xmpp integration tests

6 files changed, 349 insertions, 9 deletions

diff --git a/juick-www/src/main/java/com/juick/www/configuration/SapeConfiguration.java b/juick-www/src/main/java/com/juick/www/configuration/SapeConfiguration.java
new file mode 100644
index 00000000..68ff28d2
--- /dev/null
+++ b/juick-www/src/main/java/com/juick/www/configuration/SapeConfiguration.java
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.www.configuration;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import ru.sape.Sape;
+
+/**
+ * Created by vitalyster on 29.03.2017.
+ */
+@Configuration
+public class SapeConfiguration {
+    @Value("${sape_user:secret}")
+    private String token;
+
+    @Bean
+    public Sape sape() {
+        return new Sape(token, "juick.com", 2000, 3600);
+    }
+}
diff --git a/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
new file mode 100644
index 00000000..909b6cd3
--- /dev/null
+++ b/juick-www/src/main/java/com/juick/www/configuration/WebSecurityConfig.java
@@ -0,0 +1,140 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.www.configuration;
+
+import com.juick.service.UserService;
+import com.juick.service.security.HashParamAuthenticationFilter;
+import com.juick.service.security.JuickUserDetailsService;
+import com.juick.service.security.entities.JuickUser;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.web.authentication.RememberMeServices;
+import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;
+import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
+
+import javax.annotation.Resource;
+
+/**
+ * Created by aalexeev on 11/21/16.
+ */
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+    @Value("${auth_remember_me_key:secret}")
+    private String rememberMeKey;
+    @Value("${web_domain:localhost}")
+    private String webDomain;
+    @Resource
+    private UserService userService;
+
+    private final String COOKIE_NAME = "juick-remember-me";
+
+    @Bean("userDetailsService")
+    @Override
+    public UserDetailsService userDetailsServiceBean() throws Exception {
+        return super.userDetailsServiceBean();
+    }
+
+    @Override
+    public UserDetailsService userDetailsService() {
+        return new JuickUserDetailsService(userService);
+    }
+
+    @Bean("authenticationManager")
+    @Override
+    public AuthenticationManager authenticationManagerBean() throws Exception {
+        return super.authenticationManagerBean();
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.addFilterAfter(hashParamAuthenticationFilter(), BasicAuthenticationFilter.class);
+        http
+                .authorizeRequests()
+                .antMatchers("/settings", "/pm/**", "/**/bl", "/_twitter", "/post", "/post2", "/comment")
+                .authenticated()
+                .anyRequest().permitAll()
+                .and()
+                .anonymous().principal(JuickUser.ANONYMOUS_USER).authorities(JuickUser.ANONYMOUS_AUTHORITY)
+                .and()
+                .sessionManagement().invalidSessionUrl("/")
+                .and()
+                .logout()
+                .invalidateHttpSession(true)
+                .logoutUrl("/logout")
+                .logoutSuccessUrl("/login?logout")
+                .deleteCookies("hash", COOKIE_NAME)
+                .and()
+                .formLogin()
+                .loginPage("/login")
+                .permitAll()
+                .defaultSuccessUrl("/")
+                .loginProcessingUrl("/login")
+                .usernameParameter("username")
+                .passwordParameter("password")
+                .failureUrl("/login?error=1")
+                .and()
+                .rememberMe()
+                .rememberMeCookieDomain(webDomain).key(rememberMeKey)
+                .rememberMeServices(rememberMeServices())
+                .and()
+                .csrf().disable()
+                .authenticationProvider(authenticationProvider())
+                .headers().defaultsDisabled().cacheControl();
+    }
+
+    @Bean
+    public DaoAuthenticationProvider authenticationProvider() throws Exception {
+        DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
+
+        authenticationProvider.setUserDetailsService(userDetailsService());
+
+        return authenticationProvider;
+    }
+
+    @Bean
+    public HashParamAuthenticationFilter hashParamAuthenticationFilter() throws Exception {
+        return new HashParamAuthenticationFilter(userService, rememberMeServices());
+    }
+
+    @Bean
+    public RememberMeServices rememberMeServices() throws Exception {
+        TokenBasedRememberMeServices services = new TokenBasedRememberMeServices(
+                rememberMeKey, userDetailsService());
+
+        services.setCookieName(COOKIE_NAME);
+        services.setCookieDomain(webDomain);
+        services.setAlwaysRemember(true);
+        services.setTokenValiditySeconds(6 * 30 * 24 * 3600);
+        services.setUseSecureCookie(false); // TODO set true if https is supports
+
+        return services;
+    }
+
+    @Override
+    public void configure(WebSecurity web) throws Exception {
+        web.debug(false);
+        web.ignoring().antMatchers("/style.css*", "/scripts.js*");
+    }
+}
diff --git a/juick-www/src/main/java/com/juick/www/configuration/WwwAppConfiguration.java b/juick-www/src/main/java/com/juick/www/configuration/WwwAppConfiguration.java
new file mode 100644
index 00000000..13a394cb
--- /dev/null
+++ b/juick-www/src/main/java/com/juick/www/configuration/WwwAppConfiguration.java
@@ -0,0 +1,123 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.www.configuration;
+
+import com.juick.server.configuration.BaseWebConfiguration;
+import com.juick.server.configuration.StorageConfiguration;
+import com.juick.service.CloudflareCache;
+import com.juick.service.TagService;
+import com.juick.service.UserService;
+import com.juick.www.HelpService;
+import com.mitchellbosecke.pebble.PebbleEngine;
+import com.mitchellbosecke.pebble.extension.FormatterExtension;
+import com.mitchellbosecke.pebble.loader.ClasspathLoader;
+import com.mitchellbosecke.pebble.loader.Loader;
+import com.mitchellbosecke.pebble.spring4.PebbleViewResolver;
+import com.mitchellbosecke.pebble.spring4.extension.SpringExtension;
+import org.apache.commons.codec.CharEncoding;
+import org.commonmark.ext.autolink.AutolinkExtension;
+import org.commonmark.node.Link;
+import org.commonmark.parser.Parser;
+import org.commonmark.renderer.html.HtmlRenderer;
+import org.springframework.cache.annotation.EnableCaching;
+import org.springframework.cache.caffeine.CaffeineCacheManager;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import org.springframework.web.servlet.ViewResolver;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+import javax.inject.Inject;
+import java.util.Collections;
+
+/**
+ * Created by aalexeev on 11/22/16.
+ */
+@Configuration
+@EnableCaching
+@Import({ BaseWebConfiguration.class, WebSecurityConfig.class, SapeConfiguration.class,
+        StorageConfiguration.class, XMPPConfiguration.class})
+public class WwwAppConfiguration implements WebMvcConfigurer {
+    @Inject
+    private UserService userService;
+    @Inject
+    private TagService tagService;
+    @Bean
+    public CaffeineCacheManager cacheManager() {
+        return new CaffeineCacheManager("help");
+    }
+
+    @Bean
+    public HelpService helpService() {
+        return new HelpService("help");
+    }
+
+    @Bean
+    public Parser cmParser() {
+        return Parser.builder().extensions(Collections.singletonList(AutolinkExtension.create())).build();
+    }
+    @Bean
+    public HtmlRenderer helpRenderer() {
+        return HtmlRenderer.builder()
+                .attributeProviderFactory(context -> (node, tagName, attributes) -> {
+                    if (node instanceof Link) {
+                        Link link = (Link) node;
+                        if (link.getDestination().startsWith("/")) {
+                            String destination = "/" + helpService().getHelpPath() + link.getDestination();
+                            link.setDestination(destination);
+                            attributes.put("href", destination);
+                        }
+                    }
+                })
+                .build();
+    }
+    @Bean
+    public CloudflareCache cloudflareCache() {
+        return new CloudflareCache();
+    }
+    @Bean
+    public Loader templateLoader() {
+        return new ClasspathLoader();
+    }
+
+    @Bean
+    public SpringExtension springExtension() {
+        return new SpringExtension();
+    }
+
+    @Bean
+    public PebbleEngine pebbleEngine() {
+        return new PebbleEngine.Builder()
+                .loader(this.templateLoader())
+                .extension(springExtension())
+                .extension(new FormatterExtension())
+                .strictVariables(true)
+                .build();
+    }
+
+    @Bean
+    public ViewResolver viewResolver() {
+        PebbleViewResolver viewResolver = new PebbleViewResolver();
+        viewResolver.setPrefix("templates");
+        viewResolver.setSuffix(".html");
+        viewResolver.setPebbleEngine(pebbleEngine());
+        viewResolver.setCharacterEncoding(CharEncoding.UTF_8);
+        return viewResolver;
+    }
+
+}
diff --git a/juick-www/src/main/java/com/juick/www/configuration/XMPPConfiguration.java b/juick-www/src/main/java/com/juick/www/configuration/XMPPConfiguration.java
new file mode 100644
index 00000000..1396f9f9
--- /dev/null
+++ b/juick-www/src/main/java/com/juick/www/configuration/XMPPConfiguration.java
@@ -0,0 +1,43 @@
+package com.juick.www.configuration;
+
+import com.juick.Message;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import rocks.xmpp.core.XmppException;
+import rocks.xmpp.core.session.Extension;
+import rocks.xmpp.core.session.XmppSessionConfiguration;
+import rocks.xmpp.core.session.debug.LogbackDebugger;
+import rocks.xmpp.extensions.component.accept.ExternalComponent;
+
+@Configuration
+public class XMPPConfiguration {
+    private static Logger logger = LoggerFactory.getLogger(XMPPConfiguration.class);
+    @Value("${xmpp_host:localhost}")
+    private String xmppHost;
+    @Value("${xmpp_password:secret}")
+    private String xmppPassword;
+    @Value("${www_xmpp_jid:www.juick.local}")
+    private String xmppJid;
+    @Value("${xmpp_port:5347}")
+    private int xmppPort;
+    @Value("${xmpp_disabled:false}")
+    private boolean isXmppDisabled;
+    @Bean
+    public ExternalComponent xmpp() {
+        XmppSessionConfiguration configuration = XmppSessionConfiguration.builder()
+                .extensions(Extension.of(Message.class))
+                .debugger(LogbackDebugger.class)
+                .build();
+        ExternalComponent xmpp = ExternalComponent.create(xmppJid, xmppPassword, configuration, xmppHost, xmppPort);
+        xmpp.addConnectionListener(e -> logger.error(e.toString(), e.getCause()));
+        if (!isXmppDisabled) try {
+            xmpp.connect();
+        } catch (XmppException e) {
+            logger.error("xmpp extension", e);
+        }
+        return xmpp;
+    }
+}
diff --git a/juick-www/src/main/java/com/juick/www/controllers/Messages.java b/juick-www/src/main/java/com/juick/www/controllers/MessagesWWW.java
index 65e122a6..e6662c4e 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/Messages.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/MessagesWWW.java
@@ -52,7 +52,7 @@ import java.util.stream.Collectors;
  * @author Ugnich Anton
  */
 @Controller
-public class Messages {
+public class MessagesWWW {
     @Inject
     private UserService userService;
     @Inject
diff --git a/juick-www/src/main/java/com/juick/www/controllers/NewMessage.java b/juick-www/src/main/java/com/juick/www/controllers/NewMessage.java
index f8a11d82..6e16ae50 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/NewMessage.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/NewMessage.java
@@ -16,13 +16,10 @@
  */
 package com.juick.www.controllers;
 
-import com.juick.Status;
-import com.juick.Tag;
 import com.juick.User;
 import com.juick.server.helpers.AnonymousUser;
 import com.juick.server.util.*;
 import com.juick.service.*;
-import com.juick.util.MessageUtils;
 import com.juick.www.WebApp;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.text.StringEscapeUtils;
@@ -34,7 +31,6 @@ import org.springframework.ui.ModelMap;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.multipart.MultipartFile;
 import rocks.xmpp.addr.Jid;
 import rocks.xmpp.core.stanza.model.Message;
@@ -47,7 +43,6 @@ import java.io.IOException;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.net.URL;
-import java.util.List;
 import java.util.stream.Collectors;
 
 /**
@@ -76,6 +71,8 @@ public class NewMessage {
     private String imgDir;
     @Value("${upload_tmp_dir:#{systemEnvironment['TEMP'] ?: '/tmp'}}")
     private String tmpDir;
+    @Value("${xmppbot_jid:juick@localhost}")
+    private Jid botJid;
 
     private static final Logger logger = LoggerFactory.getLogger(NewMessage.class);
 
@@ -247,11 +244,11 @@ public class NewMessage {
         if (visitor.getUid() == 0 || visitor.isBanned()) {
             throw new HttpForbiddenException();
         }
-        String body = bodyParam.replace("\r", StringUtils.EMPTY);
+        String body = StringUtils.isNotEmpty(bodyParam) ? bodyParam.replace("\r", StringUtils.EMPTY) : StringUtils.EMPTY;
 
         String attachmentFName = HttpUtils.receiveMultiPartFile(attach, tmpDir);
 
-        if (StringUtils.isBlank(attachmentFName) && img != null && img.length() > 10) {
+        if (StringUtils.isBlank(attachmentFName) && StringUtils.isNotBlank(img)) {
             try {
                 URL imgUrl = new URL(img);
                 attachmentFName = HttpUtils.downloadImage(imgUrl, tmpDir);
@@ -263,7 +260,7 @@ public class NewMessage {
         Message msg = new Message();
         msg.setType(Message.Type.CHAT);
         msg.setFrom(Jid.of(String.valueOf(visitor.getUid()), "uid.juick.com", "perl"));
-        msg.setTo(Jid.of("juick@juick.com/Juick"));
+        msg.setTo(botJid);
         msg.setBody(body);
         try {
             if (StringUtils.isNotEmpty(attachmentFName)) {