From 34e10777d7065ffc76d018f032e70e7cb96451fa Mon Sep 17 00:00:00 2001
From: StrongestNumber9 <16169054+StrongestNumber9@users.noreply.github.com>
Date: Thu, 4 Apr 2024 11:11:10 +0300
Subject: [PATCH] Fixes token requirement logic

---
 etc/config.properties                         |  2 +-
 src/main/java/com/teragrep/lsh_01/Main.java   |  1 +
 .../com/teragrep/lsh_01/MessageProcessor.java | 25 +++++++++++--------
 3 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/etc/config.properties b/etc/config.properties
index 24a698f2..423dd1b3 100644
--- a/etc/config.properties
+++ b/etc/config.properties
@@ -11,4 +11,4 @@ relp.appName=lsh_01
 relp.hostname=localhost
 
 security.tokenRequired=true
-security.token=SomeSecretToken
\ No newline at end of file
+security.token=SomeSecretToken
diff --git a/src/main/java/com/teragrep/lsh_01/Main.java b/src/main/java/com/teragrep/lsh_01/Main.java
index 5a8c20c9..745f5b2f 100644
--- a/src/main/java/com/teragrep/lsh_01/Main.java
+++ b/src/main/java/com/teragrep/lsh_01/Main.java
@@ -44,6 +44,7 @@ public static void main(String[] args) {
         }
         LOGGER.info("Got server config: <[{}]>", nettyConfig);
         LOGGER.info("Got relp config: <[{}]>", relpConfig);
+        LOGGER.info("Requires token: <[{}]>", securityConfig.tokenRequired);
         RelpConversion relpConversion = new RelpConversion(relpConfig, securityConfig);
         try (NettyHttpServer server = new NettyHttpServer(nettyConfig, relpConversion, null, 200)) {
             server.run();
diff --git a/src/main/java/com/teragrep/lsh_01/MessageProcessor.java b/src/main/java/com/teragrep/lsh_01/MessageProcessor.java
index 49c7a491..56270501 100644
--- a/src/main/java/com/teragrep/lsh_01/MessageProcessor.java
+++ b/src/main/java/com/teragrep/lsh_01/MessageProcessor.java
@@ -79,20 +79,25 @@ public void onRejection() {
     public void run() {
         try {
             final HttpResponse response;
-            if (messageHandler.requiresToken() && !req.headers().contains(HttpHeaderNames.AUTHORIZATION)) {
-                LOGGER.debug("Required authorization not provided; requesting authentication.");
-                response = generateAuthenticationRequestResponse();
+            if (!messageHandler.requiresToken()) {
+                response = processMessage();
             }
             else {
-                final String token = req.headers().get(HttpHeaderNames.AUTHORIZATION);
-                req.headers().remove(HttpHeaderNames.AUTHORIZATION);
-                if (messageHandler.validatesToken(token)) {
-                    LOGGER.debug("Valid authorization; processing request.");
-                    response = processMessage();
+                if (!req.headers().contains(HttpHeaderNames.AUTHORIZATION)) {
+                    LOGGER.debug("Required authorization not provided; requesting authentication.");
+                    response = generateAuthenticationRequestResponse();
                 }
                 else {
-                    LOGGER.debug("Invalid authorization; rejecting request.");
-                    response = generateFailedResponse(HttpResponseStatus.UNAUTHORIZED);
+                    final String token = req.headers().get(HttpHeaderNames.AUTHORIZATION);
+                    req.headers().remove(HttpHeaderNames.AUTHORIZATION);
+                    if (messageHandler.validatesToken(token)) {
+                        LOGGER.debug("Valid authorization; processing request.");
+                        response = processMessage();
+                    }
+                    else {
+                        LOGGER.debug("Invalid authorization; rejecting request.");
+                        response = generateFailedResponse(HttpResponseStatus.UNAUTHORIZED);
+                    }
                 }
             }
             ctx.writeAndFlush(response);