362248a065
Fix token signature validation
2021-09-29 13:51:17 +02:00
a14e84d5c5
#1039 : Fix token
...
Replace `name` with `user` and add `admin`
2021-09-05 13:07:56 +02:00
a1071e9c00
Fix return type of asciidoctor macro implementation.
2021-04-23 15:11:56 +02:00
e49f5d610f
#961 : Give each user its own schema for the lessons
...
This way we can reset a lesson using the database for each user and not for all users at once.
Also solves the issue that when someone solves the lesson it is solved for all users on the same WebGoat instance
2021-04-16 13:28:07 +02:00
14621003d7
Remove banner.txt as you can set it with a property in application.properties
2021-03-31 19:31:13 +02:00
cda852f4e8
Run unit tests again for all lessons and rewrite all to JUnit 5
...
Due to the migration to Spring Boot 2.4 the Vintage dependency was no longer included by default, resulting in skipping all unit tests.
2021-03-31 19:31:13 +02:00
59e04dee6e
Fix typo
2021-03-15 17:48:13 +01:00
5a16ea514a
Fix quiz
2021-03-15 17:48:13 +01:00
8d2d82764f
Assignment 8 loads JWT key again
2021-03-15 17:48:13 +01:00
dedb2f9fef
Open new tab when clicking on JWT link for WebWolf
2021-03-15 17:48:13 +01:00
8b89667d9d
Fix quiz, first should be second
2021-03-15 17:48:13 +01:00
c798e4be32
Fix JWT integration tests
2021-03-15 17:48:13 +01:00
f2ab5c1968
Update JWT lesson
2021-03-15 17:48:13 +01:00
142631c7a0
WIP
2021-03-15 17:48:13 +01:00
966d7a7aed
JWT_refresh.adoc: Fix spelling issues
2020-05-24 09:37:47 +02:00
4f649234a9
Fix Java 11 issue where the order of methods returned in AssignmentEndpoint subclasses returned wrong method for determining the mapping of an assignment. Now we walk over all methods until we find one which has for example a @GetMapping with AttackResult or ResponseEntity<AttackResult as return type. If no such method is found an exception is thrown
2020-04-19 15:42:50 +02:00
6c25cf8e43
Add path traversal lesson
2020-03-10 08:03:48 +01:00
3b050a856a
tested solution with unit test and verfied with lesson 5 on ie
2020-02-28 23:11:29 +01:00
71d9c4b61a
first steps
2020-02-28 23:11:29 +01:00
4e371b63d0
suppressing some useless log messages and banners in unit tests ( #752 )
...
* suppressing some useless log messages and banners in unit tests
* some more log suppressed
2020-01-25 12:11:45 +01:00
5dd6b31905
Adjust lesson template ( #704 )
...
* Remove method `getId()` from all lessons as it defaults to the class name
* remove clean up endpoint
* remove unused class `RequestParameter`
* remove unused class `PluginLoadingFailure`
* Move `CourseConfiguration` to lesson package
* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat
* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`
* Put original solution back as well for SQL string injection
* review comments
* Add
2019-11-17 13:39:56 +01:00
ba74898441
Add JavaScript to assignment otherwise you will not be able to see the flow of the endpoint
2019-11-12 09:12:37 +01:00
1d477bd0e8
Rename endpoint in JavaScript as backend call uses different endpoint
2019-11-12 09:12:37 +01:00
ddf6ac9bdb
Improve handling of missing parameters, now returns HTTP/401 ( #698 )
2019-11-03 18:27:03 +01:00
1a83e2825e
Code style ( #696 )
...
* Remove Guava dependency from WebGoat
* Add Checkstyle to the project with very basic standards so we have a
style across lessons. It does not interfere with basic Intellij formatting
2019-11-03 18:11:09 +01:00
25dae3a4a8
Fix merge request
2019-10-30 08:28:14 +01:00
dad9c75ee0
Fix tests after updating from develop, changes applied for migrating to Spring Boot 2
2019-09-23 17:35:04 +02:00
35c1305ce9
Merge conflicts resolved
2019-09-23 07:34:27 +02:00
e8d086ac9b
All successful
2019-09-20 07:59:04 +02:00
82ad0a7cc7
Finally working
2019-09-18 17:53:43 +02:00
57e6a84cef
fixed and improved first two jwt challenges
2019-09-17 18:33:05 +02:00
5e6f825e64
WIP
2019-09-13 16:42:13 +02:00
216b29fca2
Clean up in pom files
2019-07-24 20:37:32 +02:00
81aac93dfe
Usage base64 encoded password as expected by JJWT
2018-06-13 17:58:52 +02:00
f383454440
Fix spelling in JWT lesson
2018-06-12 11:02:51 +02:00
a7b82985d4
Fix usage of JJWT API which expects base64 encoded strings as key
2018-06-12 11:01:23 +02:00
4e07e0ebfa
Fix links to open new browser tab
2018-05-29 14:04:33 +02:00
6e95fdfe56
Adjusted documentation
2018-05-29 13:33:52 +02:00
e045bc692d
Buying page also calculates the prices
...
Product image added
2018-05-29 12:47:27 +02:00
589872ad47
Fix for JWT assignment 1 log in now works again.
...
Reset button only triggers reset when admin is set to true in the token
2018-05-29 11:20:40 +02:00
8d7ecb19d7
Added testcases for all JWT endpoints
2018-05-23 14:28:19 +02:00
e0cf5b4a84
Removed under construction from JWT lesson
2018-05-23 14:28:19 +02:00
5b524d3a94
Added more unit tests
2018-05-23 14:28:19 +02:00
dda6f674a3
Last assignment for JWT tokens finished
2018-05-23 14:28:19 +02:00
e06d4642eb
Fix error in testcase
2018-05-23 14:28:19 +02:00
4a8fdcf887
Fix content-type for login (gives error in console of browser)
2018-05-23 14:28:19 +02:00
fd96ba18f1
Added test cases for solving the lesson
2018-05-23 14:28:19 +02:00
60ef35e241
Working lesson
2018-05-23 14:28:19 +02:00
9d7886d572
More JWT work
2018-05-23 14:28:19 +02:00
7a0820bf89
WIP
2018-05-23 14:28:19 +02:00
