Meishin/LoginSystem
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

#1141 Fix review remarks by @games647

Browse Source 
- Use SHA512 to generate keys instead of default SHA1
- Declare google authenticator dependency as optional and add relocation rule
This commit is contained in:
ljacqu 2018-04-03 00:12:25 +02:00
parent 2bf78dd186
commit 9326094d9c
4 changed files with 34 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
pom.xml
View File

@ -251,16 +251,8 @@
<shadedPattern>fr.xephi.authme.libs.com.google</shadedPattern> <shadedPattern>fr.xephi.authme.libs.com.google</shadedPattern>
</relocation> </relocation>
<relocation> <relocation>
<pattern>ch.jalu.injector</pattern> <pattern>ch.jalu</pattern>
<shadedPattern>fr.xephi.authme.libs.jalu.injector</shadedPattern> <shadedPattern>fr.xephi.authme.libs.ch.jalu</shadedPattern>
</relocation>
<relocation>
<pattern>ch.jalu.configme</pattern>
<shadedPattern>fr.xephi.authme.libs.ch.jalu.configme</shadedPattern>
</relocation>
<relocation>
<pattern>ch.jalu.datasourcecolumns</pattern>
<shadedPattern>fr.xephi.authme.libs.ch.jalu.datasourcecolumns</shadedPattern>
</relocation> </relocation>
<relocation> <relocation>
<pattern>com.zaxxer.hikari</pattern> <pattern>com.zaxxer.hikari</pattern>
@ -290,6 +282,10 @@
<pattern>de.mkammerer</pattern> <pattern>de.mkammerer</pattern>
<shadedPattern>fr.xephi.authme.libs.de.mkammerer</shadedPattern> <shadedPattern>fr.xephi.authme.libs.de.mkammerer</shadedPattern>
</relocation> </relocation>
<relocation>
<pattern>com.warrenstrange</pattern>
<shadedPattern>fr.xephi.authme.libs.com.warrenstrange</shadedPattern>
</relocation>
<relocation> <relocation>
<pattern>javax.inject</pattern> <pattern>javax.inject</pattern>
<shadedPattern>fr.xephi.authme.libs.javax.inject</shadedPattern> <shadedPattern>fr.xephi.authme.libs.javax.inject</shadedPattern>
@ -482,6 +478,7 @@
<groupId>com.warrenstrange</groupId> <groupId>com.warrenstrange</groupId>
<artifactId>googleauth</artifactId> <artifactId>googleauth</artifactId>
<version>1.1.2</version> <version>1.1.2</version>
<optional>true</optional>
</dependency> </dependency>
<!-- Spigot API, http://www.spigotmc.org/ --> <!-- Spigot API, http://www.spigotmc.org/ -->

2
src/main/java/fr/xephi/authme/message/MessageKey.java
View File

@ -197,7 +197,7 @@ public enum MessageKey {
/** Your secret code is %code. You can scan it from here %url */ /** Your secret code is %code. You can scan it from here %url */
TWO_FACTOR_CREATE("two_factor.code_created", "%code", "%url"), TWO_FACTOR_CREATE("two_factor.code_created", "%code", "%url"),
/** Please submit your two-factor authentication code with /2fa code &ltcode&gt;. */ /** Please submit your two-factor authentication code with /2fa code &lt;code&gt;. */
TWO_FACTOR_CODE_REQUIRED("two_factor.code_required"), TWO_FACTOR_CODE_REQUIRED("two_factor.code_required"),
/** Two-factor authentication is already enabled for your account! */ /** Two-factor authentication is already enabled for your account! */

20
src/main/java/fr/xephi/authme/security/totp/TotpAuthenticator.java
View File

@ -1,9 +1,11 @@
package fr.xephi.authme.security.totp; package fr.xephi.authme.security.totp;
import com.google.common.annotations.VisibleForTesting;
import com.warrenstrange.googleauth.GoogleAuthenticator; import com.warrenstrange.googleauth.GoogleAuthenticator;
import com.warrenstrange.googleauth.GoogleAuthenticatorConfig;
import com.warrenstrange.googleauth.GoogleAuthenticatorConfig.GoogleAuthenticatorConfigBuilder;
import com.warrenstrange.googleauth.GoogleAuthenticatorKey; import com.warrenstrange.googleauth.GoogleAuthenticatorKey;
import com.warrenstrange.googleauth.GoogleAuthenticatorQRGenerator; import com.warrenstrange.googleauth.GoogleAuthenticatorQRGenerator;
import com.warrenstrange.googleauth.HmacHashFunction;
import com.warrenstrange.googleauth.IGoogleAuthenticator; import com.warrenstrange.googleauth.IGoogleAuthenticator;
import fr.xephi.authme.service.BukkitService; import fr.xephi.authme.service.BukkitService;
import org.bukkit.entity.Player; import org.bukkit.entity.Player;
@ -18,16 +20,20 @@ public class TotpAuthenticator {
private final IGoogleAuthenticator authenticator; private final IGoogleAuthenticator authenticator;
private final BukkitService bukkitService; private final BukkitService bukkitService;
@Inject @Inject
TotpAuthenticator(BukkitService bukkitService) { TotpAuthenticator(BukkitService bukkitService) {
this(new GoogleAuthenticator(), bukkitService); this.authenticator = createGoogleAuthenticator();
this.bukkitService = bukkitService;
} }
@VisibleForTesting /**
TotpAuthenticator(IGoogleAuthenticator authenticator, BukkitService bukkitService) { * @return new Google Authenticator instance
this.authenticator = authenticator; */
this.bukkitService = bukkitService; protected IGoogleAuthenticator createGoogleAuthenticator() {
GoogleAuthenticatorConfig config = new GoogleAuthenticatorConfigBuilder()
.setHmacHashFunction(HmacHashFunction.HmacSHA512)
.build();
return new GoogleAuthenticator(config);
} }
/** /**

14
src/test/java/fr/xephi/authme/security/totp/TotpAuthenticatorTest.java
View File

@ -36,7 +36,7 @@ public class TotpAuthenticatorTest {
@Before @Before
public void initializeTotpAuthenticator() { public void initializeTotpAuthenticator() {
totpAuthenticator = new TotpAuthenticator(googleAuthenticator, bukkitService); totpAuthenticator = new TotpAuthenticatorTestImpl(bukkitService);
} }
@Test @Test
@ -85,4 +85,16 @@ public class TotpAuthenticatorTest {
assertThat(result, equalTo(false)); assertThat(result, equalTo(false));
verifyZeroInteractions(googleAuthenticator); verifyZeroInteractions(googleAuthenticator);
} }
private final class TotpAuthenticatorTestImpl extends TotpAuthenticator {
TotpAuthenticatorTestImpl(BukkitService bukkitService) {
super(bukkitService);
}
@Override
protected IGoogleAuthenticator createGoogleAuthenticator() {
return googleAuthenticator;
}
}
} }