jwtToken and user-agent validation

src/main/java/com/iemr/common/service/everwell/EverwellRegistrationServiceImpl.java

@@ -57,6 +57,7 @@
 import com.iemr.common.repository.location.LocationDistrictRepository;
 import com.iemr.common.repository.location.LocationStateRepository;
 import com.iemr.common.utils.CryptoUtil;
+import com.iemr.common.utils.RestTemplateUtil;
 import com.iemr.common.utils.mapper.InputMapper;
 import com.iemr.common.utils.response.OutputResponse;
 
@@ -377,13 +378,10 @@ public String registerEverWellPatient(List<EverwellDetails> everwellBenRegListAS
 
 					RestTemplate restTemplate = new RestTemplate();
 
-					MultiValueMap<String, String> headers = new LinkedMultiValueMap<String, String>();
-					headers.add("Content-Type", "application/json");
-					headers.add("AUTHORIZATION", Authorization);
-					HttpEntity<Object> requestReg = new HttpEntity<Object>(data, headers);
+					HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(data, Authorization);
 					// registering the everwell patient into AMRIT
 					ResponseEntity<String> response = restTemplate.exchange(everwellRegisterBenficiary, HttpMethod.POST,
-							requestReg, String.class);
+							request, String.class);
 
 					if (response.getStatusCodeValue() == 200 & response.hasBody()) {
 

src/main/java/com/iemr/common/service/uptsu/UptsuServiceImpl.java

@@ -58,6 +58,7 @@
 import com.iemr.common.repository.uptsu.FacilityMasterRepo;
 import com.iemr.common.repository.uptsu.T_104AppointmentDetailsRepo;
 import com.iemr.common.service.sms.SMSService;
+import com.iemr.common.utils.RestTemplateUtil;
 import com.iemr.common.utils.exception.IEMRException;
 import com.iemr.common.utils.mapper.InputMapper;
 import org.springframework.beans.factory.annotation.Value;
@@ -262,14 +263,10 @@ public String createSMSRequestForBeneficiary(String benSms, String appointmentDa
 
 	}
 
-	public String restTemplate(String request, String url, String Authorization) {
-		HttpHeaders headers = new HttpHeaders();
-		headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));
-		headers.set("AUTHORIZATION", Authorization);
-
-		HttpEntity<Object> requestOBJ = new HttpEntity<Object>(request, headers);
+	public String restTemplate(String requestOBJ, String url, String Authorization) {
+		HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(requestOBJ, Authorization);
 		RestTemplate restTemplate = new RestTemplate();
-		return restTemplate.exchange(url, HttpMethod.POST, requestOBJ, String.class).getBody();
+		return restTemplate.exchange(url, HttpMethod.POST, request, String.class).getBody();
 	}
 
 

src/main/java/com/iemr/common/utils/CookieUtil.java

@@ -65,7 +65,7 @@ public void addJwtTokenToCookie(String Jwttoken, HttpServletResponse response, H
 	    response.addHeader("Set-Cookie", cookieHeader.toString());
 	}
 
-	public String getJwtTokenFromCookie(HttpServletRequest request) {
+	public static String getJwtTokenFromCookie(HttpServletRequest request) {
 		if (request.getCookies() == null) {
 	        return null;  // If cookies are null, return null safely.
 	    }

src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java

@@ -6,6 +6,8 @@
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Component;
 
+import com.iemr.common.utils.http.AuthorizationHeaderRequestWrapper;
+
 import jakarta.servlet.Filter;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
@@ -67,24 +69,31 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
 			if (jwtFromCookie != null) {
 				logger.info("Validating JWT token from cookie");
 				if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromCookie)) {
-					filterChain.doFilter(servletRequest, servletResponse);
+					AuthorizationHeaderRequestWrapper authorizationHeaderRequestWrapper = new AuthorizationHeaderRequestWrapper(
+							request, "");
+					filterChain.doFilter(authorizationHeaderRequestWrapper, servletResponse);
 					return;
 				}
-			}
-
-			if (jwtFromHeader != null) {
+			} else if (jwtFromHeader != null) {
 				logger.info("Validating JWT token from header");
 				if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromHeader)) {
-					filterChain.doFilter(servletRequest, servletResponse);
+					AuthorizationHeaderRequestWrapper authorizationHeaderRequestWrapper = new AuthorizationHeaderRequestWrapper(
+							request, "");
+					filterChain.doFilter(authorizationHeaderRequestWrapper, servletResponse);
+					return;
+				}
+			} else {
+				String userAgent = request.getHeader("User-Agent");
+				logger.info("User-Agent: " + userAgent);
+				if (userAgent != null && isMobileClient(userAgent) && authHeader != null) {
+					try {
+						UserAgentContext.setUserAgent(userAgent);
+						filterChain.doFilter(servletRequest, servletResponse);
+					} finally {
+						UserAgentContext.clear();
+					}
 					return;
 				}
-			}
-			String userAgent = request.getHeader("User-Agent");
-			logger.info("User-Agent: " + userAgent);
-
-			if (userAgent != null && isMobileClient(userAgent) && authHeader != null) {
-				filterChain.doFilter(servletRequest, servletResponse);
-				return;
 			}
 
 			logger.warn("No valid authentication token found");
@@ -101,14 +110,12 @@ private boolean isMobileClient(String userAgent) {
 		userAgent = userAgent.toLowerCase();
 		return userAgent.contains("okhttp"); // iOS (custom clients)
 	}
-	
+
 	private boolean shouldSkipAuthentication(String path, String contextPath) {
 		return path.equals(contextPath + "/user/userAuthenticate")
 				|| path.equalsIgnoreCase(contextPath + "/user/logOutUserFromConcurrentSession")
-				|| path.startsWith(contextPath + "/swagger-ui")
-				|| path.startsWith(contextPath + "/v3/api-docs")
-				|| path.startsWith(contextPath + "/public")
-				|| path.equals(contextPath + "/user/refreshToken")
+				|| path.startsWith(contextPath + "/swagger-ui") || path.startsWith(contextPath + "/v3/api-docs")
+				|| path.startsWith(contextPath + "/public") || path.equals(contextPath + "/user/refreshToken")
 				|| path.startsWith(contextPath + "/user/superUserAuthenticate")
 				|| path.startsWith(contextPath + "/user/user/userAuthenticateNew")
 				|| path.startsWith(contextPath + "/user/userAuthenticateV1")

src/main/java/com/iemr/common/utils/RestTemplateUtil.java

@@ -0,0 +1,50 @@
+package com.iemr.common.utils;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import jakarta.servlet.http.HttpServletRequest;
+
+public class RestTemplateUtil {
+	private final static Logger logger = LoggerFactory.getLogger(RestTemplateUtil.class);
+
+	public static HttpEntity<Object> createRequestEntity(Object body, String authorization) {
+
+		ServletRequestAttributes servletRequestAttributes = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes());
+		if (servletRequestAttributes == null) {
+			MultiValueMap<String, String> headers = new LinkedMultiValueMap<>();
+			headers.add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE + ";charset=utf-8");
+			headers.add(HttpHeaders.AUTHORIZATION, authorization);
+			return new HttpEntity<>(body, headers);
+		}
+		HttpServletRequest requestHeader = servletRequestAttributes.getRequest();
+        String jwtTokenFromCookie = null;
+		try {
+			jwtTokenFromCookie = CookieUtil.getJwtTokenFromCookie(requestHeader);
+
+		} catch (Exception e) {
+			logger.error("Error while getting jwtToken from Cookie" + e.getMessage() );
+		}
+
+        MultiValueMap<String, String> headers = new LinkedMultiValueMap<>();
+        headers.add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE + ";charset=utf-8");
+        if(null != UserAgentContext.getUserAgent()) {
+        	headers.add(HttpHeaders.USER_AGENT, UserAgentContext.getUserAgent());
+        }
+        headers.add(HttpHeaders.AUTHORIZATION, authorization);
+        headers.add("JwtToken",requestHeader.getHeader("JwtToken"));
+        if(null != jwtTokenFromCookie) {
+        	headers.add(HttpHeaders.COOKIE, "Jwttoken=" + jwtTokenFromCookie);
+        }
+
+        return new HttpEntity<>(body, headers);
+    }
+
+}

src/main/java/com/iemr/common/utils/UserAgentContext.java

@@ -0,0 +1,18 @@
+package com.iemr.common.utils;
+
+public class UserAgentContext {
+	private static final ThreadLocal<String> userAgentHolder = new ThreadLocal<>();
+
+    public static void setUserAgent(String userAgent) {
+        userAgentHolder.set(userAgent);
+    }
+
+    public static String getUserAgent() {
+        return userAgentHolder.get();
+    }
+
+    public static void clear() {
+        userAgentHolder.remove();
+    }
+
+}

src/main/java/com/iemr/common/utils/http/AuthorizationHeaderRequestWrapper.java

@@ -0,0 +1,42 @@
+package com.iemr.common.utils.http;
+
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.List;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequestWrapper;
+
+public class AuthorizationHeaderRequestWrapper extends HttpServletRequestWrapper {
+	private final String Authorization;
+
+	public AuthorizationHeaderRequestWrapper(HttpServletRequest request, String authHeaderValue) {
+		super(request);
+		this.Authorization = authHeaderValue;
+	}
+
+	@Override
+	public String getHeader(String name) {
+		if ("Authorization".equalsIgnoreCase(name)) {
+			return Authorization;
+		}
+		return super.getHeader(name);
+	}
+
+	@Override
+	public Enumeration<String> getHeaders(String name) {
+		if ("Authorization".equalsIgnoreCase(name)) {
+			return Collections.enumeration(Collections.singletonList(Authorization));
+		}
+		return super.getHeaders(name);
+	}
+
+	@Override
+	public Enumeration<String> getHeaderNames() {
+		List<String> names = Collections.list(super.getHeaderNames());
+		if (!names.contains("Authorization")) {
+			names.add("Authorization");
+		}
+		return Collections.enumeration(names);
+	}
+}

src/main/java/com/iemr/common/utils/http/HTTPRequestInterceptor.java

@@ -69,6 +69,11 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons
 			authorization=preAuth.replace("Bearer ", "");
 		else
 			authorization = preAuth;
+
+		if (authorization == null || authorization.isEmpty()) {
+	        logger.info("Authorization header is null or empty. Skipping HTTPRequestInterceptor.");
+	        return true; // Allow the request to proceed without validation
+	    }
 		logger.debug("RequestURI::" + request.getRequestURI() + " || Authorization ::" + authorization
 				+ " || method :: " + request.getMethod());
 		if (!request.getMethod().equalsIgnoreCase("OPTIONS")) {