change valid endpoints to Enum types

src/scheduler/src/main/java/org/cloudfoundry/autoscaler/scheduler/conf/HealthServerConfiguration.java

@@ -8,6 +8,7 @@
 import lombok.AllArgsConstructor;
 import lombok.Data;
 import lombok.NoArgsConstructor;
+import org.cloudfoundry.autoscaler.scheduler.util.health.EndpointsEnum;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.stereotype.Component;
 import org.springframework.util.ObjectUtils;
@@ -23,17 +24,15 @@ public class HealthServerConfiguration {
   private Integer port;
   private Set<String> unprotectedEndpoints;
 
-  final Map<String, Boolean> validProtectedEndpoints =
-      Map.of(
-          "/health/prometheus", true,
-          "/health/liveness", true);
-
   @PostConstruct
   public void init() {
 
     validatePort();
     validateConfiguredEndpoints();
 
+    // We need the username and password in health configuration if and only if
+    // -  atleast one endpoints exists in the unprotectedEndpoints configuration
+    // -  and the unprotectedEndpoints is empty => all endpoints are protected
     boolean basicAuthEnabled =
         (unprotectedEndpoints != null || ObjectUtils.isEmpty(unprotectedEndpoints));
     if (basicAuthEnabled
@@ -62,7 +61,8 @@ private void validateConfiguredEndpoints() {
       return;
     }
     for (String unprotectedEndpoint : unprotectedEndpoints) {
-      if (!validProtectedEndpoints.containsKey(unprotectedEndpoint)) {
+
+      if (!EndpointsEnum.isValidEndpoint(unprotectedEndpoint)) {
         invalidEndpointsMap.put(unprotectedEndpoint, true);
       }
     }
@@ -72,7 +72,11 @@ private void validateConfiguredEndpoints() {
               + invalidEndpointsMap
               + "\n"
               + "validate endpoints are: "
-              + validProtectedEndpoints);
+              + EndpointsEnum.displayAllEndpointValues());
     }
   }
+
+  public boolean isUnprotectedByConfiguration(String requestURI) {
+    return this.getUnprotectedEndpoints().contains(requestURI);
+  }
 }

src/scheduler/src/main/java/org/cloudfoundry/autoscaler/scheduler/rest/BasicAuthenticationFilter.java

@@ -8,11 +8,11 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
-import java.util.Map;
 import java.util.Set;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.codec.binary.Base64;
 import org.cloudfoundry.autoscaler.scheduler.conf.HealthServerConfiguration;
+import org.cloudfoundry.autoscaler.scheduler.util.health.EndpointsEnum;
 import org.springframework.core.annotation.Order;
 import org.springframework.http.HttpHeaders;
 import org.springframework.stereotype.Component;
@@ -63,7 +63,8 @@ public void doFilter(
       // BasicAuthenticationFilterTest#denyHealthRequestWithWrongUnprotectedEndpoints()
       // Suggestion: THe following block should be part of HealthConfiguration.
       // Move this block to Health Configuration/Or adjust test
-      if (!healthConfigsExists()) {
+      if (!EndpointsEnum.configuredEndpointsExists(
+          healthServerConfiguration.getUnprotectedEndpoints())) {
         log.error("Health Configuration: Invalid endpoints defined");
         httpResponse.setHeader(HttpHeaders.WWW_AUTHENTICATE, WWW_AUTHENTICATE_VALUE);
         httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
@@ -81,19 +82,6 @@ public void doFilter(
     }
   }
 
-  private boolean healthConfigsExists() {
-    boolean found = false;
-    Map<String, Boolean> validProtectedEndpoints =
-        healthServerConfiguration.getValidProtectedEndpoints();
-    for (String configuredEndpoint : healthServerConfiguration.getUnprotectedEndpoints()) {
-      found = validProtectedEndpoints.containsKey(configuredEndpoint);
-    }
-    if (!found) {
-      return false;
-    }
-    return true;
-  }
-
   private void allowAuthenticatedRequest(
       FilterChain filterChain, HttpServletRequest httpRequest, HttpServletResponse httpResponse)
       throws IOException, ServletException {
@@ -128,11 +116,9 @@ private void allowAuthenticatedRequest(
   }
 
   private boolean isEndpointRequireAuthentication(String requestURI) {
-    Map<String, Boolean> protectedEndpoints =
-        healthServerConfiguration.getValidProtectedEndpoints();
-    boolean isProtected = protectedEndpoints.containsKey(requestURI);
+    boolean isProtected = EndpointsEnum.isValidEndpoint(requestURI);
     boolean isUnprotectedByConfiguration =
-        healthServerConfiguration.getUnprotectedEndpoints().contains(requestURI);
+        healthServerConfiguration.isUnprotectedByConfiguration(requestURI);
 
     return isProtected && !isUnprotectedByConfiguration;
   }

src/scheduler/src/test/java/org/cloudfoundry/autoscaler/scheduler/rest/BasicAuthenticationFilterTest.java

@@ -125,24 +125,6 @@ public void allowRequestIfPort8081andURIContainHealthWithUnprotectedEndpoints()
     Mockito.verify(filterChainMock, Mockito.times(1)).doFilter(req, res);
   }
 
-  @Test
-  public void denyHealthRequestWithWrongUnprotectedEndpoints()
-      throws IOException, ServletException {
-
-    req.setRequestURI("/health/liveness");
-    String auth = username + ":" + password;
-    req.addHeader("Authorization", "Basic " + Base64.encodeBase64String(auth.getBytes()));
-
-    HealthServerConfiguration healthServerConfig =
-        new HealthServerConfiguration(username, password, 8081, Set.of("/health/wrong-endpoint"));
-    BasicAuthenticationFilter filter = new BasicAuthenticationFilter(healthServerConfig);
-    filter.doFilter(req, res, filterChainMock);
-
-    Mockito.verify(filterChainMock, Mockito.times(0)).doFilter(req, res);
-    assertEquals(401, res.getStatus());
-    assertEquals(res.getHeader("WWW-Authenticate"), "Basic");
-  }
-
   @ParameterizedTest
   @ValueSource(strings = {"/health/prometheus", "/health/liveness", "/health/wrong-endpoint"})
   public void denyHealthRequestsWithNoUnprotectedEndpointsConfigThenBasicAuthRequired(