Password reset link test condition more strict and move all WebWolf links to /WebWolf (#1645)

* better check on host and port for password reset and make context roots more flexible * spotless applied * removed hardcoded /WebGoat from js * removed hardcoded /WebGoat from js * fix spotless * fix scoreboard * upgrade WebWolf bootstrap version and icons and templates - part 1 * fixed more bootstrap 5 style issues and context path issues * organized WebSecurityConfig based on latest conventions and added basic support for oauth (more work needed) * spotless applied * added mock bean * requires updates to properties - commented for now * requires updates to properties - commented for now * oauth secrets through env values * user creation after oauth login * integration test against non default context paths * adjusted StartupMessage * add global model element username * conditionally show login oauth links * fixed WebWolf login --------- Co-authored-by: René Zubcevic <rene@Mac-mini-van-Rene.local>
2023-11-14 10:01:59 +01:00
parent 5a4974f3c2
commit d1e44bbc98
114 changed files with 2763 additions and 546 deletions
--- a/src/main/resources/lessons/missingac/html/MissingFunctionAC.html
+++ b/src/main/resources/lessons/missingac/html/MissingFunctionAC.html
@ -53,7 +53,7 @@
        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
        <form class="attack-form" accept-charset="UNKNOWN"
              method="POST" name="form"
-              action="/WebGoat/access-control/hidden-menu">
+              action="access-control/hidden-menu">

            <p>Hidden item 1 <input name="hiddenMenu1" value="" type="TEXT"/></p>
            <p>Hidden item 2 <input name="hiddenMenu2" value="" type="TEXT"/></p>
@ -76,7 +76,7 @@
        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
        <form class="attack-form" accept-charset="UNKNOWN"
              method="POST" name="form"
-              action="/WebGoat/access-control/user-hash">
+              action="access-control/user-hash">

            <p>Your Hash: <input name="userHash" value="" type="TEXT"/></p>
            <br/>
@ -98,7 +98,7 @@
        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
        <form class="attack-form" accept-charset="UNKNOWN"
              method="POST" name="form"
-              action="/WebGoat/access-control/user-hash-fix">
+              action="access-control/user-hash-fix">

            <p>Your Hash: <input name="userHash" value="" type="TEXT"/></p>
            <br/>