Improve shop rate limiting & add better errors

Author: Veyronity

src/main/java/net/earthmc/emcapi/endpoint/ShopEndpoint.java

@@ -4,6 +4,9 @@
 import com.google.gson.JsonElement;
 import com.google.gson.JsonObject;
 import io.javalin.http.BadRequestResponse;
+import io.javalin.http.ForbiddenResponse;
+import io.javalin.http.TooManyRequestsResponse;
+import io.javalin.http.UnauthorizedResponse;
 import net.earthmc.emcapi.EMCAPI;
 import net.earthmc.emcapi.integration.QuickShopIntegration;
 import net.earthmc.emcapi.manager.KeyManager;
@@ -46,11 +49,23 @@ public List<Shop> getObjectOrNull(JsonElement element, @Nullable String key) {
         try {
             player = UUID.fromString(string);
         } catch (IllegalArgumentException ignored) {
-            return null;
+            throw new BadRequestResponse("Your query contains an invalid UUID");
         }
 
         integration.throwIfDisabled();
-        return integration.getPlayerShops(player, key);
+        UUID keyOwner = KeyManager.getKeyOwner(key);
+        if (keyOwner == null) {
+            throw new UnauthorizedResponse("Could not find an owner for this API key");
+        }
+        if (!player.equals(KeyManager.getKeyOwner(key))) {
+            throw new ForbiddenResponse("This API key is not owned by the player queried");
+        }
+        Long next = LAST_QUERY_MAP.containsKey(keyOwner) ? LAST_QUERY_MAP.get(keyOwner) + COOLDOWN_SECONDS : null;
+        Long now = Instant.now().getEpochSecond();
+        if (next != null && next > now) { // Rate limiting should happen before even querying the shops, not before formatting the data
+            throw new TooManyRequestsResponse("Too Many Requests. Try again in " + (next - now) + " seconds");
+        }
+        return integration.getPlayerShops(player);
     }
 
     @Override
@@ -59,16 +74,12 @@ public JsonElement getJsonElement(List<Shop> object, @Nullable String key) {
         int counter = 0;
         UUID keyOwner = KeyManager.getKeyOwner(key);
         if (keyOwner == null) {
-            return null;
-        }
-        if (LAST_QUERY_MAP.containsKey(keyOwner) && LAST_QUERY_MAP.get(keyOwner) > Instant.now().getEpochSecond() - COOLDOWN_SECONDS) {
-            return null;
+            throw new UnauthorizedResponse("Could not find an owner for this API key");
         }
         if (object.isEmpty()) {
             return null;
-        } else {
-            LAST_QUERY_MAP.put(keyOwner, Instant.now().getEpochSecond());
         }
+        LAST_QUERY_MAP.put(keyOwner, Instant.now().getEpochSecond()); // Mark as a successful query if at least 1 shop was loaded
 
         final List<CompletableFuture<Void>> shopFutures = new ArrayList<>();
 

src/main/java/net/earthmc/emcapi/integration/QuickShopIntegration.java

@@ -2,7 +2,6 @@
 
 import com.ghostchu.quickshop.api.QuickShopAPI;
 import com.ghostchu.quickshop.api.shop.Shop;
-import net.earthmc.emcapi.manager.KeyManager;
 
 import java.util.List;
 import java.util.UUID;
@@ -13,13 +12,7 @@ public QuickShopIntegration() {
         super("QuickShop-Hikari");
     }
 
-    public List<Shop> getPlayerShops(UUID player, String key) {
-        if (!isEnabled()) {
-            return List.of();
-        }
-        if (!player.equals(KeyManager.getKeyOwner(key))) {
-            return List.of();
-        }
+    public List<Shop> getPlayerShops(UUID player) {
         return QuickShopAPI.getInstance().getShopManager().getAllShops(player);
     }
 }