revised includes edited user entity

src/main/java/com/safeqr/app/qrcode/controller/QRCodeTypeController.java

@@ -0,0 +1,64 @@
+package com.safeqr.app.qrcode.controller;
+
+import com.safeqr.app.qrcode.dto.QRCodePayload;
+import com.safeqr.app.qrcode.dto.RedirectCountResponse;
+import com.safeqr.app.qrcode.dto.URLVerificationResponse;
+import com.safeqr.app.qrcode.entity.QRCodeType;
+import com.safeqr.app.qrcode.service.QRCodeTypeService;
+import com.safeqr.app.qrcode.service.RedirectCountService;
+import com.safeqr.app.qrcode.service.URLVerificationService;
+import com.safeqr.app.qrcode.service.VirusTotalService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
+
+@RestController
+@RequestMapping("/v1/api/qrcodetypes")
+public class QRCodeTypeController {
+
+    @Autowired
+    private QRCodeTypeService qrCodeTypeService;
+
+    @Autowired
+    private URLVerificationService urlVerificationService;
+
+    @Autowired
+    private VirusTotalService virusTotalService;
+
+    @Autowired
+    private RedirectCountService redirectCountService;
+
+    @GetMapping
+    public ResponseEntity<List<QRCodeType>> getAllTypes() {
+        return ResponseEntity.ok(qrCodeTypeService.getAllTypes());
+    }
+
+    @PostMapping("/detect")
+    public ResponseEntity<String> detectType(@RequestBody QRCodePayload payload) {
+        return ResponseEntity.ok(qrCodeTypeService.detectType(payload).block());
+    }
+
+    @PostMapping("/verifyURL")
+    public ResponseEntity<URLVerificationResponse> verifyURL(@RequestBody QRCodePayload payload) {
+        URLVerificationResponse response = urlVerificationService.verifyURL(payload);
+        return ResponseEntity.ok(response);
+    }
+
+    @PostMapping("/virusTotalCheck")
+    public ResponseEntity<Boolean> virusTotalCheck(@RequestBody QRCodePayload payload) {
+        try {
+            String analysisId = virusTotalService.scanURL(payload);
+            boolean isSafe = virusTotalService.getAnalysis(analysisId);
+            return ResponseEntity.ok(isSafe);
+        } catch (Exception e) {
+            return ResponseEntity.status(500).body(false);
+        }
+    }
+
+    @PostMapping("/checkRedirects")
+    public ResponseEntity<RedirectCountResponse> checkRedirects(@RequestBody QRCodePayload payload) {
+        return ResponseEntity.ok(redirectCountService.countRedirects(payload).block());
+    }
+}

src/main/java/com/safeqr/app/qrcode/dto/QRCodePayload.java

@@ -0,0 +1,8 @@
+package com.safeqr.app.qrcode.dto;
+
+import lombok.Data;
+
+@Data // Lombok annotation to generate getters, setters, toString, equals, and hashCode methods
+public class QRCodePayload {
+    private String data;
+}

src/main/java/com/safeqr/app/qrcode/dto/RedirectCountResponse.java

@@ -0,0 +1,9 @@
+package com.safeqr.app.qrcode.dto;
+
+import lombok.Data;
+
+@Data
+public class RedirectCountResponse {
+    private int redirectCount;
+    private String message;
+}

src/main/java/com/safeqr/app/qrcode/dto/SafeBrowsingRequest.java

@@ -0,0 +1,40 @@
+package com.safeqr.app.qrcode.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class SafeBrowsingRequest {
+    private Client client;
+    private ThreatInfo threatInfo;
+
+    @Data
+    @NoArgsConstructor
+    @AllArgsConstructor
+    public static class Client {
+        private String clientId;
+        private String clientVersion;
+    }
+
+    @Data
+    @NoArgsConstructor
+    @AllArgsConstructor
+    public static class ThreatInfo {
+        private List<String> threatTypes;
+        private List<String> platformTypes;
+        private List<String> threatEntryTypes;
+        private List<ThreatEntry> threatEntries;
+
+        @Data
+        @NoArgsConstructor
+        @AllArgsConstructor
+        public static class ThreatEntry {
+            private String url;
+        }
+    }
+}

src/main/java/com/safeqr/app/qrcode/dto/SafeBrowsingResponse.java

@@ -0,0 +1,33 @@
+
+package com.safeqr.app.qrcode.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class SafeBrowsingResponse {
+    private List<ThreatMatch> matches;
+
+    @Data
+    @NoArgsConstructor
+    @AllArgsConstructor
+    public static class ThreatMatch {
+        private Threat threat;
+        private String threatType;
+        private String platformType;
+        private String threatEntryType;
+
+        @Data
+        @NoArgsConstructor
+        @AllArgsConstructor
+        public static class Threat {
+            private String url;
+            private String hash;
+        }
+    }
+}

src/main/java/com/safeqr/app/qrcode/dto/URLVerificationRequest.java

@@ -0,0 +1,14 @@
+package com.safeqr.app.qrcode.dto;
+
+public class URLVerificationRequest {
+    private String url;
+
+    // Getters and Setters
+    public String getUrl() {
+        return url;
+    }
+
+    public void setUrl(String url) {
+        this.url = url;
+    }
+}

src/main/java/com/safeqr/app/qrcode/dto/URLVerificationResponse.java

@@ -0,0 +1,13 @@
+package com.safeqr.app.qrcode.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class URLVerificationResponse {
+    private boolean secure;
+    private String message;
+}

src/main/java/com/safeqr/app/qrcode/dto/VirusTotalResponse.java

@@ -0,0 +1,15 @@
+package com.safeqr.app.qrcode.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.Map;
+
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class VirusTotalResponse {
+    private boolean safe;
+    private Map<String, Object> response;
+}

src/main/java/com/safeqr/app/qrcode/entity/QRCode.java

@@ -0,0 +1,30 @@
+
+package com.safeqr.app.qrcode.entity;
+
+import jakarta.persistence.*;
+import lombok.Data;
+import org.hibernate.annotations.GenericGenerator;
+
+import java.util.UUID;
+
+@Entity
+@Table(name = "qr_code", schema = "safeqr")
+@Data
+public class QRCode {
+
+    @Id
+    @GeneratedValue(generator = "UUID")
+    @GenericGenerator(name = "UUID", strategy = "org.hibernate.id.UUIDGenerator")
+    @Column(updatable = false, nullable = false)
+    private UUID id;
+
+    @ManyToOne
+    @JoinColumn(name = "qr_code_type_id", nullable = false)
+    private QRCodeType qrCodeType;
+
+    private String userId;
+    private String contents;
+
+    @Column(name = "created_at", insertable = false, updatable = false)
+    private String createdAt;
+}

src/main/java/com/safeqr/app/qrcode/entity/QRCodeType.java

@@ -0,0 +1,20 @@
+
+package com.safeqr.app.qrcode.entity;
+
+import jakarta.persistence.*;
+import lombok.Data;
+
+@Entity
+@Table(name = "qr_code_types", schema = "safeqr")
+@Data
+public class QRCodeType {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+
+    private String type;
+    private String description;
+    private String prefix;
+    private String tableName;
+}

src/main/java/com/safeqr/app/qrcode/entity/SafeBrowsingCache.java

@@ -0,0 +1,28 @@
+
+package com.safeqr.app.qrcode.entity;
+
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.Id;
+import jakarta.persistence.Table;
+import lombok.Data;
+import org.hibernate.annotations.GenericGenerator;
+
+import java.util.UUID;
+
+@Data
+@Entity
+@Table(name = "safe_browsing_cache", schema = "safeqr")
+public class SafeBrowsingCache {
+
+    @Id
+    @GeneratedValue(generator = "UUID")
+    @GenericGenerator(name = "UUID", strategy = "org.hibernate.id.UUIDGenerator")
+    private UUID id;
+
+    private String hashPrefix;
+    private String threatType;
+    private String platformType;
+    private String threatEntryType;
+    private String fullHash;
+}

src/main/java/com/safeqr/app/qrcode/repository/QRCodeTypeRepository.java

@@ -0,0 +1,10 @@
+
+package com.safeqr.app.qrcode.repository;
+
+import com.safeqr.app.qrcode.entity.QRCodeType;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public interface QRCodeTypeRepository extends JpaRepository<QRCodeType, Long> {
+}

src/main/java/com/safeqr/app/qrcode/repository/SafeBrowsingCacheRepository.java

@@ -0,0 +1,11 @@
+package com.safeqr.app.qrcode.repository;
+
+import com.safeqr.app.qrcode.entity.SafeBrowsingCache;
+import org.springframework.data.jpa.repository.JpaRepository;
+
+import java.util.Optional;
+import java.util.UUID;
+
+public interface SafeBrowsingCacheRepository extends JpaRepository<SafeBrowsingCache, UUID> {
+    Optional<SafeBrowsingCache> findByHashPrefix(String hashPrefix);
+}

src/main/java/com/safeqr/app/qrcode/service/QRCodeTypeService.java

@@ -0,0 +1,50 @@
+
+package com.safeqr.app.qrcode.service;
+
+import com.safeqr.app.qrcode.dto.QRCodePayload;
+import com.safeqr.app.qrcode.entity.QRCodeType;
+import com.safeqr.app.qrcode.repository.QRCodeTypeRepository;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import reactor.core.publisher.Mono;
+
+import java.security.NoSuchAlgorithmException;
+import java.util.List;
+
+@Service
+public class QRCodeTypeService {
+
+    @Autowired
+    private QRCodeTypeRepository qrCodeTypeRepository;
+
+    @Autowired
+    private SafeBrowsingService safeBrowsingService;
+
+    public List<QRCodeType> getAllTypes() {
+        return qrCodeTypeRepository.findAll();
+    }
+
+    public Mono<String> detectType(QRCodePayload payload) {
+        String data = payload.getData();
+        List<QRCodeType> configs = qrCodeTypeRepository.findAll();
+
+        for (QRCodeType config : configs) {
+            if (data.startsWith(config.getPrefix())) {
+                if ("URL".equals(config.getType())) {
+                    try
+                    {
+                        return safeBrowsingService.isSafeUrl(data)
+                                .map(isSafe -> isSafe ? "Safe URL" : "Unsafe URL");
+                    } catch (NoSuchAlgorithmException e)
+                    {
+                        // TODO Auto-generated catch block
+                        return Mono.just("Error checking URL safety: " + e.getMessage());
+                    }
+                }
+                return Mono.just(config.getType());
+            }
+        }
+
+        return Mono.just("Unknown");
+    }
+}

src/main/java/com/safeqr/app/qrcode/service/RedirectCountService.java

@@ -0,0 +1,26 @@
+
+package com.safeqr.app.qrcode.service;
+
+import com.safeqr.app.qrcode.dto.QRCodePayload;
+import com.safeqr.app.qrcode.dto.RedirectCountResponse;
+import org.springframework.stereotype.Service;
+import org.springframework.web.reactive.function.client.WebClient;
+import reactor.core.publisher.Mono;
+
+@Service
+public class RedirectCountService {
+
+    public Mono<RedirectCountResponse> countRedirects(QRCodePayload payload) {
+        String url = payload.getData();
+
+        return WebClient.create()
+                .get()
+                .uri(url)
+                .exchangeToMono(response -> {
+                    RedirectCountResponse redirectCountResponse = new RedirectCountResponse();
+                    redirectCountResponse.setRedirectCount(response.cookies().size());
+                    redirectCountResponse.setMessage("Redirect count calculated.");
+                    return Mono.just(redirectCountResponse);
+                });
+    }
+}

src/main/java/com/safeqr/app/qrcode/service/SafeBrowsingService.java

@@ -0,0 +1,101 @@
+package com.safeqr.app.qrcode.service;
+
+import com.safeqr.app.qrcode.dto.SafeBrowsingRequest;
+import com.safeqr.app.qrcode.dto.SafeBrowsingResponse;
+import com.safeqr.app.qrcode.entity.SafeBrowsingCache;
+import com.safeqr.app.qrcode.repository.SafeBrowsingCacheRepository;
+
+import jakarta.annotation.PostConstruct;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Service;
+import org.springframework.web.reactive.function.client.WebClient;
+import reactor.core.publisher.Mono;
+
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Base64;
+import java.util.List;
+import java.util.Optional;
+import java.util.UUID;
+
+@Service
+public class SafeBrowsingService {
+
+    @Value("${google.safebrowsing.api.key}")
+    private String apiKey;
+
+    private final WebClient webClient;
+    private final SafeBrowsingCacheRepository cacheRepository;
+
+    public SafeBrowsingService(WebClient.Builder webClientBuilder, SafeBrowsingCacheRepository cacheRepository) {
+        this.webClient = webClientBuilder.baseUrl("https://safebrowsing.googleapis.com/v4/threatMatches:find").build();
+        this.cacheRepository = cacheRepository;
+    }
+
+    @PostConstruct
+    public void initializeCache() {
+        // Fetch the full list of hashes from Google and store them in the local database.
+        // This is a placeholder method. You need to implement the logic to fetch and store the hashes.
+        fetchAndStoreFullHashes();
+    }
+
+    public Mono<Boolean> isSafeUrl(String url) throws NoSuchAlgorithmException {
+        String hashPrefix = getHashPrefix(url);
+
+        Optional<SafeBrowsingCache> cachedResult = cacheRepository.findByHashPrefix(hashPrefix);
+        if (cachedResult.isPresent()) {
+            return Mono.just(cachedResult.get().getFullHash().isEmpty());
+        }
+
+        // If not in cache, call Google Safe Browsing API
+        String requestUrl = "?key=" + apiKey;
+
+        SafeBrowsingRequest request = new SafeBrowsingRequest(
+                new SafeBrowsingRequest.Client("safeqr-fyp-24", "1.0"),
+                new SafeBrowsingRequest.ThreatInfo(
+                        List.of("MALWARE", "SOCIAL_ENGINEERING"),
+                        List.of("WINDOWS"),
+                        List.of("URL"),
+                        List.of(new SafeBrowsingRequest.ThreatInfo.ThreatEntry(url))
+                )
+        );
+
+        return webClient.post()
+                .uri(requestUrl)
+                .header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE)
+                .bodyValue(request)
+                .retrieve()
+                .bodyToMono(SafeBrowsingResponse.class)
+                .map(response -> {
+                    boolean isSafe = response.getMatches() == null || response.getMatches().isEmpty();
+                    if (!isSafe) {
+                        SafeBrowsingResponse.ThreatMatch match = response.getMatches().get(0);
+                        SafeBrowsingCache cache = new SafeBrowsingCache();
+                        cache.setId(UUID.randomUUID());
+                        cache.setHashPrefix(hashPrefix);
+                        cache.setThreatType(match.getThreatType());
+                        cache.setPlatformType(match.getPlatformType());
+                        cache.setThreatEntryType(match.getThreatEntryType());
+                        cache.setFullHash(match.getThreat().getHash());
+                        cacheRepository.save(cache);
+                    }
+                    return isSafe;
+                });
+    }
+
+    private String getHashPrefix(String url) throws NoSuchAlgorithmException {
+        // Compute hash prefix of the URL (first 4 bytes of SHA-256)
+        MessageDigest digest = MessageDigest.getInstance("SHA-256");
+        byte[] hash = digest.digest(url.getBytes(StandardCharsets.UTF_8));
+        return Base64.getEncoder().encodeToString(hash).substring(0, 4);
+    }
+
+    private void fetchAndStoreFullHashes() {
+        // Implement the logic to fetch and store the full list of hashes from Google Safe Browsing API
+        // This could involve using the threatListUpdates:fetch endpoint
+    }
+}

src/main/java/com/safeqr/app/qrcode/service/URLVerificationService.java

@@ -0,0 +1,28 @@
+package com.safeqr.app.qrcode.service;
+
+import com.safeqr.app.qrcode.dto.QRCodePayload;
+import com.safeqr.app.qrcode.dto.URLVerificationResponse;
+import org.springframework.stereotype.Service;
+
+@Service
+public class URLVerificationService {
+
+    public URLVerificationResponse verifyURL(QRCodePayload payload) {
+        URLVerificationResponse response = new URLVerificationResponse();
+        try {
+            java.net.URL url = new java.net.URL(payload.getData());
+            String protocol = url.getProtocol();
+            if ("https".equalsIgnoreCase(protocol)) {
+                response.setSecure(true);
+                response.setMessage("The connection is secure.");
+            } else {
+                response.setSecure(false);
+                response.setMessage("The connection is not secure.");
+            }
+        } catch (Exception e) {
+            response.setSecure(false);
+            response.setMessage("Invalid URL.");
+        }
+        return response;
+    }
+}

src/main/java/com/safeqr/app/qrcode/service/VirusTotalService.java

@@ -0,0 +1,92 @@
+
+package com.safeqr.app.qrcode.service;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.safeqr.app.qrcode.dto.QRCodePayload;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.*;
+import org.springframework.stereotype.Service;
+import org.springframework.web.client.RestTemplate;
+import org.springframework.web.util.UriComponentsBuilder;
+
+import java.util.Map;
+
+@Service
+public class VirusTotalService {
+
+    private static final Logger logger = LoggerFactory.getLogger(VirusTotalService.class);
+
+    @Value("${virustotal.api.key}")
+    private String apiKey;
+
+    private final RestTemplate restTemplate;
+    private final ObjectMapper objectMapper;
+
+    public VirusTotalService() {
+        this.restTemplate = new RestTemplate();
+        this.objectMapper = new ObjectMapper();
+    }
+
+    public String scanURL(QRCodePayload payload) {
+        String urlToScan = payload.getData();
+        logger.info("Scanning URL: {}", urlToScan);
+
+        UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl("https://www.virustotal.com/api/v3/urls");
+
+        HttpHeaders headers = new HttpHeaders();
+        headers.set("accept", "application/json");
+        headers.set("content-type", "application/x-www-form-urlencoded");
+        headers.set("x-apikey", apiKey);
+
+        String body = "url=" + urlToScan;
+        HttpEntity<String> request = new HttpEntity<>(body, headers);
+
+        ResponseEntity<String> response = restTemplate.postForEntity(builder.toUriString(), request, String.class);
+        logger.info("Response from VirusTotal scan: {}", response.getBody());
+
+        try {
+            Map<String, Object> responseBody = objectMapper.readValue(response.getBody(), Map.class);
+            Map<String, Object> data = (Map<String, Object>) responseBody.get("data");
+            return (String) data.get("id");
+        } catch (Exception e) {
+            logger.error("Error parsing response from VirusTotal scan", e);
+            throw new RuntimeException("Error parsing response from VirusTotal scan", e);
+        }
+    }
+
+    public boolean getAnalysis(String analysisId) {
+        logger.info("Retrieving analysis for ID: {}", analysisId);
+
+        UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl("https://www.virustotal.com/api/v3/analyses/" + analysisId);
+
+        HttpHeaders headers = new HttpHeaders();
+        headers.set("accept", "application/json");
+        headers.set("x-apikey", apiKey);
+
+        HttpEntity<Void> request = new HttpEntity<>(headers);
+
+        ResponseEntity<String> response = restTemplate.exchange(builder.toUriString(), HttpMethod.GET, request, String.class);
+        logger.info("Response from VirusTotal analysis: {}", response.getBody());
+
+        try {
+            Map<String, Object> responseBody = objectMapper.readValue(response.getBody(), Map.class);
+            Map<String, Object> data = (Map<String, Object>) responseBody.get("data");
+            Map<String, Object> attributes = (Map<String, Object>) data.get("attributes");
+            Map<String, Integer> stats = (Map<String, Integer>) attributes.get("stats");
+
+            return evaluateSafety(stats);
+        } catch (Exception e) {
+            logger.error("Error parsing response from VirusTotal analysis", e);
+            throw new RuntimeException("Error parsing response from VirusTotal analysis", e);
+        }
+    }
+
+    private boolean evaluateSafety(Map<String, Integer> stats) {
+        int malicious = stats.getOrDefault("malicious", 0);
+        int suspicious = stats.getOrDefault("suspicious", 0);
+
+        return malicious < 5 && suspicious < 5;
+    }
+}

src/main/java/com/safeqr/app/user/controller/UserController.java

@@ -17,7 +17,7 @@ public class UserController {
     UserService userService;
     @GetMapping(value = "/version", produces = MediaType.APPLICATION_JSON_VALUE)
     public ResponseEntity<Map<String, String>> version() {
-        //System.out.println(userService.getUserByEmail());
+        System.out.println(userService.getUserByEmail());
         System.out.println("Health Check");
         return ResponseEntity.ok(Map.of("version","SafeQR v1.0.2"));
     }

src/main/java/com/safeqr/app/user/entity/UserEntity.java

@@ -5,22 +5,24 @@ import jakarta.persistence.Id;
 import jakarta.persistence.Table;
 import lombok.*;
 
+import java.util.List;
+import java.time.OffsetDateTime;
+
 @Builder
 @AllArgsConstructor
 @NoArgsConstructor
 @Getter
 @Setter
 @Entity
+@Data
 @Table(name="user", schema = "safeqr")
 public class UserEntity {
     @Id
     private String id;
-    private String cognitoId;
-    private String firstname;
-    private String lastname;
+    private String name;
     private String email;
+    private OffsetDateTime date_created;
+    private OffsetDateTime date_updated;
     private String source;
-    private String password;
-    private String salt;
-
+    private String status;
 }

src/main/java/com/safeqr/app/user/service/UserService.java

@@ -14,9 +14,9 @@ public class UserService {
     public String getUserByEmail() {
 
         // Retrieve the user by email
-        UserEntity retrievedUser = userRepository.findByEmail("test.user@example.com");
+        UserEntity retrievedUser = userRepository.findByEmail("piggyinu@gmail.com");
         if (retrievedUser != null) {
-            return "User found: " + retrievedUser.getFirstname() + " " + retrievedUser.getLastname();
+            return "User found: " + retrievedUser.getName();
         }
         return "User not found";
     }

src/main/resources/application.properties

@@ -1,5 +1,5 @@
 spring.application.name=SafeQR-app
-#spring.profiles.active=local
+spring.profiles.active=local
 http.port=${HTTP_PORT}
 server.port=${SERVER_PORT}
 server.ssl.enabled=true
@@ -18,3 +18,6 @@ spring.jpa.database-platform=${SERVER_DB_DIALECT}
 spring.jpa.hibernate.ddl-auto=update
 spring.jpa.show-sql=true
 spring.jpa.properties.hibernate.format_sql=true
+
+google.safebrowsing.api.key=${GOOGLE_SAFEBROWSING_API_KEY}
+virustotal.api.key=${VIRUSTOTAL_API_KEY}