Merge branch 'Auth' into 'dev'

Auth See merge request !12

Merge branch 'Auth' into 'dev'
abdd152b · Eirik Steira · b1605fca · cc2f85cc · abdd152b · abdd152b
Commit abdd152b authored 5 years ago by Eirik Steira
--- a/.gitignore
+++ b/.gitignore
@@ -5,6 +5,10 @@ target/
 .idea/
 *.properties
 *.iml
+bin/
+.settings/
+.classpath
+.project

 # User-specific stuff
 .idea/**/workspace.xml

--- a/pom.xml
+++ b/pom.xml
@@ -30,6 +30,23 @@
            <artifactId>javafx-fxml</artifactId>
            <version>13</version>
        </dependency>
+        <dependency>
+            <groupId>com.drewnoakes</groupId>
+            <artifactId>metadata-extractor</artifactId>
+            <version>2.13.0</version>
+        </dependency>
+        <dependency>
+            <groupId>org.junit.jupiter</groupId>
+            <artifactId>junit-jupiter</artifactId>
+            <version>RELEASE</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>RELEASE</version>
+            <scope>test</scope>
+        </dependency>
        <dependency>
            <groupId>com.zaxxer</groupId>
            <artifactId>HikariCP</artifactId>

--- a/src/main/java/utils/Authorizer.java
+++ b/src/main/java/utils/Authorizer.java
+package utils;
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.util.Random;
+
+public class Authorizer {
+
+    public static Random r = new SecureRandom();
+
+    /**
+     * Hashes password with salt from getSalt method
+     * @param password desired password as input
+     * @return hashed password
+     * @throws NoSuchAlgorithmException
+     */
+    public static boolean setPassword(String username, String password) throws NoSuchAlgorithmException {
+        String hashedPassword = null;
+        byte[] salt = getSalt();
+        StringBuilder sb = new StringBuilder();
+
+        if (username == null || password == null) {
+            throw new IllegalArgumentException("Input cannot be null");
+        }
+        if(password.isBlank() || password.isEmpty()) {
+            throw new IllegalArgumentException("Password cannot be blank");
+        }
+        if (username.isEmpty() || username.isBlank()) {
+            throw new IllegalArgumentException("Username cannot be blank");
+        }
+
+        try{
+            MessageDigest md = MessageDigest.getInstance("SHA-512");
+            md.update(salt);
+            byte[] bytes = md.digest(password.getBytes());
+
+            //Converts the StringBuilder to hexadecimal
+            for(int i = 0; i < bytes.length; i++) {
+                sb.append((Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1)));
+            }
+            //Gets the whole hash in hexformat into a string
+            hashedPassword = sb.toString();
+        }
+        catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        }
+
+        //TODO: Need to make database connection here
+        return false;
+    }
+
+    /**
+     * Gets hash and salt from database with the username
+     * Hashes input password with same algorithm and salt as when created
+     * Compares the expected has and the new hash
+     * @param username to get the stored hash on give user
+     * @param password that will be hashed and compared to original hash
+     * @return boolean of whether the hashes are similiar or not
+     */
+    public static boolean isCorrectPassword(String username, String password) {
+        //TODO: get password salt and hash with username from db
+
+        byte[] dbSalt = null;
+        String expectedHash = null;
+
+        if(dbSalt == null) {
+            throw new IllegalArgumentException("Salt cannot be null");
+        }
+        else if(expectedHash == null) {
+            throw new IllegalArgumentException("Hash cannot be null");
+        }
+        else if(username.isEmpty() || password.isEmpty()) {
+            throw new IllegalArgumentException("Input cannot be empty");
+        }
+        if(password.isBlank() || username.isBlank()) {
+            throw new IllegalArgumentException("Password cannot be blank");
+        }
+
+        String hashedInputPassword = createHashWithPredeterminedSalt(dbSalt, password);
+
+        if(expectedHash.equals(hashedInputPassword)) {
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * Creates a hash with a predetermined salt and password determined in advance
+     * @param salt that will be used when hashing
+     * @param password that will be hashed
+     * @return hashed string based on salt and password
+     */
+    private static String createHashWithPredeterminedSalt(byte[] salt, String password) {
+        StringBuilder sb = new StringBuilder();
+        String hashedPassword = null;
+
+        try {
+            MessageDigest md = MessageDigest.getInstance("SHA-512");
+            md.update(salt);
+            byte[] bytes = md.digest(password.getBytes());
+
+            //Converts the StringBuilder to hexadecimal
+            for (int i = 0; i < bytes.length; i++) {
+                sb.append((Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1)));
+            }
+
+            //Gets the whole hash in hexformat into a string
+            hashedPassword = sb.toString();
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        }
+        return hashedPassword;
+    }
+
+
+    /**
+     * Creates hash with an random salt
+     * @param password that wil be hashed
+     * @return hashed password with salt
+     */
+    private static String createHash(String password) {
+        StringBuilder sb = new StringBuilder();
+        String hashedPassword = null;
+        byte[] salt = getSalt();
+
+        try {
+            MessageDigest md = MessageDigest.getInstance("SHA-512");
+            md.update(salt);
+            byte[] bytes = md.digest(password.getBytes());
+
+            //Converts the StringBuilder to hexadecimal
+            for(int i = 0; i < bytes.length; i++) {
+                sb.append((Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1)));
+            }
+            hashedPassword = sb.toString();
+        }
+        catch (NoSuchAlgorithmException e ) {
+            e.printStackTrace();
+        }
+        return hashedPassword;
+    }
+
+
+    /**
+     * Uses secure random to create a random salt
+     * @return random salt
+     */
+    private static byte[] getSalt() {
+        byte[] salt = new byte[32];
+        r.nextBytes(salt);
+        return salt;
+    }
+}
--- a/src/main/java/utils/CreateUser.java
+++ b/src/main/java/utils/CreateUser.java
+package utils;
+
+
+import java.security.SecureRandom;
+
+public class CreateUser {
+
+    
+}
--- a/src/main/java/utils/ExtractMetaData.java
+++ b/src/main/java/utils/ExtractMetaData.java
+package utils;
+
+import com.drew.imaging.ImageMetadataReader;
+import com.drew.imaging.ImageProcessingException;
+import com.drew.metadata.Directory;
+import com.drew.metadata.Metadata;
+import com.drew.metadata.MetadataException;
+import com.drew.metadata.Tag;
+import com.drew.metadata.adobe.AdobeJpegDirectory;
+import com.drew.metadata.exif.*;
+import com.drew.metadata.jpeg.JpegDirectory;
+import com.drew.metadata.png.PngDirectory;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.ArrayList;
+
+
+public class ExtractMetaData {
+
+    private final File image;
+
+    public ExtractMetaData(File image) {
+        this.image = image;
+    }
+
+    /**
+     * Extracts all data possible for a image
+     *
+     * @return
+     * @throws ImageProcessingException
+     * @throws IOException
+     */
+    public String getAll() throws ImageProcessingException, IOException {
+        Metadata metadata = ImageMetadataReader.readMetadata(this.image);
+        String text = "";
+        for (Directory d : metadata.getDirectories()) {
+            for (Tag t : d.getTags()) {
+                text += t.toString() + " | ";
+            }
+        }
+        text += "\n";
+        return text;
+    }
+
+    /**
+     * Returns a string with the image dimension
+     *
+     * @return
+     * @throws ImageProcessingException
+     * @throws IOException
+     * @throws MetadataException
+     */
+    private String getDimension() throws ImageProcessingException, IOException, MetadataException {
+        try {
+            String dimension = "Dimension: ";
+
+            Metadata metadata = ImageMetadataReader.readMetadata(this.image);
+
+            JpegDirectory jpeg = metadata.getFirstDirectoryOfType(JpegDirectory.class);
+            dimension += jpeg.getImageHeight();
+            dimension += "x";
+            dimension += jpeg.getImageWidth();
+            return dimension;
+        } catch (NullPointerException e) {
+
+        }
+        return "No dimension found";
+    }
+
+    /**
+     * Returns a string with the GPS position
+     *
+     * @return
+     * @throws ImageProcessingException
+     * @throws IOException
+     * @throws MetadataException
+     */
+    private String getGPS() throws ImageProcessingException, IOException, MetadataException {
+        try {
+            String gps = "";
+
+            Metadata metadata = ImageMetadataReader.readMetadata(this.image);
+
+            GpsDirectory gpspos = metadata.getFirstDirectoryOfType(GpsDirectory.class);
+            gps += "GPS position: " + gpspos.getGeoLocation();
+
+            return gps;
+        } catch (NullPointerException e) {
+
+        }
+        return "No GPS information found";
+    }
+
+    /**
+     * Returns all predetermined metadata as an ArrayList
+     * @return
+     * @throws IOException
+     * @throws MetadataException
+     * @throws ImageProcessingException
+     */
+    public ArrayList<String> getNecessary() throws IOException, MetadataException, ImageProcessingException {
+        ArrayList<String> information = new ArrayList<String>();
+
+        information.add(getGPS());
+        information.add(getDimension());
+
+        return information;
+    }
+}
\ No newline at end of file
--- a/src/main/java/utils/MultiplePhotos.java
+++ b/src/main/java/utils/MultiplePhotos.java
+package utils;
+
+import com.drew.imaging.ImageProcessingException;
+import com.drew.metadata.Metadata;
+import com.drew.metadata.MetadataException;
+
+import java.awt.*;
+import java.io.File;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.logging.SocketHandler;
+
+public class MultiplePhotos {
+
+
+    private final ArrayList<File> images;
+
+    public MultiplePhotos(ArrayList<File> images) {
+        this.images = images;
+    }
+
+    private ArrayList<String> extractAll() throws ImageProcessingException, MetadataException, IOException {
+        ArrayList<String> data = new ArrayList<String>();
+
+        for(File i : this.images) {
+            ExtractMetaData e = new ExtractMetaData(i);
+            String n = e.getAll().toString();
+            data.add(n);
+        }
+        return data;
+    }
+}
--- a/src/test/java/utils/AuthorizerTest.java
+++ b/src/test/java/utils/AuthorizerTest.java
+package utils;
+
+import org.junit.jupiter.api.Test;
+
+import java.security.NoSuchAlgorithmException;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+class AuthorizerTest {
+
+    @Test
+    void testNullAsInputOnsetPassword() throws NoSuchAlgorithmException {
+        /**
+         * Testing the method with null as input
+         */
+        try {
+            Authorizer.setPassword(null, null);
+            fail("Expected action to throw  IllegalArgumentException ");
+        } catch (IllegalArgumentException e) {
+            //Test is a Success
+        }
+    }
+
+    @Test
+    void testBlankPasswordOnsetPassword() throws NoSuchAlgorithmException {
+        /**
+         * Testing the method with an empty password and an credible username
+         */
+        try {
+            Authorizer.setPassword("Username", "");
+            fail("Expected action to throw  IllegalArgumentException ");
+        } catch (IllegalArgumentException e) {
+            //Test is a success as you are not supposed to get anything checked with empty password
+        }
+    }
+
+    @Test
+    void testBlankUsernameOnsetPassword() throws NoSuchAlgorithmException {
+        /**
+         * Testing the method with an empty username and an credible username
+         */
+        try {
+            Authorizer.setPassword("", "Password");
+            fail("Expected action to throw  IllegalArgumentException ");
+        }
+        catch (IllegalArgumentException e) {
+            //Test is a success as you are not supposed to get anything checked with empty password
+        }
+    }
+
+    @Test
+    void testCredibleInputOnsetPassword() throws NoSuchAlgorithmException {
+        /**
+         * TODO: Maybe add actual user credentials as input. Change the boolean
+         * Testing the method with an credible username and password
+         */
+        try {
+            assertEquals(false, Authorizer.setPassword("Username", "Password"));
+        }
+        catch (Exception e) {
+            fail("Method should not throw an exception with this input");
+        }
+    }
+
+
+
+    @Test
+    void testNullAsInputOnisCorrectPassword() {
+        /**
+         * Testing the method with null ass input
+         */
+        try {
+            Authorizer.isCorrectPassword(null, null);
+            fail("Expected action to throw  IllegalArgumentException ");
+        }
+        catch (IllegalArgumentException e) {
+            //Test is a Success as the method should return an IllegalArgumentException
+        }
+    }
+
+    @Test
+    void testBlankPasswordOnisCorrectPassword() throws NoSuchAlgorithmException {
+        /**
+         * Testing the method with an empty password and an credible username
+         */
+        try {
+            Authorizer.isCorrectPassword("Username", "");
+            fail("Expected action to throw  IllegalArgumentException ");
+        } catch (IllegalArgumentException e) {
+            //Test is a success as you are not supposed to get anything checked with empty password
+        }
+    }
+
+    @Test
+    void testBlankUsernameOnisCorrectPassword() throws NoSuchAlgorithmException {
+        /**
+         * Testing the method with an empty username and an credible username
+         */
+        try {
+            Authorizer.isCorrectPassword("", "Password");
+            fail("Expected action to throw  IllegalArgumentException ");
+        }
+        catch (IllegalArgumentException e) {
+            //Test is a success as you are not supposed to get anything checked with empty password
+        }
+    }
+
+    @Test
+    void testCredibleInputOnisCorrectPassword() throws NoSuchAlgorithmException {
+        /**
+         * TODO: Maybe add actual user credentials as input. Change the boolean
+         * Testing the method with an credible username and password
+         */
+        try {
+            assertEquals(false, Authorizer.isCorrectPassword("Username", "Password"));
+            fail("The salt is set as null automatically. The test should therefore throw IllegalArgumentException");
+        }
+        catch (Exception e) {
+        //Salt is set to null since it is not connected to database and should therefore throw exception
+        }
+    }
+}
+
--- a/stale_outputs_checked
+++ b/stale_outputs_checked