Early return for blocked user agents before checking attack waves

Author: bitterpanda63

agent_api/src/main/java/dev/aikido/agent_api/collectors/WebRequestCollector.java

@@ -56,14 +56,18 @@ public static Res report(ContextObject newContext) {
         if (blockedIpsRes != null)
             return blockedIpsRes;
 
+        Res blockedUARes = checkBlockedUserAgents(newContext.getHeader("user-agent"));
+        if (blockedUARes != null)
+            return blockedUARes;
+
         // Check for attack waves
         if (AttackWaveDetectorStore.check(newContext)) {
             AttackQueue.add(
                 DetectedAttackWave.createAPIEvent(newContext)
             );
         }
 
-        return checkBlockedUserAgents(newContext.getHeader("user-agent"));
+        return null;
     }
 
     private static Res checkEndpointAllowlist(RouteMetadata routeMetadata, String remoteAddress, ServiceConfiguration config) {