aboutsummaryrefslogtreecommitdiffstats
path: root/src/main
diff options
context:
space:
mode:
authorac2550 <ac2550@intl.att.com>2018-03-22 17:04:06 +0100
committerSébastien Determe <sd378r@intl.att.com>2018-03-23 08:47:07 +0000
commit5c4aee562b7fcb42f10aa62011e0ff6297cee867 (patch)
tree4be75b3f39178f36c031a28b683a302773d41485 /src/main
parent3308b5439cb1d046398744e4d913ece518de9532 (diff)
Remove client usage of md5
Md5 usage introduce a security flow by reducing the amount of test needed for a brute force attack. Change-Id: Ifa4e6259d0a3fb06c91c03d1c67470ddd02284fc Issue-ID: CLAMP-143 Signed-off-by: ac2550 <ac2550@intl.att.com>
Diffstat (limited to 'src/main')
-rw-r--r--src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java2
-rw-r--r--src/main/resources/META-INF/resources/designer/index.html1
-rw-r--r--src/main/resources/META-INF/resources/designer/lib/angular-md5.js208
-rw-r--r--src/main/resources/META-INF/resources/designer/scripts/app.js3
-rw-r--r--src/main/resources/META-INF/resources/designer/scripts/authcontroller.js5
-rw-r--r--src/main/resources/clds/clds-users.json4
6 files changed, 5 insertions, 218 deletions
diff --git a/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java b/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java
index 4dff9ce1..0f3d0d59 100644
--- a/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java
+++ b/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java
@@ -130,7 +130,7 @@ public class CldsSecurityConfigUsers extends WebSecurityConfigurerAdapter {
if ("bcrypt".equals(cldsEncoderMethod)) {
return new BCryptPasswordEncoder(cldsBcryptEncoderStrength);
} else {
- throw new CldsConfigException("Invalid clamp.config.security.encoder value. Must be one of [bcrypt, none]");
+ throw new CldsConfigException("Invalid clamp.config.security.encoder value. 'bcrypt' is the only option at this time.");
}
}
}
diff --git a/src/main/resources/META-INF/resources/designer/index.html b/src/main/resources/META-INF/resources/designer/index.html
index 83928a9d..45b0c4b6 100644
--- a/src/main/resources/META-INF/resources/designer/index.html
+++ b/src/main/resources/META-INF/resources/designer/index.html
@@ -106,7 +106,6 @@
<!-- <script src="lib/angular.min.js"></script>-->
<script src="lib/angular-route.js"></script>
<script src="lib/angular-resource.min.js"></script>
- <script src="lib/angular-md5.js"></script>
<!-- jQuery Include and Bootstrap -->
diff --git a/src/main/resources/META-INF/resources/designer/lib/angular-md5.js b/src/main/resources/META-INF/resources/designer/lib/angular-md5.js
deleted file mode 100644
index 7896bb42..00000000
--- a/src/main/resources/META-INF/resources/designer/lib/angular-md5.js
+++ /dev/null
@@ -1,208 +0,0 @@
-/*
- angular-md5 - v0.1.8
- 2015-11-17
-*/
-
-/* commonjs package manager support (eg componentjs) */
-if (typeof module !== "undefined" && typeof exports !== "undefined" && module.exports === exports) {
- module.exports = "angular-md5";
-}
-(function(angular) {
- angular.module("angular-md5", [ "gdi2290.md5" ]);
- angular.module("ngMd5", [ "gdi2290.md5" ]);
- angular.module("gdi2290.md5", [ "gdi2290.gravatar-filter", "gdi2290.md5-service", "gdi2290.md5-filter" ]);
- "use strict";
- angular.module("gdi2290.gravatar-filter", []).filter("gravatar", [ "md5", function(md5) {
- var cache = {};
- return function(text, defaultText) {
- if (!cache[text]) {
- defaultText = defaultText ? md5.createHash(defaultText.toString().toLowerCase()) : "";
- cache[text] = text ? md5.createHash(text.toString().toLowerCase()) : defaultText;
- }
- return cache[text];
- };
- } ]);
- "use strict";
- angular.module("gdi2290.md5-filter", []).filter("md5", [ "md5", function(md5) {
- return function(text) {
- return text ? md5.createHash(text.toString().toLowerCase()) : text;
- };
- } ]);
- "use strict";
- angular.module("gdi2290.md5-service", []).factory("md5", [ function() {
- var md5 = {
- createHash: function(str) {
- if (null === str) {
- return null;
- }
- var xl;
- var rotateLeft = function(lValue, iShiftBits) {
- return lValue << iShiftBits | lValue >>> 32 - iShiftBits;
- };
- var addUnsigned = function(lX, lY) {
- var lX4, lY4, lX8, lY8, lResult;
- lX8 = lX & 2147483648;
- lY8 = lY & 2147483648;
- lX4 = lX & 1073741824;
- lY4 = lY & 1073741824;
- lResult = (lX & 1073741823) + (lY & 1073741823);
- if (lX4 & lY4) {
- return lResult ^ 2147483648 ^ lX8 ^ lY8;
- }
- if (lX4 | lY4) {
- if (lResult & 1073741824) {
- return lResult ^ 3221225472 ^ lX8 ^ lY8;
- } else {
- return lResult ^ 1073741824 ^ lX8 ^ lY8;
- }
- } else {
- return lResult ^ lX8 ^ lY8;
- }
- };
- var _F = function(x, y, z) {
- return x & y | ~x & z;
- };
- var _G = function(x, y, z) {
- return x & z | y & ~z;
- };
- var _H = function(x, y, z) {
- return x ^ y ^ z;
- };
- var _I = function(x, y, z) {
- return y ^ (x | ~z);
- };
- var _FF = function(a, b, c, d, x, s, ac) {
- a = addUnsigned(a, addUnsigned(addUnsigned(_F(b, c, d), x), ac));
- return addUnsigned(rotateLeft(a, s), b);
- };
- var _GG = function(a, b, c, d, x, s, ac) {
- a = addUnsigned(a, addUnsigned(addUnsigned(_G(b, c, d), x), ac));
- return addUnsigned(rotateLeft(a, s), b);
- };
- var _HH = function(a, b, c, d, x, s, ac) {
- a = addUnsigned(a, addUnsigned(addUnsigned(_H(b, c, d), x), ac));
- return addUnsigned(rotateLeft(a, s), b);
- };
- var _II = function(a, b, c, d, x, s, ac) {
- a = addUnsigned(a, addUnsigned(addUnsigned(_I(b, c, d), x), ac));
- return addUnsigned(rotateLeft(a, s), b);
- };
- var convertToWordArray = function(str) {
- var lWordCount;
- var lMessageLength = str.length;
- var lNumberOfWords_temp1 = lMessageLength + 8;
- var lNumberOfWords_temp2 = (lNumberOfWords_temp1 - lNumberOfWords_temp1 % 64) / 64;
- var lNumberOfWords = (lNumberOfWords_temp2 + 1) * 16;
- var lWordArray = new Array(lNumberOfWords - 1);
- var lBytePosition = 0;
- var lByteCount = 0;
- while (lByteCount < lMessageLength) {
- lWordCount = (lByteCount - lByteCount % 4) / 4;
- lBytePosition = lByteCount % 4 * 8;
- lWordArray[lWordCount] = lWordArray[lWordCount] | str.charCodeAt(lByteCount) << lBytePosition;
- lByteCount++;
- }
- lWordCount = (lByteCount - lByteCount % 4) / 4;
- lBytePosition = lByteCount % 4 * 8;
- lWordArray[lWordCount] = lWordArray[lWordCount] | 128 << lBytePosition;
- lWordArray[lNumberOfWords - 2] = lMessageLength << 3;
- lWordArray[lNumberOfWords - 1] = lMessageLength >>> 29;
- return lWordArray;
- };
- var wordToHex = function(lValue) {
- var wordToHexValue = "", wordToHexValue_temp = "", lByte, lCount;
- for (lCount = 0; lCount <= 3; lCount++) {
- lByte = lValue >>> lCount * 8 & 255;
- wordToHexValue_temp = "0" + lByte.toString(16);
- wordToHexValue = wordToHexValue + wordToHexValue_temp.substr(wordToHexValue_temp.length - 2, 2);
- }
- return wordToHexValue;
- };
- var x = [], k, AA, BB, CC, DD, a, b, c, d, S11 = 7, S12 = 12, S13 = 17, S14 = 22, S21 = 5, S22 = 9, S23 = 14, S24 = 20, S31 = 4, S32 = 11, S33 = 16, S34 = 23, S41 = 6, S42 = 10, S43 = 15, S44 = 21;
- x = convertToWordArray(str);
- a = 1732584193;
- b = 4023233417;
- c = 2562383102;
- d = 271733878;
- xl = x.length;
- for (k = 0; k < xl; k += 16) {
- AA = a;
- BB = b;
- CC = c;
- DD = d;
- a = _FF(a, b, c, d, x[k + 0], S11, 3614090360);
- d = _FF(d, a, b, c, x[k + 1], S12, 3905402710);
- c = _FF(c, d, a, b, x[k + 2], S13, 606105819);
- b = _FF(b, c, d, a, x[k + 3], S14, 3250441966);
- a = _FF(a, b, c, d, x[k + 4], S11, 4118548399);
- d = _FF(d, a, b, c, x[k + 5], S12, 1200080426);
- c = _FF(c, d, a, b, x[k + 6], S13, 2821735955);
- b = _FF(b, c, d, a, x[k + 7], S14, 4249261313);
- a = _FF(a, b, c, d, x[k + 8], S11, 1770035416);
- d = _FF(d, a, b, c, x[k + 9], S12, 2336552879);
- c = _FF(c, d, a, b, x[k + 10], S13, 4294925233);
- b = _FF(b, c, d, a, x[k + 11], S14, 2304563134);
- a = _FF(a, b, c, d, x[k + 12], S11, 1804603682);
- d = _FF(d, a, b, c, x[k + 13], S12, 4254626195);
- c = _FF(c, d, a, b, x[k + 14], S13, 2792965006);
- b = _FF(b, c, d, a, x[k + 15], S14, 1236535329);
- a = _GG(a, b, c, d, x[k + 1], S21, 4129170786);
- d = _GG(d, a, b, c, x[k + 6], S22, 3225465664);
- c = _GG(c, d, a, b, x[k + 11], S23, 643717713);
- b = _GG(b, c, d, a, x[k + 0], S24, 3921069994);
- a = _GG(a, b, c, d, x[k + 5], S21, 3593408605);
- d = _GG(d, a, b, c, x[k + 10], S22, 38016083);
- c = _GG(c, d, a, b, x[k + 15], S23, 3634488961);
- b = _GG(b, c, d, a, x[k + 4], S24, 3889429448);
- a = _GG(a, b, c, d, x[k + 9], S21, 568446438);
- d = _GG(d, a, b, c, x[k + 14], S22, 3275163606);
- c = _GG(c, d, a, b, x[k + 3], S23, 4107603335);
- b = _GG(b, c, d, a, x[k + 8], S24, 1163531501);
- a = _GG(a, b, c, d, x[k + 13], S21, 2850285829);
- d = _GG(d, a, b, c, x[k + 2], S22, 4243563512);
- c = _GG(c, d, a, b, x[k + 7], S23, 1735328473);
- b = _GG(b, c, d, a, x[k + 12], S24, 2368359562);
- a = _HH(a, b, c, d, x[k + 5], S31, 4294588738);
- d = _HH(d, a, b, c, x[k + 8], S32, 2272392833);
- c = _HH(c, d, a, b, x[k + 11], S33, 1839030562);
- b = _HH(b, c, d, a, x[k + 14], S34, 4259657740);
- a = _HH(a, b, c, d, x[k + 1], S31, 2763975236);
- d = _HH(d, a, b, c, x[k + 4], S32, 1272893353);
- c = _HH(c, d, a, b, x[k + 7], S33, 4139469664);
- b = _HH(b, c, d, a, x[k + 10], S34, 3200236656);
- a = _HH(a, b, c, d, x[k + 13], S31, 681279174);
- d = _HH(d, a, b, c, x[k + 0], S32, 3936430074);
- c = _HH(c, d, a, b, x[k + 3], S33, 3572445317);
- b = _HH(b, c, d, a, x[k + 6], S34, 76029189);
- a = _HH(a, b, c, d, x[k + 9], S31, 3654602809);
- d = _HH(d, a, b, c, x[k + 12], S32, 3873151461);
- c = _HH(c, d, a, b, x[k + 15], S33, 530742520);
- b = _HH(b, c, d, a, x[k + 2], S34, 3299628645);
- a = _II(a, b, c, d, x[k + 0], S41, 4096336452);
- d = _II(d, a, b, c, x[k + 7], S42, 1126891415);
- c = _II(c, d, a, b, x[k + 14], S43, 2878612391);
- b = _II(b, c, d, a, x[k + 5], S44, 4237533241);
- a = _II(a, b, c, d, x[k + 12], S41, 1700485571);
- d = _II(d, a, b, c, x[k + 3], S42, 2399980690);
- c = _II(c, d, a, b, x[k + 10], S43, 4293915773);
- b = _II(b, c, d, a, x[k + 1], S44, 2240044497);
- a = _II(a, b, c, d, x[k + 8], S41, 1873313359);
- d = _II(d, a, b, c, x[k + 15], S42, 4264355552);
- c = _II(c, d, a, b, x[k + 6], S43, 2734768916);
- b = _II(b, c, d, a, x[k + 13], S44, 1309151649);
- a = _II(a, b, c, d, x[k + 4], S41, 4149444226);
- d = _II(d, a, b, c, x[k + 11], S42, 3174756917);
- c = _II(c, d, a, b, x[k + 2], S43, 718787259);
- b = _II(b, c, d, a, x[k + 9], S44, 3951481745);
- a = addUnsigned(a, AA);
- b = addUnsigned(b, BB);
- c = addUnsigned(c, CC);
- d = addUnsigned(d, DD);
- }
- var temp = wordToHex(a) + wordToHex(b) + wordToHex(c) + wordToHex(d);
- return temp.toLowerCase();
- }
- };
- return md5;
- } ]);
-})(angular); \ No newline at end of file
diff --git a/src/main/resources/META-INF/resources/designer/scripts/app.js b/src/main/resources/META-INF/resources/designer/scripts/app.js
index 19906d96..a1e48a62 100644
--- a/src/main/resources/META-INF/resources/designer/scripts/app.js
+++ b/src/main/resources/META-INF/resources/designer/scripts/app.js
@@ -46,7 +46,6 @@ var app = angular.module('clds-app', ['ngRoute',
'ui.grid.exporter',
'angucomplete',
'kendo.directives',
- 'angular-md5'
])
.config(['cfpLoadingBarProvider', function(cfpLoadingBarProvider) {
@@ -77,8 +76,6 @@ var app = angular.module('clds-app', ['ngRoute',
function($routeProvider, $locationProvider,
cfpLoadingBarProvider, $timeout, dialogs,
$cookies) {
- console
- .log("$routeProvider','$locationProvider', '$compileProvider','cfpLoadingBarProvider','md5'")
$locationProvider.html5Mode(false);
// alert("App.js");
diff --git a/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js b/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js
index b138c96a..0072a24d 100644
--- a/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js
+++ b/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js
@@ -23,7 +23,7 @@
'use strict';
-function AuthenticateCtrl($scope, $rootScope, $window, $resource, $http, $location, $cookies, md5) {
+function AuthenticateCtrl($scope, $rootScope, $window, $resource, $http, $location, $cookies) {
console.log("//////////AuthenticateCtrl");
$scope.getInclude = function() {
console.log("getInclude011111111");
@@ -50,10 +50,9 @@ function AuthenticateCtrl($scope, $rootScope, $window, $resource, $http, $locati
$window.localStorage.setItem("isInvalidUser", true);
return;
}
- var hashpass = md5.createHash(pass);
var headers = username ? {
authorization: "Basic " +
- btoa(username + ":" + hashpass)
+ btoa(username + ":" + pass)
} : {};
// send request to a test API with the username/password to verify the authorization
$http.get('/restservices/clds/v1/user/testUser', {
diff --git a/src/main/resources/clds/clds-users.json b/src/main/resources/clds/clds-users.json
index 3fa32e81..8be08e1d 100644
--- a/src/main/resources/clds/clds-users.json
+++ b/src/main/resources/clds/clds-users.json
@@ -1,6 +1,6 @@
[{
"user":"admin",
- "password":"$2a$10$j7wM0G1gcpJTJygRY2ZG8O2HafSwlvM.tIb18/eusVPKBhrpwB6xC",
+ "password":"$2a$10$H/e21kl04Dw9C978CHuM7OewyMGUN5WGzAAx7SgIaR4ix8.wTcssi",
"permissions":
[
"permission-type-cl|dev|read",
@@ -12,7 +12,7 @@
},
{
"user":"cs0008",
- "password":"$2a$10$j7wM0G1gcpJTJygRY2ZG8O2HafSwlvM.tIb18/eusVPKBhrpwB6xC",
+ "password":"$2a$10$H/e21kl04Dw9C978CHuM7OewyMGUN5WGzAAx7SgIaR4ix8.wTcssi",
"permissions":
[
"permission-type-cl|dev|read",