get rid of library json-simple (#732) (#733)

* get rid of  library json-simple (#732) closes #732

pom.xml

@@ -36,14 +36,9 @@
 		<dependency>
 			<groupId>org.json</groupId>
 			<artifactId>json</artifactId>
-			<version>20220320</version>
+			<version>20220924</version>
 		</dependency>
 		<!-- https://mvnrepository.com/artifact/com.googlecode.json-simple/json-simple -->
-		<dependency>
-			<groupId>com.googlecode.json-simple</groupId>
-			<artifactId>json-simple</artifactId>
-			<version>1.1.1</version>
-		</dependency>
 		<dependency>
 			<groupId>commons-io</groupId>
 			<artifactId>commons-io</artifactId>
@@ -182,6 +177,14 @@
 			<scope>test</scope>
 		</dependency>
 
+		<!-- https://mvnrepository.com/artifact/junit/junit -->
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit</artifactId>
+			<version>4.13.2</version>
+			<scope>test</scope>
+		</dependency>
+
 		<!-- https://mvnrepository.com/artifact/org.hamcrest/hamcrest-junit -->
 		<dependency>
 			<groupId>org.hamcrest</groupId>
@@ -247,12 +250,6 @@
 									</resources>
 								</configuration>
 							</execution>
-						</executions>
-					</plugin>
-					<plugin>
-						<artifactId>maven-resources-plugin</artifactId>
-						<version>3.1.0</version>
-						<executions>
 							<execution>
 								<id>copy-mongo-scripts</id>
 								<phase>validate</phase>

src/main/java/dbProcs/Getter.java

@@ -15,8 +15,8 @@
 import java.util.ResourceBundle;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
-import org.json.simple.JSONArray;
-import org.json.simple.JSONObject;
+import org.json.JSONArray;
+import org.json.JSONObject;
 import org.owasp.encoder.Encode;
 import servlets.Register;
 import utils.ModulePlan;
@@ -239,7 +239,10 @@ public static String[] authUser(String ApplicationRoot, String userName, String
    * This method hashes the user submitted password and sends it to the database. The database does
    * the rest of the work, including Brute Force prevention.
    *
+   * @param ApplicationRoot The current running context of an application
    * @param userName The submitted user name to be used in authentication process
+   * @param ssoName
+   * @param password The submitted password in plain text to be used in authentication
    * @return A string array made up of nothing or information to be consumed by the initiating
    *     authentication process.
    */
@@ -574,6 +577,8 @@ public static ArrayList<String[]> getAllModuleInfo(String ApplicationRoot) {
    * have to go through another servlet to get the module's View address
    *
    * @param ApplicationRoot The current running context of the application
+   * @param userId The user identifier of the player
+   * @param lang The Locale the user has enabled
    * @return HTML menu for challenges
    * @throws SQLException
    */
@@ -632,7 +637,7 @@ public static String getChallenges(String ApplicationRoot, String userId, Locale
     }
     // Check if output is empty
     if (output.isEmpty()) {
-      output = "<li><a href='javascript:;'>No challenges found</a></li>";
+      output = "<li>No challenges found</li>";
     } else {
       log.debug("Appending End tags");
       output += "</ul></li>";
@@ -950,6 +955,7 @@ public static String getFeedback(String applicationRoot, String moduleId) {
    *
    * @param ApplicationRoot The running context of the application.
    * @param userId The user identifier of the user.
+   * @param lang The name of the Locale the user
    * @param csrfToken The cross site request forgery token
    * @return A HTML menu of a users current module progress and a script for interaction with this
    *     menu
@@ -1064,6 +1070,7 @@ public static String getIncrementalModules(
    *
    * @param ApplicationRoot The running context of the application.
    * @param userId The user identifier of the user.
+   * @param lang The name of the Locale the user
    * @param csrfToken The cross site request forgery token
    * @return A HTML menu of a users current module progress and a script for interaction with this
    *     menu
@@ -1326,7 +1333,7 @@ public static String getJsonScore(String applicationRoot, String classId) {
           jsonInner.put("bronzeMedalCount", Integer.valueOf(bronzeMedals));
           jsonInner.put("bronzeDisplay", bronzeDisplayStyle);
           // log.debug("Adding: " + jsonInner.toString());
-          json.add(jsonInner);
+          json.put(jsonInner);
         }
       }
       if (resultAmount > 0) {
@@ -1354,6 +1361,7 @@ public static String getJsonScore(String applicationRoot, String classId) {
    *
    * @param ApplicationRoot The current running context of the application
    * @param userId Identifier of the user
+   * @param lang The the Locale the user has enabled
    * @return HTML lesson menu for Open Floor Plan.
    */
   public static String getLessons(String ApplicationRoot, String userId, Locale lang) {
@@ -1390,7 +1398,7 @@ public static String getLessons(String ApplicationRoot, String userId, Locale la
       }
       // If no output has been found, return an error message
       if (output.isEmpty()) {
-        output = "<li><a href='javascript:;'>No lessons found</a></li>";
+        output = "<li>No lessons found</li>";
       } else {
         log.debug("Lesson List returned");
       }
@@ -1873,6 +1881,7 @@ public static String getOpenCloseCategoryMenu(String ApplicationRoot) {
    * So there are two procedures this method calls. One that handles null classes, one that does not
    *
    * @param ApplicationRoot The current running context of the application
+   * @param classId Identifier of class
    * @return ResultSet that contains users for the selected class in the formate {userId, userName,
    *     userAddress}
    */
@@ -1998,7 +2007,7 @@ public static String getProgressJSON(String applicationRoot, String classId) {
           // Width
           jsonInner.put("score", Integer.valueOf(resultSet.getInt(3))); // Score
           log.debug("Adding: " + jsonInner.toString());
-          json.add(jsonInner);
+          json.put(jsonInner);
         }
       }
       if (resultAmount > 0) {
@@ -2045,6 +2054,7 @@ private static int getTounnamentSectionFromRankNumber(int rankNumber) {
    *
    * @param ApplicationRoot The running context of the application.
    * @param userId The user identifier of the user.
+   * @param lang The Locale the user has enabled
    * @return A HTML menu of a users current module progress and a script for interaction with this
    *     menu
    */
@@ -2187,7 +2197,10 @@ public static String getTournamentModules(String ApplicationRoot, String userId,
   /**
    * Return all modules in JSON for specific User
    *
-   * @param userId
+   * @param ApplicationRoot The running context of the application.
+   * @param userId The user identifier of the user.
+   * @param floor The current module plan
+   * @param locale The Locale the user has enabled
    * @return
    */
   public static JSONArray getModulesJson(String userId, String floor, Locale locale) {
@@ -2208,7 +2221,7 @@ public static JSONArray getModulesJson(String userId, String floor, Locale local
       JSONArray jsonSectionModules = new JSONArray();
       JSONObject jsonObject = new JSONObject();
       jsonSection.put("levelMode", floor);
-      jsonOutput.add(jsonSection);
+      jsonOutput.put(jsonSection);
       jsonSection = new JSONObject();
 
       // Get the modules
@@ -2252,10 +2265,10 @@ public static JSONArray getModulesJson(String userId, String floor, Locale local
           }
           jsonObject.put("moduleOpen", moduleOpen);
         }
-        jsonSectionModules.add(jsonObject);
+        jsonSectionModules.put(jsonObject);
       }
       jsonSection.put("modules", jsonSectionModules);
-      jsonOutput.add(jsonSection);
+      jsonOutput.put(jsonSection);
     } catch (Exception e) {
       log.error("Module List Retrieval: " + e.toString());
     }
@@ -2358,6 +2371,7 @@ public static String getUserName(String ApplicationRoot, String userId) {
    * been completed
    *
    * @param applicationRoot Running context of the application
+   * @param moduleId Hash ID of the CSRF module you wish to check if a user has completed
    * @param userId the ID of the user to check
    * @return True or False value depicting if the user has completed the module
    */
@@ -2444,6 +2458,7 @@ public static ResultSet getAdmins(String ApplicationRoot) {
   /**
    * Used to decipher whether or not a user exists as an admin
    *
+   * @param ApplicationRoot The current running context of the application
    * @param userId The user identifier of the admin to be found
    * @return A boolean reflecting the state of existence of the admin
    */

src/main/java/servlets/MobileLogin.java

@@ -11,7 +11,7 @@
 import javax.servlet.http.HttpSession;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
-import org.json.simple.JSONObject;
+import org.json.JSONObject;
 import utils.Hash;
 import utils.ShepherdLogManager;
 import utils.UserKicker;

src/main/java/servlets/api/Levels.java

@@ -12,7 +12,7 @@
 import javax.servlet.http.HttpSession;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
-import org.json.simple.JSONArray;
+import org.json.JSONArray;
 import utils.ModulePlan;
 import utils.Validate;
 
@@ -47,7 +47,7 @@ public void doGet(HttpServletRequest request, HttpServletResponse response)
       }
       theModules = Getter.getModulesJson(userId, floor, locale);
       response.setContentType("application/json");
-      out.write(theModules.toJSONString());
+      out.write(theModules.toString());
     } else {
       if (!validSession) {
         log.debug("Unauthentiated Module List Call");

src/main/java/servlets/module/challenge/CsrfChallengeTargetJSON.java

@@ -14,8 +14,7 @@
 import javax.servlet.http.HttpSession;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
-import org.json.simple.JSONObject;
-import org.json.simple.JSONValue;
+import org.json.JSONObject;
 import utils.ShepherdLogManager;
 import utils.Validate;
 
@@ -77,7 +76,7 @@ public void doPost(HttpServletRequest request, HttpServletResponse response)
         log.debug("Getting JSON String");
         String jsonData = extractPostRequestBody(request);
         log.debug("POST body: " + jsonData);
-        JSONObject json = (JSONObject) JSONValue.parse(jsonData);
+        JSONObject json = new JSONObject(jsonData);
         log.debug("Getting userId");
         String plusId = (String) json.get("userId");
         log.debug("User Submitted - " + plusId);

src/main/java/servlets/module/challenge/XxeChallenge1.java

@@ -20,9 +20,9 @@
 import org.apache.commons.io.FileUtils;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
-import org.json.simple.JSONObject;
-import org.json.simple.parser.JSONParser;
-import org.json.simple.parser.ParseException;
+import org.json.JSONException;
+import org.json.JSONObject;
+import org.json.JSONTokener;
 import org.owasp.encoder.Encode;
 import utils.ShepherdLogManager;
 import utils.Validate;
@@ -129,21 +129,16 @@ public void doPost(HttpServletRequest request, HttpServletResponse response)
   public static String readJson(InputStream jsonEmail, ResourceBundle errors) {
     String result;
 
-    JSONParser jsonParser = new JSONParser();
     JSONObject jsonObject;
     try {
       jsonObject =
-          (JSONObject) jsonParser.parse(new InputStreamReader(jsonEmail, StandardCharsets.UTF_8));
+          new JSONObject(new JSONTokener(new InputStreamReader(jsonEmail, StandardCharsets.UTF_8)));
       result = jsonObject.get("email").toString();
       return result;
-    } catch (IOException e) {
-      e.printStackTrace();
-    } catch (ParseException e) {
+    } catch (JSONException e) {
       e.printStackTrace();
       return errors.getString("error.funky");
     }
-
-    return null;
   }
 
   /** Creates the file with the solution key needed to pass the level */

src/test/java/dbProcs/GetterTest.java

@@ -12,9 +12,8 @@
 import java.util.ResourceBundle;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
-import org.json.simple.JSONArray;
-import org.json.simple.JSONObject;
-import org.json.simple.JSONValue;
+import org.json.JSONArray;
+import org.json.JSONObject;
 import org.junit.Before;
 import org.junit.BeforeClass;
 import org.junit.Ignore;
@@ -1575,9 +1574,9 @@ && verifyTestUser(applicationRoot, otherUserName, otherUserName, classId2)) {
             // Get Score board Data
             String scoreboardData = Getter.getJsonScore(applicationRoot, classId);
             // Take the JSON String and make it Java JSON friendly
-            JSONArray scoreboardJson = (JSONArray) JSONValue.parse(scoreboardData);
+            JSONArray scoreboardJson = new JSONArray(scoreboardData);
             // Loop through array to find Our user
-            for (int i = 0; i < scoreboardJson.size(); i++) {
+            for (int i = 0; i < scoreboardJson.length(); i++) {
               JSONObject scoreRowJson = (JSONObject) scoreboardJson.get(i);
               if (scoreRowJson.get("username").toString().compareTo(userName) == 0) {
                 pass = true;
@@ -1653,13 +1652,13 @@ && verifyTestUser(applicationRoot, otherUserName, otherUserName, classId)) {
             }
             log.debug("Got Scoreboard Data");
             // Take the JSON String and make it Java JSON friendly
-            JSONArray scoreboardJson = (JSONArray) JSONValue.parse(scoreboardData);
+            JSONArray scoreboardJson = new JSONArray(scoreboardData);
             log.debug("Parsed Scoreboard Data");
             if (scoreboardJson == null) {
               log.debug("scoreboardJson is Null. json was: " + scoreboardData);
             }
             // Loop through array to find Our user
-            for (int i = 0; i < scoreboardJson.size(); i++) {
+            for (int i = 0; i < scoreboardJson.length(); i++) {
               log.debug("Looping through Array " + i);
               JSONObject scoreRowJson = (JSONObject) scoreboardJson.get(i);
               if (scoreRowJson.get("username").toString().compareTo(userName) == 0) {
@@ -1744,9 +1743,9 @@ && verifyTestUser(applicationRoot, otherUserName, otherUserName, classId2)) {
             // Get Score board Data
             String scoreboardData = Getter.getJsonScore(applicationRoot, classId);
             // Take the JSON String and make it Java JSON friendly
-            JSONArray scoreboardJson = (JSONArray) JSONValue.parse(scoreboardData);
+            JSONArray scoreboardJson = new JSONArray(scoreboardData);
             // Loop through array to find Our user
-            for (int i = 0; i < scoreboardJson.size(); i++) {
+            for (int i = 0; i < scoreboardJson.length(); i++) {
               JSONObject scoreRowJson = (JSONObject) scoreboardJson.get(i);
               if (scoreRowJson.get("username").toString().compareTo(userName) == 0) {
                 pass = true;
@@ -1839,9 +1838,9 @@ && verifyTestUser(applicationRoot, otherUserName, otherUserName, classId2)) {
             // Get Score board Data
             String scoreboardData = Getter.getJsonScore(applicationRoot, classId);
             // Take the JSON String and make it Java JSON friendly
-            JSONArray scoreboardJson = (JSONArray) JSONValue.parse(scoreboardData);
+            JSONArray scoreboardJson = new JSONArray(scoreboardData);
             // Loop through array to find Our user
-            for (int i = 0; i < scoreboardJson.size(); i++) {
+            for (int i = 0; i < scoreboardJson.length(); i++) {
               JSONObject scoreRowJson = (JSONObject) scoreboardJson.get(i);
               if (scoreRowJson.get("username").toString().compareTo(userName) == 0) // Therefore not
               // encoded for HTML
@@ -2715,9 +2714,9 @@ && verifyTestUser(applicationRoot, otherUserName, otherUserName, classId2)) {
               } else {
                 log.debug("Going through JsonArray");
                 // Take the JSON String and make it Java JSON friendly
-                JSONArray jsonProgress = (JSONArray) JSONValue.parse(jsonProgressString);
+                JSONArray jsonProgress = new JSONArray(jsonProgressString);
                 // Loop through array to find Our user
-                for (int i = 0; i < jsonProgress.size(); i++) {
+                for (int i = 0; i < jsonProgress.length(); i++) {
                   JSONObject userProgress = (JSONObject) jsonProgress.get(i);
                   if (userProgress.get("userName").toString().compareTo(userName) == 0) {
                     int progressBar = Integer.parseInt(userProgress.get("progressBar").toString());