Skip to content

Commit 5ddd64f

Browse files
committed
fix(internal): Use HTTP status constants and record pattern in SecurityFilter
1 parent 4553f99 commit 5ddd64f

1 file changed

Lines changed: 6 additions & 7 deletions

File tree

src/main/java/com/retailsvc/http/internal/SecurityFilter.java

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,8 @@
11
package com.retailsvc.http.internal;
22

3+
import static java.net.HttpURLConnection.HTTP_FORBIDDEN;
4+
import static java.net.HttpURLConnection.HTTP_UNAUTHORIZED;
5+
36
import com.retailsvc.http.Request;
47
import com.retailsvc.http.SchemeValidator;
58
import com.retailsvc.http.spec.Operation;
@@ -109,7 +112,7 @@ private GroupOutcome tryGroup(SecurityRequirement group, HttpExchange exchange,
109112
private void renderRejection(HttpExchange exchange, List<GroupOutcome.Failed> failures)
110113
throws IOException {
111114
boolean anyDenied = failures.stream().anyMatch(f -> f.kind() == FailureKind.DENIED);
112-
int status = anyDenied ? 403 : 401;
115+
int status = anyDenied ? HTTP_FORBIDDEN : HTTP_UNAUTHORIZED;
113116
String title = anyDenied ? "Forbidden" : "Unauthorized";
114117

115118
GroupOutcome.Failed pick =
@@ -146,12 +149,8 @@ private String challengeFor(String schemeName) {
146149
return switch (scheme) {
147150
case SecurityScheme.HttpBearer _ -> "Bearer realm=\"api\"";
148151
case SecurityScheme.HttpBasic _ -> "Basic realm=\"api\"";
149-
case SecurityScheme.ApiKey ak ->
150-
"ApiKey location="
151-
+ ak.location().name().toLowerCase(Locale.ROOT)
152-
+ ", name=\""
153-
+ ak.name()
154-
+ "\"";
152+
case SecurityScheme.ApiKey(String name, SecurityScheme.ApiKey.Location location) ->
153+
"ApiKey location=" + location.name().toLowerCase(Locale.ROOT) + ", name=\"" + name + "\"";
155154
case SecurityScheme.Unsupported _ ->
156155
throw new IllegalStateException(
157156
"Unsupported scheme reached challenge rendering for '" + schemeName + "'");

0 commit comments

Comments
 (0)