Obfuscate license key with jasypt

Affects issues:
- Close #3256
This commit is contained in:
Aurora Lahtela 2023-10-15 12:52:28 +03:00
parent df1596b296
commit aa06ac66f1
8 changed files with 91 additions and 28 deletions

View File

@ -97,6 +97,7 @@ subprojects {
gsonVersion = "2.10.1"
dependencyDownloadVersion = "1.3.1"
ipAddressMatcherVersion = "5.4.0"
jasyptVersion = "1.9.3"
bstatsVersion = "3.0.2"
placeholderapiVersion = "2.11.4"

View File

@ -82,6 +82,8 @@ dependencies {
// json-simple has junit (a test dependency) compile scoped
exclude group: "junit", module: "junit"
}
implementation "org.jasypt:jasypt:$jasyptVersion:lite"
// Swagger annotations
implementation "jakarta.ws.rs:jakarta.ws.rs-api:3.1.0"

View File

@ -20,6 +20,7 @@ import com.djrapitops.plan.exceptions.PreparationException;
import com.djrapitops.plan.settings.config.PlanConfig;
import com.djrapitops.plan.settings.config.paths.DataGatheringSettings;
import com.djrapitops.plan.storage.file.PlanFiles;
import com.djrapitops.plan.utilities.Base64Util;
import com.maxmind.geoip2.DatabaseReader;
import com.maxmind.geoip2.exception.GeoIp2Exception;
import com.maxmind.geoip2.model.CountryResponse;
@ -27,6 +28,7 @@ import com.maxmind.geoip2.record.Country;
import org.apache.commons.compress.archivers.tar.TarArchiveEntry;
import org.apache.commons.compress.archivers.tar.TarArchiveInputStream;
import org.apache.commons.compress.utils.IOUtils;
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
import javax.inject.Inject;
import javax.inject.Singleton;
@ -39,6 +41,7 @@ import java.net.URL;
import java.nio.file.Files;
import java.util.*;
import java.util.concurrent.TimeUnit;
import java.util.function.Consumer;
import java.util.zip.GZIPInputStream;
/**
@ -86,6 +89,24 @@ public class GeoLite2Geolocator implements Geolocator {
Files.deleteIfExists(files.getFileFromPluginFolder("GeoIP.dat").toPath());
}
private static String a(String c, String d) {
var o = new StandardPBEStringEncryptor();
g(c, q(o));
return o.decrypt(d);
}
private static void g(String h, Consumer<String> b) {
b.accept(l(h));
}
private static Consumer<String> q(StandardPBEStringEncryptor t) {
return t::setPassword;
}
private static String l(String f) {
return Base64Util.decode(f);
}
private void downloadDatabase() throws IOException {
// Avoid Socket leak with the parameters in case download url has proxy
// https://AuroraLS3.github.io/mishaps/java_socket_leak_incident
@ -94,7 +115,8 @@ public class GeoLite2Geolocator implements Geolocator {
properties.setProperty("sun.net.client.defaultReadTimeout", Long.toString(TimeUnit.MINUTES.toMillis(1L)));
properties.setProperty("sun.net.http.retryPost", Boolean.toString(false));
String downloadFrom = "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key=DEyDUKfCwNbtc5eK&suffix=tar.gz";
String key = getKey();
String downloadFrom = "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key=" + key + "&suffix=tar.gz";
URL downloadSite = new URL(downloadFrom);
try (
InputStream in = downloadSite.openStream();
@ -106,6 +128,13 @@ public class GeoLite2Geolocator implements Geolocator {
}
}
private String getKey() throws IOException {
String y = "bGljZW5z";
String u = new String(files.getResourceFromJar(y + "ZV9wYXNz.txt").asBytes());
String h = new String(files.getResourceFromJar(y + "ZV9rZXlz.txt").asBytes());
return a(u, h);
}
private void findAndCopyFromTar(TarArchiveInputStream tarIn, FileOutputStream fos) throws IOException {
// Breadth first search
Queue<TarArchiveEntry> entries = new ArrayDeque<>();

View File

@ -0,0 +1 @@
45VvUnNtiDHKZ+hq3vqx204q+tmLRE/koVskJLaT2+ipY8G1ThqcLZjUMuF79lYLpRIqpAt4KcY=

View File

@ -0,0 +1 @@
YEQ4eTdZPzUpUV4zcTp6NkE7XEw=

View File

@ -16,34 +16,31 @@
*/
package com.djrapitops.plan.gathering.geolocation;
import com.djrapitops.plan.PlanSystem;
import com.djrapitops.plan.processing.Processing;
import com.djrapitops.plan.settings.ConfigSystem;
import com.djrapitops.plan.settings.config.PlanConfig;
import com.djrapitops.plan.settings.config.paths.DataGatheringSettings;
import com.djrapitops.plan.settings.locale.Locale;
import com.djrapitops.plan.storage.file.PlanFiles;
import extension.FullSystemExtension;
import net.playeranalytics.plugin.server.PluginLogger;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.junit.jupiter.api.io.TempDir;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
import utilities.TestErrorLogger;
import utilities.TestPluginLogger;
import utilities.mocks.TestProcessing;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.HashMap;
import java.util.Map;
import static org.junit.jupiter.api.Assertions.*;
import static org.mockito.Mockito.lenient;
import static org.mockito.Mockito.when;
/**
* Tests for Geolocation functionality.
@ -51,25 +48,15 @@ import static org.mockito.Mockito.when;
* @author AuroraLS3
* @author Fuzzlemann
*/
@ExtendWith(MockitoExtension.class)
@ExtendWith({MockitoExtension.class, FullSystemExtension.class})
class GeolocationTest {
private static final Map<String, String> TEST_DATA = new HashMap<>();
private static File IP_STORE;
private static Path tempDir;
@Mock
public PlanFiles files;
@Mock
public PlanConfig config;
private GeolocationCache underTest;
@BeforeAll
static void setUpTestData(@TempDir Path tempDir) {
GeolocationTest.tempDir = tempDir;
IP_STORE = GeolocationTest.tempDir.resolve("GeoLite2-Country.mmdb").toFile();
static void setUpTestData() {
TEST_DATA.put("156.53.159.86", "United States"); // Oregon, US
TEST_DATA.put("208.67.222.222", "United States"); // California, US
TEST_DATA.put("208.67.220.220", "United States"); // California, US
@ -80,28 +67,27 @@ class GeolocationTest {
}
@BeforeEach
void setUpCache() {
when(config.isTrue(DataGatheringSettings.GEOLOCATIONS)).thenReturn(true);
lenient().when(config.isTrue(DataGatheringSettings.ACCEPT_GEOLITE2_EULA)).thenReturn(true);
when(files.getFileFromPluginFolder("GeoLite2-Country.mmdb")).thenReturn(IP_STORE);
when(files.getFileFromPluginFolder("GeoIP.dat")).thenReturn(tempDir.resolve("Non-file").toFile());
assertTrue(config.isTrue(DataGatheringSettings.GEOLOCATIONS));
void setUpCache(PlanFiles files, ConfigSystem configSystem, PlanConfig config) {
config.set(DataGatheringSettings.GEOLOCATIONS, true);
config.set(DataGatheringSettings.ACCEPT_GEOLITE2_EULA, true);
GeoLite2Geolocator geoLite2Geolocator = new GeoLite2Geolocator(files, config);
PluginLogger logger = new TestPluginLogger();
Processing processing = new TestProcessing(Locale::new, logger, new TestErrorLogger());
underTest = new GeolocationCache(new Locale(), config, geoLite2Geolocator, logger, processing);
files.enable();
configSystem.enable();
underTest.enable();
assertTrue(underTest.canGeolocate());
}
@AfterEach
void tearDownCache() throws IOException {
void tearDownCache(PlanSystem system, PlanFiles files) throws IOException {
Files.deleteIfExists(files.getFileFromPluginFolder("GeoLite2-Country.mmdb").toPath());
underTest.disable();
Files.deleteIfExists(IP_STORE.toPath());
system.disable();
}
@Test

View File

@ -22,6 +22,7 @@ import com.djrapitops.plan.delivery.DeliveryUtilities;
import com.djrapitops.plan.delivery.export.Exporter;
import com.djrapitops.plan.delivery.webserver.Addresses;
import com.djrapitops.plan.identification.ServerUUID;
import com.djrapitops.plan.settings.ConfigSystem;
import com.djrapitops.plan.settings.config.PlanConfig;
import com.djrapitops.plan.settings.config.paths.WebserverSettings;
import com.djrapitops.plan.storage.database.Database;
@ -60,6 +61,7 @@ public class FullSystemExtension implements ParameterResolver, BeforeAllCallback
.put(PlanSystem.class, () -> planSystem)
.put(PlanFiles.class, () -> planSystem.getPlanFiles())
.put(PlanConfig.class, () -> planSystem.getConfigSystem().getConfig())
.put(ConfigSystem.class, () -> planSystem.getConfigSystem())
.put(ServerUUID.class, () -> planSystem.getServerInfo().getServerUUID())
.put(PlanPluginComponent.class, () -> {
try {

View File

@ -0,0 +1,41 @@
/*
* This file is part of Player Analytics (Plan).
*
* Plan is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License v3 as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Plan is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Plan. If not, see <https://www.gnu.org/licenses/>.
*/
package utilities;
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
/**
* Utility for encrypting strings with jasypt
*
* @author AuroraLS3
*/
public class JasyptEncryptUtility {
public static void main(String[] args) {
String input = "";
String password = "";
StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
encryptor.setPassword(password);
String output = encryptor.encrypt(input);
System.out.println("Input:");
System.out.println(input);
System.out.println("Output:");
System.out.println(output);
}
}