Skip to content

Commit

Permalink
Added Config Options to disable Endpoint Categories, Swagger and spec…
Browse files Browse the repository at this point in the history
…ific Paths (#214)

* Added Config Options to disable Endpoint Categories, Swagger and specific Paths

* Switched to Regex based URL matching
  • Loading branch information
Velyn-N authored May 29, 2023
1 parent 86898ac commit 75ba6e7
Show file tree
Hide file tree
Showing 2 changed files with 41 additions and 11 deletions.
41 changes: 30 additions & 11 deletions src/main/java/io/servertap/PluginEntrypoint.java
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@

import io.javalin.Javalin;
import io.javalin.community.ssl.SSLPlugin;
import io.javalin.openapi.OpenApiContact;
import io.javalin.openapi.plugin.OpenApiPlugin;
import io.javalin.openapi.plugin.OpenApiPluginConfiguration;
import io.javalin.openapi.plugin.swagger.SwaggerConfiguration;
Expand All @@ -21,18 +20,15 @@
import org.bukkit.plugin.PluginDescriptionFile;
import org.bukkit.plugin.java.JavaPlugin;
import org.bukkit.plugin.java.JavaPluginLoader;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.jetbrains.annotations.NotNull;

import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.regex.Pattern;
import java.util.stream.Collectors;

import static io.javalin.apibuilder.ApiBuilder.*;

Expand All @@ -42,6 +38,7 @@ public class PluginEntrypoint extends JavaPlugin {
private static final java.util.logging.Logger log = Bukkit.getLogger();
private EconomyWrapper economyWrapper;
private static Javalin app = null;
private List<Pattern> blockedPathRegexPatterns;

public static final String SERVERTAP_KEY_HEADER = "key";
public static final String SERVERTAP_KEY_COOKIE = "x-servertap-key";
Expand Down Expand Up @@ -87,6 +84,19 @@ public void onEnable() {
}
}

// Convert blocked paths to regex patterns for faster matching
blockedPathRegexPatterns = bukkitConfig.getStringList("blocked-paths").stream()
// Replace Placeholders with regex patterns
.map(path -> path
// Replace Config wildcards (*) with a Regex Wildcard
.replace("*", ".*")
// Replace {placeholders} with Not-A-Slash Regex
.replaceAll("\\{.*}", "[^/]*")
// Escape all / characters for Regex
.replace("/", "\\/"))
.map(Pattern::compile)
.collect(Collectors.toList());

maxConsoleBufferSize = bukkitConfig.getInt("websocketConsoleBuffer");
rootLogger.addFilter(new ConsoleListener(this));
Bukkit.getScheduler().runTaskTimer(this, new Lag(), 100, 1);
Expand Down Expand Up @@ -150,6 +160,12 @@ public void onEnable() {
config.accessManager((handler, ctx, permittedRoles) -> {
String path = ctx.req().getPathInfo();

// If the path is blocked, return 403
if (blockedPathRegexPatterns.stream().anyMatch(pattern -> pattern.matcher(path).matches())) {
ctx.status(403).result("Forbidden");
return;
}

// If auth is not enabled just serve it all
if (!this.authEnabled) {
handler.handle(ctx);
Expand Down Expand Up @@ -189,11 +205,13 @@ public void onEnable() {
ctx.status(401).result("Unauthorized key, reference the key existing in config.yml");
});

config.plugins.register(new OpenApiPlugin(getOpenApiConfig()));
if (!bukkitConfig.getBoolean("disable-swagger", false)) {
config.plugins.register(new OpenApiPlugin(getOpenApiConfig()));

SwaggerConfiguration swaggerConfiguration = new SwaggerConfiguration();
swaggerConfiguration.setDocumentationPath("/swagger-docs");
config.plugins.register(new SwaggerPlugin(swaggerConfiguration));
SwaggerConfiguration swaggerConfiguration = new SwaggerConfiguration();
swaggerConfiguration.setDocumentationPath("/swagger-docs");
config.plugins.register(new SwaggerPlugin(swaggerConfiguration));
}
});
}

Expand All @@ -219,12 +237,14 @@ public void onEnable() {
get("server/whitelist", ServerApi::whitelistGet);
post("server/whitelist", ServerApi::whitelistPost);
delete("server/whitelist", ServerApi::whitelistDelete);

get("worlds", WorldApi::worldsGet);
post("worlds/save", WorldApi::saveAllWorlds);
get("worlds/download", WorldApi::downloadWorlds);
get("worlds/{uuid}", WorldApi::worldGet);
post("worlds/{uuid}/save", WorldApi::saveWorld);
get("worlds/{uuid}/download", WorldApi::downloadWorld);

get("scoreboard", ServerApi::scoreboardGet);
get("scoreboard/{name}", ServerApi::objectiveGet);

Expand Down Expand Up @@ -281,5 +301,4 @@ private OpenApiPluginConfiguration getOpenApiConfig() {
openApiInfo.setDescription(this.getDescription().getDescription());
}));
}

}
11 changes: 11 additions & 0 deletions src/main/resources/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,3 +33,14 @@ corsOrigins:
# Number of console log lines to send when websocket connections are opened
# Set to 0 to effectively disable this
websocketConsoleBuffer: 1000

# If you do not wish to show the swagger UI you can disable it here
disable-swagger: false

# Use this feature to configure paths that will be blocked.
# You can use * as wildcard placeholders to match anything you like.
# The placeholders from Swagger UI like {uuid} are handled the same way as a *.
blocked-paths:
# - /v1/ping
# - /v1/players/{uuid}
# - /v1/server/*

0 comments on commit 75ba6e7

Please sign in to comment.