diff --git a/build.gradle.kts b/build.gradle.kts index e7db64d2..868342f1 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -152,17 +152,17 @@ val springWebVersion = "6.1.4" val springBootVersion = "3.2.5" // Implementation -val swaggerParserVersion = "2.1.16" +val swaggerParserVersion = "2.1.22" val hashidsVersion = "1.0.3" val springOauthAutoConfigureVersion = "2.6.8" val springSecurityJwtVersion = "1.1.1.RELEASE" -val springDocVersion = "2.2.0" +val springDocVersion = "2.5.0" val springOauthVersion = "6.2.2" val servletApiVersion = "6.0.0" val oktaSpringBootVersion = "3.0.5" val tikaVersion = "2.9.1" val kubernetesClientVersion = "19.0.0" -val redisOMVersion = "0.9.0" +val redisOMVersion = "0.9.1" val kotlinCoroutinesCoreVersion = "1.7.3" // Checks diff --git a/src/main/kotlin/com/cosmotech/api/security/filters/ApiKeyAuthenticationFilter.kt b/src/main/kotlin/com/cosmotech/api/security/filters/ApiKeyAuthenticationFilter.kt index 5cd06807..c3fd6192 100644 --- a/src/main/kotlin/com/cosmotech/api/security/filters/ApiKeyAuthenticationFilter.kt +++ b/src/main/kotlin/com/cosmotech/api/security/filters/ApiKeyAuthenticationFilter.kt @@ -24,7 +24,6 @@ class ApiKeyAuthenticationFilter(val csmPlatformProperties: CsmPlatformPropertie ) { logger.trace("API-Key filter starts") val allowedApiKeyConsumers = csmPlatformProperties.authorization.allowedApiKeyConsumers - if (allowedApiKeyConsumers.isEmpty()) chain.doFilter(request, response) val matchingApiKeyConsumer = allowedApiKeyConsumers.firstOrNull { apiKeyConsumer -> @@ -86,8 +85,12 @@ class ApiKeyAuthenticationFilter(val csmPlatformProperties: CsmPlatformPropertie true } else { val requestUriSplitted = requestUri.split(securedUriSplitted[0]) - val uriSuffix = securedUriSplitted[0] + requestUriSplitted[1] - securedUri.toRegex().matches(uriSuffix) + if (requestUriSplitted.size < 2) { + false + } else { + val uriSuffix = securedUriSplitted[0] + requestUriSplitted[1] + securedUri.toRegex().matches(uriSuffix) + } } }