diff --git a/OCPP-J/build.gradle b/OCPP-J/build.gradle index 90a522759..c2fcadd21 100644 --- a/OCPP-J/build.gradle +++ b/OCPP-J/build.gradle @@ -4,7 +4,7 @@ dependencies { compile project(':common') - compile 'com.google.code.gson:gson:2.8.0' + compile 'com.google.code.gson:gson:2.8.9' compile 'org.java-websocket:Java-WebSocket:1.5.3' testCompile 'junit:junit:4.13.2' testCompile 'org.mockito:mockito-core:4.11.0' diff --git a/OCPP-J/src/main/java/eu/chargetime/ocpp/JSONConfiguration.java b/OCPP-J/src/main/java/eu/chargetime/ocpp/JSONConfiguration.java index 782550433..acee0395c 100644 --- a/OCPP-J/src/main/java/eu/chargetime/ocpp/JSONConfiguration.java +++ b/OCPP-J/src/main/java/eu/chargetime/ocpp/JSONConfiguration.java @@ -49,8 +49,10 @@ public class JSONConfiguration { private JSONConfiguration() {} + private static final JSONConfiguration instance = new JSONConfiguration(); + public static JSONConfiguration get() { - return new JSONConfiguration(); + return instance; } public JSONConfiguration setParameter(String name, T value) { diff --git a/OCPP-J/src/main/java/eu/chargetime/ocpp/WebSocketListener.java b/OCPP-J/src/main/java/eu/chargetime/ocpp/WebSocketListener.java index 5eb06e667..9f026cbbd 100644 --- a/OCPP-J/src/main/java/eu/chargetime/ocpp/WebSocketListener.java +++ b/OCPP-J/src/main/java/eu/chargetime/ocpp/WebSocketListener.java @@ -51,7 +51,7 @@ public class WebSocketListener implements Listener { private static final int TIMEOUT_IN_MILLIS = 10000; private static final int OCPPJ_CP_MIN_PASSWORD_LENGTH = 16; - private static final int OCPPJ_CP_MAX_PASSWORD_LENGTH = 20; + private static final int OCPPJ_CP_MAX_PASSWORD_LENGTH = 40; private static final String HTTP_HEADER_PROXIED_ADDRESS = "X-Forwarded-For"; @@ -146,7 +146,7 @@ public ServerHandshakeBuilder onWebsocketHandshakeReceivedAsServer( .build(); String username = null; - byte[] password = null; + String password = null; if (clientHandshake.hasFieldValue("Authorization")) { String authorization = clientHandshake.getFieldValue("Authorization"); if (authorization != null && authorization.toLowerCase().startsWith("basic")) { @@ -159,15 +159,15 @@ public ServerHandshakeBuilder onWebsocketHandshakeReceivedAsServer( username = new String(Arrays.copyOfRange(credDecoded, 0, i), StandardCharsets.UTF_8); if (i + 1 < credDecoded.length) { - password = Arrays.copyOfRange(credDecoded, i + 1, credDecoded.length); + password = new String(Arrays.copyOfRange(credDecoded, i + 1, credDecoded.length)); } break; } } } if (password == null - || password.length < configuration.getParameter(JSONConfiguration.OCPPJ_CP_MIN_PASSWORD_LENGTH, OCPPJ_CP_MIN_PASSWORD_LENGTH) - || password.length > configuration.getParameter(JSONConfiguration.OCPPJ_CP_MAX_PASSWORD_LENGTH, OCPPJ_CP_MAX_PASSWORD_LENGTH)) + || password.length() < configuration.getParameter(JSONConfiguration.OCPPJ_CP_MIN_PASSWORD_LENGTH, OCPPJ_CP_MIN_PASSWORD_LENGTH) + || password.length() > configuration.getParameter(JSONConfiguration.OCPPJ_CP_MAX_PASSWORD_LENGTH, OCPPJ_CP_MAX_PASSWORD_LENGTH)) throw new InvalidDataException(401, "Invalid password length"); } diff --git a/ocpp-common/src/main/java/eu/chargetime/ocpp/ListenerEvents.java b/ocpp-common/src/main/java/eu/chargetime/ocpp/ListenerEvents.java index 3e8be78d0..a40da3fab 100644 --- a/ocpp-common/src/main/java/eu/chargetime/ocpp/ListenerEvents.java +++ b/ocpp-common/src/main/java/eu/chargetime/ocpp/ListenerEvents.java @@ -28,7 +28,7 @@ of this software and associated documentation files (the "Software"), to deal import eu.chargetime.ocpp.model.SessionInformation; public interface ListenerEvents { - void authenticateSession(SessionInformation information, String username, byte[] password) + void authenticateSession(SessionInformation information, String username, String password) throws AuthenticationException; void newSession(ISession session, SessionInformation information); diff --git a/ocpp-common/src/main/java/eu/chargetime/ocpp/Server.java b/ocpp-common/src/main/java/eu/chargetime/ocpp/Server.java index d62abe934..d80171161 100644 --- a/ocpp-common/src/main/java/eu/chargetime/ocpp/Server.java +++ b/ocpp-common/src/main/java/eu/chargetime/ocpp/Server.java @@ -81,7 +81,7 @@ public void open(String hostname, int port, ServerEvents serverEvents) { @Override public void authenticateSession( - SessionInformation information, String username, byte[] password) + SessionInformation information, String username, String password) throws AuthenticationException { serverEvents.authenticateSession(information, username, password); } diff --git a/ocpp-common/src/main/java/eu/chargetime/ocpp/ServerEvents.java b/ocpp-common/src/main/java/eu/chargetime/ocpp/ServerEvents.java index 2e66f0f30..593778d7d 100644 --- a/ocpp-common/src/main/java/eu/chargetime/ocpp/ServerEvents.java +++ b/ocpp-common/src/main/java/eu/chargetime/ocpp/ServerEvents.java @@ -29,7 +29,7 @@ of this software and associated documentation files (the "Software"), to deal import java.util.UUID; public interface ServerEvents { - void authenticateSession(SessionInformation information, String username, byte[] password) throws AuthenticationException; + void authenticateSession(SessionInformation information, String username, String password) throws AuthenticationException; void newSession(UUID sessionIndex, SessionInformation information); diff --git a/ocpp-v1_6-test/src/main/java/eu/chargetime/ocpp/test/DummyHandlers.java b/ocpp-v1_6-test/src/main/java/eu/chargetime/ocpp/test/DummyHandlers.java index 0ec7e8509..7db86d059 100644 --- a/ocpp-v1_6-test/src/main/java/eu/chargetime/ocpp/test/DummyHandlers.java +++ b/ocpp-v1_6-test/src/main/java/eu/chargetime/ocpp/test/DummyHandlers.java @@ -203,7 +203,7 @@ public ServerEvents generateServerEventsHandler() { return new ServerEvents() { @Override public void authenticateSession( - SessionInformation information, String username, byte[] password) throws AuthenticationException {} + SessionInformation information, String username, String password) throws AuthenticationException {} @Override public void newSession(UUID sessionIndex, SessionInformation information) { diff --git a/ocpp-v2/src/main/java/eu/chargetime/ocpp/MultiProtocolWebSocketListener.java b/ocpp-v2/src/main/java/eu/chargetime/ocpp/MultiProtocolWebSocketListener.java index 47c37fe45..0b0762f1e 100644 --- a/ocpp-v2/src/main/java/eu/chargetime/ocpp/MultiProtocolWebSocketListener.java +++ b/ocpp-v2/src/main/java/eu/chargetime/ocpp/MultiProtocolWebSocketListener.java @@ -165,7 +165,7 @@ public ServerHandshakeBuilder onWebsocketHandshakeReceivedAsServer( .build(); String username = null; - byte[] password = null; + String password = null; if (clientHandshake.hasFieldValue("Authorization")) { String authorization = clientHandshake.getFieldValue("Authorization"); if (authorization != null && authorization.toLowerCase().startsWith("basic")) { @@ -178,7 +178,7 @@ public ServerHandshakeBuilder onWebsocketHandshakeReceivedAsServer( username = new String(Arrays.copyOfRange(credDecoded, 0, i), StandardCharsets.UTF_8); if (i + 1 < credDecoded.length) { - password = Arrays.copyOfRange(credDecoded, i + 1, credDecoded.length); + password = new String(Arrays.copyOfRange(credDecoded, i + 1, credDecoded.length)); } break; } @@ -186,13 +186,13 @@ public ServerHandshakeBuilder onWebsocketHandshakeReceivedAsServer( } if (protocolVersion == null || protocolVersion == ProtocolVersion.OCPP1_6) { if (password == null - || password.length < configuration.getParameter(JSONConfiguration.OCPPJ_CP_MIN_PASSWORD_LENGTH, OCPPJ_CP_MIN_PASSWORD_LENGTH) - || password.length > configuration.getParameter(JSONConfiguration.OCPPJ_CP_MAX_PASSWORD_LENGTH, OCPPJ_CP_MAX_PASSWORD_LENGTH)) + || password.length() < configuration.getParameter(JSONConfiguration.OCPPJ_CP_MIN_PASSWORD_LENGTH, OCPPJ_CP_MIN_PASSWORD_LENGTH) + || password.length() > configuration.getParameter(JSONConfiguration.OCPPJ_CP_MAX_PASSWORD_LENGTH, OCPPJ_CP_MAX_PASSWORD_LENGTH)) throw new InvalidDataException(401, "Invalid password length"); } else { if (password == null - || password.length < configuration.getParameter(JSONConfiguration.OCPP2J_CP_MIN_PASSWORD_LENGTH, OCPP2J_CP_MIN_PASSWORD_LENGTH) - || password.length > configuration.getParameter(JSONConfiguration.OCPP2J_CP_MAX_PASSWORD_LENGTH, OCPP2J_CP_MAX_PASSWORD_LENGTH)) + || password.length() < configuration.getParameter(JSONConfiguration.OCPP2J_CP_MIN_PASSWORD_LENGTH, OCPP2J_CP_MIN_PASSWORD_LENGTH) + || password.length() > configuration.getParameter(JSONConfiguration.OCPP2J_CP_MAX_PASSWORD_LENGTH, OCPP2J_CP_MAX_PASSWORD_LENGTH)) throw new InvalidDataException(401, "Invalid password length"); } } diff --git a/ocpp-v2_0-test/src/main/java/eu/chargetime/ocpp/test/FakeCentralSystem.java b/ocpp-v2_0-test/src/main/java/eu/chargetime/ocpp/test/FakeCentralSystem.java index 25cae3629..fdcac5805 100644 --- a/ocpp-v2_0-test/src/main/java/eu/chargetime/ocpp/test/FakeCentralSystem.java +++ b/ocpp-v2_0-test/src/main/java/eu/chargetime/ocpp/test/FakeCentralSystem.java @@ -74,7 +74,7 @@ public void started() throws Exception { new ServerEvents() { @Override public void authenticateSession( - SessionInformation information, String username, byte[] password) throws AuthenticationException {} + SessionInformation information, String username, String password) throws AuthenticationException {} @Override public void newSession(UUID sessionIndex, SessionInformation information) {