Closes: gh-2072
* chore: add Maven wrapper jar file
This way we don't download it every time from a Maven repository saving some band with.
* chore: remove @authors tag
* fix: correct number of solved assignments in report card
Filter the list of assignments to accurately count the number of solved assignments.
Closes: gh-2063
* chore: remove scoreboard code
This is added when we run a CTF challenge during OWASP AppSecEU in 2017. We can remove this code.
Closes: gh-2064
- Add and show correct hints
- Fix solving the lesson immediately when you register as tom. Now uses `informationMessage` to display a message in the UI
- Add Playwright test
Closes: gh-2045
Instead of using Robot Framework which does not run during a `mvn install`. Playwright seems to be the better approach. We can now write them as normal JUnit test and they are executed during a build.
Additionally this PR solves some interesting bugs found during writing Playwright tests:
- A reset of a lesson removes all assignments as a result another user wouldn't see any assignments
- If someone solves an assignment the assignment automatically got solved for a new user since the assignment included the `solved` flag which immediately got copied to new lesson progress.
- Introduction of assignment progress linking a assignment not directly to all users.
* refactor: rewrite hints
Use active voice and fix grammar issues.
* fix: use Thymeleaf `th:action`
* fix: JWT kid/jku lessons
Split the JavaScript into two files they pointed to the same URL
The JWTs are now valid, they parse successfully.
The paths now include `/kid` and `/jku` to make sure the hints match accordingly in the UI. Otherwise `/delete` would pick up both hints from both assignments as the paths overlap.
Closes: #1715
* fix: update to latest pre-commit version
* fix: increase timeouts for server to start during integration tests
* fix: use banners correctly
* fix: passing command line arguments
Since we already have `webwolf.port` it makes sense to also define `webwolf.port` explicitly and not rely on `server.port`
Closes: #1910
* refactor: modernize code
* refactor: move to Tomcat
* chore: bump to Spring Boot 3.3.3
* refactor: use Testcontainers to run integration tests
* refactor: lesson/assignment progress
* chore: format code
* refactor: first step into removing base class for assignment
Always been a bit of an ugly construction, as none of the dependencies are clear. The constructors are hidden due to autowiring the base class. This PR removes two of the fields.
As a bonus we now wire the authentication principal directly in the controllers.
* refactor: use authentication principal directly.
* refactor: pass lesson to the endpoints
No more need to get the current lesson set in a session. The lesson is now passed to the endpoints.
* fix: Testcontainers cannot run on Windows host in Github actions.
Since we have Windows specific paths let's run it standalone for now. We need to run these tests on Docker as well (for now disabled)
Turns out that using this method sometimes fails with an exception about unable to delete a directory.
The stacktrace points to:
```
java.nio.file.FileSystemException: /tmp/webwolf-fileserver/dumbanddummer/xxe_a11.dtd: Not a directory
at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:100) ~[na:na]
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106) ~[na:na]
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) ~[na:na]
at java.base/sun.nio.fs.UnixFileSystemProvider.implDelete(UnixFileSystemProvider.java:248) ~[na:na]
at java.base/sun.nio.fs.AbstractFileSystemProvider.deleteIfExists(AbstractFileSystemProvider.java:110) ~[na:na]
at java.base/java.nio.file.Files.deleteIfExists(Files.java:1191) ~[na:na]
at java.base/java.nio.file.Files.copy(Files.java:3147) ~[na:na]
at io.undertow.server.handlers.form.FormData$FileItem.write(FormData.java:274) ~[undertow-core-2.3.10.Final.jar!/:2.3.10.Final]
at io.undertow.servlet.spec.PartImpl.write(PartImpl.java:119) ~[undertow-servlet-2.3.10.Final.jar!/:2.3.10.Final]
at org.springframework.web.multipart.support.StandardMultipartHttpServletRequest$StandardMultipartFile.transferTo(StandardMultipartHttpServletRequest.java:254) ~[spring-web-6.0.13.jar!/:6.0.13]
at org.owasp.webgoat.webwolf.FileServer.importFile(FileServer.java:89)
```
It has to do with the underlying implmentation in Undertow. An explaination can be found here: https://stackoverflow.com/questions/60336929/java-nio-file-nosuchfileexception-when-file-transferto-is-called
The solution is to take the input stream and use a simple `Files.copy()` to copy the file.
Closes: #1737
* fix: report card
Fix and simplify calculation of the number of assignments a user solved.
Rename `UserTracker` to `UserProgress`
Rename `LessonTracker` to `LessonProgress`
Rename tables in database
