Check for verification token in kofi endpoint

Author: rainbowdashlabs

build.gradle.kts

@@ -26,7 +26,6 @@ dependencies {
 
     // Download api
     implementation("de.chojo", "nexus-api-wrapper", "1.0.5")
-    implementation("com.fasterxml.jackson.datatype:jackson-datatype-jsr310:*")
 
     // Mailing
     implementation("org.eclipse.angus", "angus-mail", "2.0.2")

src/main/java/de/chojo/lyna/api/v1/V1.java

@@ -1,9 +1,11 @@
 package de.chojo.lyna.api.v1;
 
+import de.chojo.jdautil.configuratino.Configuration;
 import de.chojo.lyna.api.Api;
 import de.chojo.lyna.api.v1.download.Download;
 import de.chojo.lyna.api.v1.kofi.KoFiApi;
 import de.chojo.lyna.api.v1.update.Update;
+import de.chojo.lyna.configuration.ConfigFile;
 import de.chojo.lyna.data.access.KoFiProducts;
 import de.chojo.lyna.data.access.Products;
 import de.chojo.lyna.mail.MailingService;
@@ -14,12 +16,10 @@ public class V1 {
     private final Download download;
     private final Update update;
     private final Api api;
-    private final KoFiProducts koFiProducts;
     private final KoFiApi kofi;
 
     public V1(Api api, Products products, MailingService mailingService, KoFiProducts koFiProducts) {
         this.api = api;
-        this.koFiProducts = koFiProducts;
         download = new Download(this);
         update = new Update(this, products);
         kofi = new KoFiApi(this, koFiProducts, mailingService);
@@ -40,4 +40,8 @@ public Api api() {
     public Download download() {
         return download;
     }
+
+    public Configuration<ConfigFile> configuration() {
+        return api.configuration();
+    }
 }

src/main/java/de/chojo/lyna/api/v1/kofi/KoFiApi.java

@@ -45,6 +45,10 @@ public void init() {
                 var results = Urls.splitQuery(ctx.body());
                 var json = results.get("data");
                 var post = mapper.readValue(json, KofiPost.class);
+                if (!post.verificationToken().equals(v1.configuration().config().kofi().verificationToken())) {
+                    ctx.status(HttpCode.FORBIDDEN);
+                    return;
+                }
                 if (post.type() == DataType.SHOP_ORDER) {
                     for (ShopItem shopItem : post.shopItems()) {
                         Optional<Product> optProduct = kofi.byCode(shopItem.directLinkCode());
@@ -55,7 +59,7 @@ public void init() {
                         if (optProductMail.isEmpty()) continue;
                         Mailing productMail = optProductMail.get();
                         Optional<License> license = product.createLicense("kofi:%s".formatted(post.email()));
-                        if(license.isEmpty()) continue;
+                        if (license.isEmpty()) continue;
                         var mail = MailCreator.createLicenseMessage(productMail, license.get().key(), post.from(), post.email());
                         mailing.sendMail(mail);
                     }

src/main/java/de/chojo/lyna/configuration/ConfigFile.java

@@ -3,6 +3,7 @@
 import de.chojo.lyna.configuration.elements.Api;
 import de.chojo.lyna.configuration.elements.BaseSettings;
 import de.chojo.lyna.configuration.elements.Database;
+import de.chojo.lyna.configuration.elements.Kofi;
 import de.chojo.lyna.configuration.elements.License;
 import de.chojo.lyna.configuration.elements.Links;
 import de.chojo.lyna.configuration.elements.Mailing;
@@ -17,6 +18,7 @@ public class ConfigFile {
     private Nexus nexus = new Nexus();
     private Api api = new Api();
     private Mailing mailing = new Mailing();
+    private Kofi kofi = new Kofi();
 
     public BaseSettings baseSettings() {
         return baseSettings;
@@ -44,4 +46,7 @@ public Api api() {
     public Mailing mailing() {
         return mailing;
     }
+    public Kofi kofi() {
+        return kofi;
+    }
 }

src/main/java/de/chojo/lyna/configuration/elements/Kofi.java

@@ -0,0 +1,11 @@
+package de.chojo.lyna.configuration.elements;
+
+import java.util.UUID;
+
+public class Kofi {
+    private UUID verificationToken = UUID.randomUUID();
+
+    public UUID verificationToken() {
+        return verificationToken;
+    }
+}