From 6abf56969c8c036253dc411d356bb7a2b036ac24 Mon Sep 17 00:00:00 2001
From: kubo <jsodpad@gmail.com>
Date: Mon, 27 Nov 2023 23:54:46 +0100
Subject: [PATCH] Closes #793 Allow API access to Elide for services without
 user authentication

---
 .github/workflows/build.yaml                    |  2 +-
 build.gradle                                    |  4 ++--
 gradle/wrapper/gradle-wrapper.properties        |  2 +-
 .../faforever/api/security/AuditService.java    | 14 +++++---------
 .../security/FafAuthenticationConverter.java    | 17 ++++++-----------
 5 files changed, 15 insertions(+), 24 deletions(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 7606740c5..0e742b94c 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -3,7 +3,7 @@ on: [ push, pull_request ]
 jobs:
   test:
     runs-on: ubuntu-latest
-    container: eclipse-temurin:17-jdk
+    container: eclipse-temurin:21-jdk
     steps:
       - name: Get the version
         id: get_version
diff --git a/build.gradle b/build.gradle
index f4e456726..20c20fd62 100644
--- a/build.gradle
+++ b/build.gradle
@@ -99,8 +99,8 @@ tasks.withType(Test) {
 
 group = 'faforever'
 
-sourceCompatibility = 17
-targetCompatibility = 17
+sourceCompatibility = 21
+targetCompatibility = 21
 
 bootJar.enabled = true
 jar.enabled = false
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index f398c33c4..79c16a1a9 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.6-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-rc-4-bin.zip
 networkTimeout=10000
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
diff --git a/src/main/java/com/faforever/api/security/AuditService.java b/src/main/java/com/faforever/api/security/AuditService.java
index e0524c8aa..f85a9f10b 100644
--- a/src/main/java/com/faforever/api/security/AuditService.java
+++ b/src/main/java/com/faforever/api/security/AuditService.java
@@ -17,18 +17,14 @@ public AuditService(UserSupplier userSupplier) {
 
   public void logMessage(String message) {
     final String extendedMessage = userSupplier.get()
-      .map(fafAuthenticationToken -> {
-        //move to switch pattern matching with java 21
-        if (fafAuthenticationToken instanceof FafUserAuthenticationToken fafUserAuthenticationToken) {
-          return MessageFormat.format("{0} [invoked by User ''{1}'' with id ''{2}'']",
+      .map(fafAuthenticationToken ->
+        switch (fafAuthenticationToken) {
+          case FafUserAuthenticationToken fafUserAuthenticationToken -> MessageFormat.format("{0} [invoked by User ''{1}'' with id ''{2}'']",
             message, fafUserAuthenticationToken.getUsername(), fafUserAuthenticationToken.getUserId());
-        } else if (fafAuthenticationToken instanceof FafServiceAuthenticationToken fafServiceAuthenticationToken) {
-          return MessageFormat.format("{0} [invoked by Service ''{1}'']",
+          case FafServiceAuthenticationToken fafServiceAuthenticationToken -> MessageFormat.format("{0} [invoked by Service ''{1}'']",
             message, fafServiceAuthenticationToken.getServiceName());
-        } else {
-          throw new RuntimeException();
         }
-      })
+      )
       .orElseGet(() -> MessageFormat.format("{0} [invoked by Annonymous user]", message));
     log.info(extendedMessage);
   }
diff --git a/src/main/java/com/faforever/api/security/FafAuthenticationConverter.java b/src/main/java/com/faforever/api/security/FafAuthenticationConverter.java
index 9ee0681ef..7e6973a48 100644
--- a/src/main/java/com/faforever/api/security/FafAuthenticationConverter.java
+++ b/src/main/java/com/faforever/api/security/FafAuthenticationConverter.java
@@ -6,6 +6,7 @@
 
 import java.util.List;
 import java.util.Map;
+import java.util.Optional;
 
 /**
  * Jwt converter that reads scopes + custom FAF roles from the token extension.
@@ -18,24 +19,18 @@ public AbstractAuthenticationToken convert(Jwt source) {
     List<FafRole> roles = extractRoles(source);
 
     String subject = extractSubject(source);
-
-    try {
-      int userId = Integer.parseInt(subject);
-      String username = extractUsername(source);
-      return new FafUserAuthenticationToken(userId, username, scopes, roles);
-    } catch (NumberFormatException e) {
-      return new FafServiceAuthenticationToken(subject, scopes);
-    }
+    return extractUsername(source)
+      .<FafAuthenticationToken>map(username -> new FafUserAuthenticationToken(Integer.parseInt(subject), username, scopes, roles))
+      .orElseGet(() -> new FafServiceAuthenticationToken(subject, scopes));
   }
 
   private String extractSubject(Jwt source) {
     return source.getSubject();
   }
 
-  private String extractUsername(Jwt source) {
+  private Optional<String> extractUsername(Jwt source) {
     Map<String, Object> ext = source.getClaim("ext");
-    String username = (String) ext.getOrDefault("username", "[undefined]");
-    return username;
+    return Optional.ofNullable((String) ext.get("username"));
   }
 
   private List<FafScope> extractScopes(Jwt source) {