From 856af1f081160209deb19a0f574ab81ef2e5975a Mon Sep 17 00:00:00 2001 From: Camelia Dumitru <62257307+Camelia-Orcid@users.noreply.github.com> Date: Tue, 5 Nov 2024 11:48:50 +0000 Subject: [PATCH 1/2] Papi limit filter NPE when no Authorization header (#7122) * Fixes for papi limit filter and ML start * Added the exception, fixed formatting * Fixed the NPE when no authorization header in the request --- .../orcid/api/filters/ApiRateLimitFilter.java | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/orcid-pub-web/src/main/java/org/orcid/api/filters/ApiRateLimitFilter.java b/orcid-pub-web/src/main/java/org/orcid/api/filters/ApiRateLimitFilter.java index 54a911f8dd..2db61a53b1 100644 --- a/orcid-pub-web/src/main/java/org/orcid/api/filters/ApiRateLimitFilter.java +++ b/orcid-pub-web/src/main/java/org/orcid/api/filters/ApiRateLimitFilter.java @@ -101,15 +101,19 @@ protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServl throws ServletException, IOException { LOG.trace("ApiRateLimitFilter starts, rate limit is : " + enableRateLimiting); if (enableRateLimiting) { - String tokenValue = httpServletRequest.getHeader("Authorization").replaceAll("Bearer|bearer", "").trim(); - + String tokenValue = null; + if (httpServletRequest.getHeader("Authorization") != null) { + tokenValue = httpServletRequest.getHeader("Authorization").replaceAll("Bearer|bearer", "").trim(); + } String ipAddress = httpServletRequest.getRemoteAddr(); String clientId = null; - try { - clientId = orcidTokenStore.readClientId(tokenValue); - } catch (Exception ex) { - LOG.error("Exception when trying to get the client id from token value, ignoring and treating as anonymous client", ex); + if (tokenValue != null) { + try { + clientId = orcidTokenStore.readClientId(tokenValue); + } catch (Exception ex) { + LOG.error("Exception when trying to get the client id from token value, ignoring and treating as anonymous client", ex); + } } boolean isAnonymous = (clientId == null); LocalDate today = LocalDate.now(); From 690a53a08d2fc4100b4bb9bb1bcdc32103acb357 Mon Sep 17 00:00:00 2001 From: github actions Date: Tue, 5 Nov 2024 12:02:23 +0000 Subject: [PATCH 2/2] v2.67.9 changelog update --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c2f71063e0..171398cdad 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +## v2.67.9 - 2024-11-05 + +[Full Changelog](https://github.com/ORCID/ORCID-Source/compare/v2.67.8...v2.67.9) + ## v2.67.8 - 2024-11-04 [Full Changelog](https://github.com/ORCID/ORCID-Source/compare/v2.67.7...v2.67.8)