change param's name in IdentityRequest DataModel

f9fb0ed0 · Josh Ji · 290f6aca · f9fb0ed0 · f9fb0ed0 · f9fb0ed0
Commit f9fb0ed0 authored Dec 02, 2022 by Josh Ji
3 changed files
--- a/pom.xml
+++ b/pom.xml
@@ -70,6 +70,10 @@
            <artifactId>spring-security-test</artifactId>
            <scope>test</scope>
        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-jdbc</artifactId>
+        </dependency>
    </dependencies>
    <build>

--- a/src/main/java/com/prlab/idpserver/controller/RESTfulApi.java
+++ b/src/main/java/com/prlab/idpserver/controller/RESTfulApi.java
 package com.prlab.idpserver.controller;
 import com.prlab.idpserver.model.IdentityRequest;
-import org.apache.logging.log4j.util.Base64Util;
 import org.apache.tomcat.util.buf.HexUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.jdbc.core.JdbcTemplate;
-import org.springframework.security.crypto.codec.Hex;
 import org.springframework.util.Base64Utils;
 import org.springframework.web.bind.annotation.*;
 import javax.crypto.*;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
-import javax.xml.bind.annotation.adapters.HexBinaryAdapter;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
@@ -34,12 +31,13 @@ public class RESTfulApi {
 	@PostMapping("/idp/askIdentity")
 	public String queryIdentity(@RequestBody IdentityRequest identityRequest) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
-		String sql = "SELECT * FROM identities WHERE HMACbase64 = ?";
+		String sql = "SELECT * FROM identities WHERE HMACbase64 LIKE ?;";
-		List<Map<String, Object>> list =  jdbcTemplate.queryForList(sql,new Object[]{identityRequest.p1}, new int[]{Types.VARCHAR});
+		List<Map<String, Object>> list =  jdbcTemplate.queryForList(sql,new Object[]{identityRequest.HMAC +"%"}, new int[]{Types.VARCHAR});
+		logger.debug("identityRequest : {}, {}", identityRequest.HMAC, identityRequest.Cx);
 		Cipher aesCipher = Cipher.getInstance("AES/CBC/NoPadding");
 		IvParameterSpec IV = new IvParameterSpec(new byte[]{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00});
-		logger.debug("encryptedCx in base64 form : "+identityRequest.p2);
+		logger.debug("encryptedCx in base64 form : "+identityRequest.Cx);
 		for(Map<String, Object> map : list){
 			byte[] sharedSecret = (byte[])map.get("SharedSecret");
 			byte[] Cx = (byte[])map.get("Cx");
@@ -50,7 +48,7 @@ public class RESTfulApi {
 			logger.debug("Cx in db : " + HexUtils.toHexString(Cx));
 			aesCipher.init(Cipher.DECRYPT_MODE, secretKey, IV);
-			byte[] encryptedCx = Base64Utils.decodeFromString(identityRequest.p2);
+			byte[] encryptedCx = Base64Utils.decodeFromString(identityRequest.Cx);
 			logger.debug("encryptedCx : " + HexUtils.toHexString(encryptedCx));
 			byte[] decryptedCx = aesCipher.doFinal(encryptedCx, 0, 16);
 			logger.debug("decryptedCx : " + HexUtils.toHexString(decryptedCx));

--- a/src/main/java/com/prlab/idpserver/model/IdentityRequest.java
+++ b/src/main/java/com/prlab/idpserver/model/IdentityRequest.java
 package com.prlab.idpserver.model;
 public class IdentityRequest {
-	public String p1;
+	public String HMAC;
-	public String p2;
+	public String Cx;
 }