From b55c615ed511ad087df6fcc25de62a260da5a4fa Mon Sep 17 00:00:00 2001 From: ltiongku Date: Wed, 7 Aug 2024 18:58:38 +0800 Subject: [PATCH] added wifi classification and initial class --- .../safeqr/app/constants/CommonConstants.java | 5 +++ .../app/qrcode/entity/QRCodeEntity.java | 5 +++ .../safeqr/app/qrcode/model/EmailModel.java | 4 ++ .../safeqr/app/qrcode/model/PhoneModel.java | 4 ++ .../safeqr/app/qrcode/model/QRCodeModel.java | 1 + .../com/safeqr/app/qrcode/model/SMSModel.java | 4 ++ .../safeqr/app/qrcode/model/TextModel.java | 5 +++ .../com/safeqr/app/qrcode/model/URLModel.java | 5 +++ .../safeqr/app/qrcode/model/WifiModel.java | 9 ++++ .../app/qrcode/service/QRCodeTypeService.java | 4 ++ .../service/URLVerificationService.java | 24 +++++----- .../service/WifiVerificationService.java | 44 +++++++++++++++++++ 12 files changed, 103 insertions(+), 11 deletions(-) diff --git a/src/main/java/com/safeqr/app/constants/CommonConstants.java b/src/main/java/com/safeqr/app/constants/CommonConstants.java index c823020..7fa623e 100644 --- a/src/main/java/com/safeqr/app/constants/CommonConstants.java +++ b/src/main/java/com/safeqr/app/constants/CommonConstants.java @@ -17,4 +17,9 @@ public class CommonConstants { public static final String INFO_NO_HSTS_HEADER = "No HSTS Header detected"; public static final String INFO_HSTS_HEADER_PREFIX = "HSTS Header: "; public static final String INFO_HSTS_NOT_APPLICABLE = "N/A"; + + public static final String CLASSIFY_SAFE = "SAFE"; + public static final String CLASSIFY_WARNING = "WARNING"; + public static final String CLASSIFY_UNSAFE = "UNSAFE"; + public static final String CLASSIFY_UNKNOWN = "UNKNOWN"; } diff --git a/src/main/java/com/safeqr/app/qrcode/entity/QRCodeEntity.java b/src/main/java/com/safeqr/app/qrcode/entity/QRCodeEntity.java index b57790c..b6fc2ca 100644 --- a/src/main/java/com/safeqr/app/qrcode/entity/QRCodeEntity.java +++ b/src/main/java/com/safeqr/app/qrcode/entity/QRCodeEntity.java @@ -12,6 +12,8 @@ import org.hibernate.annotations.UuidGenerator; import java.time.LocalDateTime; import java.util.UUID; +import static com.safeqr.app.constants.CommonConstants.CLASSIFY_UNKNOWN; + @Entity @Table(name = "qr_code", schema = "safeqr") @Data @@ -36,4 +38,7 @@ public class QRCodeEntity { @Column(name = "created_at", insertable = false, updatable = false) private LocalDateTime createdAt; + + @Column(name = "result_category") + private String result = CLASSIFY_UNKNOWN; } diff --git a/src/main/java/com/safeqr/app/qrcode/model/EmailModel.java b/src/main/java/com/safeqr/app/qrcode/model/EmailModel.java index b002565..f02faf9 100644 --- a/src/main/java/com/safeqr/app/qrcode/model/EmailModel.java +++ b/src/main/java/com/safeqr/app/qrcode/model/EmailModel.java @@ -35,4 +35,8 @@ public final class EmailModel extends QRCodeModel { public EmailEntity getDetails () { return emailVerificationService.getEmailEntityByQRCodeId(data.getId()); } + @Override + public String retrieveClassification() { + return ""; + } } \ No newline at end of file diff --git a/src/main/java/com/safeqr/app/qrcode/model/PhoneModel.java b/src/main/java/com/safeqr/app/qrcode/model/PhoneModel.java index 7eeeb24..39d76ae 100644 --- a/src/main/java/com/safeqr/app/qrcode/model/PhoneModel.java +++ b/src/main/java/com/safeqr/app/qrcode/model/PhoneModel.java @@ -34,4 +34,8 @@ public final class PhoneModel extends QRCodeModel { public PhoneEntity getDetails () { return phoneVerificationService.getPhoneEntityByQRCodeId(data.getId()); } + @Override + public String retrieveClassification() { + return ""; + } } \ No newline at end of file diff --git a/src/main/java/com/safeqr/app/qrcode/model/QRCodeModel.java b/src/main/java/com/safeqr/app/qrcode/model/QRCodeModel.java index 0f9ca9d..9837af4 100644 --- a/src/main/java/com/safeqr/app/qrcode/model/QRCodeModel.java +++ b/src/main/java/com/safeqr/app/qrcode/model/QRCodeModel.java @@ -10,4 +10,5 @@ public abstract class QRCodeModel{ public abstract void setDetails(); public abstract T getDetails(); + public abstract String retrieveClassification(); } diff --git a/src/main/java/com/safeqr/app/qrcode/model/SMSModel.java b/src/main/java/com/safeqr/app/qrcode/model/SMSModel.java index 1fc3544..3dfd600 100644 --- a/src/main/java/com/safeqr/app/qrcode/model/SMSModel.java +++ b/src/main/java/com/safeqr/app/qrcode/model/SMSModel.java @@ -34,4 +34,8 @@ public final class SMSModel extends QRCodeModel { public SMSEntity getDetails () { return smsVerificationService.getSMSEntityByQRCodeId(data.getId()); } + @Override + public String retrieveClassification() { + return ""; + } } \ No newline at end of file diff --git a/src/main/java/com/safeqr/app/qrcode/model/TextModel.java b/src/main/java/com/safeqr/app/qrcode/model/TextModel.java index c8c1154..9a66d0f 100644 --- a/src/main/java/com/safeqr/app/qrcode/model/TextModel.java +++ b/src/main/java/com/safeqr/app/qrcode/model/TextModel.java @@ -34,4 +34,9 @@ public final class TextModel extends QRCodeModel { public TextEntity getDetails () { return textVerificationService.getTextEntityByQRCodeId(data.getId()); } + + @Override + public String retrieveClassification() { + return ""; + } } \ No newline at end of file diff --git a/src/main/java/com/safeqr/app/qrcode/model/URLModel.java b/src/main/java/com/safeqr/app/qrcode/model/URLModel.java index 5c5531e..db5984a 100644 --- a/src/main/java/com/safeqr/app/qrcode/model/URLModel.java +++ b/src/main/java/com/safeqr/app/qrcode/model/URLModel.java @@ -44,4 +44,9 @@ public final class URLModel extends QRCodeModel { public URLEntity getDetails () { return urlVerificationService.getURLEntityByQRCodeId(data.getId()); } + + @Override + public String retrieveClassification() { + return ""; + } } diff --git a/src/main/java/com/safeqr/app/qrcode/model/WifiModel.java b/src/main/java/com/safeqr/app/qrcode/model/WifiModel.java index 70dedf7..24d474d 100644 --- a/src/main/java/com/safeqr/app/qrcode/model/WifiModel.java +++ b/src/main/java/com/safeqr/app/qrcode/model/WifiModel.java @@ -26,6 +26,10 @@ public final class WifiModel extends QRCodeModel { @Override public void setDetails() { details = WifiEntity.builder().qrCodeId(data.getId()).build(); + + // Parse wifi string + wifiVerificationService.parseWifiString(details, data.getContents()); + // Insert into wifi table wifiVerificationService.insertDB(details); } @@ -33,4 +37,9 @@ public final class WifiModel extends QRCodeModel { public WifiEntity getDetails () { return wifiVerificationService.getWifiEntityByQRCodeId(data.getId()); } + + @Override + public String retrieveClassification() { + return wifiVerificationService.getClassification(details.getEncryption()); + } } \ No newline at end of file diff --git a/src/main/java/com/safeqr/app/qrcode/service/QRCodeTypeService.java b/src/main/java/com/safeqr/app/qrcode/service/QRCodeTypeService.java index 765f620..daf0ad0 100644 --- a/src/main/java/com/safeqr/app/qrcode/service/QRCodeTypeService.java +++ b/src/main/java/com/safeqr/app/qrcode/service/QRCodeTypeService.java @@ -111,6 +111,10 @@ public class QRCodeTypeService { // Create the QR Code Instance based on the QR Code Type & insert into the respective table QRCodeModel qrCodeModel = qrCodeFactoryProvider.createQRCodeInstance(scannedQR); qrCodeModel.setDetails(); + // Get classifications based on verificationsv + scannedQR.setResult(qrCodeModel.retrieveClassification()); + // update result category in qrcode table + qrCodeRepository.save(scannedQR); return BaseScanResponse.builder().qrcode(qrCodeModel).build(); } diff --git a/src/main/java/com/safeqr/app/qrcode/service/URLVerificationService.java b/src/main/java/com/safeqr/app/qrcode/service/URLVerificationService.java index d355e23..4aca886 100644 --- a/src/main/java/com/safeqr/app/qrcode/service/URLVerificationService.java +++ b/src/main/java/com/safeqr/app/qrcode/service/URLVerificationService.java @@ -72,7 +72,17 @@ public class URLVerificationService { URLEntity urlObj = new URLEntity(); try { //URL url = new URI(encodeUrl(urlString)).toURL(); - URL url = new URI(urlString).toURL(); + URL url = new URI(urlString.replace(" ", "")).toURL(); + // Check for URL encoding in path and query + String query = parseQueryParams(url.getQuery()); + String pathEncoding = checkURLEncoding(url.getPath()); + String queryEncoding = query != null ? checkURLEncoding(query) : ""; + + // Combine encoding results + urlObj.setUrlEncoding(pathEncoding.equals("Yes") || queryEncoding.equals("Yes") ? "Yes" : ""); + + // encode url before proceeding the rest of the checks + url = new URI(encodeUrl(urlString)).toURL(); String host = url.getHost(); // Check for deceptive URL @@ -91,20 +101,12 @@ public class URLVerificationService { urlObj.setPath(Optional.ofNullable(url.getPath()).filter(p -> !p.isEmpty()).orElse("")); - String query = parseQueryParams(url.getQuery()); - urlObj.setQuery(query); + urlObj.setQuery(parseQueryParams(url.getQuery())); urlObj.setFragment(Optional.ofNullable(url.getRef()).orElse("")); // Check for tracking parameters urlObj.setTrackingDescriptions(getTrackingDescriptions(url.getQuery())); - // Check for URL encoding in path and query - String pathEncoding = checkURLEncoding(url.getPath()); - String queryEncoding = query != null ? checkURLEncoding(query) : ""; - - // Combine encoding results - urlObj.setUrlEncoding(pathEncoding.equals("Yes") || queryEncoding.equals("Yes") ? "Yes" : ""); - } catch (Exception e) { logger.error("Error in breaking down URL: {}", e.getMessage()); } @@ -266,7 +268,7 @@ public class URLVerificationService { public void countAndTrackRedirects(String urlString, URLEntity details) throws IOException { try { - URI uri = new URI(urlString); + URI uri = new URI(encodeUrl(urlString)); URL url = uri.toURL(); List redirectChain = new ArrayList<>(); List hstsHeaderList = new ArrayList<>(); diff --git a/src/main/java/com/safeqr/app/qrcode/service/WifiVerificationService.java b/src/main/java/com/safeqr/app/qrcode/service/WifiVerificationService.java index b2c8b62..9bf8a4b 100644 --- a/src/main/java/com/safeqr/app/qrcode/service/WifiVerificationService.java +++ b/src/main/java/com/safeqr/app/qrcode/service/WifiVerificationService.java @@ -10,6 +10,8 @@ import org.springframework.stereotype.Service; import java.util.UUID; +import static com.safeqr.app.constants.CommonConstants.*; + @Service public class WifiVerificationService { private final WifiRepository wifiRepository; @@ -28,4 +30,46 @@ public class WifiVerificationService { wifiRepository.save(wifiEntity); } + public void parseWifiString(WifiEntity wifiEntity, String wifiString) { + wifiString = wifiString.substring(5); + // Split the string by semicolons + String[] parts = wifiString.split(";"); + + for (String part : parts) { + if (part.startsWith("T:")) { + wifiEntity.setEncryption(part.substring(2)); + } else if (part.startsWith("S:")) { + wifiEntity.setSsid(part.substring(2)); + } else if (part.startsWith("P:")) { + wifiEntity.setPassword(part.substring(2)); + } else if (part.startsWith("H:")) { + wifiEntity.setHidden(Boolean.parseBoolean(part.substring(2))); + } + } + + // Unescape special characters in SSID and password + wifiEntity.setSsid(unescapeString(wifiEntity.getSsid())); + wifiEntity.setPassword(unescapeString(wifiEntity.getPassword())); + } + + private String unescapeString(String input) { + return input.replace("\\:", ":") + .replace("\\;", ";") + .replace("\\,", ",") + .replace("\\\\", "\\"); + } + + public String getClassification(String encryptionType) { + if (encryptionType.equalsIgnoreCase("WPA") || + encryptionType.equalsIgnoreCase("WPA2") || + encryptionType.equalsIgnoreCase("WPA3")) { + return CLASSIFY_SAFE; + } else if (encryptionType.equalsIgnoreCase("WEP")) { + return CLASSIFY_WARNING; + } else if (encryptionType.equalsIgnoreCase("nopass")) { + return CLASSIFY_UNSAFE; + } else { + return CLASSIFY_UNKNOWN; + } + } } \ No newline at end of file