diff --git a/src/main/java/com/ysoft/geecon/AdminResource.java b/src/main/java/com/ysoft/geecon/AdminResource.java new file mode 100644 index 0000000..4737abb --- /dev/null +++ b/src/main/java/com/ysoft/geecon/AdminResource.java @@ -0,0 +1,39 @@ +package com.ysoft.geecon; + +import com.ysoft.geecon.dto.Pkce; +import com.ysoft.geecon.repo.SessionsRepo; +import com.ysoft.geecon.repo.UsersRepo; +import jakarta.inject.Inject; +import jakarta.ws.rs.GET; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; +import org.jboss.resteasy.reactive.RestQuery; + +@Path("/admin") +public class AdminResource { + @Inject + UsersRepo usersRepo; + @Inject + SessionsRepo sessionsRepo; + + @GET + @Path("reset") + @Produces(MediaType.TEXT_HTML) + public Response reset(@RestQuery("auth") String auth) { + if (auth != null && Pkce.s256(auth).equals("gT8T_jmTnAI4KLIutKj8jLEPQA3oNYxDEp_IHaLGfxo")) { + usersRepo.reset(); + sessionsRepo.reset(); + return Response.noContent().build(); + } else { + return Response.status(Response.Status.BAD_REQUEST).build(); + } + } +} + + + + + + diff --git a/src/main/java/com/ysoft/geecon/dto/Pkce.java b/src/main/java/com/ysoft/geecon/dto/Pkce.java index a1946d1..d618110 100644 --- a/src/main/java/com/ysoft/geecon/dto/Pkce.java +++ b/src/main/java/com/ysoft/geecon/dto/Pkce.java @@ -4,7 +4,7 @@ import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.digest.DigestUtils; public class Pkce { - static boolean validate(String challengeMethod, String codeChallenge, String codeVerifier) { + public static boolean validate(String challengeMethod, String codeChallenge, String codeVerifier) { return switch (challengeMethod) { case "plain" -> codeVerifier.equals(codeChallenge); case "S256" -> codeChallenge.equals(s256(codeVerifier)); @@ -12,7 +12,7 @@ public class Pkce { }; } - static String s256(String codeVerifier) { + public static String s256(String codeVerifier) { return Base64.encodeBase64URLSafeString(DigestUtils.sha256(codeVerifier)); } } diff --git a/src/main/java/com/ysoft/geecon/repo/SessionsRepo.java b/src/main/java/com/ysoft/geecon/repo/SessionsRepo.java index cb4a155..beb063a 100644 --- a/src/main/java/com/ysoft/geecon/repo/SessionsRepo.java +++ b/src/main/java/com/ysoft/geecon/repo/SessionsRepo.java @@ -63,4 +63,10 @@ public class SessionsRepo { var sessionId = Optional.ofNullable(sessionsByAuthorizationCode.get(authorizationCode)); return sessionId.map(authorizationSessions::get); } + + public final void reset() { + authorizationSessions.clear(); + sessionsByUserCode.clear(); + sessionsByAuthorizationCode.clear(); + } } diff --git a/src/main/java/com/ysoft/geecon/repo/UsersRepo.java b/src/main/java/com/ysoft/geecon/repo/UsersRepo.java index bf1ccb9..a3857be 100644 --- a/src/main/java/com/ysoft/geecon/repo/UsersRepo.java +++ b/src/main/java/com/ysoft/geecon/repo/UsersRepo.java @@ -13,8 +13,7 @@ public class UsersRepo { private final Map users = new HashMap<>(); public UsersRepo() { - register(new User("bob", "Password1", List.of())); - register(new User("user", "user", List.of())); + reset(); } public Optional getUser(String username) { @@ -31,4 +30,10 @@ public class UsersRepo { .filter(u -> u.credentials().stream().anyMatch(c -> c.credID.equals(credID))) .findAny(); } + + public final void reset() { + users.clear(); + register(new User("bob", "Password1", List.of())); + register(new User("user", "user", List.of())); + } }