hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
codeql-cli-2.23.3
codeql/java/ql/test/query-tests/security/CWE-522/InsecureBasicAuth/InsecureBasicAuthTest.java
Nora Dimitrijević bf1a699982 Java: convert CWE-522 tests to .qlref
2025-06-24 16:42:17 +02:00

254 lines
10 KiB
Java
Raw Permalink Blame History

import org.apache.http.RequestLine;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.message.BasicHttpRequest;
import org.apache.http.message.BasicRequestLine;
import java.net.URI;
import java.net.URL;
import java.net.HttpURLConnection;
import java.net.URLConnection;
import java.util.Base64;
import javax.net.ssl.HttpsURLConnection;
public class InsecureBasicAuthTest {
/**
* Test basic authentication with Apache HTTP POST request using string constructor.
*/
public void testApacheHttpRequest(String username, String password) {
String host = "www.example.com";
String authString = username + ":" + password;
byte[] authEncBytes = Base64.getEncoder().encode(authString.getBytes());
String authStringEnc = new String(authEncBytes);
{
HttpRequestBase post = new HttpPost("http://" + host + "/rest/getuser.do?uid=abcdx"); // $ Source
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
post.addHeader("Authorization", "Basic " + authStringEnc); // $ Alert
}
{
HttpRequestBase post = new HttpPost("https://" + host + "/rest/getuser.do?uid=abcdx");
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
post.addHeader("Authorization", "Basic " + authStringEnc); // Safe
}
}
/**
* Test basic authentication with Apache HTTP GET request.
*/
public void testApacheHttpRequest2(String url) throws java.io.IOException {
{
String urlStr = "http://www.example.com:8000/payment/retrieve"; // $ Source
HttpGet get = new HttpGet(urlStr);
get.setHeader("Accept", "application/json");
get.setHeader("Authorization", // $ Alert
"Basic " + new String(Base64.getEncoder().encode("admin:test".getBytes())));
}
{
String urlStr = "https://www.example.com:8000/payment/retrieve";
HttpGet get = new HttpGet(urlStr);
get.setHeader("Accept", "application/json");
get.setHeader("Authorization", // Safe
"Basic " + new String(Base64.getEncoder().encode("admin:test".getBytes())));
}
}
/**
* Test basic authentication with Apache HTTP POST request using URI create method.
*/
public void testApacheHttpRequest3(String username, String password) {
String authString = username + ":" + password;
byte[] authEncBytes = Base64.getEncoder().encode(authString.getBytes());
String authStringEnc = new String(authEncBytes);
{
String uriStr = "http://www.example.com/rest/getuser.do?uid=abcdx"; // $ Source
HttpRequestBase post = new HttpPost(URI.create(uriStr));
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
post.addHeader("Authorization", "Basic " + authStringEnc); // $ Alert
}
{
String uriStr = "https://www.example.com/rest/getuser.do?uid=abcdx";
HttpRequestBase post = new HttpPost(URI.create(uriStr));
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
post.addHeader("Authorization", "Basic " + authStringEnc); // Safe
}
}
/**
* Test basic authentication with Apache HTTP POST request using the URI constructor with one
* argument.
*/
public void testApacheHttpRequest4(String username, String password) throws Exception {
String authString = username + ":" + password;
byte[] authEncBytes = Base64.getEncoder().encode(authString.getBytes());
String authStringEnc = new String(authEncBytes);
{
String uriStr = "http://www.example.com/rest/getuser.do?uid=abcdx"; // $ Source
URI uri = new URI(uriStr);
HttpRequestBase post = new HttpPost(uri);
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
post.addHeader("Authorization", "Basic " + authStringEnc); // $ Alert
}
{
String uriStr = "https://www.example.com/rest/getuser.do?uid=abcdx";
URI uri = new URI(uriStr);
HttpRequestBase post = new HttpPost(uri);
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
post.addHeader("Authorization", "Basic " + authStringEnc); // Safe
}
}
/**
* Test basic authentication with Apache HTTP POST request using a URI constructor with multiple
* arguments.
*/
public void testApacheHttpRequest5(String username, String password) throws Exception {
String authString = username + ":" + password;
byte[] authEncBytes = Base64.getEncoder().encode(authString.getBytes());
String authStringEnc = new String(authEncBytes);
{
HttpRequestBase post =
new HttpPost(new URI("http", "www.example.com", "/test", "abc=123", null)); // $ Source
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
post.addHeader("Authorization", "Basic " + authStringEnc); // $ Alert
}
{
HttpRequestBase post =
new HttpPost(new URI("https", "www.example.com", "/test", "abc=123", null));
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
post.addHeader("Authorization", "Basic " + authStringEnc); // Safe
}
}
/**
* Test basic authentication with Apache HTTP `BasicHttpRequest` using string constructor.
*/
public void testApacheHttpRequest6(String username, String password) {
String authString = username + ":" + password;
byte[] authEncBytes = Base64.getEncoder().encode(authString.getBytes());
String authStringEnc = new String(authEncBytes);
{
String uriStr = "http://www.example.com/rest/getuser.do?uid=abcdx"; // $ Source
BasicHttpRequest post = new BasicHttpRequest("POST", uriStr);
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
post.addHeader("Authorization", "Basic " + authStringEnc); // $ Alert
}
{
String uriStr = "https://www.example.com/rest/getuser.do?uid=abcdx";
BasicHttpRequest post = new BasicHttpRequest("POST", uriStr);
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
post.addHeader("Authorization", "Basic " + authStringEnc); // Safe
}
}
/**
* Test basic authentication with Apache HTTP `BasicHttpRequest` using `RequestLine`.
*/
public void testApacheHttpRequest7(String username, String password) {
String authString = username + ":" + password;
byte[] authEncBytes = Base64.getEncoder().encode(authString.getBytes());
String authStringEnc = new String(authEncBytes);
{
String uriStr = "http://www.example.com/rest/getuser.do?uid=abcdx"; // $ Source
RequestLine requestLine = new BasicRequestLine("POST", uriStr, null);
BasicHttpRequest post = new BasicHttpRequest(requestLine);
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
post.addHeader("Authorization", "Basic " + authStringEnc); // $ Alert
}
{
String uriStr = "https://www.example.com/rest/getuser.do?uid=abcdx";
RequestLine requestLine = new BasicRequestLine("POST", uriStr, null);
BasicHttpRequest post = new BasicHttpRequest(requestLine);
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
post.addHeader("Authorization", "Basic " + authStringEnc); // Safe
}
}
/**
* Test basic authentication with Java HTTP URL connection using the `URL(String spec)`
* constructor.
*/
public void testHttpUrlConnection(String username, String password) throws Exception {
String authString = username + ":" + password;
String encoding = Base64.getEncoder().encodeToString(authString.getBytes("UTF-8"));
{
String urlStr = "http://www.example.com/rest/getuser.do?uid=abcdx"; // $ Source
URL url = new URL(urlStr);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setDoOutput(true);
conn.setRequestProperty("Authorization", "Basic " + encoding); // $ Alert
}
{
String urlStr = "https://www.example.com/rest/getuser.do?uid=abcdx";
URL url = new URL(urlStr);
HttpURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setDoOutput(true);
conn.setRequestProperty("Authorization", "Basic " + encoding); // Safe
}
}
/**
* Test basic authentication with Java HTTP URL connection using the `URL(String protocol,
* String host, String file)` constructor.
*/
public void testHttpUrlConnection2(String username, String password) throws Exception {
String authString = username + ":" + password;
String encoding = Base64.getEncoder().encodeToString(authString.getBytes("UTF-8"));
String host = "www.example.com";
String path = "/rest/getuser.do?uid=abcdx";
{
String protocol = "http"; // $ Source
URL url = new URL(protocol, host, path);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setDoOutput(true);
conn.setRequestProperty("Authorization", "Basic " + encoding); // $ Alert
}
{
String protocol = "https";
URL url = new URL(protocol, host, path);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setDoOutput(true);
conn.setRequestProperty("Authorization", "Basic " + encoding); // Safe
}
}
/**
* Test basic authentication with Java HTTP URL connection using a constructor with private URL.
*/
public void testHttpUrlConnection3(String username, String password) throws Exception {
String host = "LOCALHOST";
String authString = username + ":" + password;
String encoding = Base64.getEncoder().encodeToString(authString.getBytes("UTF-8"));
{
HttpURLConnection conn = (HttpURLConnection) new URL(
"http://" + (((host + "/rest/getuser.do") + "?uid=abcdx"))).openConnection();
conn.setRequestMethod("POST");
conn.setDoOutput(true);
conn.setRequestProperty("Authorization", "Basic " + encoding); // Safe
}
{
HttpURLConnection conn = (HttpURLConnection) new URL(
"https://" + (((host + "/rest/getuser.do") + "?uid=abcdx"))).openConnection();
conn.setRequestMethod("POST");
conn.setDoOutput(true);
conn.setRequestProperty("Authorization", "Basic " + encoding); // Safe
}
}
}
Reference in New Issue View Git Blame Copy Permalink