Skip to content

C
CTF
Commit 44d9ad54 authored by Grzegorz Pietrusza's avatar Grzegorz Pietrusza
Browse files
Options

inline flagchercker methods into tasksrepo

parent 5f53a626
Hide whitespace changes
Inline Side-by-side
Showing with 68 additions and 96 deletions
service/src/main/java/CTFApplication.java
View file @ 44d9ad54
......@@ -6,7 +6,6 @@ import com.google.inject.AbstractModule;
import com.google.inject.Guice;
import com.google.inject.Injector;
import core.ApplicationConfiguration;
import core.FlagChecker;
import core.TaskType;
import database.MongoDBConnector;
import io.dropwizard.Application;
......@@ -32,7 +31,6 @@ public class CTFApplication extends Application<ApplicationConfiguration> {
private UsersRepository usersRepository; //todo: refactor to injects
private TasksRepository tasksRepository; //todo: refactor to injects
private FlagChecker flagChecker; //todo: inject
@Override
public void run(ApplicationConfiguration applicationConfiguration, Environment environment) throws Exception {
......@@ -116,18 +114,19 @@ public class CTFApplication extends Application<ApplicationConfiguration> {
TeamsRepository teamsRepository = new TeamsRepository(dbConnector);
usersRepository = new UsersRepository(dbConnector, teamsRepository);
SolutionsRepository solutionsRepository = new SolutionsRepository(dbConnector);
flagChecker = new FlagChecker(applicationConfiguration, tasksRepository, teamsRepository, solutionsRepository);
tasksRepository = new TasksRepository(dbConnector, flagChecker);
tasksRepository = new TasksRepository(applicationConfiguration, dbConnector, teamsRepository, solutionsRepository);
bind(FlagChecker.class).toInstance(flagChecker);
bind(TeamsRepository.class).toInstance(teamsRepository);
bind(TasksRepository.class).toInstance(tasksRepository);
bind(UsersRepository.class).toInstance(usersRepository);
bind(TeamsResource.class).toInstance(new TeamsResource(teamsRepository));
bind(TasksResource.class).toInstance(new TasksResource(tasksRepository, teamsRepository,
solutionsRepository, flagChecker));
bind(TasksResource.class).toInstance(new TasksResource(applicationConfiguration, tasksRepository, teamsRepository,
solutionsRepository));
bind(ProxyResource.class).toInstance(new ProxyResource());
//todo: use se methods to inject ?
//todo: or rethink classes
}
});
}
......
service/src/main/java/api/TasksResource.java
View file @ 44d9ad54
package api;
import core.FlagChecker;
import core.ApplicationConfiguration;
import io.dropwizard.auth.Auth;
import objects.Task;
import objects.User;
......@@ -14,9 +14,8 @@ import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
/**
* Created by gpietrus on 16.02.16.
......@@ -25,18 +24,18 @@ import java.util.stream.Collectors;
@Produces(MediaType.APPLICATION_JSON)
public class TasksResource
{
private ApplicationConfiguration applicationConfiguration;
private TasksRepository tasksRepository;
private TeamsRepository teamsRepository;
private SolutionsRepository solutionsRepository;
private FlagChecker flagChecker;
@Inject
public TasksResource(TasksRepository tasksRepository, TeamsRepository teamsRepository,
SolutionsRepository solutionsRepository, FlagChecker flagChecker) {
public TasksResource(ApplicationConfiguration applicationConfiguration, TasksRepository tasksRepository, TeamsRepository teamsRepository,
SolutionsRepository solutionsRepository) {
this.applicationConfiguration = applicationConfiguration;
this.tasksRepository = tasksRepository;
this.teamsRepository = teamsRepository;
this.solutionsRepository = solutionsRepository;
this.flagChecker = flagChecker;
}
@GET
......@@ -46,14 +45,14 @@ public class TasksResource
@GET
@Path("my")
public List<String> getUserFlags(@Auth User user) {
return tasksRepository.getUserFlagsHashes(user.getName()).stream().map(Map.Entry::getValue).collect(Collectors.toList());
public Collection<String> getUserFlags(@Auth User user) {
return tasksRepository.getUserFlagsHashes(user.getName()).values();
}
@POST
public boolean submitSolution(@Auth User user,
String flag) throws Exception {
return flagChecker.checkFlag(user.getName(), flag);
return tasksRepository.checkFlag(user.getName(), flag);
}
}
service/src/main/java/core/FlagChecker.java deleted 100644 → 0
View file @ 5f53a626
package core;
import objects.Solution;
import objects.Task;
import org.apache.commons.codec.binary.Hex;
import repositories.SolutionsRepository;
import repositories.TasksRepository;
import repositories.TeamsRepository;
import javax.inject.Inject;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
import java.util.Optional;
/**
* Created by gpietrus on 20.02.2016.
*/
public class FlagChecker {
private String salt = "SECURE_SALT"; //todo
private TasksRepository tasksRepository;
private TeamsRepository teamsRepository;
private SolutionsRepository solutionsRepository;
private ApplicationConfiguration applicationConfiguration;
@Inject
public FlagChecker(ApplicationConfiguration applicationConfiguration, TasksRepository tasksRepository, TeamsRepository teamsRepository, SolutionsRepository solutionsRepository) {
this.applicationConfiguration = applicationConfiguration;
this.tasksRepository = tasksRepository;
this.teamsRepository = teamsRepository;
this.solutionsRepository = solutionsRepository;
}
public String calculateHashValue(String username, String flagValue) { //todo
String combinedStrings = salt + username + flagValue; //todo
MessageDigest md5 = null;//todo: discuss
try {
md5 = MessageDigest.getInstance(applicationConfiguration.getFlagHashMethod());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
String encodedHash = Hex.encodeHexString(md5.digest(combinedStrings.getBytes()));
return encodedHash;
}
private void acceptSolution(String username, Task task) {
//todo: getname, of get id?
solutionsRepository.add(new Solution(teamsRepository.getTeamByUser(username).getName(), task.getName()));
}
private boolean compareHash(String hash, String username) throws Exception {
Optional<Map.Entry<Task, String>> matchingHash = tasksRepository.getUserFlagsHashes(username)
.stream()
.filter(taskHashEntry -> taskHashEntry.getValue().equals(hash))
.findFirst();
if (matchingHash.isPresent()) {
acceptSolution(username, matchingHash.get().getKey());
return true;
}
return false;
}
public boolean checkFlag(String username, String flagValue) throws Exception {
String hash = calculateHashValue(username, flagValue);
return compareHash(hash, username);
}
}
service/src/main/java/repositories/TasksRepository.java
View file @ 44d9ad54
package repositories;
import core.FlagChecker;
import core.ApplicationConfiguration;
import database.MongoDBConnector;
import objects.Solution;
import objects.Task;
import org.apache.commons.codec.binary.Hex;
import org.bson.Document;
import javax.inject.Inject;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.*;
import java.util.stream.Collectors;
......@@ -14,13 +18,19 @@ import java.util.stream.Collectors;
*/
public class TasksRepository implements Repository {
private final FlagChecker flagChecker;
private ApplicationConfiguration applicationConfiguration;
private MongoDBConnector mongoDBConnector;
private TeamsRepository teamsRepository;
private SolutionsRepository solutionsRepository;
private String salt = "SECURE_SALT"; //todo
@Inject
public TasksRepository(MongoDBConnector mongoDBConnector, FlagChecker flagChecker) {
public TasksRepository(ApplicationConfiguration applicationConfiguration, MongoDBConnector mongoDBConnector,
TeamsRepository teamsRepository, SolutionsRepository solutionsRepository) {
this.applicationConfiguration = applicationConfiguration;
this.mongoDBConnector = mongoDBConnector;
this.flagChecker = flagChecker;
this.teamsRepository = teamsRepository;
this.solutionsRepository = solutionsRepository;
}
public void get(UUID uuid) {
......@@ -42,13 +52,48 @@ public class TasksRepository implements Repository {
mongoDBConnector.removeCollection("tasks");
}
public Set<Map.Entry<Task, String>> getUserFlagsHashes(String username) {
public Map<Task, String> getUserFlagsHashes(String username) {
return this.getAll().stream()
.collect(Collectors.toMap(
task -> task,
task -> flagChecker.calculateHashValue(username, task.getFlag().getValue())
))
.entrySet();
task -> calculateHashValue(username, task.getFlag().getValue())
));
}
public String calculateHashValue(String username, String flagValue) { //todo
String combinedStrings = salt + username + flagValue; //todo
MessageDigest md5 = null;//todo: discuss
try {
md5 = MessageDigest.getInstance(applicationConfiguration.getFlagHashMethod());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
String encodedHash = Hex.encodeHexString(md5.digest(combinedStrings.getBytes()));
return encodedHash;
}
private void acceptSolution(String username, Task task) {
//todo: getname, of get id?
solutionsRepository.add(new Solution(teamsRepository.getTeamByUser(username).getName(), task.getName()));
}
private boolean compareHash(String hash, String username) throws Exception {
// Optional<Map.Entry<Task, String>> matchingHash = getUserFlagsHashes(username)
// .stream()
// .filter(taskHashEntry -> taskHashEntry.getValue().equals(hash))
// .findFirst();
if (getUserFlagsHashes(username).values().contains(hash)) {
// acceptSolution(username, .get().getKey());
return true;
}
return false;
}
public boolean checkFlag(String username, String flagValue) throws Exception {
// String hash = calculateHashValue(username, flagValue);
return compareHash(flagValue, username);
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment