From 2920ad236c55aac06b732aa8984af90522262f92 Mon Sep 17 00:00:00 2001 From: Marco Vogt Date: Tue, 31 Oct 2023 22:13:50 +0100 Subject: [PATCH] Minor improvements --- build.gradle | 4 +- .../control/httpinterface/Server.java | 31 ++++++------- .../control/main/ControlCommand.java | 45 +++++++++++++++---- .../java/org/polypheny/control/main/Main.java | 10 ++--- src/main/resources/static/login.html | 4 +- src/main/resources/static/script.js | 1 - 6 files changed, 61 insertions(+), 34 deletions(-) diff --git a/build.gradle b/build.gradle index fb51a60..aae1904 100644 --- a/build.gradle +++ b/build.gradle @@ -74,9 +74,8 @@ dependencies { // Log4J implementation group: "org.slf4j", name: "slf4j-api", version: slf4j_version // MIT - implementation group: "org.apache.logging.log4j", name: "log4j-slf4j-impl", version: log4j_version // Apache 2.0 + implementation group: "org.apache.logging.log4j", name: "log4j-slf4j2-impl", version: log4j_version // Apache 2.0 implementation group: "org.apache.logging.log4j", name: "log4j-core", version: log4j_version // Apache 2.0 - implementation group: "org.apache.logging.log4j", name: "log4j-api", version: log4j_version // Apache 2.0 // Configuration management implementation group: "com.typesafe", name: "config", version: typesafe_config_version // Apache 2.0 @@ -150,6 +149,7 @@ jar { attributes "Implementation-Version": project.version attributes "Multi-Release": "true" attributes "Version": project.version + attributes "Main-Class": mainClassName attributes "Add-Opens": "java.base/java.lang" } } diff --git a/src/main/java/org/polypheny/control/httpinterface/Server.java b/src/main/java/org/polypheny/control/httpinterface/Server.java index 63c77e2..a959be3 100644 --- a/src/main/java/org/polypheny/control/httpinterface/Server.java +++ b/src/main/java/org/polypheny/control/httpinterface/Server.java @@ -20,12 +20,12 @@ import com.google.gson.Gson; import com.typesafe.config.Config; import io.javalin.Javalin; -import io.javalin.core.security.BasicAuthCredentials; +import io.javalin.security.BasicAuthCredentials; +import jakarta.servlet.http.HttpSession; import java.util.Date; import java.util.concurrent.Executors; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.TimeUnit; -import javax.servlet.http.HttpSession; import lombok.extern.slf4j.Slf4j; import org.polypheny.control.authentication.AuthenticationContext; import org.polypheny.control.authentication.AuthenticationManager; @@ -42,15 +42,11 @@ public class Server { private final long sessionTimeout; + private final Javalin javalin; - public Server( Control control, int port ) { - Javalin javalin = Javalin.create( config -> config.staticFiles.add( "/static" ) ).start( port ); - - // As try-with-ressources - public void shutdown() { - javalin.stop(); - } + public Server( Control control, int port ) { + javalin = Javalin.create( config -> config.staticFiles.add( "/static" ) ).start( port ); javalin.ws( "/socket/", ws -> { ws.onConnect( ClientRegistry::addClient ); @@ -65,7 +61,7 @@ public void shutdown() { javalin.before( ctx -> { log.debug( "Received api call: {}", ctx.path() ); - HttpSession session = ctx.req.getSession( false ); + HttpSession session = ctx.req().getSession( false ); if ( session != null ) { long creationTime = session.getCreationTime(); @@ -74,11 +70,11 @@ public void shutdown() { if ( difference >= sessionTimeout ) { session.invalidate(); - ctx.res.sendError( 401, "Session Timeout" ); + ctx.res().sendError( 401, "Session Timeout" ); } } - boolean GETRequest = ctx.req.getMethod().equals( "GET" ); + boolean GETRequest = ctx.req().getMethod().equals( "GET" ); boolean loginHTMLRequest = ctx.path().startsWith( "/login.html" ); boolean loginJSRequest = ctx.path().startsWith( "/login.js" ); boolean jqueryRequest = ctx.path().startsWith( "/jquery/3.7.1/jquery.js" ); @@ -88,17 +84,17 @@ public void shutdown() { return; } - String remoteHost = ctx.req.getRemoteHost(); + String remoteHost = ctx.req().getRemoteHost(); AuthenticationContext context = AuthenticationUtils.getContextForHost( remoteHost ); if ( AuthenticationUtils.shouldAuthenticate( context ) ) { - if ( ctx.basicAuthCredentialsExist() ) { + if ( ctx.basicAuthCredentials() != null ) { BasicAuthCredentials credentials = ctx.basicAuthCredentials(); boolean clientExists = AuthenticationManager.clientExists( credentials.getUsername(), credentials.getPassword() ); if ( clientExists ) { ctx.sessionAttribute( "authenticated", true ); } else { - ctx.res.sendError( 403, "Authentication Failed" ); + ctx.res().sendError( 403, "Authentication Failed" ); } } else { Object authenticated = ctx.sessionAttribute( "authenticated" ); @@ -162,4 +158,9 @@ public void shutdown() { log.info( "Polypheny Control is running on port {}", port ); } + + public void shutdown() { + javalin.stop(); + } + } diff --git a/src/main/java/org/polypheny/control/main/ControlCommand.java b/src/main/java/org/polypheny/control/main/ControlCommand.java index fd82ef4..3c83da8 100644 --- a/src/main/java/org/polypheny/control/main/ControlCommand.java +++ b/src/main/java/org/polypheny/control/main/ControlCommand.java @@ -19,6 +19,7 @@ import com.github.rvesse.airline.annotations.Command; import com.github.rvesse.airline.annotations.Option; +import com.typesafe.config.Config; import java.util.HashMap; import org.polypheny.control.authentication.AuthenticationFileManager; import org.polypheny.control.control.ConfigManager; @@ -29,10 +30,10 @@ @Command(name = "control", description = "Start Polypheny Control") public class ControlCommand extends AbstractCommand { - @Option(name = { "-p", "--port" }, description = "Overwrite port of the Polypheny Control dashboard") + @Option(name = { "-p", "--port" }, description = "Overwrite port of the Polypheny Control dashboard and API.") private final int port = -1; - @Option(name = { "-x", "--suppress-warning" }, description = "Suppress the 'No Users Exist' Warning") + @Option(name = { "-x", "--suppress-warning" }, description = "Suppress the auth warnings on startup.") protected boolean suppressWarning = false; private volatile Boolean running = true; @@ -41,8 +42,18 @@ public class ControlCommand extends AbstractCommand { @Override public int _run_() { HashMap authenticationData = AuthenticationFileManager.getAuthenticationData(); - if ( !suppressWarning && authenticationData.isEmpty() ) { - warn(); + Config config = ConfigManager.getConfig(); + if ( config.getBoolean( "pcrtl.auth.enable" ) ) { + if ( !suppressWarning && authenticationData.isEmpty() ) { + warnNoUserAccounts(); + } + if ( !suppressWarning && !config.getBoolean( "pcrtl.auth.local" ) ) { + warnNoAuthOnLocalhost(); + } + } else { + if ( !suppressWarning ) { + warnAuthDisabled(); + } } Control control = new Control(); final Server server; @@ -52,6 +63,8 @@ public int _run_() { server = new Server( control, ConfigManager.getConfig().getInt( "pcrtl.control.port" ) ); } + Runtime.getRuntime().addShutdownHook( new Thread( () -> running = false ) ); + while ( running ) { Thread.yield(); try { @@ -67,11 +80,25 @@ public int _run_() { } - private static void warn() { - System.out.println( "WARNING: No Users Exist. Polypheny-Control executes and manages Polypheny-Db." ); - System.out.println( "WARNING: For security reasons it is advisable to create atleast one user." ); - System.out.println( "WARNING: To know more about User Management and Authentication, visit " ); - System.out.println( "WARNING: https://github.com/polypheny/Polypheny-Control#authentication\n\n" ); + private static void warnNoUserAccounts() { + System.out.println( "WARNING: No Users Exist. Polypheny-Control executes and manages Polypheny-DB." ); + System.out.println( "WARNING: For security reasons it is advisable to create at least one user." ); + System.out.println( "WARNING: To learn more about User Management and Authentication, visit " ); + System.out.println( "WARNING: https://docs.polypheny.com/en/latest/devs/polypheny-control#authentication\n\n" ); + } + + + private static void warnNoAuthOnLocalhost() { + System.out.println( "WARNING: Authentication for requests from localhost are disabled." ); + System.out.println( "WARNING: To learn more about User Management and Authentication, visit " ); + System.out.println( "WARNING: https://docs.polypheny.com/en/latest/devs/polypheny-control#authentication\n\n" ); + } + + + private static void warnAuthDisabled() { + System.out.println( "WARNING: Authentication is disabled." ); + System.out.println( "WARNING: To learn more about User Management and Authentication, visit " ); + System.out.println( "WARNING: https://docs.polypheny.com/en/latest/devs/polypheny-control#authentication\n\n" ); } diff --git a/src/main/java/org/polypheny/control/main/Main.java b/src/main/java/org/polypheny/control/main/Main.java index 5dc39df..5374060 100644 --- a/src/main/java/org/polypheny/control/main/Main.java +++ b/src/main/java/org/polypheny/control/main/Main.java @@ -208,9 +208,9 @@ public static class AddUserCommand extends AbstractCommand { public int _run_() { HashMap authenticationData = AuthenticationFileManager.getAuthenticationData(); Console console = System.console(); - String name = console.readLine( "Name: " ); + String name = console.readLine( "Username: " ); if ( authenticationData.get( name ) != null ) { - System.err.println( "A user with the same name exists! Try a different name!" ); + System.err.println( "A user with the same username exists! Try a different name!" ); return 1; } String password = new String( console.readPassword( "Password: " ) ); @@ -245,9 +245,9 @@ public static class RemoveUserCommand extends AbstractCommand { public int _run_() { HashMap authenticationData = AuthenticationFileManager.getAuthenticationData(); Console console = System.console(); - String name = console.readLine( "Name: " ); + String name = console.readLine( "Username: " ); if ( authenticationData.get( name ) == null ) { - System.err.println( "User with the name \"" + name + "\" does not exist!" ); + System.err.println( "A user with the name \"" + name + "\" does not exist!" ); return 1; } @@ -273,7 +273,7 @@ public static class ModifyUserCommand extends AbstractCommand { public int _run_() { HashMap authenticationData = AuthenticationFileManager.getAuthenticationData(); Console console = System.console(); - String name = console.readLine( "Name: " ); + String name = console.readLine( "Username: " ); if ( authenticationData.get( name ) == null ) { System.err.println( "User with the name \"" + name + "\" does not exist." ); return 1; diff --git a/src/main/resources/static/login.html b/src/main/resources/static/login.html index 345aac2..c163866 100644 --- a/src/main/resources/static/login.html +++ b/src/main/resources/static/login.html @@ -36,7 +36,7 @@

Login

- + @@ -54,7 +54,7 @@

Login

- + diff --git a/src/main/resources/static/script.js b/src/main/resources/static/script.js index a94df1b..f1fb896 100644 --- a/src/main/resources/static/script.js +++ b/src/main/resources/static/script.js @@ -407,4 +407,3 @@ $( document ).on( 'keyup', function ( e ) { } } }); -