Changeset 7411

Timestamp:

Oct 10, 2017, 9:48:11 AM (5 years ago)

Author:

Nicklas Nordborg

Message:

References #2097: Implement support for device verification

Added a "User-Agent" analyzer library (​https://github.com/nielsbasjes/yauaa). It is used to automatically generate the name of new devices. For example: Firefox 55 on Windows 10.0 (Desktop)

Added UserDeviceData.lastRemoteId property to store the ip address of the device the last time it was used.

Location:

trunk

Files:

• .classpath (modified) (1 diff)
• doc/3rd-party-components.txt (modified) (1 diff)
• lib/dist/commons-collections4-4.1.jar (added)
• lib/dist/commons-lang3-3.6.jar (added)
• lib/dist/snakeyaml-1.18.jar (added)
• lib/dist/yauaa-2.2.jar (added)
• lib/dist/yauaa-LICENSE.txt (added)
• src/core/net/sf/basedb/core/SessionControl.java (modified) (4 diffs)
• src/core/net/sf/basedb/core/UserDevice.java (modified) (1 diff)
• src/core/net/sf/basedb/core/data/UserDeviceData.java (modified) (1 diff)
• src/core/net/sf/basedb/util/HttpUtil.java (modified) (3 diffs)
• www/views/devices/devices.js (modified) (2 diffs)
• www/views/devices/edit_device.jsp (modified) (3 diffs)
• www/views/devices/index.jsp (modified) (1 diff)
• www/views/devices/list_devices.jsp (modified) (2 diffs)
• www/views/devices/view_device.jsp (modified) (3 diffs)

trunk/.classpath

@@ -32 +32 @@
   <classpathentry kind="lib" path="lib/dist/hibernate-jpa-2.1-api-1.0.0.Final.jar"/>
   <classpathentry kind="lib" path="lib/dist/parallelgzip-1.0.5.jar"/>
+  <classpathentry kind="lib" path="lib/dist/yauaa-2.2.jar"/>
   <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8"/>
   <classpathentry kind="output" path="xbin"/>

trunk/doc/3rd-party-components.txt

@@ -348 +348 @@
 License   : javasysmon-LICENSE.txt
 Files     : javasysmon-0.3.5.jar
+
+Yauaa: Yet Another UserAgent Analyzer
+-------------------------------------
+A library for extracting information from the User-Agent header sent
+by browsers.
+
+More info : https://github.com/nielsbasjes/yauaa
+Version   : 2.2
+License   : Apache License, Version 2.0 (yauaa-LICENSE.txt)
+Files     : yauaa-2.2.jar, snakeyaml-1.18.jar, commons-collections4-4.1.jar
+            commons-lang3-3.6.jar
+

trunk/src/core/net/sf/basedb/core/SessionControl.java

@@ -45 +45 @@
 import net.sf.basedb.util.EmailUtil;
 import net.sf.basedb.util.Enumeration;
+import net.sf.basedb.util.HttpUtil;
 import net.sf.basedb.util.MD5;
 import net.sf.basedb.util.extensions.ExtensionsInvoker;
@@ -793 +794 @@
     String deviceToken = loginRequest.getDeviceToken();
     String userAgent = loginRequest.getAttribute("user-agent");
+    String userAgentSummary = userAgent == null ? null : HttpUtil.getSummaryOfUserAgent(userAgent);
     UserDeviceData device = null;
     
@@ -815 +817 @@
         // This device is already verified
         // We update the user agent string since it may be different due to version upgrade
-        if (userAgent != null) device.setUserAgent(userAgent);
+        String oldUserAgent = device.getUserAgent();
+        if (userAgent != null && !userAgent.equals(oldUserAgent)) 
+        {
+          device.setUserAgent(userAgent);
+          // If the current name was auto-generated from the old "User-Agent" we update the name as well!
+          if (device.getName().equals(HttpUtil.getSummaryOfUserAgent(oldUserAgent)))
+          {
+            device.setName(userAgentSummary);
+          }
+        }
         // And the lastUsed date
-        device.setLastUsed(new Date());         
+        device.setLastUsed(new Date());
+        device.setLastRemoteId(getRemoteId());
       }
     }
@@ -843 +855 @@
       Date now = new Date();
       device = new UserDeviceData();
-      device.setName("New device");
+      device.setName(userAgentSummary == null ? "New device" : userAgentSummary);
       device.setUser(user);
       device.setClient(client);
       device.setEntryDate(now);
       device.setLastUsed(now);
+      device.setLastRemoteId(getRemoteId());
       device.setToken(deviceToken);
       device.setUserAgent(userAgent);

trunk/src/core/net/sf/basedb/core/UserDevice.java

@@ -224 +224 @@
     return getData().getUserAgent();
   }
-
-
+  
+  /**
+    Get the remote ID of the host the user used for this device the last time.
+    Typically it is the IP-address of the user's computer.
+    @return A <code>String</code> object with remote ID
+  */
+  public String getLastRemoteId()
+  {
+    return getData().getLastRemoteId();
+  }
+  
 }
 

trunk/src/core/net/sf/basedb/core/data/UserDeviceData.java

@@ -170 +170 @@
   }
 
+  /**
+    The maximum length of the remote ID that can be stored in the database.
+    @see #setRemoteId(String)
+  */
+  public static final int MAX_REMOTE_ID_LENGTH = 255;
+  private String remoteId;
+  /**
+    Get the remote id (=ip address) of the last login from this device.
+    @hibernate.property column="`lastremote_id`" type="string" length="255" not-null="false"
+  */
+  public String getLastRemoteId()
+  {
+    return remoteId;
+  }
+  public void setLastRemoteId(String remoteId)
+  {
+    this.remoteId = remoteId;
+  }
+
+  
   private Set<SessionData> sessions;
   /**

trunk/src/core/net/sf/basedb/util/HttpUtil.java

@@ -33 +33 @@
 import org.apache.http.impl.client.CloseableHttpClient;
 
+import nl.basjes.parse.useragent.UserAgent;
+import nl.basjes.parse.useragent.UserAgentAnalyzer;
+
 /**
   Useful methods related to HTTP stuff in general and
@@ -46 +49 @@
   private static final SimpleDateFormat HTTP_DATE_FORMAT = new SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss z", Locale.ENGLISH);
 
+  private static UserAgentAnalyzer userAgentAnalyzer;
+  
   /**
     Get the content length from the headers in the response.
@@ -131 +136 @@
   }
   
+  /**
+    Parse the User-Agent string from a HTTP request and return
+    information about what it actually means.
+    @see https://github.com/nielsbasjes/yauaa
+    @since 3.12
+  */
+  public static synchronized UserAgent analyzeUserAgent(String userAgent)
+  {
+    if (userAgentAnalyzer == null)
+    {
+      userAgentAnalyzer = UserAgentAnalyzer.newBuilder().build();
+    }
+    return userAgentAnalyzer.parse(userAgent);
+  }
+  
+  /**
+    Get a summary of the user agent:
+    
+    * Browser with major version
+    * Operating system with version
+    * Typy of device (eg. desktop, phone, etc.)
+    
+    @since 3.12
+  */
+  public static String getSummaryOfUserAgent(String userAgent)
+  {
+    UserAgent ua = analyzeUserAgent(userAgent);
+    return ua == null ? null : ua.getValue("AgentNameVersionMajor") + 
+        " on " + ua.getValue("OperatingSystemNameVersion") +
+        " (" + ua.getValue("DeviceName") + ")";
+  }
+  
 }

trunk/www/views/devices/devices.js

@@ -38 +38 @@
       Buttons.addClickHandler('close', App.closeWindow);
 
+      Events.addEventHandler('use-user-agent', 'click', devices.copyUserAgentToName);
+      
       // Tab validation
       TabControl.addTabValidator('settings.info', devices.validateDevice);
@@ -75 +77 @@
     return true;
   }
+  
+  devices.copyUserAgentToName = function(event)
+  {
+    var frm = document.forms['device'];
+    frm.name.value = Data.get(event.currentTarget, 'summary') || frm.name.value;
+  }
 
   devices.save = function()

trunk/www/views/devices/edit_device.jsp

@@ -22 +22 @@
   @author Nicklas
 --%>
+<%@page import="net.sf.basedb.util.HttpUtil"%>
 <%@ page pageEncoding="UTF-8" session="false"
   import="net.sf.basedb.core.SessionControl"
@@ -54 +55 @@
 try
 {
-  String title = null;
-  UserDevice device = null;
-
   if (itemId == 0)
   {
     throw new PermissionDeniedException(Permission.CREATE, "device");
   }
-  else
-  {
-    device = UserDevice.getById(dc, itemId);
-    device.checkPermission(Permission.WRITE);
-    cc.setObject("item", device);
-    title = "Edit device -- " + HTML.encodeTags(device.getName());
-  }
+  UserDevice device = UserDevice.getById(dc, itemId);
+  device.checkPermission(Permission.WRITE);
+  cc.setObject("item", device);
+  String title = "Edit device -- " + HTML.encodeTags(device.getName());
+  String summary = HTML.encodeTags(HttpUtil.getSummaryOfUserAgent(device.getUserAgent()));
   JspContext jspContext = ExtensionsControl.createContext(dc, pageContext, GuiContext.item(itemType), device);
   ExtensionsInvoker invoker = EditUtil.useEditExtensions(jspContext);
@@ -93 +89 @@
           value="<%=HTML.encodeTags(device.getName())%>" 
           maxlength="<%=UserDevice.MAX_NAME_LENGTH%>"></td>
+        <td></td>
+      </tr>
+      <tr>
+        <th class="subprompt">User-agent</th>
+        <td>
+          <span title="<%=HTML.encodeTags(device.getUserAgent())%>"><%=summary %></span>
+          [<span id="use-user-agent" class="link" title="Use this as the name" data-summary="<%=summary%>">copy</span>]
+        </td>
         <td></td>
       </tr>

trunk/www/views/devices/index.jsp

@@ -60 +60 @@
 <%@ taglib prefix="base" uri="/WEB-INF/base.tld" %>
 <%!
-  private static final ItemContext defaultContext = Base.createDefaultContext("name", "name,client,lastUsed,description");
+  private static final ItemContext defaultContext = Base.createDefaultContext("name", "name,client,lastUsed,lastRemoteId,description");
   private static final Item itemType = Item.USERDEVICE;
 %>

trunk/www/views/devices/list_devices.jsp

@@ -192 +192 @@
         exportable="true"
         formatter="<%=dateTimeFormatter%>"
+      />
+      <tbl:columndef 
+        id="lastRemoteId"
+        property="lastRemoteId"
+        datatype="string"
+        title="Last remote ID" 
+        sortable="true" 
+        filterable="true" 
+        exportable="true"
       />
       <tbl:columndef 
@@ -393 +402 @@
                 <tbl:cell column="entryDate" value="<%=item.getEntryDate()%>" />
                 <tbl:cell column="lastUsed" value="<%=item.getLastUsed()%>" />
+                <tbl:cell column="lastRemoteId"><%=HTML.encodeTags(item.getLastRemoteId())%></tbl:cell>
                 <tbl:cell column="description"><%=HTML.encodeTags(item.getDescription())%></tbl:cell>
                 <tbl:cell column="permission"><%=PermissionUtil.getShortPermissions(item)%></tbl:cell>

trunk/www/views/devices/view_device.jsp

@@ -35 +35 @@
   import="net.sf.basedb.core.Project"
   import="net.sf.basedb.util.Values"
+  import="net.sf.basedb.util.HttpUtil"
   import="net.sf.basedb.clients.web.Base"
   import="net.sf.basedb.clients.web.PermissionUtil"
@@ -162 +163 @@
       </tr>
       <tr>
+        <th>Last remote ID</th>
+        <td><%=HTML.encodeTags(device.getLastRemoteId())%></td>
+      </tr>
+      <tr>
         <th>User</th>
         <td><base:propertyvalue item="<%=device%>" property="user" /></td>
@@ -171 +176 @@
       <tr>
         <th>User agent</th>
-        <td><%=HTML.niceFormat(device.getUserAgent())%></td>
+        <td><%=HTML.encodeTags(HttpUtil.getSummaryOfUserAgent(device.getUserAgent()))%></td>
+      </tr>
+      <tr>
+        <th>User agent (raw)</th>
+        <td><%=HTML.encodeTags(device.getUserAgent())%></td>
       </tr>
       <tr>