move auth chack to top of route handler

ssh-key-provider/src/main/java/de/ccc/hamburg/keycloak/ssh_key/SSHKeyResourceProvider.java

@@ -49,50 +49,49 @@ public class SSHKeyResourceProvider implements RealmResourceProvider {
     @Path("export/{group_id}")
     @Produces(MediaType.APPLICATION_JSON)
     public Response exportKeys(@PathParam("group_id") String groupId) {
+        try {
+            AuthHelper.getAuth(
+                    session,
+                    authResult -> authResult.getToken().getIssuedFor().equals("admin-cli"));
+        } catch (Exception e) {
+            System.err.println(e);
+            return Response.status(401, e.getMessage()).build();
+        }
+
         UserProvider userProvider = session.users();
         UserProfileProvider profileProvider = session.getProvider(UserProfileProvider.class);
         UPConfig upconfig = profileProvider.getConfiguration();
-
         List<String> attributeNames = upconfig.getAttributes()
                 .stream()
                 .filter(a -> a.getGroup() != null && a.getGroup().equals("de.ccc.hamburg.keycloak.ssh_key.keys"))
                 .map(a -> a.getName())
                 .toList();
 
-        try {
+        RealmModel realm = session.getContext().getRealm();
-            AuthHelper.getAuth(
-                    session,
-                    authResult -> authResult.getToken().getIssuedFor().equals("admin-cli"));
 
-            RealmModel realm = session.getContext().getRealm();
+        // TODO: add allowlist check
+        GroupModel group = realm.getGroupById(groupId);
 
-            // TODO: add allowlist check
+        Stream<UserModel> users = userProvider.getGroupMembersStream(realm, group);
-            GroupModel group = realm.getGroupById(groupId);
 
-            Stream<UserModel> users = userProvider.getGroupMembersStream(realm, group);
+        List<String> keys = users
+                .map(user -> {
+                    return attributeNames
+                            .stream()
+                            .map(attributeName -> user.getAttributeStream(attributeName).findFirst())
+                            .filter(attribute -> attribute.isPresent())
+                            .map(attribute -> attribute.get())
+                            .toList();
+                })
+                .flatMap(List::stream)
+                .map(key -> {
+                    final Matcher matcher = SSH_PUBLIC_KEY.matcher(key);
+                    return matcher.find() ? matcher.group("key") : null;
+                })
+                .filter(Objects::nonNull)
+                .toList();
 
-            List<String> keys = users
+        return Response.ok(Map.of("keys", keys)).build();
-                    .map(user -> {
-                        return attributeNames
-                                .stream()
-                                .map(attributeName -> user.getAttributeStream(attributeName).findFirst())
-                                .filter(attribute -> attribute.isPresent())
-                                .map(attribute -> attribute.get())
-                                .toList();
-                    })
-                    .flatMap(List::stream)
-                    .map(key -> {
-                        final Matcher matcher = SSH_PUBLIC_KEY.matcher(key);
-                        return matcher.find() ? matcher.group("key") : null;
-                    })
-                    .filter(Objects::nonNull)
-                    .toList();
-
-            return Response.ok(Map.of("keys", keys)).build();
-        } catch (Exception e) {
-            System.err.println(e);
-            return Response.status(401, e.getMessage()).build();
-        }
 
     }