Merge branch 'postmethod'

service/configuration.local.yml

@@ -15,6 +15,11 @@ startupConfiguration:
 
 digestMethod: "MD5"
 
+proxiedHeaders:
+  - "KYN_2016"
+  - "EY_HEADER"
+  - "Content-Type"
+
 admins:
   - name: "gpietrus_admin"
     password: "41b450e73c974fca46911eba84e114f2" #gpietrus md5

service/configuration.prod.yml

@@ -15,6 +15,11 @@ startupConfiguration:
 
 digestMethod: "MD5"
 
+proxiedHeaders:
+  - "KYN_2016"
+  - "EY_HEADER"
+  - "Content-Type"
+
 admins:
   - name: "gpietrus_admin"
     password: "41b450e73c974fca46911eba84e114f2" #gpietrus md5

service/src/main/java/com/telephoners/krakyournet/ctf/beans/tasks/Task.java

@@ -2,13 +2,11 @@ package com.telephoners.krakyournet.ctf.beans.tasks;
 
 import com.fasterxml.jackson.annotation.JsonInclude;
 import com.telephoners.krakyournet.ctf.beans.Flag;
-import com.telephoners.krakyournet.ctf.beans.User;
 import com.telephoners.krakyournet.ctf.helpers.PublicProperty;
 import org.bson.types.ObjectId;
 import org.mongodb.morphia.annotations.Entity;
 import org.mongodb.morphia.annotations.Id;
 
-import javax.ws.rs.container.ContainerRequestContext;
 import java.io.IOException;
 import java.util.List;
 
@@ -38,7 +36,7 @@ public abstract class Task
     {
     }
 
-    public abstract TaskResponse getTaskResponse(User user, String path, ContainerRequestContext containerRequestContext) throws IOException;
+    public abstract TaskResponse getTaskResponse(TaskRequestContext taskRequestContext) throws IOException;
 
     public String getName()
     {

service/src/main/java/com/telephoners/krakyournet/ctf/beans/tasks/TaskRequestContext.java

+package com.telephoners.krakyournet.ctf.beans.tasks;
+
+import com.telephoners.krakyournet.ctf.beans.User;
+
+import java.util.Map;
+
+public class TaskRequestContext
+{
+    private String httpMethod; //todo: use class
+    private User user;
+    private String path;
+    private String body;
+    private Map<String, String> headers;
+
+    public TaskRequestContext withHttpMethod(String httpMethod)
+    {
+        this.httpMethod = httpMethod;
+        return this;
+    }
+
+    public TaskRequestContext withUser(User user)
+    {
+        this.user = user;
+        return this;
+    }
+
+    public TaskRequestContext withPath(String path)
+    {
+        this.path = path;
+        return this;
+    }
+
+    public TaskRequestContext withBody(String body) {
+        this.body = body;
+        return this;
+    }
+
+    public TaskRequestContext withHeaders(Map<String, String> headers) {
+        this.headers = headers;
+        return this;
+    }
+
+    public String getHttpMethod()
+    {
+        return httpMethod;
+    }
+
+    public User getUser()
+    {
+        return user;
+    }
+
+    public String getPath()
+    {
+        return path;
+    }
+
+    public String getBody()
+    {
+        return body;
+    }
+
+    public Map<String, String> getHeaders()
+    {
+        return headers;
+    }
+}

service/src/main/java/com/telephoners/krakyournet/ctf/beans/tasks/TaskResponse.java

 package com.telephoners.krakyournet.ctf.beans.tasks;
 
+import java.util.Map;
+
 public class TaskResponse
 {
     private String text;
-    private String kynHeader;
+    private Map<String, String> headers;
 
-    public TaskResponse(String text, String kynHeader)
+    public TaskResponse(String text, Map<String,String> headers)
     {
         this.text = text;
-        this.kynHeader = kynHeader;
+        this.headers = headers;
     }
 
     public String getText()
     {
-
         return text;
     }
 
-    public String getKynHeader()
+    public Map<String, String> getHeaders()
     {
-        return kynHeader;
+        return headers;
     }
 }
\ No newline at end of file

service/src/main/java/com/telephoners/krakyournet/ctf/beans/tasks/TextTask.java

@@ -6,6 +6,7 @@ import com.telephoners.krakyournet.ctf.beans.User;
 import org.mongodb.morphia.annotations.Entity;
 
 import javax.ws.rs.container.ContainerRequestContext;
+import java.io.IOException;
 import java.util.List;
 
 @Entity("tasks")
@@ -24,12 +25,12 @@ public class TextTask extends Task
     {
     }
 
-    public TaskResponse getTaskResponse(User user, String path, ContainerRequestContext containerRequestContext)
+    @Override
+    public TaskResponse getTaskResponse(TaskRequestContext taskRequestContext) throws IOException
     {
         return new TaskResponse(text, null);
     }
 
-
     public void setText(String text)
     {
         this.text = text;

service/src/main/java/com/telephoners/krakyournet/ctf/beans/tasks/WebTask.java

 package com.telephoners.krakyournet.ctf.beans.tasks;
 
 import com.fasterxml.jackson.annotation.JsonInclude;
-import com.google.common.base.Joiner;
 import com.telephoners.krakyournet.ctf.beans.Flag;
 import com.telephoners.krakyournet.ctf.beans.User;
 import com.telephoners.krakyournet.ctf.helpers.StreamUtils;
-import org.apache.http.Header;
 import org.apache.http.client.methods.CloseableHttpResponse;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClients;
 import org.mongodb.morphia.annotations.Entity;
 
-import javax.ws.rs.container.ContainerRequestContext;
 import java.io.IOException;
 import java.util.List;
 
@@ -34,15 +31,27 @@ public class WebTask extends Task
     }
 
     @Override
+    public TaskResponse getTaskResponse(TaskRequestContext taskRequestContext) throws IOException
+    {
+        String url = getUrl() + taskRequestContext.getPath();
+        //todo: header in
+        CloseableHttpResponse response = proxyRequest(url, taskRequestContext.getUser(), null);
+        String text = StreamUtils.readStream(response.getEntity().getContent());
+        //todo: header out
+        TaskResponse taskResponse = new TaskResponse(text, null);//todo: build with
+        return taskResponse;
+    }
+
+    /*
     public TaskResponse getTaskResponse(User user, String path, ContainerRequestContext context) throws IOException
     {
-        String url = getUrl() + path;
         String kynHeaderValue = context.getHeaderString(KYN_HEADER_NAME);
         CloseableHttpResponse response = proxyRequest(url, user, kynHeaderValue);
         String text = StreamUtils.readStream(response.getEntity().getContent());
         Header kynHeader = response.getFirstHeader(KYN_HEADER_NAME);
         return new TaskResponse(text, kynHeader != null ? kynHeader.getValue() : null); //todo: needs refactorig
     }
+    */
 
     public String getUrl()
     {

service/src/main/java/com/telephoners/krakyournet/ctf/core/ApplicationConfiguration.java

@@ -8,6 +8,7 @@ import io.dropwizard.Configuration;
 
 import javax.validation.constraints.NotNull;
 import java.util.List;
+import java.util.Set;
 
 public class ApplicationConfiguration extends Configuration
 {
@@ -38,6 +39,9 @@ public class ApplicationConfiguration extends Configuration
     @NotNull
     private StartupConfiguration startupConfiguration;
 
+    @NotNull
+    private Set<String> proxiedHeaders;
+
     public List<User> getAdmins()
     {
         return admins;
@@ -132,4 +136,14 @@ public class ApplicationConfiguration extends Configuration
     {
         this.startupConfiguration = startupConfiguration;
     }
+
+    public Set<String> getProxiedHeaders()
+    {
+        return proxiedHeaders;
+    }
+
+    public void setProxiedHeaders(Set<String> proxiedHeaders)
+    {
+        this.proxiedHeaders = proxiedHeaders;
+    }
 }

service/src/main/java/com/telephoners/krakyournet/ctf/resources/TaskResource.java

@@ -2,7 +2,10 @@ package com.telephoners.krakyournet.ctf.resources;
 
 import com.telephoners.krakyournet.ctf.beans.User;
 import com.telephoners.krakyournet.ctf.beans.tasks.Task;
+import com.telephoners.krakyournet.ctf.beans.tasks.TaskRequestContext;
 import com.telephoners.krakyournet.ctf.beans.tasks.TaskResponse;
+import com.telephoners.krakyournet.ctf.core.ApplicationConfiguration;
+import com.telephoners.krakyournet.ctf.helpers.StreamUtils;
 import com.telephoners.krakyournet.ctf.repositories.TasksRepository;
 import io.dropwizard.auth.Auth;
 import org.glassfish.jersey.server.ContainerRequest;
@@ -10,49 +13,114 @@ import org.glassfish.jersey.server.ContainerRequest;
 import javax.inject.Inject;
 import javax.inject.Singleton;
 import javax.ws.rs.GET;
+import javax.ws.rs.POST;
 import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
 import javax.ws.rs.container.ContainerRequestContext;
 import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
 import java.io.IOException;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
 
 @Singleton
 @Path(value = "/task")
 public class TaskResource
 {
+    private final ApplicationConfiguration applicationConfiguration;
     private final TasksRepository tasksRepository;
-    private static final String KYN_HEADER_NAME = "KYN_2016"; //todo, move to configuration
 
     @Inject
-    public TaskResource(TasksRepository tasksRepository)
+    public TaskResource(ApplicationConfiguration applicationConfiguration, TasksRepository tasksRepository)
     {
+        this.applicationConfiguration = applicationConfiguration;
         this.tasksRepository = tasksRepository;
     }
 
+    //todo: name
+    private TaskResponse getTaskResponse(int taskLevel, TaskRequestContext taskRequestContext) throws IOException
+    {
+        Task task = tasksRepository.getByLevel(taskLevel);
+        return task.getTaskResponse(taskRequestContext);
+    }
+
+    private Map<String, String> extractProxiedHeaders(MultivaluedMap<String, String> headers) {
+        Set<String> proxiedHeaders = applicationConfiguration.getProxiedHeaders();
+        return headers.entrySet()
+                .stream()
+                .filter(header -> proxiedHeaders.contains(header.getKey()))
+                .collect(Collectors.toMap(
+                        Map.Entry::getKey,
+                        entry -> entry.getValue().get(0) //todo: check
+                ));
+    }
+
     @Path("{task_level}/{path: .*}")
     @GET
-    public Response getTask(@Auth User user,
+    public Response getTaskGet(@Auth User user,
+                                final @PathParam("task_level") int taskLevel,
+                                final @PathParam("path") String path,
+                                @Context ContainerRequestContext containerRequestContext) throws IOException
+    {
+        String fullPath = path;
+        String query = ((ContainerRequest)containerRequestContext).getRequestUri().getQuery();
+        if(query != null) {
+            fullPath += query;
+        }
+        Map<String, String> headers = extractProxiedHeaders(containerRequestContext.getHeaders());//todo: inline
+        TaskRequestContext taskRequestContext = new TaskRequestContext()
+                .withHttpMethod("POST")
+                .withUser(user)
+                .withPath(fullPath)
+                .withHeaders(headers);
+
+        TaskResponse taskResponse = getTaskResponse(taskLevel, taskRequestContext);
+
+
+        Response.ResponseBuilder responseBuilder = Response.ok()
+                .entity(taskResponse.getText());
+
+        taskResponse.getHeaders().entrySet()
+                .stream()
+                .forEach(headerEntry -> responseBuilder.header(headerEntry.getKey(), headerEntry.getValue()));
+        return responseBuilder.build();
+    }
+
+    @Path("{task_level}/{path: .*}")
+    @POST
+    public Response getTaskPost(@Auth User user,
                             final @PathParam("task_level") int taskLevel,
                             final @PathParam("path") String path,
                             @Context ContainerRequestContext containerRequestContext) throws IOException
     {
-        Task task = tasksRepository.getByLevel(taskLevel);
-        //todo: refactor, path not necessary in textTasks
-        ContainerRequest context = (ContainerRequest) containerRequestContext;
-        String query = context.getRequestUri().getQuery();
-
         String fullPath = path;
-        if(query != null) { //todo: refactor
-            fullPath = fullPath + "?" + query;
-        }
-        TaskResponse taskResponse = task.getTaskResponse(user, fullPath, containerRequestContext);
-        Response.ResponseBuilder responseBuilder = Response.ok();
-        responseBuilder.entity(taskResponse.getText());
-        String kynHeaderValue = taskResponse.getKynHeader();
-        if(kynHeaderValue != null) {
-            responseBuilder.header(KYN_HEADER_NAME, kynHeaderValue);
+        String query = ((ContainerRequest)containerRequestContext).getRequestUri().getQuery();
+        if(query != null) {
+            fullPath += query;
         }
+        String body = StreamUtils.readStream(containerRequestContext.getEntityStream());
+        //todo: TaskContextFrom
+
+        Map<String, String> headers = extractProxiedHeaders(containerRequestContext.getHeaders());//todo: inline
+
+        TaskRequestContext taskRequestContext = new TaskRequestContext()
+                .withHttpMethod("POST")
+                .withUser(user)
+                .withPath(fullPath)
+                .withBody(body)
+                .withHeaders(headers);
+
+        TaskResponse taskResponse = getTaskResponse(taskLevel, taskRequestContext);
+
+        Response.ResponseBuilder responseBuilder = Response.ok()
+                .entity(taskResponse.getText());
+
+        taskResponse.getHeaders().entrySet()
+                .stream()
+                .forEach(headerEntry -> responseBuilder.header(headerEntry.getKey(), headerEntry.getValue()));
+
         return responseBuilder.build();
     }
 }