crash.software
Projects
Pull Requests
Issues
Builds
wrongsecrets
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY wrongsecrets Commits 00552c7e
🤬
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/AllControllerAdvice.java
    skipped 18 lines
    19 19   
    20 20   private final List<ChallengeUI> challenges;
    21 21   private final String version;
    22  - private RuntimeEnvironment runtimeEnvironment;
     22 + private final RuntimeEnvironment runtimeEnvironment;
    23 23   
    24 24   public AllControllerAdvice(List<Challenge> challenges, @Value("${APP_VERSION}") String version, RuntimeEnvironment runtimeEnvironment) {
    25 25   this.challenges = ChallengeUI.toUI(challenges, runtimeEnvironment);
    skipped 25 lines
  • ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/HerokuWebSecurityConfig.java
    skipped 2 lines
    3 3  import org.springframework.context.annotation.Configuration;
    4 4  import org.springframework.core.annotation.Order;
    5 5  import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    6  -import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
    7 6  import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
    8 7   
    9 8  @Configuration
    skipped 11 lines
  • ■ ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/RuntimeEnvironment.java
    skipped 21 lines
    22 22  @Component
    23 23  public class RuntimeEnvironment {
    24 24   
    25  - private static Map<Environment, List<Environment>> envToOverlappingEnvs = Map.of(
     25 + private static final Map<Environment, List<Environment>> envToOverlappingEnvs = Map.of(
    26 26   HEROKU_DOCKER, List.of(DOCKER, HEROKU_DOCKER),
    27 27   DOCKER, List.of(DOCKER, HEROKU_DOCKER),
    28 28   GCP, List.of(DOCKER, K8S, VAULT),
    skipped 13 lines
    42 42   }
    43 43   
    44 44   static Environment fromId(String id) {
    45  - return Arrays.asList(Environment.values()).stream().filter(e -> e.id.equalsIgnoreCase(id)).findAny().get();
     45 + return Arrays.stream(Environment.values()).filter(e -> e.id.equalsIgnoreCase(id)).findAny().get();
    46 46   }
    47 47   }
    48 48   
    skipped 19 lines
  • ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/SessionConfiguration.java
    skipped 11 lines
    12 12  @Slf4j
    13 13  public class SessionConfiguration {
    14 14   
    15  - private static AtomicInteger numberOfSessions = new AtomicInteger(0);
     15 + private static final AtomicInteger numberOfSessions = new AtomicInteger(0);
    16 16   
    17 17   @Bean
    18 18   public HttpSessionListener httpSessionListener() {
    skipped 18 lines
  • ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/StartupListener.java
    skipped 35 lines
    36 36   
    37 37   private String envsToReadableString() {
    38 38   return Arrays.stream(RuntimeEnvironment.Environment.values())
    39  - .map(env -> env.toString())
     39 + .map(Enum::toString)
    40 40   .collect(Collectors.joining(", "));
    41 41   }
    42 42   }
    skipped 3 lines
  • ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/asciidoc/AsciiDoctorTemplateResolver.java
    skipped 16 lines
    17 17  public class AsciiDoctorTemplateResolver extends FileTemplateResolver {
    18 18   
    19 19   private static final String PREFIX = "doc:";
    20  - private TemplateGenerator generator;
     20 + private final TemplateGenerator generator;
    21 21   
    22 22   public AsciiDoctorTemplateResolver(TemplateGenerator generator) {
    23 23   this.generator = generator;
    skipped 18 lines
  • ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/canaries/CanaryCounterImpl.java
    skipped 7 lines
    8 8  @Service
    9 9  public class CanaryCounterImpl implements CanaryCounter {
    10 10   
    11  - private static AtomicInteger numberofCanaryCalls = new AtomicInteger(0);
     11 + private static final AtomicInteger numberofCanaryCalls = new AtomicInteger(0);
    12 12   
    13 13   private static String lastToken;
    14 14   
    skipped 25 lines
  • ■ ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/cloud/Challenge11.java
    skipped 42 lines
    43 43   private final String azureDefaultValue;
    44 44   private final String challengeAnswer;
    45 45   private final String projectId;
    46  - private final RuntimeEnvironment runtimeEnvironment;
    47 46   private final String azureVaultUri;
    48 47   private final String azureWrongSecret3;
    49 48   
    skipped 16 lines
    66 65   this.gcpDefaultValue = gcpDefaultValue;
    67 66   this.azureDefaultValue = azureDefaultValue;
    68 67   this.projectId = projectId;
    69  - this.runtimeEnvironment = runtimeEnvironment;
    70 68   this.azureVaultUri = azureVaultUri;
    71 69   this.azureWrongSecret3 = azureWrongSecret3;
    72  - this.challengeAnswer = getChallenge11Value(this.runtimeEnvironment);
     70 + this.challengeAnswer = getChallenge11Value(runtimeEnvironment);
    73 71   }
    74 72   
    75 73   @Override
    skipped 12 lines
    88 86   
    89 87   private String getChallenge11Value(RuntimeEnvironment runtimeEnvironment) {
    90 88   if (runtimeEnvironment != null && runtimeEnvironment.getRuntimeEnvironment() != null) {
    91  - switch (runtimeEnvironment.getRuntimeEnvironment()) {
    92  - case AWS:
    93  - return getAWSChallenge11Value();
    94  - case GCP:
    95  - return getGCPChallenge11Value();
    96  - case AZURE:
    97  - return getAzureChallenge11Value();
    98  - default:
    99  - return "please_use_supported_cloud_env";
    100  - }
     89 + return switch (runtimeEnvironment.getRuntimeEnvironment()) {
     90 + case AWS -> getAWSChallenge11Value();
     91 + case GCP -> getGCPChallenge11Value();
     92 + case AZURE -> getAzureChallenge11Value();
     93 + default -> "please_use_supported_cloud_env";
     94 + };
    101 95   }
    102 96   return "please_use_supported_cloud_env";
    103 97   }
    skipped 75 lines
  • ■ ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/BinaryExecutionHelper.java
    skipped 10 lines
    11 11  public class BinaryExecutionHelper {
    12 12   
    13 13   
    14  - public static String ERROR_EXECUTION = "Error with executing";
     14 + public static final String ERROR_EXECUTION = "Error with executing";
    15 15   private final int challengeNumber;
    16 16   
    17 17   public BinaryExecutionHelper(int challengeNumber) {
    skipped 33 lines
    51 51   return ERROR_EXECUTION;
    52 52   }
    53 53   
     54 + }
     55 + 
     56 + private String executeCommand(File execFile, String argument) throws IOException, InterruptedException {
     57 + ProcessBuilder ps = new ProcessBuilder(execFile.getPath(), argument);
     58 + ps.redirectErrorStream(true);
     59 + Process pr = ps.start();
     60 + BufferedReader in = new BufferedReader(new InputStreamReader(pr.getInputStream()));
     61 + String result = in.readLine();
     62 + pr.waitFor();
     63 + return result;
    54 64   }
    55 65   
    56 66   private boolean useX86() {
    skipped 45 lines
    102 112   os.close();
    103 113   
    104 114   return execFile;
    105  - }
    106  - 
    107  - private String executeCommand(File execFile, String argument) throws IOException, InterruptedException {
    108  - ProcessBuilder ps = new ProcessBuilder(execFile.getPath(), argument);
    109  - ps.redirectErrorStream(true);
    110  - Process pr = ps.start();
    111  - BufferedReader in = new BufferedReader(new InputStreamReader(pr.getInputStream()));
    112  - String result = in.readLine();
    113  - pr.waitFor();
    114  - return result;
    115 115   }
    116 116   
    117 117   private void deleteFile(File execFile) {
    skipped 6 lines
  • ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge12.java
    skipped 18 lines
    19 19  @Order(12)
    20 20  public class Challenge12 extends Challenge {
    21 21   
    22  - private String dockerMountPath;
     22 + private final String dockerMountPath;
    23 23   
    24 24   public Challenge12(ScoreCard scoreCard, @Value("${challengedockermtpath}") String dockerMountPath) {
    25 25   super(scoreCard);
    skipped 29 lines
  • ■ ■ ■ ■ ■ ■
    src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge13.java
    skipped 22 lines
    23 23  @Order(13)
    24 24  public class Challenge13 extends Challenge {
    25 25   
    26  - private String plainText;
    27  - private String cipherText;
     26 + private final String plainText;
     27 + private final String cipherText;
    28 28   
    29 29   @Override
    30 30   public Spoiler spoiler() {
    skipped 49 lines
Please wait...
Page is in error, reload to recover