fix standalone compiling

lib_standalone/SecurityManager.h

@@ -69,9 +69,6 @@ class AuthenticationPredicates {
 
 class SecurityManager {
   public:
-    virtual Authentication authenticate(const String & username, const String & password) = 0;
-    virtual String         generateJWT(User * user)                                       = 0;
-
     virtual Authentication               authenticateRequest(AsyncWebServerRequest * request)                                    = 0;
     virtual ArRequestFilterFunction      filterRequest(AuthenticationPredicate predicate)                                        = 0;
     virtual ArRequestHandlerFunction     wrapRequest(ArRequestHandlerFunction onRequest, AuthenticationPredicate predicate)      = 0;

lib_standalone/SecuritySettingsService.cpp

@@ -2,110 +2,30 @@
 
 #include <SecuritySettingsService.h>
 
-#include "../../src/emsesp_stub.h" // proddy added
+User ADMIN_USER = User(FACTORY_ADMIN_USERNAME, FACTORY_ADMIN_PASSWORD, true);
 
 SecuritySettingsService::SecuritySettingsService(AsyncWebServer * server, FS * fs)
-    : _httpEndpoint(SecuritySettings::read, SecuritySettings::update, this, server, SECURITY_SETTINGS_PATH, this)
+    : SecurityManager() {
-    , _fsPersistence(SecuritySettings::read, SecuritySettings::update, this, fs, SECURITY_SETTINGS_FILE)
-    , _jwtHandler(FACTORY_JWT_SECRET) {
-    addUpdateHandler([&](const String & originId) { configureJWTHandler(); }, false);
 }
-
+SecuritySettingsService::~SecuritySettingsService() {
-void SecuritySettingsService::begin() {
-    _fsPersistence.readFromFS();
-    configureJWTHandler();
-}
-
-Authentication SecuritySettingsService::authenticateRequest(AsyncWebServerRequest * request) {
-    AsyncWebHeader * authorizationHeader = request->getHeader(AUTHORIZATION_HEADER);
-    if (authorizationHeader) {
-        String value = authorizationHeader->value();
-        if (value.startsWith(AUTHORIZATION_HEADER_PREFIX)) {
-            value = value.substring(AUTHORIZATION_HEADER_PREFIX_LEN);
-            return authenticateJWT(value);
-        }
-    } else if (request->hasParam(ACCESS_TOKEN_PARAMATER)) {
-        AsyncWebParameter * tokenParamater = request->getParam(ACCESS_TOKEN_PARAMATER);
-        String              value          = tokenParamater->value();
-        return authenticateJWT(value);
-    }
-    return Authentication();
-}
-
-void SecuritySettingsService::configureJWTHandler() {
-    _jwtHandler.setSecret(_state.jwtSecret);
-}
-
-Authentication SecuritySettingsService::authenticateJWT(String & jwt) {
-    JsonDocument payloadDocument;
-    _jwtHandler.parseJWT(jwt, payloadDocument);
-    if (payloadDocument.is<JsonObject>()) {
-        JsonObject parsedPayload = payloadDocument.as<JsonObject>();
-        String     username      = parsedPayload["username"];
-        for (User _user : _state.users) {
-            if (_user.username == username && validatePayload(parsedPayload, &_user)) {
-                return Authentication(_user);
-            }
-        }
-    }
-    return Authentication();
-}
-
-Authentication SecuritySettingsService::authenticate(const String & username, const String & password) {
-    for (User _user : _state.users) {
-        if (_user.username == username && _user.password == password) {
-            return Authentication(_user);
-        }
-    }
-    return Authentication();
-}
-
-inline void populateJWTPayload(JsonObject payload, User * user) {
-    payload["username"] = user->username;
-    payload["admin"]    = user->admin;
-}
-
-boolean SecuritySettingsService::validatePayload(JsonObject parsedPayload, User * user) {
-    JsonDocument jsonDocument;
-    JsonObject   payload = jsonDocument.to<JsonObject>();
-    populateJWTPayload(payload, user);
-    return payload == parsedPayload;
-}
-
-String SecuritySettingsService::generateJWT(User * user) {
-    JsonDocument jsonDocument;
-    JsonObject   payload = jsonDocument.to<JsonObject>();
-    populateJWTPayload(payload, user);
-    return _jwtHandler.buildJWT(payload);
 }
 
 ArRequestFilterFunction SecuritySettingsService::filterRequest(AuthenticationPredicate predicate) {
-    return [this, predicate](AsyncWebServerRequest * request) {
+    return [this, predicate](AsyncWebServerRequest * request) { return true; };
-        Authentication authentication = authenticateRequest(request);
-        return predicate(authentication);
-    };
 }
 
-ArRequestHandlerFunction SecuritySettingsService::wrapRequest(ArRequestHandlerFunction onRequest, AuthenticationPredicate predicate) {
+// Return the admin user on all request - disabling security features
-    return [this, onRequest, predicate](AsyncWebServerRequest * request) {
+Authentication SecuritySettingsService::authenticateRequest(AsyncWebServerRequest * request) {
-        Authentication authentication = authenticateRequest(request);
+    return Authentication(ADMIN_USER);
-        if (!predicate(authentication)) {
-            request->send(401);
-            return;
 }
-        onRequest(request);
+
-    };
+// Return the function unwrapped
+ArRequestHandlerFunction SecuritySettingsService::wrapRequest(ArRequestHandlerFunction onRequest, AuthenticationPredicate predicate) {
+    return onRequest;
 }
 
 ArJsonRequestHandlerFunction SecuritySettingsService::wrapCallback(ArJsonRequestHandlerFunction onRequest, AuthenticationPredicate predicate) {
-    return [this, onRequest, predicate](AsyncWebServerRequest * request, JsonVariant json) {
+    return onRequest;
-        Authentication authentication = authenticateRequest(request);
-        if (!predicate(authentication)) {
-            request->send(401);
-            return;
-        }
-        onRequest(request, json);
-    };
 }
 
 #endif

lib_standalone/SecuritySettingsService.h

@@ -25,69 +25,6 @@
 #define SECURITY_SETTINGS_FILE "/config/securitySettings.json"
 #define SECURITY_SETTINGS_PATH "/rest/securitySettings"
 
-class SecuritySettings {
-  public:
-    String          jwtSecret;
-    std::list<User> users;
-
-    static void read(SecuritySettings & settings, JsonObject root) {
-        // secret
-        root["jwt_secret"] = settings.jwtSecret;
-
-        // users
-        JsonArray users = root["users"].to<JsonArray>();
-        for (User user : settings.users) {
-            JsonObject userRoot  = users.add<JsonObject>();
-            userRoot["username"] = user.username;
-            userRoot["password"] = user.password;
-            userRoot["admin"]    = user.admin;
-        }
-    }
-
-    static StateUpdateResult update(JsonObject root, SecuritySettings & settings) {
-        // secret
-        settings.jwtSecret = root["jwt_secret"] | FACTORY_JWT_SECRET;
-
-        // users
-        settings.users.clear();
-        if (root["users"].is<JsonArray>()) {
-            for (JsonVariant user : root["users"].as<JsonArray>()) {
-                settings.users.push_back(User(user["username"], user["password"], user["admin"]));
-            }
-        } else {
-            settings.users.push_back(User(FACTORY_ADMIN_USERNAME, FACTORY_ADMIN_PASSWORD, true));
-            settings.users.push_back(User(FACTORY_GUEST_USERNAME, FACTORY_GUEST_PASSWORD, false));
-        }
-        return StateUpdateResult::CHANGED;
-    }
-};
-
-class SecuritySettingsService : public StatefulService<SecuritySettings>, public SecurityManager {
-  public:
-    SecuritySettingsService(AsyncWebServer * server, FS * fs);
-
-    void begin();
-
-    // Functions to implement SecurityManager
-    Authentication               authenticate(const String & username, const String & password);
-    Authentication               authenticateRequest(AsyncWebServerRequest * request);
-    String                       generateJWT(User * user);
-    ArRequestFilterFunction      filterRequest(AuthenticationPredicate predicate);
-    ArRequestHandlerFunction     wrapRequest(ArRequestHandlerFunction onRequest, AuthenticationPredicate predicate);
-    ArJsonRequestHandlerFunction wrapCallback(ArJsonRequestHandlerFunction callback, AuthenticationPredicate predicate);
-
-  private:
-    HttpEndpoint<SecuritySettings>  _httpEndpoint;
-    FSPersistence<SecuritySettings> _fsPersistence;
-    ArduinoJsonJWT                  _jwtHandler;
-
-    void           configureJWTHandler();
-    Authentication authenticateJWT(String & jwt);
-    boolean        validatePayload(JsonObject parsedPayload, User * user);
-};
-
-#else
-
 class SecuritySettingsService : public SecurityManager {
   public:
     SecuritySettingsService(AsyncWebServer * server, FS * fs);

platformio.ini

@@ -174,8 +174,9 @@ build_flags =
 	-lpthread
   -std=gnu++11 -Og -ggdb
 build_src_flags =
-  -Wall -Wextra -Werror -Wswitch-enum -Wno-unused-parameter -Wno-inconsistent-missing-override -Wno-unused-lambda-capture -Wno-sign-compare
+  -Wall -Wextra -Werror
-  -Wno-missing-braces
+  -Wno-unused-parameter -Wno-sign-compare
+  ; -Wswitch-enum -Wno-unused-parameter -Wno-inconsistent-missing-override -Wno-unused-lambda-capture -Wno-missing-braces
   -I./lib_standalone
   -I./lib/ArduinoJson/src
   -I./lib/uuid-common/src