From 6fab4f10e2c2c17cc7d8b9c4c7c28b9551be6afa Mon Sep 17 00:00:00 2001
From: GodCipher <luziferisdoof@gmail.com>
Date: Wed, 29 May 2024 18:38:00 +0200
Subject: [PATCH] Not sure what i did there

---
 .../java/dev/luzifer/PaladinsWebservice.java  | 31 -------------------
 .../spring/config/ApiKeyAuthFilter.java       | 13 ++++----
 .../config/ApiKeyAuthenticationProvider.java  |  8 +----
 .../config/ApiKeyAuthenticationToken.java     |  6 ----
 .../spring/config/WebSecurityConfig.java      |  2 +-
 5 files changed, 8 insertions(+), 52 deletions(-)

diff --git a/paladins-webservice/src/main/java/dev/luzifer/PaladinsWebservice.java b/paladins-webservice/src/main/java/dev/luzifer/PaladinsWebservice.java
index e7dd688..376ccfa 100644
--- a/paladins-webservice/src/main/java/dev/luzifer/PaladinsWebservice.java
+++ b/paladins-webservice/src/main/java/dev/luzifer/PaladinsWebservice.java
@@ -6,8 +6,6 @@
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.nio.file.StandardCopyOption;
-import java.util.Optional;
-import java.util.Properties;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.SpringApplication;
 
@@ -18,23 +16,8 @@ public class PaladinsWebservice {
   private static final Path CONFIG_FILE_PATH =
       Paths.get(System.getProperty("user.dir"), CONFIG_FILE_NAME);
 
-  private static final String API_KEY;
-
   static {
     ensureFileExists(CONFIG_FILE_PATH, CONFIG_FILE_NAME);
-
-    API_KEY =
-        loadApiKeyFromProperties(CONFIG_FILE_PATH)
-            .orElseThrow(
-                () -> {
-                  log.error(
-                      "API key is missing in application.properties file at {}", CONFIG_FILE_PATH);
-                  log.error(
-                      "Please add/change the API key in the file and restart the application");
-                  return new IllegalStateException("API key is missing");
-                });
-
-    log.info("API key {} loaded successfully", API_KEY);
   }
 
   private static void ensureFileExists(Path filePath, String fileName) {
@@ -60,21 +43,7 @@ private static void fillFileFromResources(Path filePath, String resourceName) {
     }
   }
 
-  private static Optional<String> loadApiKeyFromProperties(Path filePath) {
-    Properties properties = new Properties();
-    try {
-      properties.load(Files.newInputStream(filePath));
-    } catch (IOException e) {
-      log.error("Failed to load {} file at {}", CONFIG_FILE_NAME, filePath, e);
-    }
-    return Optional.ofNullable(properties.getProperty("api.key"));
-  }
-
   public static void main(String[] args) {
     SpringApplication.run(PaladinsApplication.class, args);
   }
-
-  public static String getApiKey() {
-    return API_KEY;
-  }
 }
diff --git a/paladins-webservice/src/main/java/dev/luzifer/spring/config/ApiKeyAuthFilter.java b/paladins-webservice/src/main/java/dev/luzifer/spring/config/ApiKeyAuthFilter.java
index bc7b935..7c09a01 100644
--- a/paladins-webservice/src/main/java/dev/luzifer/spring/config/ApiKeyAuthFilter.java
+++ b/paladins-webservice/src/main/java/dev/luzifer/spring/config/ApiKeyAuthFilter.java
@@ -1,9 +1,9 @@
 package dev.luzifer.spring.config;
 
-import dev.luzifer.PaladinsWebservice;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
@@ -24,12 +24,11 @@ public ApiKeyAuthFilter(String headerName, AuthenticationManager authenticationM
   public Authentication attemptAuthentication(
       HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
     String apiKey = request.getHeader(headerName);
-    if (apiKey == null) {
-      apiKey = PaladinsWebservice.getApiKey();
+    apiKey = apiKey == null ? null : apiKey.trim();
+    if (apiKey == null || apiKey.isEmpty()) {
+      throw new BadCredentialsException("API Key not found in request header");
     }
-    apiKey = apiKey.trim();
-    UsernamePasswordAuthenticationToken authRequest =
-        new UsernamePasswordAuthenticationToken(apiKey, null);
-    return getAuthenticationManager().authenticate(authRequest);
+    return getAuthenticationManager()
+        .authenticate(new UsernamePasswordAuthenticationToken(apiKey, null));
   }
 }
diff --git a/paladins-webservice/src/main/java/dev/luzifer/spring/config/ApiKeyAuthenticationProvider.java b/paladins-webservice/src/main/java/dev/luzifer/spring/config/ApiKeyAuthenticationProvider.java
index a358d0c..c739224 100644
--- a/paladins-webservice/src/main/java/dev/luzifer/spring/config/ApiKeyAuthenticationProvider.java
+++ b/paladins-webservice/src/main/java/dev/luzifer/spring/config/ApiKeyAuthenticationProvider.java
@@ -19,16 +19,10 @@ public ApiKeyAuthenticationProvider(String apiKey) {
   public Authentication authenticate(Authentication authentication) throws AuthenticationException {
     ApiKeyAuthenticationToken authenticationToken = (ApiKeyAuthenticationToken) authentication;
 
-    log.info(
-        "Authenticating API key {} against actual API key {}",
-        authenticationToken.getCredentials(),
-        apiKey);
     if (authenticationToken.getCredentials() instanceof String credentials) {
       if (apiKey.equals(credentials)) {
-        log.info("API key {} authenticated successfully", apiKey);
-        return new ApiKeyAuthenticationToken(apiKey, apiKey);
+        return new ApiKeyAuthenticationToken(apiKey);
       }
-      log.info("API key {} was not the expected value", credentials);
     }
 
     throw new BadCredentialsException("The API key was not found or not the expected value.");
diff --git a/paladins-webservice/src/main/java/dev/luzifer/spring/config/ApiKeyAuthenticationToken.java b/paladins-webservice/src/main/java/dev/luzifer/spring/config/ApiKeyAuthenticationToken.java
index d308a56..63f29c6 100644
--- a/paladins-webservice/src/main/java/dev/luzifer/spring/config/ApiKeyAuthenticationToken.java
+++ b/paladins-webservice/src/main/java/dev/luzifer/spring/config/ApiKeyAuthenticationToken.java
@@ -12,12 +12,6 @@ public ApiKeyAuthenticationToken(String apiKey) {
     setAuthenticated(false);
   }
 
-  public ApiKeyAuthenticationToken(String apiKey, String principal) {
-    super(null);
-    this.apiKey = apiKey;
-    setAuthenticated(true);
-  }
-
   @Override
   public Object getCredentials() {
     return apiKey;
diff --git a/paladins-webservice/src/main/java/dev/luzifer/spring/config/WebSecurityConfig.java b/paladins-webservice/src/main/java/dev/luzifer/spring/config/WebSecurityConfig.java
index 766976b..7fdac4d 100644
--- a/paladins-webservice/src/main/java/dev/luzifer/spring/config/WebSecurityConfig.java
+++ b/paladins-webservice/src/main/java/dev/luzifer/spring/config/WebSecurityConfig.java
@@ -46,7 +46,7 @@ public AuthenticationManager authenticationManager(
   }
 
   @Autowired
-  public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+  public void configureGlobal(AuthenticationManagerBuilder auth) {
     auth.authenticationProvider(new ApiKeyAuthenticationProvider(apiKey));
   }
 }