return bad request on invlaid username

service/src/main/java/com/telephoners/krakyournet/ctf/repositories/TasksRepository.java

@@ -17,7 +17,6 @@ import javax.inject.Singleton;
 import java.security.MessageDigest;
 import java.util.List;
 import java.util.Map;
-import java.util.Optional;
 import java.util.stream.Collectors;
 
 @Singleton
@@ -27,11 +26,13 @@ public class TasksRepository extends Repository<Task>
     private Datastore datastore;
     private TeamsRepository teamsRepository;
     private SolutionsRepository solutionsRepository;
+    private UsersRepository usersRepository;
     private MessageDigest messageDigest;
 
     @Inject
     public TasksRepository(ApplicationConfiguration applicationConfiguration, Datastore datastore,
                            TeamsRepository teamsRepository, SolutionsRepository solutionsRepository,
+                           UsersRepository usersRepository,
                            final @Named("messageDigest") MessageDigest messageDigest)
     {
         super(datastore);
@@ -39,6 +40,7 @@ public class TasksRepository extends Repository<Task>
         this.datastore = datastore;
         this.teamsRepository = teamsRepository;
         this.solutionsRepository = solutionsRepository;
+        this.usersRepository = usersRepository;
         this.messageDigest = messageDigest;
     }
 
@@ -62,7 +64,7 @@ public class TasksRepository extends Repository<Task>
                 .collect(Collectors.toMap(
                         Task::getLevel,
                         task -> task.getFlags().stream()
-                                .map(flag -> calculateHashValue(username, flag.getValue()))
+                                .map(flag -> calculateHashValue(usersRepository.getUserByName(username), flag.getValue()))
                                 .collect(Collectors.toList())
                 ));
     }
@@ -71,15 +73,15 @@ public class TasksRepository extends Repository<Task>
     {
         String username = user.getName();
         Flag matchedFlag = getByLevel(taskLevel).getFlags().stream()
-                .filter(flag -> calculateHashValue(username, flag.getValue()).equals(userHash))
+                .filter(flag -> calculateHashValue(user, flag.getValue()).equals(userHash))
                 .findFirst()
                 .get();
         return new Pair<>(getByLevel(taskLevel), matchedFlag);
     }
 
-    public String calculateHashValue(String username, String flagValue)
+    public String calculateHashValue(User user, String flagValue)
     {
-        String combinedStrings = applicationConfiguration.getSalt() + username + flagValue;
+        String combinedStrings = applicationConfiguration.getSalt() + user.getName() + flagValue;
         return Hex.encodeHexString(messageDigest.digest(combinedStrings.getBytes()));
     }
 

service/src/main/java/com/telephoners/krakyournet/ctf/resources/TasksResource.java

@@ -39,9 +39,13 @@ public class TasksResource
     public Response getUserFlags(@Auth User user, final @PathParam("username") String username)
     {
         if (user.isAdmin()) {
-            return Response.ok()
-                    .entity(tasksRepository.getUserFlagsHashes(username))
-                    .build();
+            try {
+                return Response.ok()
+                        .entity(tasksRepository.getUserFlagsHashes(username))
+                        .build();
+            } catch (Exception e) {
+                return Response.status(Response.Status.BAD_REQUEST).build();
+            }
         }
         return Response.status(Response.Status.UNAUTHORIZED).build();
     }