nam20485 · nam20485 · Feb 21, 2024 · Feb 19, 2024 · Feb 19, 2024 · Feb 19, 2024
@@ -0,0 +1,38 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Desktop (please complete the following information):**
+ - OS: [e.g. iOS]
+ - Browser [e.g. chrome, safari]
+ - Version [e.g. 22]
+
+**Smartphone (please complete the following information):**
+ - Device: [e.g. iPhone6]
+ - OS: [e.g. iOS8.1]
+ - Browser [e.g. stock browser, safari]
+ - Version [e.g. 22]
+
+**Additional context**
+Add any other context about the problem here.
@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.
@@ -52,7 +52,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@e675ced7a7522a761fc9c8eb26682c8b27c42b2b # v3.24.1
+      uses: github/codeql-action/init@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
       with:        
         languages: ${{ matrix.language }}
         config-file: ${{ github.workspace }}/.github/codeql-config.yml        
@@ -83,6 +83,6 @@ jobs:
       run: cmake --build --preset linux-release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@e675ced7a7522a761fc9c8eb26682c8b27c42b2b # v3.24.1
+      uses: github/codeql-action/analyze@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
       with:
         category: "/language:${{matrix.language}}"
@@ -47,7 +47,7 @@ jobs:
             uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
           - name: Download Artifacts
-            uses: dawidd6/action-download-artifact@e7466d1a7587ed14867642c2ca74b5bcc1e19a2d # v3.0.0
+            uses: dawidd6/action-download-artifact@72aaadce3bc708349fc665eee3785cbb1b6e51d0 # v3.1.1
             with:
               workflow: cmake-multi-platform.yml
               workflow_conclusion: success

@@ -103,7 +103,11 @@ jobs:
             org.opencontainers.image.revision=${{ github.sha }}
             org.opencontainers.image.created=${{ env.CURRENT_DATETIME }}
             org.opencontainers.image.title=OdbDesign Server
-
+          labels: |
+            org.opencontainers.image.version=${{ github.ref_name }}-${{github.run_number}}
+            org.opencontainers.image.revision=${{ github.sha }}
+            org.opencontainers.image.created=${{ env.CURRENT_DATETIME }}
+
       # Build and push Docker image with Buildx (don't push on PR)
       # https://github.com/docker/build-push-action
       - name: Build and push Docker image
@@ -143,7 +147,7 @@ jobs:
         with:
           repository: ${{ github.repository }}
           event-type: trigger_deploy_release_event
-          client-payload: |
+          client-payload: >
             '{ 
                 "ref_name": "${{ github.ref_name }}",
                 "run_number": "${{ github.run_number }}", 

@@ -133,7 +133,7 @@ jobs:
       - name: Analyze for critical and high CVEs
         id: docker-scout-cves       
         # if: ${{ github.event_name != 'pull_request_target' }} 
-        uses: docker/scout-action@4a5494eb7c2b3d712b805ee65ad57a0371d50874 # v1.4.1
+        uses: docker/scout-action@67eb1afe777307506aaecb9acd9a0e0389cb99ae # v1.5.0
         with:
           command: cves,recommendations
           image: ${{ steps.meta.outputs.tags }}
@@ -143,14 +143,14 @@ jobs:
 
       - name: Upload SARIF result
         id: upload-sarif
-        uses: github/codeql-action/upload-sarif@e675ced7a7522a761fc9c8eb26682c8b27c42b2b # v3.24.1
+        uses: github/codeql-action/upload-sarif@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
         with:
           sarif_file: sarif.output.json
 
       - name: Docker Scout Compare to Latest
         id: docker-scout
         if: ${{ github.event_name == 'pull_request' }}
-        uses: docker/scout-action@4a5494eb7c2b3d712b805ee65ad57a0371d50874 # v1.4.1
+        uses: docker/scout-action@67eb1afe777307506aaecb9acd9a0e0389cb99ae # v1.5.0
         with:
           command: compare
           image: ${{ steps.meta.outputs.tags }}

@@ -38,7 +38,7 @@ jobs:
         uses: actions/configure-pages@1f0c5cde4bc74cd7e1254d0cb4de8d49e9068c7d # v4.0.0
 
       - name: Build with Jekyll
-        uses: actions/jekyll-build-pages@3ef60073fe85b3ccba7e900c2ebf9d7542dc7a8f # v1.0.11
+        uses: actions/jekyll-build-pages@b178f9334b208360999a0a57b523613563698c66 # v1.0.12
         with:
           source: ./docs
           destination: ./_site

@@ -75,6 +75,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@e675ced7a7522a761fc9c8eb26682c8b27c42b2b # v3.24.1
+        uses: github/codeql-action/upload-sarif@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
         with:
           sarif_file: results.sarif
@@ -0,0 +1,128 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, religion, or sexual identity
+and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the
+  overall community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or
+  advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email
+  address, without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+[email protected].
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series
+of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or
+permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior,  harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within
+the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.0, available at
+https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+
+Community Impact Guidelines were inspired by [Mozilla's code of conduct
+enforcement ladder](https://github.com/mozilla/diversity).
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see the FAQ at
+https://www.contributor-covenant.org/faq. Translations are available at
+https://www.contributor-covenant.org/translations.
@@ -72,7 +72,11 @@ FROM --platform=$BUILDPLATFORM debian:bookworm-20240211-slim@sha256:d02c76d82364
 LABEL org.opencontainers.image.source=https://github.com/nam20485/OdbDesign \
       org.opencontainers.image.authors=https://github.com/nam20485 \
       org.opencontainers.image.description="A free open source cross-platform C++ library for parsing ODB++ Design archives and accessing their data. Exposed via a REST API and packaged inside of a Docker image. The OdbDesign Docker image runs the OdbDesignServer REST API server executable, listening on port 8888." \
-      org.opencontainers.image.licenses=MIT
+      org.opencontainers.image.licenses=MIT \    
+      org.opencontainers.image.url=https://nam20485.github.io/OdbDesign \ 
+      org.opencontainers.image.documentation=https://github.com/nam20485/OdbDesign?tab=readme-ov-file \
+      org.opencontainers.image.title="OdbDesign Server"
+
 EXPOSE 8888
 
 RUN mkdir --parents /OdbDesign/bin

@@ -6,42 +6,44 @@
 
 namespace Odb::Lib::App
 {
+	BasicRequestAuthentication::BasicRequestAuthentication(bool disableAuthentication)
+		: RequestAuthenticationBase(disableAuthentication)
+	{
+	}
+
 	crow::response BasicRequestAuthentication::AuthenticateRequest(const crow::request& req)
 	{
-		// if running debug build AND in Local environment, bypass authentication
-		if (IsDebug() && IsLocal())
+		auto resp = RequestAuthenticationBase::AuthenticateRequest(req);
+		if (resp.code != crow::status::OK)
 		{
-			// 200 Authorized!
-			return crow::response(200, "Authorized");
-		}
+			const auto& authHeader = req.get_header_value(AUTHORIZATION_HEADER_NAME);
+			if (authHeader.empty()) return crow::response(401, "Unauthorized");
 
-		const auto& authHeader = req.get_header_value("Authorization");
-		if (authHeader.empty()) return crow::response(401, "Unauthorized");
+			auto authValue = authHeader.substr(6);
+			if (authValue.empty()) return crow::response(401, "Unauthorized");
 
-		auto authValue = authHeader.substr(6);
-		if (authValue.empty()) return crow::response(401, "Unauthorized");
-
-		auto authValueDecoded = crow::utility::base64decode(authValue, authValue.size());
-		if (authValueDecoded.empty()) return crow::response(401, "Unauthorized");
+			auto authValueDecoded = crow::utility::base64decode(authValue, authValue.size());
+			if (authValueDecoded.empty()) return crow::response(401, "Unauthorized");
 
-		auto seperatorPos = authValueDecoded.find(':');
-		if (seperatorPos == std::string::npos) return crow::response(401, "Unauthorized");
+			auto seperatorPos = authValueDecoded.find(':');
+			if (seperatorPos == std::string::npos) return crow::response(401, "Unauthorized");
 
-		auto username = authValueDecoded.substr(0, seperatorPos);
-		auto password = authValueDecoded.substr(seperatorPos + 1);
+			auto username = authValueDecoded.substr(0, seperatorPos);
+			auto password = authValueDecoded.substr(seperatorPos + 1);
 
-		//if (! VerifyCredentials(username, password)) return crow::response(403, "Invalid username or password");
-		auto resp = VerifyCredentials(username, password);		
+			//if (! VerifyCredentials(username, password)) return crow::response(403, "Invalid username or password");
+			resp = VerifyCredentials(username, password);
+		}
 		return resp;
 	}
 
 	crow::response BasicRequestAuthentication::VerifyCredentials(const std::string& username, const std::string& password)
 	{
 		// 500 - Internal Server Error
 		auto validUsername = std::getenv(USERNAME_ENV_NAME);
 		if (validUsername == nullptr) return crow::response(500, "Failed retrieving credentials");

 		auto validPassword = std::getenv(PASSWORD_ENV_NAME);
 		if (validPassword == nullptr) return crow::response(500, "Failed retrieving credentials");

 		// 403 - Forbidden

@@ -1,26 +1,27 @@
 #pragma once
 
-#include "IRequestAuthentication.h"
+#include "RequestAuthenticationBase.h"
 #include "../odbdesign_export.h"
 
 namespace Odb::Lib::App
 {
-	class ODBDESIGN_EXPORT BasicRequestAuthentication : public IRequestAuthentication
+	class ODBDESIGN_EXPORT BasicRequestAuthentication : public RequestAuthenticationBase
 	{
 	public:
-		//BasicRequestAuthentication()
-		//{
-		//}
+		BasicRequestAuthentication(bool disableAuthentication);
 
-		// Inherited via IRequestAuthentication
+		// Inherited via RequestAuthenticationBase
 		crow::response AuthenticateRequest(const crow::request& req) override;
 
 	private:
 
+		const inline static char AUTHORIZATION_HEADER_NAME[] = "Authorization";
+
 		crow::response VerifyCredentials(const std::string& username, const std::string& password);
 
 		const inline static char USERNAME_ENV_NAME[] = "ODBDESIGN_SERVER_REQUEST_USERNAME";
 		const inline static char PASSWORD_ENV_NAME[] = "ODBDESIGN_SERVER_REQUEST_PASSWORD";
+
 
 	};
 }
@@ -2,7 +2,7 @@
 
 #include "IOdbApp.h"
 #include "../odbdesign_export.h"
-#include "IRequestAuthentication.h"
+#include "RequestAuthenticationBase.h"
 
 namespace Odb::Lib::App
 {
@@ -12,8 +12,8 @@ namespace Odb::Lib::App
 		virtual ~IOdbServerApp() {}
 
 		virtual CrowApp& crow_app() = 0;
-		virtual IRequestAuthentication& request_auth() = 0;
-		virtual void request_auth(std::unique_ptr<IRequestAuthentication> requestAuthentication) = 0;
+		virtual RequestAuthenticationBase& request_auth() = 0;
+		virtual void request_auth(std::unique_ptr<RequestAuthenticationBase> requestAuthentication) = 0;
 
 	protected:
 		IOdbServerApp() = default;