Last assignment for JWT tokens finished

2018-05-22 17:06:03 +02:00
parent e06d4642eb
commit dda6f674a3
10 changed files with 394 additions and 45 deletions
--- a/webgoat-lessons/jwt/src/main/resources/html/JWT.html
+++ b/webgoat-lessons/jwt/src/main/resources/html/JWT.html
@ -110,49 +110,101 @@

    <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/jwt.css}"/>
    <script th:src="@{/lesson_js/bootstrap.min.js}" language="JavaScript"></script>
-    <script th:src="@{/lesson_js/jwt-final.js}" language="JavaScript"></script>
+    <script th:src="@{/lesson_js/jwt-refresh.js}" language="JavaScript"></script>
    <div class="attack-container">
        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
        <form class="attack-form" accept-charset="UNKNOWN"
              method="POST"
-              successCallback="jwtSigningCallback"
-              action="/WebGoat/JWT/refresh/reset"
+              additionalHeaders="addBearerToken"
+              action="/WebGoat/JWT/refresh/checkout"
              enctype="application/json;charset=UTF-8">
            <div class="container-fluid">
-                <div class="col-sm-6 col-md-4 col-lg-3 mt-4">
-                    <div class="card card-inverse card-info">
-                        <img th:src="@{/images/jerry.png}" class="card-img-top"></img>
-                        <div class="card-block">
-                            <figure class="profile profile-inline">
-                                <img th:src="@{/images/jerry.png}" class="profile-avatar" alt=""></img>
-                            </figure>
-                            <h4 class="card-title">Jerry</h4>
-                            <div class="card-text">
-                                Jerry is a small, brown, house mouse.
-                            </div>
-                        </div>
-                        <div class="card-footer">
-                            <small>Last updated 12 minutes ago</small>
-                            <button class="btn btn-info float-right btn-sm">Follow</button>
-                        </div>
-                    </div>
-                </div>
-                <div class="col-sm-6 col-md-4 col-lg-3 mt-4">
-                    <div class="card card-inverse card-info">
-                        <img th:src="@{/images/tom.png}" class="card-img-top"></img>
-                        <div class="card-block">
-                            <figure class="profile profile-inline">
-                                <img th:src="@{/images/tom.png}" class="profile-avatar" alt=""></img>
-                            </figure>
-                            <h4 class="card-title">Tom</h4>
-                            <div class="card-text">
-                                Tom is a grey and white domestic short hair cat.
-                            </div>
-                        </div>
-                        <div class="card-footer">
-                            <small>Last updated 12 days ago</small>
-                            <button class="btn btn-info float-right btn-sm">Follow</button>
-                        </div>
+                <div class="row">
+                    <div class="col-sm-12 col-md-10 col-md-offset-1">
+                        <table class="table table-hover">
+                            <thead>
+                            <tr>
+                                <th>Product</th>
+                                <th>Quantity</th>
+                                <th class="text-center">Price</th>
+                                <th class="text-center">Total</th>
+                                <th> </th>
+                            </tr>
+                            </thead>
+                            <tbody>
+                            <tr>
+                                <td class="col-sm-8 col-md-6">
+                                    <div class="media">
+                                        <img class="media-object" src="http://icons.iconarchive.com/icons/custom-icon-design/flatastic-2/72/product-icon.png" style="width: 72px; height: 72px;"></img>
+                                        <div class="media-body">
+                                            <h4 class="media-heading"><a href="#">Learn defending your application with WebGoat</a></h4>
+                                            <h5 class="media-heading"> by <a href="#">WebGoat Publishing</a></h5>
+                                            <span>Status: </span><span
+                                                class="text-success"><strong>In Stock</strong></span>
+                                        </div>
+                                    </div>
+                                </td>
+                                <td class="col-sm-1 col-md-1" style="text-align: center">
+                                    <input type="text" class="form-control" id="quantity1" value="3"></input>
+                                </td>
+                                <td class="col-sm-1 col-md-1 text-center"><strong>$4.87</strong></td>
+                                <td class="col-sm-1 col-md-1 text-center"><strong>$14.61</strong></td>
+                                <td class="col-sm-1 col-md-1">
+                                    <button type="button" class="btn btn-danger">
+                                        <span class="glyphicon glyphicon-remove"></span> Remove
+                                    </button>
+                                </td>
+                            </tr>
+                            <tr>
+                                <td class="col-md-6">
+                                    <div class="media">
+                                        <img class="media-object" src="http://icons.iconarchive.com/icons/custom-icon-design/flatastic-2/72/product-icon.png" style="width: 72px; height: 72px;"></img>
+                                        <div class="media-body">
+                                            <h4 class="media-heading"><a href="#">Pentesting for professionals</a></h4>
+                                            <h5 class="media-heading"> by <a href="#">WebWolf Publishing</a></h5>
+                                            <span>Status: </span><span class="text-warning"><strong>Leaves warehouse in 2 - 3 weeks</strong></span>
+                                        </div>
+                                    </div>
+                                </td>
+                                <td class="col-md-1" style="text-align: center">
+                                    <input type="text" class="form-control" id="quantity2" value="2"></input>
+                                </td>
+                                <td class="col-md-1 text-center"><strong>$4.99</strong></td>
+                                <td class="col-md-1 text-center"><strong>$9.98</strong></td>
+                                <td class="col-md-1">
+                                    <button type="button" class="btn btn-danger">
+                                        <span class="glyphicon glyphicon-remove"></span> Remove
+                                    </button>
+                                </td>
+                            </tr>
+                            </tbody>
+                            <tfoot>
+                            <tr>
+                                <td>  </td>
+                                <td>  </td>
+                                <td>  </td>
+                                <td><h5>Subtotal<br></br>Estimated shipping</h5>
+                                    <h3>Total</h3></td>
+                                <td class="text-right"><h5><strong>$24.59<br></br>$6.94</strong></h5>
+                                    <h3>$31.53</h3></td>
+                            </tr>
+                            <tr>
+                                <td>  </td>
+                                <td>  </td>
+                                <td>  </td>
+                                <td>
+                                    <button type="button" class="btn btn-default">
+                                        <span class="glyphicon glyphicon-shopping-cart"></span> Continue Shopping
+                                    </button>
+                                </td>
+                                <td>
+                                    <button type="submit" class="btn btn-success">
+                                        Checkout <span class="glyphicon glyphicon-play"></span>
+                                    </button>
+                                </td>
+                            </tr>
+                            </tfoot>
+                        </table>
                    </div>
                </div>
            </div>
@ -209,7 +261,9 @@
                        </div>
                        <div class="card-footer">
                            <small>Last updated 12 days ago</small>
-                            <button type="button" class="btn btn-info float-right btn-sm" onclick="javascript:follow('Tom')">Follow</button>
+                            <button type="button" class="btn btn-info float-right btn-sm"
+                                    onclick="javascript:follow('Tom')">Follow
+                            </button>
                            <button class="btn btn-info float-right btn-sm">Delete</button>
                        </div>
                    </div>