Request body validation

This commit is contained in:
Braydon 2023-05-31 02:19:48 -04:00
parent 3412668ec1
commit f1e3570546

View File

@ -1,5 +1,6 @@
package me.braydon.license.controller; package me.braydon.license.controller;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject; import com.google.gson.JsonObject;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import lombok.NonNull; import lombok.NonNull;
@ -8,6 +9,7 @@ import me.braydon.license.exception.APIException;
import me.braydon.license.model.License; import me.braydon.license.model.License;
import me.braydon.license.service.LicenseService; import me.braydon.license.service.LicenseService;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
@ -45,11 +47,21 @@ public final class LicenseController {
String ip = request.getRemoteAddr(); // The IP of the requester String ip = request.getRemoteAddr(); // The IP of the requester
JsonObject jsonObject = LicenseServer.GSON.fromJson(body, JsonObject.class); JsonObject jsonObject = LicenseServer.GSON.fromJson(body, JsonObject.class);
String key = jsonObject.get("key").getAsString(); // Get the key JsonElement key = jsonObject.get("key"); // Get the key
String product = jsonObject.get("product").getAsString(); // Get the product JsonElement product = jsonObject.get("product"); // Get the product
String hwid = jsonObject.get("hwid").getAsString(); // Get the hwid JsonElement hwid = jsonObject.get("hwid"); // Get the hwid
service.check(key, product, ip, hwid); // Check the license // Ensure the body keys aren't null
if (key.isJsonNull() || product.isJsonNull() || hwid.isJsonNull()) {
throw new APIException(HttpStatus.BAD_REQUEST, "Invalid request body");
}
// Check the license
service.check(
key.getAsString(),
product.getAsString(),
ip,
hwid.getAsString()
);
return ResponseEntity.ok().build(); // Return OK return ResponseEntity.ok().build(); // Return OK
} catch (APIException ex) { // Handle the exception } catch (APIException ex) { // Handle the exception
return ResponseEntity.status(ex.getStatus()) return ResponseEntity.status(ex.getStatus())