From 1899a39ef68aaf7f535e3caf1945ef94412a8d30 Mon Sep 17 00:00:00 2001
From: Mustafa Baser <mbaser@mail.com>
Date: Fri, 29 Apr 2022 17:40:39 +0300
Subject: [PATCH] fix:  Security Hotspot

---
 jans-linux-setup/jans_setup/install.py                |  8 ++++----
 .../jans_setup/setup_app/installers/fido.py           |  4 +++-
 .../jans_setup/setup_app/utils/setup_utils.py         | 11 ++++++-----
 3 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/jans-linux-setup/jans_setup/install.py b/jans-linux-setup/jans_setup/install.py
index 71d1ef3f6ec..935fd400ac5 100755
--- a/jans-linux-setup/jans_setup/install.py
+++ b/jans-linux-setup/jans_setup/install.py
@@ -130,11 +130,11 @@ def extract_setup():
     jans_zip = zipfile.ZipFile(jans_zip_file)
     parent_dir = jans_zip.filelist[0].orig_filename
 
-    with tempfile.TemporaryDirectory() as tmp_dir:
-        jans_zip.extractall(tmp_dir)
-        shutil.copytree(os.path.join(tmp_dir, parent_dir, 'jans-linux-setup/jans_setup'), argsp.setup_dir)
-
+    tmp_dir = os.path.join(jans_app_dir, os.urandom(4).hex())
+    jans_zip.extractall(tmp_dir)
+    shutil.copytree(os.path.join(tmp_dir, parent_dir, 'jans-linux-setup/jans_setup'), argsp.setup_dir)
     jans_zip.close()
+    shutil.rmtree(tmp_dir)
 
     target_setup = os.path.join(argsp.setup_dir, 'setup.py')
     if not os.path.exists(target_setup):
diff --git a/jans-linux-setup/jans_setup/setup_app/installers/fido.py b/jans-linux-setup/jans_setup/setup_app/installers/fido.py
index 0d599654abe..bd264e60528 100644
--- a/jans-linux-setup/jans_setup/setup_app/installers/fido.py
+++ b/jans-linux-setup/jans_setup/setup_app/installers/fido.py
@@ -75,9 +75,11 @@ def copy_static(self):
             )
 
         #copy fido2 server metadata
+        target = os.path.join(self.fido2ConfigFolder, 'server_metadata')
         self.copyTree(
             os.path.join(Config.install_dir, 'static/fido2/server_metadata'),
-            os.path.join(self.fido2ConfigFolder, 'server_metadata')
+            os.path.join(self.fido2ConfigFolder, 'server_metadata'),
+            except_list=['.dontdelete']
             )
 
         # copy Apple_WebAuthn_Root_CA
diff --git a/jans-linux-setup/jans_setup/setup_app/utils/setup_utils.py b/jans-linux-setup/jans_setup/setup_app/utils/setup_utils.py
index f3ce3b7c541..3fdb0eb8ea4 100644
--- a/jans-linux-setup/jans_setup/setup_app/utils/setup_utils.py
+++ b/jans-linux-setup/jans_setup/setup_app/utils/setup_utils.py
@@ -246,12 +246,14 @@ def copyFile(self, inFile, destFolder, backup=True):
         except:
             self.logIt("Error copying %s to %s" % (inFile, destFolder), True)
 
-    def copyTree(self, src, dst, overwrite=False):
+    def copyTree(self, src, dst, overwrite=False, except_list=[]):
         try:
             if not os.path.exists(dst):
                 os.makedirs(dst)
 
             for item in os.listdir(src):
+                if item in except_list:
+                    continue
                 s = os.path.join(src, item)
                 d = os.path.join(dst, item)
                 if os.path.isdir(s):
@@ -263,13 +265,12 @@ def copyTree(self, src, dst, overwrite=False):
                     if not os.path.exists(d) or os.stat(s).st_mtime - os.stat(d).st_mtime > 1:
                         with open(s, 'rb') as fi:
                             cur_content = fi.read()
-                        self.backupFile(s, d, cur_content=cur_content)    
+                        self.backupFile(s, d, cur_content=cur_content)
                         shutil.copy2(s, d)
-                        
 
             self.logIt("Copied tree %s to %s" % (src, dst))
-        except:
-            self.logIt("Error copying tree %s to %s" % (src, dst), True)
+        except Exception as e:
+            self.logIt("Error copying tree {} to {}: {}".format(src, dst, e), True)
 
     def createDirs(self, name):
         try: