignmentEndpoint { private static final String[] results = { "getConnection", "PreparedStatement", "prepareStatement", "?", "?", "setString", "setString" diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlInjectionLesson10b.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlInjectionLesson10b.java index d3c413f5e..2037313f6 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlInjectionLesson10b.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlInjectionLesson10b.java @@ -55,7 +55,7 @@ import org.springframework.web.bind.annotation.RestController; "SqlStringInjectionHint-mitigation-10b-4", "SqlStringInjectionHint-mitigation-10b-5" }) -public class SqlInjectionLesson10b extends AssignmentEndpoint { +public class SqlInjectionLesson10b implements AssignmentEndpoint { @PostMapping("/SqlInjectionMitigations/attack10b") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlInjectionLesson13.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlInjectionLesson13.java index e9cd2c6fb..f2ac154d0 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlInjectionLesson13.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlInjectionLesson13.java @@ -48,7 +48,7 @@ import org.springframework.web.bind.annotation.RestController; "SqlStringInjectionHint-mitigation-13-4" }) @Slf4j -public class SqlInjectionLesson13 extends AssignmentEndpoint { +public class SqlInjectionLesson13 implements AssignmentEndpoint { private final LessonDataSource dataSource; diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidation.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidation.java index 2ed20811d..f0df96711 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidation.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidation.java @@ -36,7 +36,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints( value = {"SqlOnlyInputValidation-1", "SqlOnlyInputValidation-2", "SqlOnlyInputValidation-3"}) -public class SqlOnlyInputValidation extends AssignmentEndpoint { +public class SqlOnlyInputValidation implements AssignmentEndpoint { private final SqlInjectionLesson6a lesson6a; diff --git a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidationOnKeywords.java b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidationOnKeywords.java index 55ba0bfd8..0ca75999a 100644 --- a/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidationOnKeywords.java +++ b/src/main/java/org/owasp/webgoat/lessons/sqlinjection/mitigation/SqlOnlyInputValidationOnKeywords.java @@ -40,7 +40,7 @@ import org.springframework.web.bind.annotation.RestController; "SqlOnlyInputValidationOnKeywords-2", "SqlOnlyInputValidationOnKeywords-3" }) -public class SqlOnlyInputValidationOnKeywords extends AssignmentEndpoint { +public class SqlOnlyInputValidationOnKeywords implements AssignmentEndpoint { private final SqlInjectionLesson6a lesson6a; diff --git a/src/main/java/org/owasp/webgoat/lessons/ssrf/SSRFTask1.java b/src/main/java/org/owasp/webgoat/lessons/ssrf/SSRFTask1.java index 27be6645e..986602731 100644 --- a/src/main/java/org/owasp/webgoat/lessons/ssrf/SSRFTask1.java +++ b/src/main/java/org/owasp/webgoat/lessons/ssrf/SSRFTask1.java @@ -35,7 +35,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints({"ssrf.hint1", "ssrf.hint2"}) -public class SSRFTask1 extends AssignmentEndpoint { +public class SSRFTask1 implements AssignmentEndpoint { @PostMapping("/SSRF/task1") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/ssrf/SSRFTask2.java b/src/main/java/org/owasp/webgoat/lessons/ssrf/SSRFTask2.java index 18afec778..a48b42278 100644 --- a/src/main/java/org/owasp/webgoat/lessons/ssrf/SSRFTask2.java +++ b/src/main/java/org/owasp/webgoat/lessons/ssrf/SSRFTask2.java @@ -40,7 +40,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints({"ssrf.hint3"}) -public class SSRFTask2 extends AssignmentEndpoint { +public class SSRFTask2 implements AssignmentEndpoint { @PostMapping("/SSRF/task2") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/vulnerablecomponents/VulnerableComponentsLesson.java b/src/main/java/org/owasp/webgoat/lessons/vulnerablecomponents/VulnerableComponentsLesson.java index cdbdbdcd9..e2edd5667 100644 --- a/src/main/java/org/owasp/webgoat/lessons/vulnerablecomponents/VulnerableComponentsLesson.java +++ b/src/main/java/org/owasp/webgoat/lessons/vulnerablecomponents/VulnerableComponentsLesson.java @@ -37,7 +37,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints({"vulnerable.hint"}) -public class VulnerableComponentsLesson extends AssignmentEndpoint { +public class VulnerableComponentsLesson implements AssignmentEndpoint { @PostMapping("/VulnerableComponents/attack1") public @ResponseBody AttackResult completed(@RequestParam String payload) { diff --git a/src/main/java/org/owasp/webgoat/lessons/webwolfintroduction/LandingAssignment.java b/src/main/java/org/owasp/webgoat/lessons/webwolfintroduction/LandingAssignment.java index 954a3f8f8..152bae920 100644 --- a/src/main/java/org/owasp/webgoat/lessons/webwolfintroduction/LandingAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/webwolfintroduction/LandingAssignment.java @@ -41,7 +41,7 @@ import org.springframework.web.servlet.ModelAndView; * @since 8/20/17. */ @RestController -public class LandingAssignment extends AssignmentEndpoint { +public class LandingAssignment implements AssignmentEndpoint { private final String landingPageUrl; public LandingAssignment(@Value("${webwolf.landingpage.url}") String landingPageUrl) { diff --git a/src/main/java/org/owasp/webgoat/lessons/webwolfintroduction/MailAssignment.java b/src/main/java/org/owasp/webgoat/lessons/webwolfintroduction/MailAssignment.java index 12d969764..274887640 100644 --- a/src/main/java/org/owasp/webgoat/lessons/webwolfintroduction/MailAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/webwolfintroduction/MailAssignment.java @@ -43,7 +43,7 @@ import org.springframework.web.client.RestTemplate; * @since 8/20/17. */ @RestController -public class MailAssignment extends AssignmentEndpoint { +public class MailAssignment implements AssignmentEndpoint { private final String webWolfURL; private RestTemplate restTemplate; diff --git a/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingLesson1.java b/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingLesson1.java index 3d5495e70..79ee3469e 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingLesson1.java +++ b/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingLesson1.java @@ -33,7 +33,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class CrossSiteScriptingLesson1 extends AssignmentEndpoint { +public class CrossSiteScriptingLesson1 implements AssignmentEndpoint { @PostMapping("/CrossSiteScripting/attack1") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingLesson5a.java b/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingLesson5a.java index aebf897cb..dcc1b5903 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingLesson5a.java +++ b/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingLesson5a.java @@ -44,7 +44,7 @@ import org.springframework.web.bind.annotation.RestController; "xss-reflected-5a-hint-3", "xss-reflected-5a-hint-4" }) -public class CrossSiteScriptingLesson5a extends AssignmentEndpoint { +public class CrossSiteScriptingLesson5a implements AssignmentEndpoint { public static final Predicate XSS_PATTERN = Pattern.compile( diff --git a/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingLesson6a.java b/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingLesson6a.java index b3dcd86a9..a6fb245c3 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingLesson6a.java +++ b/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingLesson6a.java @@ -42,7 +42,7 @@ import org.springframework.web.bind.annotation.RestController; "xss-reflected-6a-hint-3", "xss-reflected-6a-hint-4" }) -public class CrossSiteScriptingLesson6a extends AssignmentEndpoint { +public class CrossSiteScriptingLesson6a implements AssignmentEndpoint { private final LessonSession userSessionData; public CrossSiteScriptingLesson6a(LessonSession userSessionData) { diff --git a/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingQuiz.java b/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingQuiz.java index a83a73667..ab2a0a310 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingQuiz.java +++ b/src/main/java/org/owasp/webgoat/lessons/xss/CrossSiteScriptingQuiz.java @@ -35,7 +35,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class CrossSiteScriptingQuiz extends AssignmentEndpoint { +public class CrossSiteScriptingQuiz implements AssignmentEndpoint { private static final String[] solutions = { "Solution 4", "Solution 3", "Solution 1", "Solution 2", "Solution 4" diff --git a/src/main/java/org/owasp/webgoat/lessons/xss/DOMCrossSiteScripting.java b/src/main/java/org/owasp/webgoat/lessons/xss/DOMCrossSiteScripting.java index 0c1471ada..83b927649 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xss/DOMCrossSiteScripting.java +++ b/src/main/java/org/owasp/webgoat/lessons/xss/DOMCrossSiteScripting.java @@ -36,7 +36,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class DOMCrossSiteScripting extends AssignmentEndpoint { +public class DOMCrossSiteScripting implements AssignmentEndpoint { private final LessonSession lessonSession; diff --git a/src/main/java/org/owasp/webgoat/lessons/xss/DOMCrossSiteScriptingVerifier.java b/src/main/java/org/owasp/webgoat/lessons/xss/DOMCrossSiteScriptingVerifier.java index f8c0df318..87a4e74f6 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xss/DOMCrossSiteScriptingVerifier.java +++ b/src/main/java/org/owasp/webgoat/lessons/xss/DOMCrossSiteScriptingVerifier.java @@ -45,7 +45,7 @@ import org.springframework.web.bind.annotation.RestController; "xss-dom-message-hint-5", "xss-dom-message-hint-6" }) -public class DOMCrossSiteScriptingVerifier extends AssignmentEndpoint { +public class DOMCrossSiteScriptingVerifier implements AssignmentEndpoint { private final LessonSession lessonSession; diff --git a/src/main/java/org/owasp/webgoat/lessons/xss/mitigation/CrossSiteScriptingLesson3.java b/src/main/java/org/owasp/webgoat/lessons/xss/mitigation/CrossSiteScriptingLesson3.java index e192d1153..dc59d0cb3 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xss/mitigation/CrossSiteScriptingLesson3.java +++ b/src/main/java/org/owasp/webgoat/lessons/xss/mitigation/CrossSiteScriptingLesson3.java @@ -44,7 +44,7 @@ import org.springframework.web.bind.annotation.RestController; "xss-mitigation-3-hint3", "xss-mitigation-3-hint4" }) -public class CrossSiteScriptingLesson3 extends AssignmentEndpoint { +public class CrossSiteScriptingLesson3 implements AssignmentEndpoint { @PostMapping("/CrossSiteScripting/attack3") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/xss/mitigation/CrossSiteScriptingLesson4.java b/src/main/java/org/owasp/webgoat/lessons/xss/mitigation/CrossSiteScriptingLesson4.java index ac0e4e34e..7afcc5d27 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xss/mitigation/CrossSiteScriptingLesson4.java +++ b/src/main/java/org/owasp/webgoat/lessons/xss/mitigation/CrossSiteScriptingLesson4.java @@ -35,7 +35,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints(value = {"xss-mitigation-4-hint1"}) -public class CrossSiteScriptingLesson4 extends AssignmentEndpoint { +public class CrossSiteScriptingLesson4 implements AssignmentEndpoint { @PostMapping("/CrossSiteScripting/attack4") @ResponseBody diff --git a/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredCrossSiteScriptingVerifier.java b/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredCrossSiteScriptingVerifier.java index 8deb210f0..6a51ab079 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredCrossSiteScriptingVerifier.java +++ b/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredCrossSiteScriptingVerifier.java @@ -35,7 +35,7 @@ import org.springframework.web.bind.annotation.RestController; /** Created by jason on 11/23/16. */ @RestController -public class StoredCrossSiteScriptingVerifier extends AssignmentEndpoint { +public class StoredCrossSiteScriptingVerifier implements AssignmentEndpoint { private final LessonSession lessonSession; diff --git a/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredXssComments.java b/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredXssComments.java index d02c86589..7d9c28fbc 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredXssComments.java +++ b/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredXssComments.java @@ -49,7 +49,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @RestController -public class StoredXssComments extends AssignmentEndpoint { +public class StoredXssComments implements AssignmentEndpoint { private static final DateTimeFormatter fmt = DateTimeFormatter.ofPattern("yyyy-MM-dd, HH:mm:ss"); diff --git a/src/main/java/org/owasp/webgoat/lessons/xxe/BlindSendFileAssignment.java b/src/main/java/org/owasp/webgoat/lessons/xxe/BlindSendFileAssignment.java index 748c43996..55b577259 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xxe/BlindSendFileAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/xxe/BlindSendFileAssignment.java @@ -60,7 +60,7 @@ import org.springframework.web.bind.annotation.RestController; "xxe.blind.hints.4", "xxe.blind.hints.5" }) -public class BlindSendFileAssignment extends AssignmentEndpoint implements Initializable { +public class BlindSendFileAssignment implements AssignmentEndpoint, Initializable { private final String webGoatHomeDirectory; private final CommentsCache comments; diff --git a/src/main/java/org/owasp/webgoat/lessons/xxe/ContentTypeAssignment.java b/src/main/java/org/owasp/webgoat/lessons/xxe/ContentTypeAssignment.java index 0214eb0c8..4f5ed172e 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xxe/ContentTypeAssignment.java +++ b/src/main/java/org/owasp/webgoat/lessons/xxe/ContentTypeAssignment.java @@ -47,7 +47,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @AssignmentHints({"xxe.hints.content.type.xxe.1", "xxe.hints.content.type.xxe.2"}) -public class ContentTypeAssignment extends AssignmentEndpoint { +public class ContentTypeAssignment implements AssignmentEndpoint { private static final String[] DEFAULT_LINUX_DIRECTORIES = {"usr", "etc", "var"}; private static final String[] DEFAULT_WINDOWS_DIRECTORIES = { diff --git a/src/main/java/org/owasp/webgoat/lessons/xxe/SimpleXXE.java b/src/main/java/org/owasp/webgoat/lessons/xxe/SimpleXXE.java index ecf7698e3..2547cbcd4 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xxe/SimpleXXE.java +++ b/src/main/java/org/owasp/webgoat/lessons/xxe/SimpleXXE.java @@ -50,7 +50,7 @@ import org.springframework.web.bind.annotation.RestController; "xxe.hints.simple.xxe.5", "xxe.hints.simple.xxe.6" }) -public class SimpleXXE extends AssignmentEndpoint { +public class SimpleXXE implements AssignmentEndpoint { private static final String[] DEFAULT_LINUX_DIRECTORIES = {"usr", "etc", "var"}; private static final String[] DEFAULT_WINDOWS_DIRECTORIES = { diff --git a/src/main/resources/lessons/lessontemplate/documentation/lesson-template-attack.adoc b/src/main/resources/lessons/lessontemplate/documentation/lesson-template-attack.adoc index f7c9b9a2e..c40a8f4bb 100644 --- a/src/main/resources/lessons/lessontemplate/documentation/lesson-template-attack.adoc +++ b/src/main/resources/lessons/lessontemplate/documentation/lesson-template-attack.adoc @@ -1,13 +1,13 @@ === Step 4: Add an assignment to your lesson With an assignment, a user can practice within a lesson. A lesson can consist of multiple assignments, each assignment -needs to extend the class `AssignmentEndpoint`, let's look at an example: +needs to implement the class `AssignmentEndpoint`, let's look at an example: [source,java] ---- -@RestController // <1> +import org.owasp.webgoat.container.assignments.AssignmentEndpoint;@RestController // <1> @AssignmentHints({"lesson-template.hints.1", "lesson-template.hints.2", "lesson-template.hints.3"}) // <2> -public class SampleAttack extends AssignmentEndpoint { // <3> +public class SampleAttack implements AssignmentEndpoint { // <3> private final String secretValue = "secr37Value"; @@ -32,7 +32,7 @@ public class SampleAttack extends AssignmentEndpoint { // <3> } // else - return builder.failed(this) // <8> + return failed(this) // <8> .feedback("lesson-template.sample-attack.failure-2") .output("Custom output for this failure scenario, usually html that will get rendered directly ... yes, you can self-xss if you want") .build(); @@ -40,7 +40,7 @@ public class SampleAttack extends AssignmentEndpoint { // <3> ---- <1> Every assignment is just a Spring RestController <2> Each assignment can have a list of hints. The actual text needs to be placed in `WebGoatLabels.properties` in the folder `src/main/resources/{lessonName}/i18n` -<3> Each assignment needs to extend the class `AssignmentEndpoint`, giving you some helpful methods you need when you want to mark an assignment as complete +<3> Each assignment needs to implement the interface `AssignmentEndpoint`. This is a marker interface, so no methods need to be implemented <4> As the assignment is a Spring-based class, you can auto wire every component managed by Spring necessary for the assignment <5> Each assignment should at least have one mapping with the method signature (see 6) <6> When the user tries to solve an assignment, you need return an `AttackResult`