WEB-68 Service to return WebGoat Version and Build Number

src/main/java/org/owasp/webgoat/application/Application.java

@@ -0,0 +1,88 @@
+/*
+ * To change this license header, choose License Headers in Project Properties.
+ * To change this template file, choose Tools | Templates
+ * and open the template in the editor.
+ */
+package org.owasp.webgoat.application;
+
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.builder.ToStringBuilder;
+
+/**
+ * Singleton which is created on context startup
+ *
+ * @author rlawson
+ */
+public class Application {
+
+    private static final Application INSTANCE = new Application();
+
+    private Application() {
+
+    }
+
+    public static final Application getInstance() {
+        return INSTANCE;
+    }
+
+    private String version = "local";
+    private String build = "local";
+    private String name = "WebGoat";
+
+    /**
+     * @return the version
+     */
+    public String getVersion() {
+        return version;
+    }
+
+    /**
+     * @param version the version to set
+     */
+    public void setVersion(String version) {
+        if (StringUtils.isNotBlank(version)) {
+            this.version = version;
+        }
+    }
+
+    /**
+     * @return the build
+     */
+    public String getBuild() {
+        return build;
+    }
+
+    /**
+     * @param build the build to set
+     */
+    public void setBuild(String build) {
+        if (StringUtils.isNotBlank(build)) {
+            this.build = build;
+        }
+    }
+
+    /**
+     * @return the name
+     */
+    public String getName() {
+        return name;
+    }
+
+    /**
+     * @param name the name to set
+     */
+    public void setName(String name) {
+        if (StringUtils.isNotBlank(name)) {
+            this.name = name;
+        }
+    }
+
+    @Override
+    public String toString() {
+        return new ToStringBuilder(this).
+                append("name", name).
+                append("version", version).
+                append("build", build).
+                toString();
+    }
+}

src/main/java/org/owasp/webgoat/application/WebGoatServletListener.java

@@ -0,0 +1,52 @@
+/*
+ * To change this license header, choose License Headers in Project Properties.
+ * To change this template file, choose Tools | Templates
+ * and open the template in the editor.
+ */
+package org.owasp.webgoat.application;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.jar.Attributes;
+import java.util.jar.Manifest;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletContextEvent;
+import javax.servlet.ServletContextListener;
+
+/**
+ * Web application lifecycle listener.
+ *
+ * @author rlawson
+ */
+public class WebGoatServletListener implements ServletContextListener {
+
+    @Override
+    public void contextInitialized(ServletContextEvent sce) {
+        ServletContext context = sce.getServletContext();
+        context.log("WebGoat is starting");
+        setApplicationVariables(context);
+    }
+
+    @Override
+    public void contextDestroyed(ServletContextEvent sce) {
+        ServletContext context = sce.getServletContext();
+        context.log("WebGoat is stopping");
+    }
+
+    private void setApplicationVariables(ServletContext context) {
+        Application app = Application.getInstance();
+        try {
+            InputStream inputStream = context.getResourceAsStream("/META-INF/MANIFEST.MF");
+            Manifest manifest = new Manifest(inputStream);
+            Attributes attr = manifest.getMainAttributes();
+            String name = attr.getValue("Specification-Title");
+            String version = attr.getValue("Specification-Version");
+            String build = attr.getValue("Implementation-Version");
+            app.setName(name);
+            app.setVersion(version);
+            app.setBuild(build);
+        } catch (IOException ioe) {
+            context.log("Error setting application variables", ioe);
+        }
+    }
+}

src/main/java/org/owasp/webgoat/controller/Start.java

@@ -10,6 +10,7 @@ import javax.servlet.ServletContext;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
 import org.apache.commons.lang3.StringUtils;
+import org.owasp.webgoat.application.Application;
 import org.owasp.webgoat.session.WebSession;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -55,6 +56,10 @@ public class Start {
 
         String contactEmail = servletContext.getInitParameter("email");
         model.addObject("contactEmail", contactEmail);
+        Application app = Application.getInstance();
+        logger.info("Setting application properties: " + app);
+        model.addObject("version", app.getVersion());
+        model.addObject("build", app.getBuild());
 
         // if everything ok then go to webgoat UI
         model.setViewName("main_new");

src/main/java/org/owasp/webgoat/service/ApplicationService.java

@@ -0,0 +1,59 @@
+/**
+ * *************************************************************************************************
+ *
+ *
+ * This file is part of WebGoat, an Open Web Application Security Project
+ * utility. For details, please see http://www.owasp.org/
+ *
+ * Copyright (c) 2002 - 20014 Bruce Mayhew
+ *
+ * This program is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free Software
+ * Foundation; either version 2 of the License, or (at your option) any later
+ * version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
+ * Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ * Getting Source ==============
+ *
+ * Source for this application is maintained at
+ * https://github.com/WebGoat/WebGoat, a repository for free software projects.
+ *
+ * For details, please see http://webgoat.github.io
+ */
+package org.owasp.webgoat.service;
+
+import javax.servlet.http.HttpSession;
+import org.owasp.webgoat.application.Application;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+/**
+ *
+ * @author rlawson
+ */
+@Controller
+public class ApplicationService extends BaseService {
+
+    /**
+     * Returns global application info
+     *
+     * @param session
+     * @return
+     */
+    @RequestMapping(value = "/application.mvc", produces = "application/json")
+    public @ResponseBody
+    Application showApplication(HttpSession session) {
+        Application app = Application.getInstance();
+        return app;
+    }
+
+}