From 989f4930bea52c6df28af4b5f51624dc91b30329 Mon Sep 17 00:00:00 2001 From: Ravi Shanigarapu Date: Wed, 23 Apr 2025 17:50:48 +0530 Subject: [PATCH 1/6] AMM-1378 --- .../iemr/common/data/nhm_dashboard/AbandonCallSummary.java | 4 ++-- .../com/iemr/common/data/nhm_dashboard/AgentRealTimeData.java | 3 ++- .../iemr/common/data/nhm_dashboard/AgentSummaryReport.java | 3 ++- .../iemr/common/data/nhm_dashboard/DetailedCallReport.java | 3 ++- .../com/iemr/common/data/nhm_dashboard/LineCallSummary.java | 3 ++- 5 files changed, 10 insertions(+), 6 deletions(-) diff --git a/src/main/java/com/iemr/common/data/nhm_dashboard/AbandonCallSummary.java b/src/main/java/com/iemr/common/data/nhm_dashboard/AbandonCallSummary.java index 3aa43b86..0077eb54 100644 --- a/src/main/java/com/iemr/common/data/nhm_dashboard/AbandonCallSummary.java +++ b/src/main/java/com/iemr/common/data/nhm_dashboard/AbandonCallSummary.java @@ -29,6 +29,7 @@ import jakarta.persistence.Column; import jakarta.persistence.Entity; import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; import jakarta.persistence.Id; import jakarta.persistence.Table; import lombok.Data; @@ -39,8 +40,7 @@ public class AbandonCallSummary { @Id - @GeneratedValue - + @GeneratedValue(strategy = GenerationType.IDENTITY) @Expose @Column(name = "id", insertable = false) private Long id; diff --git a/src/main/java/com/iemr/common/data/nhm_dashboard/AgentRealTimeData.java b/src/main/java/com/iemr/common/data/nhm_dashboard/AgentRealTimeData.java index c2d60b09..f8e36cb4 100644 --- a/src/main/java/com/iemr/common/data/nhm_dashboard/AgentRealTimeData.java +++ b/src/main/java/com/iemr/common/data/nhm_dashboard/AgentRealTimeData.java @@ -7,6 +7,7 @@ import jakarta.persistence.Column; import jakarta.persistence.Entity; import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; import jakarta.persistence.Id; import jakarta.persistence.Table; import lombok.Data; @@ -16,7 +17,7 @@ @Table(name = "t_nhmagentrealtimedata") public class AgentRealTimeData { @Id - @GeneratedValue + @GeneratedValue(strategy = GenerationType.IDENTITY) @Expose @Column(name = "id", insertable = false) private Long id; diff --git a/src/main/java/com/iemr/common/data/nhm_dashboard/AgentSummaryReport.java b/src/main/java/com/iemr/common/data/nhm_dashboard/AgentSummaryReport.java index 913ff21f..feba10bb 100644 --- a/src/main/java/com/iemr/common/data/nhm_dashboard/AgentSummaryReport.java +++ b/src/main/java/com/iemr/common/data/nhm_dashboard/AgentSummaryReport.java @@ -28,6 +28,7 @@ import jakarta.persistence.Column; import jakarta.persistence.Entity; import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; import jakarta.persistence.Id; import jakarta.persistence.Table; import lombok.Data; @@ -37,7 +38,7 @@ @Table(name = "t_agentsummaryreport") public class AgentSummaryReport { @Id - @GeneratedValue + @GeneratedValue(strategy = GenerationType.IDENTITY) @Expose @Column(name = "id", insertable = false) private Long id; diff --git a/src/main/java/com/iemr/common/data/nhm_dashboard/DetailedCallReport.java b/src/main/java/com/iemr/common/data/nhm_dashboard/DetailedCallReport.java index 7a052488..e473c039 100644 --- a/src/main/java/com/iemr/common/data/nhm_dashboard/DetailedCallReport.java +++ b/src/main/java/com/iemr/common/data/nhm_dashboard/DetailedCallReport.java @@ -28,6 +28,7 @@ import jakarta.persistence.Column; import jakarta.persistence.Entity; import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; import jakarta.persistence.Id; import jakarta.persistence.Table; import jakarta.persistence.Transient; @@ -39,7 +40,7 @@ public class DetailedCallReport { @Id - @GeneratedValue + @GeneratedValue(strategy = GenerationType.IDENTITY) @Expose @Column(name = "id", insertable = false) private Long id; diff --git a/src/main/java/com/iemr/common/data/nhm_dashboard/LineCallSummary.java b/src/main/java/com/iemr/common/data/nhm_dashboard/LineCallSummary.java index be2916bc..f6a75684 100644 --- a/src/main/java/com/iemr/common/data/nhm_dashboard/LineCallSummary.java +++ b/src/main/java/com/iemr/common/data/nhm_dashboard/LineCallSummary.java @@ -27,6 +27,7 @@ import jakarta.persistence.Column; import jakarta.persistence.Entity; import jakarta.persistence.GeneratedValue; +import jakarta.persistence.GenerationType; import jakarta.persistence.Id; import jakarta.persistence.Table; import lombok.Data; @@ -37,7 +38,7 @@ public class LineCallSummary { @Id - @GeneratedValue + @GeneratedValue(strategy = GenerationType.IDENTITY) @Column(name = "id", insertable = false) private Long id; @Column(name = "LineNumber") From 5cdc28760280e431eed48895564ea99cb7fb171b Mon Sep 17 00:00:00 2001 From: Ravi Shanigarapu Date: Tue, 20 May 2025 13:15:21 +0530 Subject: [PATCH 2/6] AMM-1456 --- .../utils/JwtUserIdValidationFilter.java | 60 +++++++++++++------ 1 file changed, 42 insertions(+), 18 deletions(-) diff --git a/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java index b83f4873..c62097b8 100644 --- a/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java +++ b/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java @@ -60,33 +60,48 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo } try { - // Retrieve JWT token from cookies - String jwtTokenFromCookie = getJwtTokenFromCookies(request); - logger.info("JWT token from cookie: "); - - // Determine which token (cookie or header) to validate - String jwtToken = jwtTokenFromCookie != null ? jwtTokenFromCookie : jwtTokenFromHeader; - if (jwtToken == null) { - logger.error("JWT token not found in cookies or headers"); - response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "JWT token not found in cookies or headers"); - return; + String jwtFromCookie = getJwtTokenFromCookies(request); + String jwtFromHeader = request.getHeader("JwtToken"); + String authHeader = request.getHeader("Authorization"); + + if (jwtFromCookie != null) { + logger.info("Validating JWT token from cookie"); + if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromCookie)) { + filterChain.doFilter(servletRequest, servletResponse); + return; + } + } + + if (jwtFromHeader != null) { + logger.info("Validating JWT token from header"); + if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromHeader)) { + filterChain.doFilter(servletRequest, servletResponse); + return; + } } + String userAgent = request.getHeader("User-Agent"); + logger.info("User-Agent: " + userAgent); - // Validate JWT token and userId - if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtToken)) { - // If token is valid, allow the request to proceed - logger.info("Valid JWT token"); + if (userAgent != null && isMobileClient(userAgent) && authHeader != null) { filterChain.doFilter(servletRequest, servletResponse); - } else { - logger.error("Invalid JWT token"); - response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid JWT token"); + return; } + + logger.warn("No valid authentication token found"); + response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized: Invalid or missing token"); } catch (Exception e) { logger.error("Authorization error: ", e); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization error: " + e.getMessage()); } } + private boolean isMobileClient(String userAgent) { + if (userAgent == null) + return false; + userAgent = userAgent.toLowerCase(); + return userAgent.contains("okhttp"); // iOS (custom clients) + } + private boolean shouldSkipAuthentication(String path, String contextPath) { return path.equals(contextPath + "/user/userAuthenticate") || path.equalsIgnoreCase(contextPath + "/user/logOutUserFromConcurrentSession") @@ -94,7 +109,16 @@ private boolean shouldSkipAuthentication(String path, String contextPath) { || path.startsWith(contextPath + "/v3/api-docs") || path.startsWith(contextPath + "/public") || path.equals(contextPath + "/user/refreshToken") - ; + || path.startsWith(contextPath + "/user/superUserAuthenticate") + || path.startsWith(contextPath + "/user/user/userAuthenticateNew") + || path.startsWith(contextPath + "/user/userAuthenticateV1") + || path.startsWith(contextPath + "/user/forgetPassword") + || path.startsWith(contextPath + "/user/setForgetPassword") + || path.startsWith(contextPath + "/user/changePassword") + || path.startsWith(contextPath + "/user/saveUserSecurityQuesAns") + || path.startsWith(contextPath + "/user/userLogout") + || path.startsWith(contextPath + "/user/validateSecurityQuestionAndAnswer") + || path.startsWith(contextPath + "/user/logOutUserFromConcurrentSession"); } private String getJwtTokenFromCookies(HttpServletRequest request) { From d321087ce5b3f6b11eb9bfadca8dc6de3fd5e462 Mon Sep 17 00:00:00 2001 From: Ravi Shanigarapu Date: Tue, 20 May 2025 14:23:32 +0530 Subject: [PATCH 3/6] For addind jwtToken in response --- .../com/iemr/common/controller/users/IEMRAdminController.java | 1 - src/main/java/com/iemr/common/utils/UserAgentUtil.java | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java index e26f15dd..9256cca3 100644 --- a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java +++ b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java @@ -131,7 +131,6 @@ public String userAuthenticate( logger.info("userAuthenticate request - " + m_User + " " + m_User.getUserName() + " " + m_User.getPassword()); try { String decryptPassword = aesUtil.decrypt("Piramal12Piramal", m_User.getPassword()); - logger.info("decryptPassword : " + decryptPassword); List mUser = iemrAdminUserServiceImpl.userAuthenticate(m_User.getUserName(), decryptPassword); JSONObject resMap = new JSONObject(); JSONObject serviceRoleMultiMap = new JSONObject(); diff --git a/src/main/java/com/iemr/common/utils/UserAgentUtil.java b/src/main/java/com/iemr/common/utils/UserAgentUtil.java index e6b0dbce..e887d0d6 100644 --- a/src/main/java/com/iemr/common/utils/UserAgentUtil.java +++ b/src/main/java/com/iemr/common/utils/UserAgentUtil.java @@ -4,6 +4,6 @@ public class UserAgentUtil { public static boolean isMobileDevice(String userAgent) { if (userAgent == null) return false; String lowerUA = userAgent.toLowerCase(); - return lowerUA.contains("mobile") || lowerUA.contains("android") || lowerUA.contains("iphone"); + return lowerUA.contains("okhttp"); } } From 3b1e2c8cee87f26566f18728135686862a0464c0 Mon Sep 17 00:00:00 2001 From: Ravi Shanigarapu Date: Thu, 22 May 2025 15:57:47 +0530 Subject: [PATCH 4/6] JwtToken,user-Agent validation --- .../EverwellRegistrationServiceImpl.java | 8 ++-- .../service/uptsu/UptsuServiceImpl.java | 11 ++--- .../com/iemr/common/utils/CookieUtil.java | 2 +- .../utils/JwtUserIdValidationFilter.java | 36 ++++++++++------ .../iemr/common/utils/RestTemplateUtil.java | 42 +++++++++++++++++++ .../iemr/common/utils/UserAgentContext.java | 18 ++++++++ .../AuthorizationHeaderRequestWrapper.java | 42 +++++++++++++++++++ .../utils/http/HTTPRequestInterceptor.java | 5 +++ 8 files changed, 139 insertions(+), 25 deletions(-) create mode 100644 src/main/java/com/iemr/common/utils/RestTemplateUtil.java create mode 100644 src/main/java/com/iemr/common/utils/UserAgentContext.java create mode 100644 src/main/java/com/iemr/common/utils/http/AuthorizationHeaderRequestWrapper.java diff --git a/src/main/java/com/iemr/common/service/everwell/EverwellRegistrationServiceImpl.java b/src/main/java/com/iemr/common/service/everwell/EverwellRegistrationServiceImpl.java index 1062be31..8bab28c4 100644 --- a/src/main/java/com/iemr/common/service/everwell/EverwellRegistrationServiceImpl.java +++ b/src/main/java/com/iemr/common/service/everwell/EverwellRegistrationServiceImpl.java @@ -57,6 +57,7 @@ import com.iemr.common.repository.location.LocationDistrictRepository; import com.iemr.common.repository.location.LocationStateRepository; import com.iemr.common.utils.CryptoUtil; +import com.iemr.common.utils.RestTemplateUtil; import com.iemr.common.utils.mapper.InputMapper; import com.iemr.common.utils.response.OutputResponse; @@ -377,13 +378,10 @@ public String registerEverWellPatient(List everwellBenRegListAS RestTemplate restTemplate = new RestTemplate(); - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", Authorization); - HttpEntity requestReg = new HttpEntity(data, headers); + HttpEntity request = RestTemplateUtil.createRequestEntity(data, Authorization); // registering the everwell patient into AMRIT ResponseEntity response = restTemplate.exchange(everwellRegisterBenficiary, HttpMethod.POST, - requestReg, String.class); + request, String.class); if (response.getStatusCodeValue() == 200 & response.hasBody()) { diff --git a/src/main/java/com/iemr/common/service/uptsu/UptsuServiceImpl.java b/src/main/java/com/iemr/common/service/uptsu/UptsuServiceImpl.java index 68bc2d60..c1f93a9c 100644 --- a/src/main/java/com/iemr/common/service/uptsu/UptsuServiceImpl.java +++ b/src/main/java/com/iemr/common/service/uptsu/UptsuServiceImpl.java @@ -58,6 +58,7 @@ import com.iemr.common.repository.uptsu.FacilityMasterRepo; import com.iemr.common.repository.uptsu.T_104AppointmentDetailsRepo; import com.iemr.common.service.sms.SMSService; +import com.iemr.common.utils.RestTemplateUtil; import com.iemr.common.utils.exception.IEMRException; import com.iemr.common.utils.mapper.InputMapper; import org.springframework.beans.factory.annotation.Value; @@ -262,14 +263,10 @@ public String createSMSRequestForBeneficiary(String benSms, String appointmentDa } - public String restTemplate(String request, String url, String Authorization) { - HttpHeaders headers = new HttpHeaders(); - headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON)); - headers.set("AUTHORIZATION", Authorization); - - HttpEntity requestOBJ = new HttpEntity(request, headers); + public String restTemplate(String requestOBJ, String url, String Authorization) { + HttpEntity request = RestTemplateUtil.createRequestEntity(requestOBJ, Authorization); RestTemplate restTemplate = new RestTemplate(); - return restTemplate.exchange(url, HttpMethod.POST, requestOBJ, String.class).getBody(); + return restTemplate.exchange(url, HttpMethod.POST, request, String.class).getBody(); } diff --git a/src/main/java/com/iemr/common/utils/CookieUtil.java b/src/main/java/com/iemr/common/utils/CookieUtil.java index 678f639c..85abf4e9 100644 --- a/src/main/java/com/iemr/common/utils/CookieUtil.java +++ b/src/main/java/com/iemr/common/utils/CookieUtil.java @@ -65,7 +65,7 @@ public void addJwtTokenToCookie(String Jwttoken, HttpServletResponse response, H response.addHeader("Set-Cookie", cookieHeader.toString()); } - public String getJwtTokenFromCookie(HttpServletRequest request) { + public static String getJwtTokenFromCookie(HttpServletRequest request) { if (request.getCookies() == null) { return null; // If cookies are null, return null safely. } diff --git a/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java index c62097b8..fc0c1340 100644 --- a/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java +++ b/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java @@ -6,6 +6,8 @@ import org.slf4j.LoggerFactory; import org.springframework.stereotype.Component; +import com.iemr.common.utils.http.AuthorizationHeaderRequestWrapper; + import jakarta.servlet.Filter; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; @@ -67,29 +69,39 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo if (jwtFromCookie != null) { logger.info("Validating JWT token from cookie"); if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromCookie)) { - filterChain.doFilter(servletRequest, servletResponse); + AuthorizationHeaderRequestWrapper authorizationHeaderRequestWrapper = new AuthorizationHeaderRequestWrapper( + request, ""); + filterChain.doFilter(authorizationHeaderRequestWrapper, servletResponse); return; } - } - - if (jwtFromHeader != null) { + } else if (jwtFromHeader != null) { logger.info("Validating JWT token from header"); if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromHeader)) { - filterChain.doFilter(servletRequest, servletResponse); + AuthorizationHeaderRequestWrapper authorizationHeaderRequestWrapper = new AuthorizationHeaderRequestWrapper( + request, ""); + filterChain.doFilter(authorizationHeaderRequestWrapper, servletResponse); + return; + } + } else { + String userAgent = request.getHeader("User-Agent"); + logger.info("User-Agent: " + userAgent); + if (userAgent != null && isMobileClient(userAgent) && authHeader != null) { + try { + UserAgentContext.setUserAgent(userAgent); + filterChain.doFilter(servletRequest, servletResponse); + } finally { + UserAgentContext.clear(); + } return; } } - String userAgent = request.getHeader("User-Agent"); - logger.info("User-Agent: " + userAgent); - if (userAgent != null && isMobileClient(userAgent) && authHeader != null) { - filterChain.doFilter(servletRequest, servletResponse); - return; - } + logger.warn("No valid authentication token found"); + response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized: Invalid or missing token"); logger.warn("No valid authentication token found"); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized: Invalid or missing token"); - } catch (Exception e) { +} catch (Exception e) { logger.error("Authorization error: ", e); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization error: " + e.getMessage()); } diff --git a/src/main/java/com/iemr/common/utils/RestTemplateUtil.java b/src/main/java/com/iemr/common/utils/RestTemplateUtil.java new file mode 100644 index 00000000..837c9c4a --- /dev/null +++ b/src/main/java/com/iemr/common/utils/RestTemplateUtil.java @@ -0,0 +1,42 @@ +package com.iemr.common.utils; + +import org.springframework.http.HttpEntity; +import org.springframework.http.HttpHeaders; +import org.springframework.http.MediaType; +import org.springframework.util.LinkedMultiValueMap; +import org.springframework.util.MultiValueMap; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import jakarta.servlet.http.HttpServletRequest; + +public class RestTemplateUtil { + public static HttpEntity createRequestEntity(Object body, String authorization) { + + ServletRequestAttributes servletRequestAttributes = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()); + if (servletRequestAttributes == null) { + MultiValueMap headers = new LinkedMultiValueMap<>(); + headers.add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE + ";charset=utf-8"); + headers.add(HttpHeaders.AUTHORIZATION, authorization); + return new HttpEntity<>(body, headers); + } + HttpServletRequest requestHeader = servletRequestAttributes.getRequest(); + String jwtTokenFromCookie = null; + try { + jwtTokenFromCookie = CookieUtil.getJwtTokenFromCookie(requestHeader); + + } catch (Exception e) { + e.printStackTrace(); + } + + MultiValueMap headers = new LinkedMultiValueMap<>(); + headers.add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE + ";charset=utf-8"); + headers.add(HttpHeaders.USER_AGENT, UserAgentContext.getUserAgent()); + headers.add(HttpHeaders.AUTHORIZATION, authorization); + headers.add("JwtToken",requestHeader.getHeader("JwtToken")); + headers.add(HttpHeaders.COOKIE, "Jwttoken=" + jwtTokenFromCookie); + + return new HttpEntity<>(body, headers); + } + +} diff --git a/src/main/java/com/iemr/common/utils/UserAgentContext.java b/src/main/java/com/iemr/common/utils/UserAgentContext.java new file mode 100644 index 00000000..ce0f01be --- /dev/null +++ b/src/main/java/com/iemr/common/utils/UserAgentContext.java @@ -0,0 +1,18 @@ +package com.iemr.common.utils; + +public class UserAgentContext { + private static final ThreadLocal userAgentHolder = new ThreadLocal<>(); + + public static void setUserAgent(String userAgent) { + userAgentHolder.set(userAgent); + } + + public static String getUserAgent() { + return userAgentHolder.get(); + } + + public static void clear() { + userAgentHolder.remove(); + } + +} diff --git a/src/main/java/com/iemr/common/utils/http/AuthorizationHeaderRequestWrapper.java b/src/main/java/com/iemr/common/utils/http/AuthorizationHeaderRequestWrapper.java new file mode 100644 index 00000000..db77e0b2 --- /dev/null +++ b/src/main/java/com/iemr/common/utils/http/AuthorizationHeaderRequestWrapper.java @@ -0,0 +1,42 @@ +package com.iemr.common.utils.http; + +import java.util.Collections; +import java.util.Enumeration; +import java.util.List; + +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequestWrapper; + +public class AuthorizationHeaderRequestWrapper extends HttpServletRequestWrapper { + private final String Authorization; + + public AuthorizationHeaderRequestWrapper(HttpServletRequest request, String authHeaderValue) { + super(request); + this.Authorization = authHeaderValue; + } + + @Override + public String getHeader(String name) { + if ("Authorization".equalsIgnoreCase(name)) { + return Authorization; + } + return super.getHeader(name); + } + + @Override + public Enumeration getHeaders(String name) { + if ("Authorization".equalsIgnoreCase(name)) { + return Collections.enumeration(Collections.singletonList(Authorization)); + } + return super.getHeaders(name); + } + + @Override + public Enumeration getHeaderNames() { + List names = Collections.list(super.getHeaderNames()); + if (!names.contains("Authorization")) { + names.add("Authorization"); + } + return Collections.enumeration(names); + } +} diff --git a/src/main/java/com/iemr/common/utils/http/HTTPRequestInterceptor.java b/src/main/java/com/iemr/common/utils/http/HTTPRequestInterceptor.java index b8359fe6..59189742 100644 --- a/src/main/java/com/iemr/common/utils/http/HTTPRequestInterceptor.java +++ b/src/main/java/com/iemr/common/utils/http/HTTPRequestInterceptor.java @@ -69,6 +69,11 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons authorization=preAuth.replace("Bearer ", ""); else authorization = preAuth; + + if (authorization == null || authorization.isEmpty()) { + logger.info("Authorization header is null or empty. Skipping HTTPRequestInterceptor."); + return true; // Allow the request to proceed without validation + } logger.debug("RequestURI::" + request.getRequestURI() + " || Authorization ::" + authorization + " || method :: " + request.getMethod()); if (!request.getMethod().equalsIgnoreCase("OPTIONS")) { From 2a9f3bf7740f3523dffebf481d9c07409d84d20a Mon Sep 17 00:00:00 2001 From: Ravi Shanigarapu Date: Thu, 22 May 2025 16:15:42 +0530 Subject: [PATCH 5/6] indent format --- .../common/utils/JwtUserIdValidationFilter.java | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java index fc0c1340..adc054dc 100644 --- a/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java +++ b/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java @@ -98,10 +98,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo logger.warn("No valid authentication token found"); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized: Invalid or missing token"); - - logger.warn("No valid authentication token found"); - response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized: Invalid or missing token"); -} catch (Exception e) { + } catch (Exception e) { logger.error("Authorization error: ", e); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization error: " + e.getMessage()); } @@ -113,14 +110,12 @@ private boolean isMobileClient(String userAgent) { userAgent = userAgent.toLowerCase(); return userAgent.contains("okhttp"); // iOS (custom clients) } - + private boolean shouldSkipAuthentication(String path, String contextPath) { return path.equals(contextPath + "/user/userAuthenticate") || path.equalsIgnoreCase(contextPath + "/user/logOutUserFromConcurrentSession") - || path.startsWith(contextPath + "/swagger-ui") - || path.startsWith(contextPath + "/v3/api-docs") - || path.startsWith(contextPath + "/public") - || path.equals(contextPath + "/user/refreshToken") + || path.startsWith(contextPath + "/swagger-ui") || path.startsWith(contextPath + "/v3/api-docs") + || path.startsWith(contextPath + "/public") || path.equals(contextPath + "/user/refreshToken") || path.startsWith(contextPath + "/user/superUserAuthenticate") || path.startsWith(contextPath + "/user/user/userAuthenticateNew") || path.startsWith(contextPath + "/user/userAuthenticateV1") From 7617db1965f10301f138808241774b68d75cdfb0 Mon Sep 17 00:00:00 2001 From: Ravi Shanigarapu Date: Thu, 22 May 2025 19:40:08 +0530 Subject: [PATCH 6/6] null check --- .../com/iemr/common/utils/RestTemplateUtil.java | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/src/main/java/com/iemr/common/utils/RestTemplateUtil.java b/src/main/java/com/iemr/common/utils/RestTemplateUtil.java index 837c9c4a..e491e59a 100644 --- a/src/main/java/com/iemr/common/utils/RestTemplateUtil.java +++ b/src/main/java/com/iemr/common/utils/RestTemplateUtil.java @@ -1,5 +1,7 @@ package com.iemr.common.utils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.http.HttpEntity; import org.springframework.http.HttpHeaders; import org.springframework.http.MediaType; @@ -11,6 +13,8 @@ import jakarta.servlet.http.HttpServletRequest; public class RestTemplateUtil { + private final static Logger logger = LoggerFactory.getLogger(RestTemplateUtil.class); + public static HttpEntity createRequestEntity(Object body, String authorization) { ServletRequestAttributes servletRequestAttributes = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()); @@ -26,17 +30,21 @@ public static HttpEntity createRequestEntity(Object body, String authori jwtTokenFromCookie = CookieUtil.getJwtTokenFromCookie(requestHeader); } catch (Exception e) { - e.printStackTrace(); + logger.error("Error while getting jwtToken from Cookie" + e.getMessage() ); } MultiValueMap headers = new LinkedMultiValueMap<>(); headers.add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE + ";charset=utf-8"); - headers.add(HttpHeaders.USER_AGENT, UserAgentContext.getUserAgent()); + if(null != UserAgentContext.getUserAgent()) { + headers.add(HttpHeaders.USER_AGENT, UserAgentContext.getUserAgent()); + } headers.add(HttpHeaders.AUTHORIZATION, authorization); headers.add("JwtToken",requestHeader.getHeader("JwtToken")); - headers.add(HttpHeaders.COOKIE, "Jwttoken=" + jwtTokenFromCookie); + if(null != jwtTokenFromCookie) { + headers.add(HttpHeaders.COOKIE, "Jwttoken=" + jwtTokenFromCookie); + } return new HttpEntity<>(body, headers); } -} +} \ No newline at end of file