init sonar

2024-11-10 18:00:11 +01:00 · 2024-06-02 11:42:30 +01:00 · 2024-06-02 11:42:30 +01:00 · c4a620e3f5
commit c4a620e3f5
parent 995de6abc3
4 changed files with 24 additions and 17 deletions
--- a/src/main/java/stirling/software/SPDF/LibreOfficeListener.java
+++ b/src/main/java/stirling/software/SPDF/LibreOfficeListener.java
@ -10,7 +10,7 @@ import io.github.pixee.security.SystemCommand;

 public class LibreOfficeListener {

-    private static final long ACTIVITY_TIMEOUT = 20 * 60 * 1000; // 20 minutes
+    private static final long ACTIVITY_TIMEOUT = 20L * 60 * 1000; // 20 minutes

    private static final LibreOfficeListener INSTANCE = new LibreOfficeListener();
    private static final int LISTENER_PORT = 2002;
@ -29,11 +29,11 @@ public class LibreOfficeListener {
    private boolean isListenerRunning() {
        try {
            System.out.println("waiting for listener to start");
-            Socket socket = new Socket();
-            socket.connect(
+            try (Socket socket = new Socket()) {
+                socket.connect(
                    new InetSocketAddress("localhost", 2002), 1000); // Timeout after 1 second
-            socket.close();
-            return true;
+                return true;
+            }
        } catch (IOException e) {
            return false;
        }
@ -63,6 +63,7 @@ public class LibreOfficeListener {
                        try {
                            Thread.sleep(5000); // Check for inactivity every 5 seconds
                        } catch (InterruptedException e) {
+                        	Thread.currentThread().interrupt();
                            break;
                        }
                    }
@ -80,7 +81,7 @@ public class LibreOfficeListener {
            try {
                Thread.sleep(1000);
            } catch (InterruptedException e) {
-                // TODO Auto-generated catch block
+            	Thread.currentThread().interrupt();
                e.printStackTrace();
            } // Check every 1 second
        }
--- a/src/main/java/stirling/software/SPDF/config/security/CustomAuthenticationFailureHandler.java
+++ b/src/main/java/stirling/software/SPDF/config/security/CustomAuthenticationFailureHandler.java
@ -47,12 +47,14 @@ public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationF
            response.sendRedirect("/login?error=oauth2AuthenticationError");
            return;
        }
-
+        
        String username = request.getParameter("username");
-        if (username != null && !isDemoUser(username)) {
+        Optional<User> optUser = userService.findByUsernameIgnoreCase(username);
+        
+        if (username != null && optUser.isPresent() && !isDemoUser(optUser) ) {
            logger.info(
                    "Remaining attempts for user {}: {}",
-                    username,
+                    optUser.get().getUsername(),
                    loginAttemptService.getRemainingAttempts(username));
            loginAttemptService.loginFailed(username);
            if (loginAttemptService.isBlocked(username)
@ -70,8 +72,7 @@ public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationF
        super.onAuthenticationFailure(request, response, exception);
    }

-    private boolean isDemoUser(String username) {
-        Optional<User> user = userService.findByUsernameIgnoreCase(username);
+    private boolean isDemoUser(Optional<User> user) {
        return user.isPresent()
                && user.get().getAuthorities().stream()
                        .anyMatch(authority -> "ROLE_DEMO_USER".equals(authority.getAuthority()));
--- a/src/main/java/stirling/software/SPDF/config/security/LoginAttemptService.java
+++ b/src/main/java/stirling/software/SPDF/config/security/LoginAttemptService.java
@ -33,7 +33,6 @@ public class LoginAttemptService {
    }

    public void loginSucceeded(String key) {
-        logger.info(key + " " + attemptsCache.mappingCount());
        if (key == null || key.trim().isEmpty()) {
            return;
        }
--- a/src/main/java/stirling/software/SPDF/config/security/oauth2/CustomOAuth2LogoutSuccessHandler.java
+++ b/src/main/java/stirling/software/SPDF/config/security/oauth2/CustomOAuth2LogoutSuccessHandler.java
@ -60,13 +60,13 @@ public class CustomOAuth2LogoutSuccessHandler extends SimpleUrlLogoutSuccessHand
            issuer = oauth.getIssuer();
            clientId = oauth.getClientId();
        }
-
+        String errorMessage = "";
        if (request.getParameter("oauth2AuthenticationErrorWeb") != null) {
            param = "erroroauth=oauth2AuthenticationErrorWeb";
-        } else if (request.getParameter("error") != null) {
-            param = "error=" + request.getParameter("error");
-        } else if (request.getParameter("erroroauth") != null) {
-            param = "erroroauth=" + request.getParameter("erroroauth");
+        } else if ((errorMessage = request.getParameter("error")) != null) {
+            param = "error=" + sanitizeInput(errorMessage);
+        } else if ((errorMessage = request.getParameter("erroroauth")) != null) {
+            param = "erroroauth=" + sanitizeInput(errorMessage);
        } else if (request.getParameter("oauth2AutoCreateDisabled") != null) {
            param = "error=oauth2AutoCreateDisabled";
        }
@ -115,4 +115,10 @@ public class CustomOAuth2LogoutSuccessHandler extends SimpleUrlLogoutSuccessHand
                break;
        }
    }
+    
+
+    private String sanitizeInput(String input) {
+        return input.replaceAll("[^a-zA-Z0-9 ]", "");
+    }
+    
 }