WebGoat

Author	SHA1	Message	Date
Nanne Baars	14a6efedf3	Add extra documentation for using the correct algorithm but removing the signature.	2021-09-29 15:21:09 +02:00
Àngel Ollé Blázquez	362248a065	Fix token signature validation	2021-09-29 13:51:17 +02:00
Nanne Baars	a14e84d5c5	#1039 : Fix token Replace `name` with `user` and add `admin`	2021-09-05 13:07:56 +02:00
Nanne Baars	a1071e9c00	Fix return type of asciidoctor macro implementation.	2021-04-23 15:11:56 +02:00
Nanne Baars	e49f5d610f	#961 : Give each user its own schema for the lessons This way we can reset a lesson using the database for each user and not for all users at once. Also solves the issue that when someone solves the lesson it is solved for all users on the same WebGoat instance	2021-04-16 13:28:07 +02:00
Nanne Baars	14621003d7	Remove banner.txt as you can set it with a property in application.properties	2021-03-31 19:31:13 +02:00
Nanne Baars	cda852f4e8	Run unit tests again for all lessons and rewrite all to JUnit 5 Due to the migration to Spring Boot 2.4 the Vintage dependency was no longer included by default, resulting in skipping all unit tests.	2021-03-31 19:31:13 +02:00
Nanne Baars	59e04dee6e	Fix typo	2021-03-15 17:48:13 +01:00
Nanne Baars	5a16ea514a	Fix quiz	2021-03-15 17:48:13 +01:00
Nanne Baars	8d2d82764f	Assignment 8 loads JWT key again	2021-03-15 17:48:13 +01:00
Nanne Baars	dedb2f9fef	Open new tab when clicking on JWT link for WebWolf	2021-03-15 17:48:13 +01:00
Nanne Baars	8b89667d9d	Fix quiz, first should be second	2021-03-15 17:48:13 +01:00
Nanne Baars	c798e4be32	Fix JWT integration tests	2021-03-15 17:48:13 +01:00
Nanne Baars	f2ab5c1968	Update JWT lesson	2021-03-15 17:48:13 +01:00
Nanne Baars	142631c7a0	WIP	2021-03-15 17:48:13 +01:00
Elie De Brauwer	966d7a7aed	JWT_refresh.adoc: Fix spelling issues	2020-05-24 09:37:47 +02:00
Nanne Baars	4f649234a9	Fix Java 11 issue where the order of methods returned in AssignmentEndpoint subclasses returned wrong method for determining the mapping of an assignment. Now we walk over all methods until we find one which has for example a @GetMapping with `AttackResult` or `ResponseEntity<AttackResult` as return type. If no such method is found an exception is thrown	2020-04-19 15:42:50 +02:00
Nanne Baars	6c25cf8e43	Add path traversal lesson	2020-03-10 08:03:48 +01:00
René Zubcevic	3b050a856a	tested solution with unit test and verfied with lesson 5 on ie	2020-02-28 23:11:29 +01:00
René Zubcevic	71d9c4b61a	first steps	2020-02-28 23:11:29 +01:00
René Zubcevic	4e371b63d0	suppressing some useless log messages and banners in unit tests (#752 ) * suppressing some useless log messages and banners in unit tests * some more log suppressed	2020-01-25 12:11:45 +01:00
Nanne Baars	5dd6b31905	Adjust lesson template (#704 ) * Remove method `getId()` from all lessons as it defaults to the class name * remove clean up endpoint * remove unused class `RequestParameter` * remove unused class `PluginLoadingFailure` * Move `CourseConfiguration` to lesson package * Add more content around the lesson template lesson and make it visible as a lesson in WebGoat * Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult` * Put original solution back as well for SQL string injection * review comments * Add	2019-11-17 13:39:56 +01:00
Nanne Baars	ba74898441	Add JavaScript to assignment otherwise you will not be able to see the flow of the endpoint	2019-11-12 09:12:37 +01:00
Nanne Baars	1d477bd0e8	Rename endpoint in JavaScript as backend call uses different endpoint	2019-11-12 09:12:37 +01:00
Nanne Baars	ddf6ac9bdb	Improve handling of missing parameters, now returns HTTP/401 (#698 )	2019-11-03 18:27:03 +01:00
Nanne Baars	1a83e2825e	Code style (#696 ) * Remove Guava dependency from WebGoat * Add Checkstyle to the project with very basic standards so we have a style across lessons. It does not interfere with basic Intellij formatting	2019-11-03 18:11:09 +01:00
Nanne Baars	25dae3a4a8	Fix merge request	2019-10-30 08:28:14 +01:00
Nanne Baars	dad9c75ee0	Fix tests after updating from develop, changes applied for migrating to Spring Boot 2	2019-09-23 17:35:04 +02:00
Nanne Baars	35c1305ce9	Merge conflicts resolved	2019-09-23 07:34:27 +02:00
Nanne Baars	e8d086ac9b	All successful	2019-09-20 07:59:04 +02:00
Nanne Baars	82ad0a7cc7	Finally working	2019-09-18 17:53:43 +02:00
Rene Zubcevic	57e6a84cef	fixed and improved first two jwt challenges	2019-09-17 18:33:05 +02:00
Nanne Baars	5e6f825e64	WIP	2019-09-13 16:42:13 +02:00
Nanne Baars	216b29fca2	Clean up in pom files	2019-07-24 20:37:32 +02:00
Matthias Grundmann	81aac93dfe	Usage base64 encoded password as expected by JJWT	2018-06-13 17:58:52 +02:00
Matthias Grundmann	f383454440	Fix spelling in JWT lesson	2018-06-12 11:02:51 +02:00
Matthias Grundmann	a7b82985d4	Fix usage of JJWT API which expects base64 encoded strings as key	2018-06-12 11:01:23 +02:00
Nanne Baars	4e07e0ebfa	Fix links to open new browser tab	2018-05-29 14:04:33 +02:00
Nanne Baars	6e95fdfe56	Adjusted documentation	2018-05-29 13:33:52 +02:00
Nanne Baars	e045bc692d	Buying page also calculates the prices Product image added	2018-05-29 12:47:27 +02:00
Nanne Baars	589872ad47	Fix for JWT assignment 1 log in now works again. Reset button only triggers reset when admin is set to true in the token	2018-05-29 11:20:40 +02:00
Nanne Baars	8d7ecb19d7	Added testcases for all JWT endpoints	2018-05-23 14:28:19 +02:00
Nanne Baars	e0cf5b4a84	Removed under construction from JWT lesson	2018-05-23 14:28:19 +02:00
Nanne Baars	5b524d3a94	Added more unit tests	2018-05-23 14:28:19 +02:00
Nanne Baars	dda6f674a3	Last assignment for JWT tokens finished	2018-05-23 14:28:19 +02:00
Nanne Baars	e06d4642eb	Fix error in testcase	2018-05-23 14:28:19 +02:00
Nanne Baars	4a8fdcf887	Fix content-type for login (gives error in console of browser)	2018-05-23 14:28:19 +02:00
Nanne Baars	fd96ba18f1	Added test cases for solving the lesson	2018-05-23 14:28:19 +02:00
Nanne Baars	60ef35e241	Working lesson	2018-05-23 14:28:19 +02:00
Nanne Baars	9d7886d572	More JWT work	2018-05-23 14:28:19 +02:00

1 2

55 Commits