├── Auth UI Part ├── .gitignore ├── .mvn │ ├── jvm.config │ ├── maven.config │ └── wrapper │ │ ├── maven-wrapper.jar │ │ └── maven-wrapper.properties ├── .travis.yml ├── README.md ├── mvnw ├── mvnw.cmd ├── pom.xml └── src │ ├── main │ ├── java │ │ └── clientpart │ │ │ ├── UiApplication.java │ │ │ ├── UiSecurityConfig.java │ │ │ └── UiWebConfig.java │ └── resources │ │ ├── application.yml │ │ └── templates │ │ ├── index.html │ │ └── securedPage.html │ └── test │ ├── java │ └── demo │ │ ├── AbstractIntegrationTests.java │ │ └── ServerRunning.java │ └── resources │ └── test.properties ├── Auth_Server-2 ├── .gitignore ├── LICENSE ├── README.md ├── pom.xml └── src │ └── main │ ├── java │ └── com │ │ └── showcode │ │ └── springboot │ │ ├── AuthServerConfig.java │ │ ├── AuthorizationServerApplication.java │ │ ├── CodeController.java │ │ ├── SecurityConfig.java │ │ └── UserController.java │ ├── resources │ ├── application.properties │ └── templates │ │ └── login.html │ └── webapp │ ├── index.html │ ├── login.html │ └── showcode.jsp ├── ReadMe.md └── images ├── UsageOfOauth.png ├── auht_code.png └── oauth vulnerability uml.png /Auth UI Part/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/.gitignore -------------------------------------------------------------------------------- /Auth UI Part/.mvn/jvm.config: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/.mvn/jvm.config -------------------------------------------------------------------------------- /Auth UI Part/.mvn/maven.config: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/.mvn/maven.config -------------------------------------------------------------------------------- /Auth UI Part/.mvn/wrapper/maven-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/.mvn/wrapper/maven-wrapper.jar -------------------------------------------------------------------------------- /Auth UI Part/.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/.mvn/wrapper/maven-wrapper.properties -------------------------------------------------------------------------------- /Auth UI Part/.travis.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/.travis.yml -------------------------------------------------------------------------------- /Auth UI Part/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Auth UI Part/mvnw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/mvnw -------------------------------------------------------------------------------- /Auth UI Part/mvnw.cmd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/mvnw.cmd -------------------------------------------------------------------------------- /Auth UI Part/pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/pom.xml -------------------------------------------------------------------------------- /Auth UI Part/src/main/java/clientpart/UiApplication.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/src/main/java/clientpart/UiApplication.java -------------------------------------------------------------------------------- /Auth UI Part/src/main/java/clientpart/UiSecurityConfig.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/src/main/java/clientpart/UiSecurityConfig.java -------------------------------------------------------------------------------- /Auth UI Part/src/main/java/clientpart/UiWebConfig.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/src/main/java/clientpart/UiWebConfig.java -------------------------------------------------------------------------------- /Auth UI Part/src/main/resources/application.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/src/main/resources/application.yml -------------------------------------------------------------------------------- /Auth UI Part/src/main/resources/templates/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/src/main/resources/templates/index.html -------------------------------------------------------------------------------- /Auth UI Part/src/main/resources/templates/securedPage.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/src/main/resources/templates/securedPage.html -------------------------------------------------------------------------------- /Auth UI Part/src/test/java/demo/AbstractIntegrationTests.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/src/test/java/demo/AbstractIntegrationTests.java -------------------------------------------------------------------------------- /Auth UI Part/src/test/java/demo/ServerRunning.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth UI Part/src/test/java/demo/ServerRunning.java -------------------------------------------------------------------------------- /Auth UI Part/src/test/resources/test.properties: -------------------------------------------------------------------------------- 1 | server.port: 0 -------------------------------------------------------------------------------- /Auth_Server-2/.gitignore: -------------------------------------------------------------------------------- 1 | target 2 | out 3 | .settings 4 | .classpath 5 | .project 6 | .idea 7 | *.iml -------------------------------------------------------------------------------- /Auth_Server-2/LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth_Server-2/LICENSE -------------------------------------------------------------------------------- /Auth_Server-2/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Auth_Server-2/pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth_Server-2/pom.xml -------------------------------------------------------------------------------- /Auth_Server-2/src/main/java/com/showcode/springboot/AuthServerConfig.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth_Server-2/src/main/java/com/showcode/springboot/AuthServerConfig.java -------------------------------------------------------------------------------- /Auth_Server-2/src/main/java/com/showcode/springboot/AuthorizationServerApplication.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth_Server-2/src/main/java/com/showcode/springboot/AuthorizationServerApplication.java -------------------------------------------------------------------------------- /Auth_Server-2/src/main/java/com/showcode/springboot/CodeController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth_Server-2/src/main/java/com/showcode/springboot/CodeController.java -------------------------------------------------------------------------------- /Auth_Server-2/src/main/java/com/showcode/springboot/SecurityConfig.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth_Server-2/src/main/java/com/showcode/springboot/SecurityConfig.java -------------------------------------------------------------------------------- /Auth_Server-2/src/main/java/com/showcode/springboot/UserController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth_Server-2/src/main/java/com/showcode/springboot/UserController.java -------------------------------------------------------------------------------- /Auth_Server-2/src/main/resources/application.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth_Server-2/src/main/resources/application.properties -------------------------------------------------------------------------------- /Auth_Server-2/src/main/resources/templates/login.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth_Server-2/src/main/resources/templates/login.html -------------------------------------------------------------------------------- /Auth_Server-2/src/main/webapp/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth_Server-2/src/main/webapp/index.html -------------------------------------------------------------------------------- /Auth_Server-2/src/main/webapp/login.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth_Server-2/src/main/webapp/login.html -------------------------------------------------------------------------------- /Auth_Server-2/src/main/webapp/showcode.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/Auth_Server-2/src/main/webapp/showcode.jsp -------------------------------------------------------------------------------- /ReadMe.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/ReadMe.md -------------------------------------------------------------------------------- /images/UsageOfOauth.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/images/UsageOfOauth.png -------------------------------------------------------------------------------- /images/auht_code.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/images/auht_code.png -------------------------------------------------------------------------------- /images/oauth vulnerability uml.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dogangcr/vulnerable-sso/HEAD/images/oauth vulnerability uml.png --------------------------------------------------------------------------------