Merge pull request #352 from ubitricity/master

Revert commits breaking API and binary OCPP 1.6 passwords

Author: robert-s-ubi

OCPP-J/src/main/java/eu/chargetime/ocpp/JSONConfiguration.java

@@ -49,10 +49,8 @@ public class JSONConfiguration {
 
   private JSONConfiguration() {}
 
-  private static final JSONConfiguration instance = new JSONConfiguration();
-
   public static JSONConfiguration get() {
-    return instance;
+    return new JSONConfiguration();
   }
 
   public <T> JSONConfiguration setParameter(String name, T value) {

OCPP-J/src/main/java/eu/chargetime/ocpp/WebSocketListener.java

@@ -51,7 +51,7 @@ public class WebSocketListener implements Listener {
   private static final int TIMEOUT_IN_MILLIS = 10000;
 
   private static final int OCPPJ_CP_MIN_PASSWORD_LENGTH = 16;
-  private static final int OCPPJ_CP_MAX_PASSWORD_LENGTH = 40;
+  private static final int OCPPJ_CP_MAX_PASSWORD_LENGTH = 20;
 
   private static final String HTTP_HEADER_PROXIED_ADDRESS = "X-Forwarded-For";
 
@@ -146,7 +146,7 @@ public ServerHandshakeBuilder onWebsocketHandshakeReceivedAsServer(
                     .build();
 
             String username = null;
-            String password = null;
+            byte[] password = null;
             if (clientHandshake.hasFieldValue("Authorization")) {
               String authorization = clientHandshake.getFieldValue("Authorization");
               if (authorization != null && authorization.toLowerCase().startsWith("basic")) {
@@ -159,15 +159,15 @@ public ServerHandshakeBuilder onWebsocketHandshakeReceivedAsServer(
                     username =
                         new String(Arrays.copyOfRange(credDecoded, 0, i), StandardCharsets.UTF_8);
                     if (i + 1 < credDecoded.length) {
-                      password = new String(Arrays.copyOfRange(credDecoded, i + 1, credDecoded.length));
+                      password = Arrays.copyOfRange(credDecoded, i + 1, credDecoded.length);
                     }
                     break;
                   }
                 }
               }
               if (password == null
-                  || password.length() < configuration.getParameter(JSONConfiguration.OCPPJ_CP_MIN_PASSWORD_LENGTH, OCPPJ_CP_MIN_PASSWORD_LENGTH)
-                  || password.length() > configuration.getParameter(JSONConfiguration.OCPPJ_CP_MAX_PASSWORD_LENGTH, OCPPJ_CP_MAX_PASSWORD_LENGTH))
+                  || password.length < configuration.getParameter(JSONConfiguration.OCPPJ_CP_MIN_PASSWORD_LENGTH, OCPPJ_CP_MIN_PASSWORD_LENGTH)
+                  || password.length > configuration.getParameter(JSONConfiguration.OCPPJ_CP_MAX_PASSWORD_LENGTH, OCPPJ_CP_MAX_PASSWORD_LENGTH))
                 throw new InvalidDataException(401, "Invalid password length");
             }
 

ocpp-common/src/main/java/eu/chargetime/ocpp/ListenerEvents.java

@@ -28,7 +28,7 @@ of this software and associated documentation files (the "Software"), to deal
 import eu.chargetime.ocpp.model.SessionInformation;
 
 public interface ListenerEvents {
-  void authenticateSession(SessionInformation information, String username, String password)
+  void authenticateSession(SessionInformation information, String username, byte[] password)
       throws AuthenticationException;
 
   void newSession(ISession session, SessionInformation information);

ocpp-common/src/main/java/eu/chargetime/ocpp/Server.java

@@ -81,7 +81,7 @@ public void open(String hostname, int port, ServerEvents serverEvents) {
 
           @Override
           public void authenticateSession(
-              SessionInformation information, String username, String password)
+              SessionInformation information, String username, byte[] password)
               throws AuthenticationException {
             serverEvents.authenticateSession(information, username, password);
           }

ocpp-common/src/main/java/eu/chargetime/ocpp/ServerEvents.java

@@ -29,7 +29,7 @@ of this software and associated documentation files (the "Software"), to deal
 import java.util.UUID;
 
 public interface ServerEvents {
-  void authenticateSession(SessionInformation information, String username, String password) throws AuthenticationException;
+  void authenticateSession(SessionInformation information, String username, byte[] password) throws AuthenticationException;
 
   void newSession(UUID sessionIndex, SessionInformation information);
 

ocpp-v1_6-test/src/main/java/eu/chargetime/ocpp/test/DummyHandlers.java

@@ -203,7 +203,7 @@ public ServerEvents generateServerEventsHandler() {
     return new ServerEvents() {
       @Override
       public void authenticateSession(
-          SessionInformation information, String username, String password) throws AuthenticationException {}
+          SessionInformation information, String username, byte[] password) throws AuthenticationException {}
 
       @Override
       public void newSession(UUID sessionIndex, SessionInformation information) {

ocpp-v2/src/main/java/eu/chargetime/ocpp/MultiProtocolWebSocketListener.java

@@ -165,7 +165,7 @@ public ServerHandshakeBuilder onWebsocketHandshakeReceivedAsServer(
                     .build();
 
             String username = null;
-            String password = null;
+            byte[] password = null;
             if (clientHandshake.hasFieldValue("Authorization")) {
               String authorization = clientHandshake.getFieldValue("Authorization");
               if (authorization != null && authorization.toLowerCase().startsWith("basic")) {
@@ -178,21 +178,21 @@ public ServerHandshakeBuilder onWebsocketHandshakeReceivedAsServer(
                     username =
                         new String(Arrays.copyOfRange(credDecoded, 0, i), StandardCharsets.UTF_8);
                     if (i + 1 < credDecoded.length) {
-                      password = new String(Arrays.copyOfRange(credDecoded, i + 1, credDecoded.length));
+                      password = Arrays.copyOfRange(credDecoded, i + 1, credDecoded.length);
                     }
                     break;
                   }
                 }
               }
               if (protocolVersion == null || protocolVersion == ProtocolVersion.OCPP1_6) {
                 if (password == null
-                    || password.length() < configuration.getParameter(JSONConfiguration.OCPPJ_CP_MIN_PASSWORD_LENGTH, OCPPJ_CP_MIN_PASSWORD_LENGTH)
-                    || password.length() > configuration.getParameter(JSONConfiguration.OCPPJ_CP_MAX_PASSWORD_LENGTH, OCPPJ_CP_MAX_PASSWORD_LENGTH))
+                    || password.length < configuration.getParameter(JSONConfiguration.OCPPJ_CP_MIN_PASSWORD_LENGTH, OCPPJ_CP_MIN_PASSWORD_LENGTH)
+                    || password.length > configuration.getParameter(JSONConfiguration.OCPPJ_CP_MAX_PASSWORD_LENGTH, OCPPJ_CP_MAX_PASSWORD_LENGTH))
                   throw new InvalidDataException(401, "Invalid password length");
               } else {
                 if (password == null
-                    || password.length() < configuration.getParameter(JSONConfiguration.OCPP2J_CP_MIN_PASSWORD_LENGTH, OCPP2J_CP_MIN_PASSWORD_LENGTH)
-                    || password.length() > configuration.getParameter(JSONConfiguration.OCPP2J_CP_MAX_PASSWORD_LENGTH, OCPP2J_CP_MAX_PASSWORD_LENGTH))
+                    || password.length < configuration.getParameter(JSONConfiguration.OCPP2J_CP_MIN_PASSWORD_LENGTH, OCPP2J_CP_MIN_PASSWORD_LENGTH)
+                    || password.length > configuration.getParameter(JSONConfiguration.OCPP2J_CP_MAX_PASSWORD_LENGTH, OCPP2J_CP_MAX_PASSWORD_LENGTH))
                   throw new InvalidDataException(401, "Invalid password length");
               }
             }

ocpp-v2_0-test/src/main/java/eu/chargetime/ocpp/test/FakeCentralSystem.java

@@ -74,7 +74,7 @@ public void started() throws Exception {
           new ServerEvents() {
             @Override
             public void authenticateSession(
-                SessionInformation information, String username, String password) throws AuthenticationException {}
+                SessionInformation information, String username, byte[] password) throws AuthenticationException {}
 
             @Override
             public void newSession(UUID sessionIndex, SessionInformation information) {