From 172892f1b08655c78bae6f2db5e69bff4acef528 Mon Sep 17 00:00:00 2001 From: Vanitha Date: Fri, 8 Aug 2025 14:48:21 +0530 Subject: [PATCH 1/3] fix: add serverAuthorization --- .../java/com/iemr/common/utils/JwtUserIdValidationFilter.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java index 0b8f6f94..09b515f6 100644 --- a/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java +++ b/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java @@ -1,6 +1,7 @@ package com.iemr.common.utils; import java.io.IOException; +import java.util.Arrays; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -15,7 +16,6 @@ import jakarta.servlet.http.Cookie; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; -import java.util.Arrays; public class JwtUserIdValidationFilter implements Filter { @@ -43,7 +43,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo if (origin != null && isOriginAllowed(origin)) { response.setHeader("Access-Control-Allow-Origin", origin); response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS"); - response.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type, Accept, Jwttoken"); + response.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type, Accept, Jwttoken, serverAuthorization, ServerAuthorization, serverauthorization, Serverauthoriztion"); response.setHeader("Access-Control-Allow-Credentials", "true"); } else { logger.warn("Origin [{}] is NOT allowed. CORS headers NOT added.", origin); From 1b4e58d8fd9396614fb7aa2300da389186d0ea5f Mon Sep 17 00:00:00 2001 From: Vanitha Date: Fri, 8 Aug 2025 14:58:12 +0530 Subject: [PATCH 2/3] fix: add console --- .../java/com/iemr/common/utils/JwtUserIdValidationFilter.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java index 09b515f6..6e7b0c8e 100644 --- a/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java +++ b/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java @@ -39,7 +39,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo logger.debug("Incoming Origin: {}", origin); logger.debug("Allowed Origins Configured: {}", allowedOrigins); - + logger.info("Add server authorization header to response"); if (origin != null && isOriginAllowed(origin)) { response.setHeader("Access-Control-Allow-Origin", origin); response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS"); From d49b7a2ec390e3e0608940c342ae6c6f8e0cf06d Mon Sep 17 00:00:00 2001 From: Vanitha Date: Fri, 8 Aug 2025 14:59:39 +0530 Subject: [PATCH 3/3] fix: correct the spelling --- .../java/com/iemr/common/utils/JwtUserIdValidationFilter.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java index 6e7b0c8e..002c49fc 100644 --- a/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java +++ b/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java @@ -43,7 +43,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo if (origin != null && isOriginAllowed(origin)) { response.setHeader("Access-Control-Allow-Origin", origin); response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS"); - response.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type, Accept, Jwttoken, serverAuthorization, ServerAuthorization, serverauthorization, Serverauthoriztion"); + response.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type, Accept, Jwttoken, serverAuthorization, ServerAuthorization, serverauthorization, Serverauthorization"); response.setHeader("Access-Control-Allow-Credentials", "true"); } else { logger.warn("Origin [{}] is NOT allowed. CORS headers NOT added.", origin);