scottk/wlan-cloud-ucentralsec
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git synced 2025-11-01 19:27:59 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

https://telecominfraproject.atlassian.net/browse/WIFI-11303

Browse Source 
Signed-off-by: stephb9959 <stephane.bourque@gmail.com>
This commit is contained in:
stephb9959
2022-11-14 09:17:29 -08:00
parent d10883b60d
commit c5aadffe1d
5 changed files with 29 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
build
View File

@@ -1 +1 @@
25 26

28
src/AuthService.cpp
View File

@@ -45,7 +45,11 @@ namespace OpenWifi {
return 1; // some compilers complain... return 1; // some compilers complain...
} }
static const std::string DefaultPassword_8_u_l_n_1{"^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[\\{\\}\\(\\)~_\\+\\|\\\\\\[\\]\\;\\:\\<\\>\\.\\,\\/\\?\\\"\\'\\`\\=#?!@$%^&*-]).{8,}$"}; #if defined(TIP_CERT_SERVICE)
static const std::string DefaultPasswordRule{"^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[\\{\\}\\(\\)~_\\+\\|\\\\\\[\\]\\;\\:\\<\\>\\.\\,\\/\\?\\\"\\'\\`\\=#?!@$%^&*-]).{12,}$"};
#else
static const std::string DefaultPasswordRule{"^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[\\{\\}\\(\\)~_\\+\\|\\\\\\[\\]\\;\\:\\<\\>\\.\\,\\/\\?\\\"\\'\\`\\=#?!@$%^&*-]).{8,}$"};
#endif
int AuthService::Start() { int AuthService::Start() {
poco_information(Logger(),"Starting..."); poco_information(Logger(),"Starting...");
@@ -55,9 +59,9 @@ namespace OpenWifi {
AccessPolicy_ = MicroServiceConfigGetString("openwifi.document.policy.access", "/wwwassets/access_policy.html"); AccessPolicy_ = MicroServiceConfigGetString("openwifi.document.policy.access", "/wwwassets/access_policy.html");
PasswordPolicy_ = MicroServiceConfigGetString("openwifi.document.policy.password", "/wwwassets/password_policy.html"); PasswordPolicy_ = MicroServiceConfigGetString("openwifi.document.policy.password", "/wwwassets/password_policy.html");
PasswordValidation_ = PasswordValidationStr_ = MicroServiceConfigGetString("authentication.validation.expression",DefaultPassword_8_u_l_n_1); PasswordValidation_ = PasswordValidationStr_ = MicroServiceConfigGetString("authentication.validation.expression",DefaultPasswordRule);
SubPasswordValidation_ = SubPasswordValidationStr_ = MicroServiceConfigGetString("subscriber.validation.expression",DefaultPassword_8_u_l_n_1); SubPasswordValidation_ = SubPasswordValidationStr_ = MicroServiceConfigGetString("subscriber.validation.expression",DefaultPasswordRule);
SubAccessPolicy_ = MicroServiceConfigGetString("subscriber.policy.access", "/wwwassets/access_policy.html"); SubAccessPolicy_ = MicroServiceConfigGetString("subscriber.policy.access", "/wwwassets/access_policy.html");
SubPasswordPolicy_ = MicroServiceConfigGetString("subscriber.policy.password", "/wwwassets/password_policy.html"); SubPasswordPolicy_ = MicroServiceConfigGetString("subscriber.policy.password", "/wwwassets/password_policy.html");
@@ -155,21 +159,21 @@ namespace OpenWifi {
std::string UserId; std::string UserId;
if(StorageService()->UserTokenDB().GetToken(CallToken, WT, UserId, RevocationDate)) { if(StorageService()->UserTokenDB().GetToken(CallToken, WT, UserId, RevocationDate)) {
if(RevocationDate!=0) { if(RevocationDate!=0) {
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, CallToken)); poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return false; return false;
} }
auto now=OpenWifi::Now(); auto now=OpenWifi::Now();
Expired = (WT.created_ + WT.expires_in_) < now; Expired = (WT.created_ + WT.expires_in_) < now;
if(StorageService()->UserDB().GetUserById(UserId,UInfo.userinfo)) { if(StorageService()->UserDB().GetUserById(UserId,UInfo.userinfo)) {
UInfo.webtoken = WT; UInfo.webtoken = WT;
poco_debug(Logger(), fmt::format("TokenValidation success for TID={} Token={}", TID, CallToken)); poco_debug(Logger(), fmt::format("TokenValidation success for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return true; return true;
} }
} }
} catch(const Poco::Exception &E) { } catch(const Poco::Exception &E) {
Logger().log(E); Logger().log(E);
} }
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, CallToken)); poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return false; return false;
} }
@@ -186,7 +190,7 @@ namespace OpenWifi {
} }
if (CallToken.empty()) { if (CallToken.empty()) {
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, CallToken)); poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return false; return false;
} }
SessionToken = CallToken; SessionToken = CallToken;
@@ -194,7 +198,7 @@ namespace OpenWifi {
} catch(const Poco::Exception &E) { } catch(const Poco::Exception &E) {
Logger().log(E); Logger().log(E);
} }
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, CallToken)); poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return false; return false;
} }
@@ -211,7 +215,7 @@ namespace OpenWifi {
} }
if(CallToken.empty()) { if(CallToken.empty()) {
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, CallToken)); poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return false; return false;
} }
@@ -220,7 +224,7 @@ namespace OpenWifi {
std::string UserId; std::string UserId;
if(StorageService()->SubTokenDB().GetToken(CallToken, WT, UserId, RevocationDate)) { if(StorageService()->SubTokenDB().GetToken(CallToken, WT, UserId, RevocationDate)) {
if(RevocationDate!=0) { if(RevocationDate!=0) {
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, CallToken)); poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return false; return false;
} }
auto now=OpenWifi::Now(); auto now=OpenWifi::Now();
@@ -228,14 +232,14 @@ namespace OpenWifi {
if(StorageService()->SubDB().GetUserById(UserId,UInfo.userinfo)) { if(StorageService()->SubDB().GetUserById(UserId,UInfo.userinfo)) {
UInfo.webtoken = WT; UInfo.webtoken = WT;
SessionToken = CallToken; SessionToken = CallToken;
poco_debug(Logger(), fmt::format("TokenValidation success for TID={} Token={}", TID, CallToken)); poco_debug(Logger(), fmt::format("TokenValidation success for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return true; return true;
} }
} }
} catch(const Poco::Exception &E) { } catch(const Poco::Exception &E) {
Logger().log(E); Logger().log(E);
} }
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, CallToken)); poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return false; return false;
} }

5
src/framework/AuthClient.cpp
View File

@@ -7,6 +7,7 @@
#include "framework/AuthClient.h" #include "framework/AuthClient.h"
#include "framework/MicroServiceNames.h" #include "framework/MicroServiceNames.h"
#include "framework/OpenAPIRequests.h" #include "framework/OpenAPIRequests.h"
#include "framework/utils.h"
#include "fmt/format.h" #include "fmt/format.h"
namespace OpenWifi { namespace OpenWifi {
@@ -46,7 +47,7 @@ namespace OpenWifi {
} }
} }
} catch (...) { } catch (...) {
poco_error(Logger(),fmt::format("Failed to retrieve token={} for TID={}", SessionToken, TID)); poco_error(Logger(),fmt::format("Failed to retrieve token={} for TID={}", Utils::SanitizeToken(SessionToken), TID));
} }
Expired = false; Expired = false;
return false; return false;
@@ -99,7 +100,7 @@ namespace OpenWifi {
} }
} }
} catch (...) { } catch (...) {
poco_error(Logger(),fmt::format("Failed to retrieve api key={} for TID={}", SessionToken, TID)); poco_error(Logger(),fmt::format("Failed to retrieve api key={} for TID={}", Utils::SanitizeToken(SessionToken), TID));
} }
Expired = false; Expired = false;
return false; return false;

7
src/framework/utils.cpp
View File

@@ -524,4 +524,11 @@ bool ExtractBase64CompressedData(const std::string &CompressedData,
return std::all_of(s.begin(),s.end(),[](char c) -> bool { return isalnum(c); }); return std::all_of(s.begin(),s.end(),[](char c) -> bool { return isalnum(c); });
} }
std::string SanitizeToken(const std::string &Token) {
if(Token.size()>8) {
return Token.substr(0,4) + "****" + Token.substr(Token.size()-4,4);
}
return "*******";
}
} }

2
src/framework/utils.h
View File

@@ -116,6 +116,8 @@ namespace OpenWifi::Utils {
[[nodiscard]] std::string SecondsToNiceText(uint64_t Seconds); [[nodiscard]] std::string SecondsToNiceText(uint64_t Seconds);
[[nodiscard]] bool wgets(const std::string &URL, std::string &Response); [[nodiscard]] bool wgets(const std::string &URL, std::string &Response);
[[nodiscard]] bool IsAlphaNumeric(const std::string &s); [[nodiscard]] bool IsAlphaNumeric(const std::string &s);
[[nodiscard]] std::string SanitizeToken(const std::string &Token);
template< typename T > template< typename T >
std::string int_to_hex( T i ) std::string int_to_hex( T i )
{ {