Coverity-CWE 922: Insecure Storage of Sensitive Information(localStorage write)
- Coverity fix for localStorage write issue: For storing datas
in browser localStorage so changed it to sessionStorage
Change-Id: I5179dbd864d9cf6c9f82fdb54f4ad2544e945ac0
Signed-off-by: SANDHYA.JS <sandhya.j@tataelxsi.co.in>
diff --git a/src/services/AcessGuardService.ts b/src/services/AcessGuardService.ts
index 42d36a5..1ee7f64 100644
--- a/src/services/AcessGuardService.ts
+++ b/src/services/AcessGuardService.ts
@@ -34,7 +34,7 @@
*/
public canLoad(route: Route): Observable<boolean> | Promise<boolean> | boolean {
// Need to get the Role and valid here for authorization
- if (localStorage.getItem('role') === 'Admin') {
+ if (sessionStorage.getItem('role') === 'Admin') {
return true;
} else {
return false;
diff --git a/src/services/AuthInterceptorService.ts b/src/services/AuthInterceptorService.ts
index 8c5a9d7..9c17b56 100644
--- a/src/services/AuthInterceptorService.ts
+++ b/src/services/AuthInterceptorService.ts
@@ -68,7 +68,7 @@
public intercept(req: HttpRequest<{}>, next: HttpHandler): Observable<HttpSentEvent |
// tslint:disable-next-line:no-any
HttpHeaderResponse | HttpProgressEvent | HttpResponse<{}> | HttpUserEvent<any> | any> {
- const idToken: string = localStorage.getItem('id_token');
+ const idToken: string = sessionStorage.getItem('id_token');
const excludedUrl: string[] = ['osm/admin/v1/tokens', 'assets/i18n/', 'osm/version'];
if (excludedUrl.some((x: string): boolean => { return req.url.includes(x); })) { return next.handle(req); }
if (idToken.length > 0) {
diff --git a/src/services/AuthenticationService.ts b/src/services/AuthenticationService.ts
index 0399c59..1d49da3 100644
--- a/src/services/AuthenticationService.ts
+++ b/src/services/AuthenticationService.ts
@@ -83,16 +83,16 @@
this.restService = this.injector.get(RestService);
this.modalService = this.injector.get(NgbModal);
this.idle = this.injector.get(Idle);
- if (localStorage.getItem('username') !== null) {
+ if (sessionStorage.getItem('username') !== null) {
this.loggedIn.next(true);
this.changePassword.next(false);
- } else if (localStorage.getItem('firstLogin') !== null) {
+ } else if (sessionStorage.getItem('firstLogin') !== null) {
this.changePassword.next(true);
this.loggedIn.next(false);
} else {
this.loggedIn.next(false);
}
- this.userName.next(localStorage.getItem('username'));
+ this.userName.next(sessionStorage.getItem('username'));
this.redirectToPage();
}
@@ -136,9 +136,9 @@
return this.restService.postResource(apiURLHeader, this.payLoad)
.pipe(map((data: ProjectModel): BehaviorSubject<boolean> => {
if (data.message === 'change_password') {
- localStorage.setItem('firstLogin', 'true');
- localStorage.setItem('id_token', data.id);
- localStorage.setItem('user_id', data.user_id);
+ sessionStorage.setItem('firstLogin', 'true');
+ sessionStorage.setItem('id_token', data.id);
+ sessionStorage.setItem('user_id', data.user_id);
this.idle.watch(true);
this.changePassword.next(true);
this.loggedIn.next(false);
@@ -174,27 +174,27 @@
/** set local storage on auth process @public */
public setLocalStorage(data: ProjectModel): void {
- localStorage.setItem('id_token', data.id);
- localStorage.setItem('expires', data.expires.toString());
- localStorage.setItem('username', data.username);
- localStorage.setItem('isAdmin', (data.admin) ? 'true' : 'false');
- localStorage.setItem('project_id', data.project_id);
- localStorage.setItem('project', data.project_name);
- localStorage.setItem('token_state', data.id);
+ sessionStorage.setItem('id_token', data.id);
+ sessionStorage.setItem('expires', data.expires.toString());
+ sessionStorage.setItem('username', data.username);
+ sessionStorage.setItem('isAdmin', (data.admin) ? 'true' : 'false');
+ sessionStorage.setItem('project_id', data.project_id);
+ sessionStorage.setItem('project', data.project_name);
+ sessionStorage.setItem('token_state', data.id);
this.projectName$.next(data.project_name);
}
/** Destory tokens API response handling @public */
public logoutResponse(): void {
this.loggedIn.next(false);
this.changePassword.next(false);
- const langCode: string = localStorage.getItem('languageCode');
- const redirecturl: string = isNullOrUndefined(localStorage.getItem('returnUrl')) ? '/' : localStorage.getItem('returnUrl');
- const osmVersion: string = isNullOrUndefined(localStorage.getItem('osmVersion')) ? '' : localStorage.getItem('osmVersion');
- localStorage.clear();
- localStorage.setItem('languageCode', langCode);
- localStorage.setItem('returnUrl', redirecturl);
- localStorage.setItem('token_state', null);
- localStorage.setItem('osmVersion', osmVersion);
+ const langCode: string = sessionStorage.getItem('languageCode');
+ const redirecturl: string = isNullOrUndefined(sessionStorage.getItem('returnUrl')) ? '/' : sessionStorage.getItem('returnUrl');
+ const osmVersion: string = isNullOrUndefined(sessionStorage.getItem('osmVersion')) ? '' : sessionStorage.getItem('osmVersion');
+ sessionStorage.clear();
+ sessionStorage.setItem('languageCode', langCode);
+ sessionStorage.setItem('returnUrl', redirecturl);
+ sessionStorage.setItem('token_state', null);
+ sessionStorage.setItem('osmVersion', osmVersion);
this.idle.stop();
this.router.navigate(['login']).catch();
}
@@ -203,13 +203,13 @@
*/
public logout(): void {
this.returnUrl = this.router.url;
- localStorage.setItem('returnUrl', this.returnUrl);
+ sessionStorage.setItem('returnUrl', this.returnUrl);
this.modalService.dismissAll();
this.destoryToken();
}
/** Destory tokens on logout @public */
public destoryToken(): void {
- const tokenID: string = localStorage.getItem('id_token');
+ const tokenID: string = sessionStorage.getItem('id_token');
if (tokenID !== null) {
const deletingURl: string = environment.GENERATETOKEN_URL + '/' + tokenID;
this.restService.deleteResource(deletingURl).subscribe((res: {}): void => {
@@ -222,9 +222,9 @@
/** Return to previous page deny access to changepassword */
public redirectToPage(): void {
- if (window.location.pathname === '/changepassword' && localStorage.getItem('username') !== null) {
+ if (window.location.pathname === '/changepassword' && sessionStorage.getItem('username') !== null) {
window.history.back();
- } else if (window.location.pathname === '/' && localStorage.getItem('firstLogin') === 'true') {
+ } else if (window.location.pathname === '/' && sessionStorage.getItem('firstLogin') === 'true') {
this.router.navigate(['/login']).catch();
}
}
diff --git a/src/services/ProjectService.ts b/src/services/ProjectService.ts
index c22f33a..0473e6b 100644
--- a/src/services/ProjectService.ts
+++ b/src/services/ProjectService.ts
@@ -77,13 +77,13 @@
/** Get current project details from local storage @public */
public getCurrentProjectDetails(): Observable<{}> {
- const project: string = localStorage.getItem('project_id');
+ const project: string = sessionStorage.getItem('project_id');
return this.restService.getResource(environment.PROJECTS_URL + '/' + project);
}
/** Returns all the projects for a particular users @public */
public getUserProjects(): Observable<{}> {
- const username: string = localStorage.getItem('username');
+ const username: string = sessionStorage.getItem('username');
return this.restService.getResource(environment.USERS_URL + '/' + username);
}
@@ -92,8 +92,8 @@
this.getUserProjects().subscribe((projects: UserDetail) => {
const projectList: {}[] = projects.project_role_mappings;
projectList.filter((list: ProjectModel) => {
- if (list.project === localStorage.getItem('project_id')) {
- localStorage.setItem('project', list.project_name);
+ if (list.project === sessionStorage.getItem('project_id')) {
+ sessionStorage.setItem('project', list.project_name);
this.authService.projectName$.next(list.project_name);
}
});
@@ -107,7 +107,7 @@
/** Toggle projects on selection @public */
public switchProjectModal(list: ProjectData): void {
- const username: string = localStorage.getItem('username');
+ const username: string = sessionStorage.getItem('username');
this.modalService.open(SwitchProjectComponent, { backdrop: 'static' })
.componentInstance.params = { projectID: list.project, username };
}