From 2af314b1354e73a38a3f6b2ec4bb32b0d590cfd6 Mon Sep 17 00:00:00 2001 From: anhefti Date: Tue, 25 Oct 2022 08:45:03 +0200 Subject: [PATCH] SEBSERV-351 added quitSecret decryption --- .../lms/impl/olat/OlatLmsAPITemplate.java | 15 ++++++++++++++- .../lms/impl/olat/OlatLmsAPITemplateFactory.java | 7 ++++++- .../servicelayer/lms/impl/olat/OlatLmsData.java | 6 +++--- 3 files changed, 23 insertions(+), 5 deletions(-) diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsAPITemplate.java b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsAPITemplate.java index 81d2d39a..79cec7f8 100644 --- a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsAPITemplate.java +++ b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsAPITemplate.java @@ -46,6 +46,7 @@ import ch.ethz.seb.sebserver.gbl.model.institution.LmsSetup; import ch.ethz.seb.sebserver.gbl.model.institution.LmsSetup.LmsType; import ch.ethz.seb.sebserver.gbl.model.institution.LmsSetupTestResult; import ch.ethz.seb.sebserver.gbl.model.user.ExamineeAccountDetails; +import ch.ethz.seb.sebserver.gbl.util.Cryptor; import ch.ethz.seb.sebserver.gbl.util.Result; import ch.ethz.seb.sebserver.gbl.util.Utils; import ch.ethz.seb.sebserver.webservice.servicelayer.dao.FilterMap; @@ -73,6 +74,7 @@ public class OlatLmsAPITemplate extends AbstractCachedCourseAccess implements Lm private final ClientCredentialService clientCredentialService; private final APITemplateDataSupplier apiTemplateDataSupplier; private final ExamConfigurationValueService examConfigurationValueService; + private final Cryptor cryptor; private final Long lmsSetupId; private OlatLmsRestTemplate cachedRestTemplate; @@ -82,6 +84,7 @@ public class OlatLmsAPITemplate extends AbstractCachedCourseAccess implements Lm final ClientCredentialService clientCredentialService, final APITemplateDataSupplier apiTemplateDataSupplier, final ExamConfigurationValueService examConfigurationValueService, + final Cryptor cryptor, final CacheManager cacheManager) { super(cacheManager); @@ -90,6 +93,7 @@ public class OlatLmsAPITemplate extends AbstractCachedCourseAccess implements Lm this.clientCredentialService = clientCredentialService; this.apiTemplateDataSupplier = apiTemplateDataSupplier; this.examConfigurationValueService = examConfigurationValueService; + this.cryptor = cryptor; this.lmsSetupId = apiTemplateDataSupplier.getLmsSetup().id; } @@ -471,7 +475,16 @@ public class OlatLmsAPITemplate extends AbstractCachedCourseAccess implements Lm } if (StringUtils.isNotEmpty(quitSecret)) { - sebRestrictionData.additionalProperties.put(ADDITIONAL_ATTR_QUIT_SECRET, quitSecret); + try { + final String decryptedSecret = this.cryptor + .encrypt(quitSecret) + .getOrThrow() + .toString(); + + sebRestrictionData.additionalProperties.put(ADDITIONAL_ATTR_QUIT_SECRET, decryptedSecret); + } catch (final Exception e) { + log.error("Failed to decrypt quitSecret: ", e); + } } } catch (final Exception e) { diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsAPITemplateFactory.java b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsAPITemplateFactory.java index 6810ae33..d0d098df 100644 --- a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsAPITemplateFactory.java +++ b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsAPITemplateFactory.java @@ -18,6 +18,7 @@ import ch.ethz.seb.sebserver.gbl.async.AsyncService; import ch.ethz.seb.sebserver.gbl.client.ClientCredentialService; import ch.ethz.seb.sebserver.gbl.model.institution.LmsSetup.LmsType; import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile; +import ch.ethz.seb.sebserver.gbl.util.Cryptor; import ch.ethz.seb.sebserver.gbl.util.Result; import ch.ethz.seb.sebserver.webservice.servicelayer.exam.ExamConfigurationValueService; import ch.ethz.seb.sebserver.webservice.servicelayer.lms.APITemplateDataSupplier; @@ -43,6 +44,7 @@ public class OlatLmsAPITemplateFactory implements LmsAPITemplateFactory { private final AsyncService asyncService; private final Environment environment; private final CacheManager cacheManager; + private final Cryptor cryptor; public OlatLmsAPITemplateFactory( final ClientHttpRequestFactoryService clientHttpRequestFactoryService, @@ -50,7 +52,8 @@ public class OlatLmsAPITemplateFactory implements LmsAPITemplateFactory { final ExamConfigurationValueService examConfigurationValueService, final AsyncService asyncService, final Environment environment, - final CacheManager cacheManager) { + final CacheManager cacheManager, + final Cryptor cryptor) { this.clientHttpRequestFactoryService = clientHttpRequestFactoryService; this.clientCredentialService = clientCredentialService; @@ -58,6 +61,7 @@ public class OlatLmsAPITemplateFactory implements LmsAPITemplateFactory { this.asyncService = asyncService; this.environment = environment; this.cacheManager = cacheManager; + this.cryptor = cryptor; } @Override @@ -73,6 +77,7 @@ public class OlatLmsAPITemplateFactory implements LmsAPITemplateFactory { this.clientCredentialService, apiTemplateDataSupplier, this.examConfigurationValueService, + this.cryptor, this.cacheManager); return new LmsAPITemplateAdapter( this.asyncService, diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsData.java b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsData.java index d075b0c9..5897f1f1 100644 --- a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsData.java +++ b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/lms/impl/olat/OlatLmsData.java @@ -62,7 +62,7 @@ public final class OlatLmsData { * "browserExamKeys": [ "1" ], * "configKeys": null, * "quitLink": "", - * "quitSecret": "", + * "quitSecret": "" * "key": 8028160 * } */ @@ -79,9 +79,9 @@ public final class OlatLmsData { * OLAT API example: * { * "configKeys": ["a", "b"], - * "browserExamKeys": ["1", "2"] + * "browserExamKeys": ["1", "2"], * "quitLink": "", - * "quitSecret": "", + * "quitSecret": "" * } */ public List browserExamKeys;