forked from CESNET/perun-wui
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: backend ssh public key validation
* replaced regexp in SSH key validators with call to backend validation method * this unifies the process and offers a more strict validation
- Loading branch information
Showing
8 changed files
with
290 additions
and
88 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,23 +1,27 @@ | ||
package cz.metacentrum.perun.wui.registrar.widgets.items.validators; | ||
|
||
import com.google.gwt.regexp.shared.MatchResult; | ||
import com.google.gwt.regexp.shared.RegExp; | ||
import com.google.gwt.core.client.JavaScriptObject; | ||
import cz.metacentrum.perun.wui.json.Events; | ||
import cz.metacentrum.perun.wui.json.JsonEvents; | ||
import cz.metacentrum.perun.wui.json.managers.UsersManager; | ||
import cz.metacentrum.perun.wui.model.PerunException; | ||
import cz.metacentrum.perun.wui.registrar.widgets.items.ListBox; | ||
import cz.metacentrum.perun.wui.widgets.boxes.ExtendedTextBox; | ||
import org.gwtbootstrap3.client.ui.constants.ValidationState; | ||
|
||
import java.util.Map; | ||
import java.util.TreeMap; | ||
import java.util.stream.Collectors; | ||
|
||
/** | ||
* Validator for ListBox | ||
* | ||
* @author Jakub Hejda <[email protected]> | ||
*/ | ||
public class SshKeysListBoxValidator extends ListBoxValidator { | ||
|
||
RegExp regExp = RegExp.compile("^(" + | ||
"(ssh-(rsa|dss|ed25519)([email protected])?)|" + | ||
"(sk-(ssh-ed25519|ecdsa-sha2-nistp256)(-cert-v01)[email protected])|" + | ||
"(ecdsa-sha2-nistp(256|384|521)([email protected])?))" + | ||
" (([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{2}==)?)( [^,\n]+)?$"); | ||
static String wrongValues = ""; | ||
Map<Integer, String> wrongVals = new TreeMap<>(); | ||
|
||
@Override | ||
public boolean validateLocal(ListBox listBox) { | ||
|
@@ -26,34 +30,64 @@ public boolean validateLocal(ListBox listBox) { | |
listBox.setRawStatus(getTransl().cantBeEmpty(), ValidationState.ERROR); | ||
return false; | ||
} | ||
listBox.setStatus(ValidationState.SUCCESS); | ||
return true; | ||
} | ||
|
||
if (listBox.getValue() != null && !listBox.getValue().isEmpty()) { | ||
@Override | ||
public void validate(ListBox listBox, Events<Boolean> events) { | ||
events.onLoadingStart(); | ||
|
||
String wrongValues = ""; | ||
int index = 1; | ||
for (ExtendedTextBox extendedTextBox : listBox.getListValue()) { | ||
String sshKey = extendedTextBox.getValue(); | ||
if (!validateLocal(listBox)) { | ||
events.onFinished(false); | ||
return; | ||
} | ||
|
||
if (sshKey.contains(",")) { | ||
setResult(Result.INVALID_FORMAT); | ||
listBox.setStatus(getTransl().sshKeySeparatorNotAllowed(), ValidationState.ERROR); | ||
return false; | ||
} | ||
if (listBox.getValue() == null || listBox.getValue().isEmpty()) { | ||
events.onFinished(true); | ||
return; | ||
} | ||
|
||
MatchResult matcher = regExp.exec(sshKey); | ||
if (matcher == null) { | ||
wrongValues += "<br>" + index + ". " + (sshKey.length() > 25 ? sshKey.substring(0, 23) + "..." : sshKey); | ||
} | ||
index++; | ||
} | ||
if (!wrongValues.isEmpty()) { | ||
|
||
wrongValues = ""; | ||
wrongVals.clear(); | ||
int index = 1; | ||
for (ExtendedTextBox extendedTextBox : listBox.getListValue()) { | ||
String sshKey = extendedTextBox.getValue(); | ||
|
||
if (sshKey.contains(",")) { | ||
setResult(Result.INVALID_FORMAT); | ||
listBox.setRawStatus(getTransl().incorrectFormatItemList() + " <b>" + wrongValues + "</b>", ValidationState.ERROR); | ||
return false; | ||
listBox.setStatus(getTransl().sshKeySeparatorNotAllowed(), ValidationState.ERROR); | ||
events.onFinished(false); | ||
} | ||
} | ||
|
||
listBox.setStatus(ValidationState.SUCCESS); | ||
return true; | ||
int currIndex = index; | ||
UsersManager.validateSSHKey(sshKey, new JsonEvents() { | ||
@Override | ||
public void onFinished(JavaScriptObject result) { | ||
if (wrongValues.isEmpty()) { | ||
events.onFinished(true); | ||
listBox.setStatus(ValidationState.SUCCESS); | ||
} | ||
} | ||
|
||
@Override | ||
public void onError(PerunException error) { | ||
wrongVals.put(currIndex, sshKey); | ||
wrongValues += "<br>" + currIndex + ". " + (sshKey.length() > 25 ? sshKey.substring(0, 23) + "..." : sshKey); | ||
setResult(Result.INVALID_FORMAT); | ||
listBox.setRawStatus(getTransl().incorrectFormatItemList() + " <b> " + wrongVals.entrySet().stream().map((entry) -> entry.getKey() + ". " + | ||
(entry.getValue().length() > 25 ? entry.getValue().substring(0,23) + "..." : entry.getValue())).collect(Collectors.joining()) + "</b>", ValidationState.ERROR); | ||
events.onFinished(false); | ||
} | ||
|
||
@Override | ||
public void onLoadingStart() { | ||
setResult(Result.CHECKING_SSH); | ||
listBox.unsetStatus(); | ||
} | ||
}); | ||
index++; | ||
} | ||
} | ||
} |
Oops, something went wrong.