From 45ab6736ed393843cde0c4c6f11d2471dc9fa4eb Mon Sep 17 00:00:00 2001 From: Jacek Trossen <112926677+JTrossen@users.noreply.github.com> Date: Fri, 7 Oct 2022 19:09:19 +0200 Subject: [PATCH] spring-security: initial integration spring-security-oauth2-core (#8709) --- projects/spring-security/Dockerfile | 3 + .../acl/AclFormattingUtilsFuzzer.java | 53 ++++++++++++++ projects/spring-security/build.sh | 2 + projects/spring-security/diff.patch | 11 ++- .../oauth2-core/OAuth2AccessTokenFuzzer.java | 73 +++++++++++++++++++ projects/spring-security/project.yaml | 3 +- 6 files changed, 143 insertions(+), 2 deletions(-) create mode 100644 projects/spring-security/acl/AclFormattingUtilsFuzzer.java create mode 100644 projects/spring-security/oauth2-core/OAuth2AccessTokenFuzzer.java diff --git a/projects/spring-security/Dockerfile b/projects/spring-security/Dockerfile index a82136866..16d84b9f5 100644 --- a/projects/spring-security/Dockerfile +++ b/projects/spring-security/Dockerfile @@ -22,5 +22,8 @@ RUN git clone --depth 1 https://github.com/spring-projects/spring-security COPY build.sh $SRC/ COPY *Fuzzer.java $SRC/ +COPY oauth2-core/*Fuzzer.java $SRC/ +COPY acl/*Fuzzer.java $SRC/ COPY *.patch $SRC/ + WORKDIR $SRC/spring-security \ No newline at end of file diff --git a/projects/spring-security/acl/AclFormattingUtilsFuzzer.java b/projects/spring-security/acl/AclFormattingUtilsFuzzer.java new file mode 100644 index 000000000..77bc6bd7b --- /dev/null +++ b/projects/spring-security/acl/AclFormattingUtilsFuzzer.java @@ -0,0 +1,53 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +import com.code_intelligence.jazzer.api.FuzzedDataProvider; + +import org.springframework.security.acls.domain.AclFormattingUtils; + + + +public class AclFormattingUtilsFuzzer { + + public static void fuzzerTestOneInput(FuzzedDataProvider data) { + + String origin; + String bits; + int mask; + char code; + char off; + + mask = data.consumeInt(); + code = data.consumeChar(); + origin = data.consumeString(250); + bits = data.consumeRemainingAsString(); + + String printBinary1; + String printBinary2; + String mergePatterns; + String demergePatterns; + try { + printBinary1 = AclFormattingUtils.printBinary(mask); + printBinary2 = AclFormattingUtils.printBinary(mask, code); + mergePatterns = AclFormattingUtils.mergePatterns(origin, bits); + demergePatterns = AclFormattingUtils.demergePatterns(origin, bits); + } + catch(IllegalArgumentException iae) { + + } + } + +} diff --git a/projects/spring-security/build.sh b/projects/spring-security/build.sh index bb272595a..e50e72695 100755 --- a/projects/spring-security/build.sh +++ b/projects/spring-security/build.sh @@ -32,6 +32,8 @@ GRADLE_ARGS="-x test -x javadoc" ./gradlew shadowJar $GRADLE_ARGS -b messaging/spring-security-messaging.gradle ./gradlew shadowJar $GRADLE_ARGS -b web/spring-security-web.gradle ./gradlew shadowJar $GRADLE_ARGS -b test/spring-security-test.gradle +./gradlew shadowJar $GRADLE_ARGS -b oauth2/oauth2-core/spring-security-oauth2-core.gradle +./gradlew shadowJar $GRADLE_ARGS -b acl/spring-security-acl.gradle # Copy all shadow jars to the $OUT folder find . -name "*-all.jar" -print0 | while read -d $'\0' file diff --git a/projects/spring-security/diff.patch b/projects/spring-security/diff.patch index 7ecbd00ad..ba2b9796c 100644 --- a/projects/spring-security/diff.patch +++ b/projects/spring-security/diff.patch @@ -1,3 +1,12 @@ +diff --git a/acl/spring-security-acl.gradle b/acl/spring-security-acl.gradle +index 976d8d4..f01b423 100644 +--- a/acl/spring-security-acl.gradle ++++ b/acl/spring-security-acl.gradle +@@ -1,3 +1,4 @@ ++apply plugin: "com.github.johnrengelman.shadow" + apply plugin: 'io.spring.convention.spring-module' + + dependencies { diff --git a/build.gradle b/build.gradle diff --git a/build.gradle b/build.gradle index 21893a7..faf7dff 100644 @@ -62,7 +71,7 @@ index fb306f6..b27cd44 100644 + dependencies { api platform("org.springframework:spring-framework-bom:$springFrameworkVersion") - api platform("io.projectreactor:reactor-bom:2022.0.0-M4") + api platform("io.projectreactor:reactor-bom:$reactorVersion") diff --git a/ldap/spring-security-ldap.gradle b/ldap/spring-security-ldap.gradle index c4f6c08..39023ed 100644 --- a/ldap/spring-security-ldap.gradle diff --git a/projects/spring-security/oauth2-core/OAuth2AccessTokenFuzzer.java b/projects/spring-security/oauth2-core/OAuth2AccessTokenFuzzer.java new file mode 100644 index 000000000..032cfaffa --- /dev/null +++ b/projects/spring-security/oauth2-core/OAuth2AccessTokenFuzzer.java @@ -0,0 +1,73 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +//////////////////////////////////////////////////////////////////////////////// + +import com.code_intelligence.jazzer.api.FuzzedDataProvider; + +import org.springframework.security.oauth2.core.OAuth2AccessToken; + +import java.time.Instant; +import java.util.Arrays; +import java.util.LinkedHashSet; +import java.util.Set; + +public class OAuth2AccessTokenFuzzer { + + private static final OAuth2AccessToken.TokenType TOKEN_TYPE = OAuth2AccessToken.TokenType.BEARER; + private static final Instant ISSUED_AT = Instant.now(); + private static final Instant EXPIRES_AT = Instant.from(ISSUED_AT).plusSeconds(60); + + public static void fuzzerTestOneInput(FuzzedDataProvider data) { + + Set scope; + String tmpScope; + String value; + boolean proceed = true; + OAuth2AccessToken accessToken = null; + + boolean isScope = data.consumeBoolean(); + if (isScope) { + + tmpScope = data.consumeString(250); + value = data.consumeString(250); + + scope = new LinkedHashSet<>(Arrays.asList(tmpScope)); + try { + accessToken = new OAuth2AccessToken(TOKEN_TYPE, value, ISSUED_AT, EXPIRES_AT, scope); + } + catch (IllegalArgumentException iae) { + proceed = false; + } + } + else { + value = data.consumeRemainingAsString(); + + try { + accessToken = new OAuth2AccessToken(TOKEN_TYPE, value, ISSUED_AT, EXPIRES_AT); + } + catch (IllegalArgumentException iae) { + proceed = false; + } + } + + if (proceed) { + String tokenValue = accessToken.getTokenValue(); + int hashCode = accessToken.hashCode(); + OAuth2AccessToken compareToken = new OAuth2AccessToken(TOKEN_TYPE, value, ISSUED_AT, EXPIRES_AT); + boolean compareTokens = accessToken.equals(compareToken); + } + } + +} diff --git a/projects/spring-security/project.yaml b/projects/spring-security/project.yaml index d86d0d923..772e2b87a 100644 --- a/projects/spring-security/project.yaml +++ b/projects/spring-security/project.yaml @@ -14,4 +14,5 @@ vendor_ccs: - "glendowne@code-intelligence.com" - "patrice.salathe@code-intelligence.com" - "hlin@code-intelligence.com" - - "yoshi.weber@gmail.com" + - "jacek.trossen@code-intelligence.com" + - "peter.samarin@code-intelligence.com"