Skip to content
Snippets Groups Projects
Commit abdd152b authored by Eirik Steira's avatar Eirik Steira
Browse files

Merge branch 'Auth' into 'dev'

Auth

See merge request !12
parents b1605fca cc2f85cc
No related branches found
No related tags found
2 merge requests!13Weekly Merge To Master,!12Auth
Pipeline #74061 passed
......@@ -5,6 +5,10 @@ target/
.idea/
*.properties
*.iml
bin/
.settings/
.classpath
.project
# User-specific stuff
.idea/**/workspace.xml
......
......@@ -30,6 +30,23 @@
<artifactId>javafx-fxml</artifactId>
<version>13</version>
</dependency>
<dependency>
<groupId>com.drewnoakes</groupId>
<artifactId>metadata-extractor</artifactId>
<version>2.13.0</version>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter</artifactId>
<version>RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>RELEASE</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.zaxxer</groupId>
<artifactId>HikariCP</artifactId>
......
package utils;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Random;
public class Authorizer {
public static Random r = new SecureRandom();
/**
* Hashes password with salt from getSalt method
* @param password desired password as input
* @return hashed password
* @throws NoSuchAlgorithmException
*/
public static boolean setPassword(String username, String password) throws NoSuchAlgorithmException {
String hashedPassword = null;
byte[] salt = getSalt();
StringBuilder sb = new StringBuilder();
if (username == null || password == null) {
throw new IllegalArgumentException("Input cannot be null");
}
if(password.isBlank() || password.isEmpty()) {
throw new IllegalArgumentException("Password cannot be blank");
}
if (username.isEmpty() || username.isBlank()) {
throw new IllegalArgumentException("Username cannot be blank");
}
try{
MessageDigest md = MessageDigest.getInstance("SHA-512");
md.update(salt);
byte[] bytes = md.digest(password.getBytes());
//Converts the StringBuilder to hexadecimal
for(int i = 0; i < bytes.length; i++) {
sb.append((Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1)));
}
//Gets the whole hash in hexformat into a string
hashedPassword = sb.toString();
}
catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
//TODO: Need to make database connection here
return false;
}
/**
* Gets hash and salt from database with the username
* Hashes input password with same algorithm and salt as when created
* Compares the expected has and the new hash
* @param username to get the stored hash on give user
* @param password that will be hashed and compared to original hash
* @return boolean of whether the hashes are similiar or not
*/
public static boolean isCorrectPassword(String username, String password) {
//TODO: get password salt and hash with username from db
byte[] dbSalt = null;
String expectedHash = null;
if(dbSalt == null) {
throw new IllegalArgumentException("Salt cannot be null");
}
else if(expectedHash == null) {
throw new IllegalArgumentException("Hash cannot be null");
}
else if(username.isEmpty() || password.isEmpty()) {
throw new IllegalArgumentException("Input cannot be empty");
}
if(password.isBlank() || username.isBlank()) {
throw new IllegalArgumentException("Password cannot be blank");
}
String hashedInputPassword = createHashWithPredeterminedSalt(dbSalt, password);
if(expectedHash.equals(hashedInputPassword)) {
return true;
}
return false;
}
/**
* Creates a hash with a predetermined salt and password determined in advance
* @param salt that will be used when hashing
* @param password that will be hashed
* @return hashed string based on salt and password
*/
private static String createHashWithPredeterminedSalt(byte[] salt, String password) {
StringBuilder sb = new StringBuilder();
String hashedPassword = null;
try {
MessageDigest md = MessageDigest.getInstance("SHA-512");
md.update(salt);
byte[] bytes = md.digest(password.getBytes());
//Converts the StringBuilder to hexadecimal
for (int i = 0; i < bytes.length; i++) {
sb.append((Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1)));
}
//Gets the whole hash in hexformat into a string
hashedPassword = sb.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return hashedPassword;
}
/**
* Creates hash with an random salt
* @param password that wil be hashed
* @return hashed password with salt
*/
private static String createHash(String password) {
StringBuilder sb = new StringBuilder();
String hashedPassword = null;
byte[] salt = getSalt();
try {
MessageDigest md = MessageDigest.getInstance("SHA-512");
md.update(salt);
byte[] bytes = md.digest(password.getBytes());
//Converts the StringBuilder to hexadecimal
for(int i = 0; i < bytes.length; i++) {
sb.append((Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1)));
}
hashedPassword = sb.toString();
}
catch (NoSuchAlgorithmException e ) {
e.printStackTrace();
}
return hashedPassword;
}
/**
* Uses secure random to create a random salt
* @return random salt
*/
private static byte[] getSalt() {
byte[] salt = new byte[32];
r.nextBytes(salt);
return salt;
}
}
package utils;
import java.security.SecureRandom;
public class CreateUser {
}
package utils;
import com.drew.imaging.ImageMetadataReader;
import com.drew.imaging.ImageProcessingException;
import com.drew.metadata.Directory;
import com.drew.metadata.Metadata;
import com.drew.metadata.MetadataException;
import com.drew.metadata.Tag;
import com.drew.metadata.adobe.AdobeJpegDirectory;
import com.drew.metadata.exif.*;
import com.drew.metadata.jpeg.JpegDirectory;
import com.drew.metadata.png.PngDirectory;
import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
public class ExtractMetaData {
private final File image;
public ExtractMetaData(File image) {
this.image = image;
}
/**
* Extracts all data possible for a image
*
* @return
* @throws ImageProcessingException
* @throws IOException
*/
public String getAll() throws ImageProcessingException, IOException {
Metadata metadata = ImageMetadataReader.readMetadata(this.image);
String text = "";
for (Directory d : metadata.getDirectories()) {
for (Tag t : d.getTags()) {
text += t.toString() + " | ";
}
}
text += "\n";
return text;
}
/**
* Returns a string with the image dimension
*
* @return
* @throws ImageProcessingException
* @throws IOException
* @throws MetadataException
*/
private String getDimension() throws ImageProcessingException, IOException, MetadataException {
try {
String dimension = "Dimension: ";
Metadata metadata = ImageMetadataReader.readMetadata(this.image);
JpegDirectory jpeg = metadata.getFirstDirectoryOfType(JpegDirectory.class);
dimension += jpeg.getImageHeight();
dimension += "x";
dimension += jpeg.getImageWidth();
return dimension;
} catch (NullPointerException e) {
}
return "No dimension found";
}
/**
* Returns a string with the GPS position
*
* @return
* @throws ImageProcessingException
* @throws IOException
* @throws MetadataException
*/
private String getGPS() throws ImageProcessingException, IOException, MetadataException {
try {
String gps = "";
Metadata metadata = ImageMetadataReader.readMetadata(this.image);
GpsDirectory gpspos = metadata.getFirstDirectoryOfType(GpsDirectory.class);
gps += "GPS position: " + gpspos.getGeoLocation();
return gps;
} catch (NullPointerException e) {
}
return "No GPS information found";
}
/**
* Returns all predetermined metadata as an ArrayList
* @return
* @throws IOException
* @throws MetadataException
* @throws ImageProcessingException
*/
public ArrayList<String> getNecessary() throws IOException, MetadataException, ImageProcessingException {
ArrayList<String> information = new ArrayList<String>();
information.add(getGPS());
information.add(getDimension());
return information;
}
}
\ No newline at end of file
package utils;
import com.drew.imaging.ImageProcessingException;
import com.drew.metadata.Metadata;
import com.drew.metadata.MetadataException;
import java.awt.*;
import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.logging.SocketHandler;
public class MultiplePhotos {
private final ArrayList<File> images;
public MultiplePhotos(ArrayList<File> images) {
this.images = images;
}
private ArrayList<String> extractAll() throws ImageProcessingException, MetadataException, IOException {
ArrayList<String> data = new ArrayList<String>();
for(File i : this.images) {
ExtractMetaData e = new ExtractMetaData(i);
String n = e.getAll().toString();
data.add(n);
}
return data;
}
}
package utils;
import org.junit.jupiter.api.Test;
import java.security.NoSuchAlgorithmException;
import static org.junit.jupiter.api.Assertions.*;
class AuthorizerTest {
@Test
void testNullAsInputOnsetPassword() throws NoSuchAlgorithmException {
/**
* Testing the method with null as input
*/
try {
Authorizer.setPassword(null, null);
fail("Expected action to throw IllegalArgumentException ");
} catch (IllegalArgumentException e) {
//Test is a Success
}
}
@Test
void testBlankPasswordOnsetPassword() throws NoSuchAlgorithmException {
/**
* Testing the method with an empty password and an credible username
*/
try {
Authorizer.setPassword("Username", "");
fail("Expected action to throw IllegalArgumentException ");
} catch (IllegalArgumentException e) {
//Test is a success as you are not supposed to get anything checked with empty password
}
}
@Test
void testBlankUsernameOnsetPassword() throws NoSuchAlgorithmException {
/**
* Testing the method with an empty username and an credible username
*/
try {
Authorizer.setPassword("", "Password");
fail("Expected action to throw IllegalArgumentException ");
}
catch (IllegalArgumentException e) {
//Test is a success as you are not supposed to get anything checked with empty password
}
}
@Test
void testCredibleInputOnsetPassword() throws NoSuchAlgorithmException {
/**
* TODO: Maybe add actual user credentials as input. Change the boolean
* Testing the method with an credible username and password
*/
try {
assertEquals(false, Authorizer.setPassword("Username", "Password"));
}
catch (Exception e) {
fail("Method should not throw an exception with this input");
}
}
@Test
void testNullAsInputOnisCorrectPassword() {
/**
* Testing the method with null ass input
*/
try {
Authorizer.isCorrectPassword(null, null);
fail("Expected action to throw IllegalArgumentException ");
}
catch (IllegalArgumentException e) {
//Test is a Success as the method should return an IllegalArgumentException
}
}
@Test
void testBlankPasswordOnisCorrectPassword() throws NoSuchAlgorithmException {
/**
* Testing the method with an empty password and an credible username
*/
try {
Authorizer.isCorrectPassword("Username", "");
fail("Expected action to throw IllegalArgumentException ");
} catch (IllegalArgumentException e) {
//Test is a success as you are not supposed to get anything checked with empty password
}
}
@Test
void testBlankUsernameOnisCorrectPassword() throws NoSuchAlgorithmException {
/**
* Testing the method with an empty username and an credible username
*/
try {
Authorizer.isCorrectPassword("", "Password");
fail("Expected action to throw IllegalArgumentException ");
}
catch (IllegalArgumentException e) {
//Test is a success as you are not supposed to get anything checked with empty password
}
}
@Test
void testCredibleInputOnisCorrectPassword() throws NoSuchAlgorithmException {
/**
* TODO: Maybe add actual user credentials as input. Change the boolean
* Testing the method with an credible username and password
*/
try {
assertEquals(false, Authorizer.isCorrectPassword("Username", "Password"));
fail("The salt is set as null automatically. The test should therefore throw IllegalArgumentException");
}
catch (Exception e) {
//Salt is set to null since it is not connected to database and should therefore throw exception
}
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment