From 81e0a2ac1e3809f42e2f5ba5b1af304b543c3b05 Mon Sep 17 00:00:00 2001 From: Ravi Shanigarapu Date: Thu, 22 May 2025 17:42:28 +0530 Subject: [PATCH 1/3] 0jwttoken and user-agent validation --- .../CSCarestreamServiceImpl.java | 12 +----- .../RegistrarServiceMasterDataImpl.java | 7 +-- .../transaction/CommonDoctorServiceImpl.java | 10 +---- .../common/transaction/CommonServiceImpl.java | 11 ++--- .../DownloadDataFromServerImpl.java | 31 ++----------- ...wnloadDataFromServerTransactionalImpl.java | 23 ++-------- .../UploadDataToServerImpl.java | 11 ++--- .../registrar/RegistrarServiceImpl.java | 40 +++-------------- .../TeleConsultationServiceImpl.java | 10 +---- .../java/com/iemr/mmu/utils/CookieUtil.java | 10 +++-- .../mmu/utils/JwtUserIdValidationFilter.java | 34 +++++++++------ .../com/iemr/mmu/utils/RestTemplateUtil.java | 43 +++++++++++++++++++ .../com/iemr/mmu/utils/UserAgentContext.java | 19 ++++++++ .../AuthorizationHeaderRequestWrapper.java | 43 +++++++++++++++++++ .../iemr/mmu/utils/http/HttpInterceptor.java | 4 ++ 15 files changed, 164 insertions(+), 144 deletions(-) create mode 100644 src/main/java/com/iemr/mmu/utils/RestTemplateUtil.java create mode 100644 src/main/java/com/iemr/mmu/utils/UserAgentContext.java create mode 100644 src/main/java/com/iemr/mmu/utils/http/AuthorizationHeaderRequestWrapper.java diff --git a/src/main/java/com/iemr/mmu/service/cancerScreening/CSCarestreamServiceImpl.java b/src/main/java/com/iemr/mmu/service/cancerScreening/CSCarestreamServiceImpl.java index 60a7b197..30165fea 100644 --- a/src/main/java/com/iemr/mmu/service/cancerScreening/CSCarestreamServiceImpl.java +++ b/src/main/java/com/iemr/mmu/service/cancerScreening/CSCarestreamServiceImpl.java @@ -44,6 +44,7 @@ import com.google.gson.Gson; import com.iemr.mmu.utils.CookieUtil; +import com.iemr.mmu.utils.RestTemplateUtil; import jakarta.servlet.http.HttpServletRequest; @@ -61,18 +62,9 @@ public int createMamographyRequest(ArrayList benDataForCareStream, lon String Authorization) { int responseData = 0; RestTemplate restTemplate = new RestTemplate(); - HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()) - .getRequest(); - String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader); try { - // HttpHeaders headers = new HttpHeaders(); - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", Authorization); - headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie); String requestOBJ = getOrderCreationRequestOBJ(benDataForCareStream, benRegID, benVisitID); - - HttpEntity request = new HttpEntity(requestOBJ, headers); + HttpEntity request = RestTemplateUtil.createRequestEntity(requestOBJ, Authorization); // System.out.println("hello"); ResponseEntity response = restTemplate.exchange(carestreamOrderCreateURL, HttpMethod.POST, request, String.class); diff --git a/src/main/java/com/iemr/mmu/service/common/master/RegistrarServiceMasterDataImpl.java b/src/main/java/com/iemr/mmu/service/common/master/RegistrarServiceMasterDataImpl.java index 25048a30..e1b9d417 100644 --- a/src/main/java/com/iemr/mmu/service/common/master/RegistrarServiceMasterDataImpl.java +++ b/src/main/java/com/iemr/mmu/service/common/master/RegistrarServiceMasterDataImpl.java @@ -62,6 +62,7 @@ import com.iemr.mmu.repo.nurse.anc.ANCCareRepo; import com.iemr.mmu.repo.registrar.BeneficiaryImageRepo; import com.iemr.mmu.repo.registrar.ReistrarRepoBenSearch; +import com.iemr.mmu.utils.RestTemplateUtil; @Service @PropertySource("classpath:application.properties") @@ -224,11 +225,7 @@ public String getBenDetailsForLeftSideByRegIDNew(Long beneficiaryRegID, Long ben public String getBenImageFromIdentityAPI(String Authorization, String comingRequest) throws Exception { String returnOBJ = null; RestTemplate restTemplate = new RestTemplate(); - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", Authorization); - - HttpEntity request = new HttpEntity(comingRequest, headers); + HttpEntity request = RestTemplateUtil.createRequestEntity(comingRequest, Authorization); ResponseEntity response = restTemplate.exchange(getBenImageFromIdentity, HttpMethod.POST, request, String.class); // if() diff --git a/src/main/java/com/iemr/mmu/service/common/transaction/CommonDoctorServiceImpl.java b/src/main/java/com/iemr/mmu/service/common/transaction/CommonDoctorServiceImpl.java index f72d8cfe..6c6c5e76 100644 --- a/src/main/java/com/iemr/mmu/service/common/transaction/CommonDoctorServiceImpl.java +++ b/src/main/java/com/iemr/mmu/service/common/transaction/CommonDoctorServiceImpl.java @@ -72,6 +72,7 @@ import com.iemr.mmu.service.benFlowStatus.CommonBenStatusFlowServiceImpl; import com.iemr.mmu.service.snomedct.SnomedServiceImpl; import com.iemr.mmu.utils.CookieUtil; +import com.iemr.mmu.utils.RestTemplateUtil; import com.iemr.mmu.utils.exception.IEMRException; import com.iemr.mmu.utils.mapper.InputMapper; import com.iemr.mmu.utils.mapper.OutputMapper; @@ -906,14 +907,7 @@ public int callTmForSpecialistSlotBook(TcSpecialistSlotBookingRequestOBJ tcSpeci String requestOBJ = OutputMapper.gson().toJson(tcSpecialistSlotBookingRequestOBJ); RestTemplate restTemplate = new RestTemplate(); - HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()) - .getRequest(); - String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader); - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", Authorization); - headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie); - HttpEntity request = new HttpEntity(requestOBJ, headers); + HttpEntity request = RestTemplateUtil.createRequestEntity(requestOBJ, Authorization); ResponseEntity response = restTemplate.exchange(tcSpecialistSlotBook, HttpMethod.POST, request, String.class); // System.out.println(response.getBody()); diff --git a/src/main/java/com/iemr/mmu/service/common/transaction/CommonServiceImpl.java b/src/main/java/com/iemr/mmu/service/common/transaction/CommonServiceImpl.java index 97975578..021d747a 100644 --- a/src/main/java/com/iemr/mmu/service/common/transaction/CommonServiceImpl.java +++ b/src/main/java/com/iemr/mmu/service/common/transaction/CommonServiceImpl.java @@ -79,6 +79,7 @@ import com.iemr.mmu.service.pnc.PNCServiceImpl; import com.iemr.mmu.service.quickConsultation.QuickConsultationServiceImpl; import com.iemr.mmu.utils.CookieUtil; +import com.iemr.mmu.utils.RestTemplateUtil; import com.iemr.mmu.utils.AESEncryption.AESEncryptionDecryption; import com.iemr.mmu.utils.exception.IEMRException; import com.iemr.mmu.utils.mapper.InputMapper; @@ -823,20 +824,14 @@ public String getCaseSheetOfTm(String mmuBenFlowReq, String authCentralServer) t public ResponseEntity restTemplatePost(String URL, String authorization, String reqObj) { RestTemplate restTemplate = new RestTemplate(); - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", authorization); - HttpEntity request = new HttpEntity(reqObj, headers); + HttpEntity request = RestTemplateUtil.createRequestEntity(reqObj, authorization); ResponseEntity response = restTemplate.exchange(URL, HttpMethod.POST, request, String.class); return response; } public ResponseEntity restTemplateGet(String URL, String authorization) { RestTemplate restTemplate = new RestTemplate(); - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", authorization); - HttpEntity request = new HttpEntity("", headers); + HttpEntity request = RestTemplateUtil.createRequestEntity("", authorization); ResponseEntity response = restTemplate.exchange(URL, HttpMethod.GET, request, String.class); return response; } diff --git a/src/main/java/com/iemr/mmu/service/dataSyncActivity/DownloadDataFromServerImpl.java b/src/main/java/com/iemr/mmu/service/dataSyncActivity/DownloadDataFromServerImpl.java index f0a9a343..1924f28a 100644 --- a/src/main/java/com/iemr/mmu/service/dataSyncActivity/DownloadDataFromServerImpl.java +++ b/src/main/java/com/iemr/mmu/service/dataSyncActivity/DownloadDataFromServerImpl.java @@ -53,6 +53,7 @@ import com.iemr.mmu.repo.syncActivity_syncLayer.SyncDownloadMasterRepo; import com.iemr.mmu.repo.syncActivity_syncLayer.TempVanRepo; import com.iemr.mmu.utils.CookieUtil; +import com.iemr.mmu.utils.RestTemplateUtil; import com.iemr.mmu.utils.mapper.InputMapper; import jakarta.servlet.http.HttpServletRequest; @@ -185,17 +186,7 @@ private int downloadDataFromServer(SyncDownloadMaster syncDownloadMaster, String // initializing RestTemplate RestTemplate restTemplate = new RestTemplate(); - HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()) - .getRequest(); - String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader); - - // Multivalue map for headers with content-type and auth key - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", ServerAuthorization); - headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie); - HttpEntity request = new HttpEntity(syncDownloadMaster, headers); - + HttpEntity request = RestTemplateUtil.createRequestEntity(syncDownloadMaster, ServerAuthorization); // Call rest-template to call API to download master data for given table ResponseEntity response = restTemplate.exchange(dataSyncDownloadUrl, HttpMethod.POST, request, String.class); @@ -342,17 +333,7 @@ public int callCentralAPIToGenerateBenIDAndimportToLocal(String requestOBJ, Stri int i = 0; // Rest template RestTemplate restTemplate = new RestTemplate(); - HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()) - .getRequest(); - String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader); - - // Multivalue map for headers with content-type and auth key - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", ServerAuthorization); - headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie); - HttpEntity request = new HttpEntity(requestOBJ, headers); - + HttpEntity request = RestTemplateUtil.createRequestEntity(requestOBJ, Authorization); // Call rest-template to call central API to generate UNIQUE ID at central ResponseEntity response = restTemplate.exchange(benGenUrlCentral, HttpMethod.POST, request, String.class); @@ -361,11 +342,7 @@ public int callCentralAPIToGenerateBenIDAndimportToLocal(String requestOBJ, Stri JSONObject obj = new JSONObject(response.getBody()); if (obj != null && obj.has("data") && obj.has("statusCode") && obj.getInt("statusCode") == 200) { // Consume the response from API and call local identity api to save data - MultiValueMap headers1 = new LinkedMultiValueMap(); - headers1.add("Content-Type", "application/json"); - headers1.add("AUTHORIZATION", Authorization); - HttpEntity request1 = new HttpEntity(obj.get("data").toString(), headers1); - + HttpEntity request1 = RestTemplateUtil.createRequestEntity(obj.get("data").toString(), Authorization); i = 1; // Call rest-template to call central API to generate UNIQUE ID at central ResponseEntity response1 = restTemplate.exchange(benImportUrlLocal, HttpMethod.POST, request1, diff --git a/src/main/java/com/iemr/mmu/service/dataSyncActivity/DownloadDataFromServerTransactionalImpl.java b/src/main/java/com/iemr/mmu/service/dataSyncActivity/DownloadDataFromServerTransactionalImpl.java index 79444b1a..0620716b 100644 --- a/src/main/java/com/iemr/mmu/service/dataSyncActivity/DownloadDataFromServerTransactionalImpl.java +++ b/src/main/java/com/iemr/mmu/service/dataSyncActivity/DownloadDataFromServerTransactionalImpl.java @@ -52,6 +52,7 @@ import com.iemr.mmu.repo.syncActivity_syncLayer.ItemStockEntryRepo; import com.iemr.mmu.repo.syncActivity_syncLayer.StockTransferRepo; import com.iemr.mmu.utils.CookieUtil; +import com.iemr.mmu.utils.RestTemplateUtil; import com.iemr.mmu.utils.mapper.InputMapper; import jakarta.servlet.http.HttpServletRequest; @@ -240,19 +241,10 @@ private JSONObject downloadDataFromCentral(String schemaName, String tableName, if (facilityID != null) { RestTemplate restTemplate = new RestTemplate(); - HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()) - .getRequest(); - String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader); SyncUploadDataDigester syncUploadDataDigester = new SyncUploadDataDigester(schemaName, tableName, facilityID); - // Multivalue map for headers with content-type and auth key - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", ServerAuthorization); - headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie); - HttpEntity request = new HttpEntity(syncUploadDataDigester, headers); - + HttpEntity request = RestTemplateUtil.createRequestEntity(syncUploadDataDigester, ServerAuthorization); // Call rest-template to call API to download master data for given table ResponseEntity response = restTemplate.exchange(dataSyncTransactionDownloadUrl, HttpMethod.POST, request, String.class); @@ -274,18 +266,9 @@ private int updateProcessedFlagToCentral(String schemaName, String tableName, Li int result = 0; RestTemplate restTemplate = new RestTemplate(); - HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()) - .getRequest(); - String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader); SyncUploadDataDigester syncUploadDataDigester = new SyncUploadDataDigester(schemaName, tableName, ids); - // Multivalue map for headers with content-type and auth key - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", ServerAuthorization); - headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie); - HttpEntity request = new HttpEntity(syncUploadDataDigester, headers); - + HttpEntity request = RestTemplateUtil.createRequestEntity(syncUploadDataDigester, ServerAuthorization); // Call rest-template to call API to download master data for given table ResponseEntity response = restTemplate.exchange(dataSyncProcessedFlagUpdate, HttpMethod.POST, request, String.class); diff --git a/src/main/java/com/iemr/mmu/service/dataSyncActivity/UploadDataToServerImpl.java b/src/main/java/com/iemr/mmu/service/dataSyncActivity/UploadDataToServerImpl.java index 2896d6be..e2977155 100644 --- a/src/main/java/com/iemr/mmu/service/dataSyncActivity/UploadDataToServerImpl.java +++ b/src/main/java/com/iemr/mmu/service/dataSyncActivity/UploadDataToServerImpl.java @@ -52,6 +52,7 @@ import com.iemr.mmu.repo.syncActivity_syncLayer.DataSyncGroupsRepo; import com.iemr.mmu.repo.syncActivity_syncLayer.SyncUtilityClassRepo; import com.iemr.mmu.utils.CookieUtil; +import com.iemr.mmu.utils.RestTemplateUtil; import jakarta.servlet.http.HttpServletRequest; @@ -349,9 +350,7 @@ public String syncDataToServer(int vanID, String schemaName, String tableName, S vanID, schemaName, tableName, vanAutoIncColumnName, serverColumns, user); RestTemplate restTemplate = new RestTemplate(); - HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()) - .getRequest(); - String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader); + Integer facilityID = masterVanRepo.getFacilityID(vanID); logger.debug("Fetched facilityID for vanID {}: {}", vanID, facilityID); @@ -374,11 +373,7 @@ public String syncDataToServer(int vanID, String schemaName, String tableName, S String requestOBJ = gson.toJson(dataMap); logger.debug("Serialized request object: {}", requestOBJ); - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", Authorization); - headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie); - HttpEntity request = new HttpEntity(requestOBJ, headers); + HttpEntity request = RestTemplateUtil.createRequestEntity(requestOBJ, Authorization); logger.info("Before Data sync upload Url" + dataSyncUploadUrl); ResponseEntity response = restTemplate.exchange(dataSyncUploadUrl, HttpMethod.POST, request, String.class); diff --git a/src/main/java/com/iemr/mmu/service/registrar/RegistrarServiceImpl.java b/src/main/java/com/iemr/mmu/service/registrar/RegistrarServiceImpl.java index 8be1ffee..b1d097be 100644 --- a/src/main/java/com/iemr/mmu/service/registrar/RegistrarServiceImpl.java +++ b/src/main/java/com/iemr/mmu/service/registrar/RegistrarServiceImpl.java @@ -69,6 +69,7 @@ import com.iemr.mmu.repo.registrar.ReistrarRepoBenSearch; import com.iemr.mmu.service.benFlowStatus.CommonBenStatusFlowServiceImpl; import com.iemr.mmu.utils.CookieUtil; +import com.iemr.mmu.utils.RestTemplateUtil; import com.iemr.mmu.utils.mapper.InputMapper; import com.iemr.mmu.utils.response.OutputResponse; @@ -698,14 +699,8 @@ public String registerBeneficiary(String comingRequest, String Authorization) th Long beneficiaryID = null; RestTemplate restTemplate = new RestTemplate(); - HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()) - .getRequest(); - String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader); - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", Authorization); - headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie); - HttpEntity request = new HttpEntity(comingRequest, headers); + + HttpEntity request = RestTemplateUtil.createRequestEntity(comingRequest, Authorization); ResponseEntity response = restTemplate.exchange(registrationUrl, HttpMethod.POST, request, String.class); if (response.getStatusCodeValue() == 200 & response.hasBody()) { @@ -732,15 +727,8 @@ public String registerBeneficiary(String comingRequest, String Authorization) th public Integer updateBeneficiary(String comingRequest, String Authorization) throws Exception { Integer returnOBJ = null; RestTemplate restTemplate = new RestTemplate(); - HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()) - .getRequest(); - String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader); - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", Authorization); - headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie); - HttpEntity request = new HttpEntity(comingRequest, headers); + HttpEntity request = RestTemplateUtil.createRequestEntity(comingRequest, Authorization); ResponseEntity response = restTemplate.exchange(beneficiaryEditUrl, HttpMethod.POST, request, String.class); @@ -759,16 +747,9 @@ public Integer updateBeneficiary(String comingRequest, String Authorization) thr public String beneficiaryQuickSearch(String requestObj, String Authorization) { String returnOBJ = null; RestTemplate restTemplate = new RestTemplate(); - HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()) - .getRequest(); - String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader); JSONObject obj = new JSONObject(requestObj); - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", Authorization); - headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie); + HttpEntity request = RestTemplateUtil.createRequestEntity(requestObj, Authorization); if (obj.has("beneficiaryID") && !obj.isNull("beneficiaryID")) { - HttpEntity request = new HttpEntity(requestObj, headers); ResponseEntity response = restTemplate.exchange(registrarQuickSearchByIdUrl, HttpMethod.POST, request, String.class); if (response.hasBody()) @@ -776,7 +757,6 @@ public String beneficiaryQuickSearch(String requestObj, String Authorization) { } else { if (obj.has("phoneNo") && !obj.isNull("phoneNo")) { - HttpEntity request = new HttpEntity(requestObj, headers); ResponseEntity response = restTemplate.exchange(registrarQuickSearchByPhoneNoUrl, HttpMethod.POST, request, String.class); if (response.hasBody()) @@ -791,15 +771,7 @@ public String beneficiaryQuickSearch(String requestObj, String Authorization) { public String beneficiaryAdvanceSearch(String requestObj, String Authorization) { String returnOBJ = null; RestTemplate restTemplate = new RestTemplate(); - HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()) - .getRequest(); - String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader); - JSONObject obj = new JSONObject(requestObj); - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", Authorization); - headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie); - HttpEntity request = new HttpEntity(requestObj, headers); + HttpEntity request = RestTemplateUtil.createRequestEntity(requestObj, Authorization); ResponseEntity response = restTemplate.exchange(registrarAdvanceSearchUrl, HttpMethod.POST, request, String.class); diff --git a/src/main/java/com/iemr/mmu/service/tele_consultation/TeleConsultationServiceImpl.java b/src/main/java/com/iemr/mmu/service/tele_consultation/TeleConsultationServiceImpl.java index d1577210..831729cc 100644 --- a/src/main/java/com/iemr/mmu/service/tele_consultation/TeleConsultationServiceImpl.java +++ b/src/main/java/com/iemr/mmu/service/tele_consultation/TeleConsultationServiceImpl.java @@ -59,6 +59,7 @@ import com.iemr.mmu.service.anc.Utility; import com.iemr.mmu.service.common.transaction.CommonDoctorServiceImpl; import com.iemr.mmu.utils.CookieUtil; +import com.iemr.mmu.utils.RestTemplateUtil; import com.iemr.mmu.utils.mapper.InputMapper; import com.iemr.mmu.utils.mapper.OutputMapper; @@ -196,14 +197,7 @@ public int cancelSlotForTCCancel(int userID, long benRegID, long visitCode, Stri String requestOBJ = OutputMapper.gson().toJson(obj); RestTemplate restTemplate = new RestTemplate(); - HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()) - .getRequest(); - String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader); - MultiValueMap headers = new LinkedMultiValueMap(); - headers.add("Content-Type", "application/json"); - headers.add("AUTHORIZATION", Authorization); - headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie); - HttpEntity request = new HttpEntity(requestOBJ, headers); + HttpEntity request = RestTemplateUtil.createRequestEntity(requestOBJ, Authorization); ResponseEntity response = restTemplate.exchange(tcSpecialistSlotCancel, HttpMethod.POST, request, String.class); diff --git a/src/main/java/com/iemr/mmu/utils/CookieUtil.java b/src/main/java/com/iemr/mmu/utils/CookieUtil.java index 1436cd65..34c821e5 100644 --- a/src/main/java/com/iemr/mmu/utils/CookieUtil.java +++ b/src/main/java/com/iemr/mmu/utils/CookieUtil.java @@ -23,8 +23,12 @@ public Optional getCookieValue(HttpServletRequest request, String cookie return Optional.empty(); } - public String getJwtTokenFromCookie(HttpServletRequest request) { - return Arrays.stream(request.getCookies()).filter(cookie -> "Jwttoken".equals(cookie.getName())) - .map(Cookie::getValue).findFirst().orElse(null); + public static String getJwtTokenFromCookie(HttpServletRequest request) { + Cookie[] cookies = request.getCookies(); + if (cookies == null) { + return null; // No cookies present, return null safely + } + return Arrays.stream(cookies).filter(cookie -> "Jwttoken".equals(cookie.getName())).map(Cookie::getValue) + .findFirst().orElse(null); } } diff --git a/src/main/java/com/iemr/mmu/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/mmu/utils/JwtUserIdValidationFilter.java index 0b9bb99e..b12307ff 100644 --- a/src/main/java/com/iemr/mmu/utils/JwtUserIdValidationFilter.java +++ b/src/main/java/com/iemr/mmu/utils/JwtUserIdValidationFilter.java @@ -6,6 +6,8 @@ import org.slf4j.LoggerFactory; import org.springframework.stereotype.Component; +import com.iemr.mmu.utils.http.AuthorizationHeaderRequestWrapper; + import jakarta.servlet.Filter; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; @@ -72,29 +74,35 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo if (jwtFromCookie != null) { logger.info("Validating JWT token from cookie"); if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromCookie)) { - filterChain.doFilter(servletRequest, servletResponse); + AuthorizationHeaderRequestWrapper authorizationHeaderRequestWrapper = new AuthorizationHeaderRequestWrapper( + request, ""); + filterChain.doFilter(authorizationHeaderRequestWrapper, servletResponse); return; } - } - - if (jwtFromHeader != null) { + } else if (jwtFromHeader != null) { logger.info("Validating JWT token from header"); if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromHeader)) { - filterChain.doFilter(servletRequest, servletResponse); + AuthorizationHeaderRequestWrapper authorizationHeaderRequestWrapper = new AuthorizationHeaderRequestWrapper( + request, ""); + filterChain.doFilter(authorizationHeaderRequestWrapper, servletResponse); + return; + } + } else { + String userAgent = request.getHeader("User-Agent"); + logger.info("User-Agent: " + userAgent); + if (userAgent != null && isMobileClient(userAgent) && authHeader != null) { + try { + UserAgentContext.setUserAgent(userAgent); + filterChain.doFilter(servletRequest, servletResponse); + } finally { + UserAgentContext.clear(); + } return; } - } - String userAgent = request.getHeader("User-Agent"); - logger.info("User-Agent: " + userAgent); - - if (userAgent != null && isMobileClient(userAgent) && authHeader != null) { - filterChain.doFilter(servletRequest, servletResponse); - return; } logger.warn("No valid authentication token found"); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized: Invalid or missing token"); - } catch (Exception e) { logger.error("Authorization error: ", e); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization error: " + e.getMessage()); diff --git a/src/main/java/com/iemr/mmu/utils/RestTemplateUtil.java b/src/main/java/com/iemr/mmu/utils/RestTemplateUtil.java new file mode 100644 index 00000000..82d1304d --- /dev/null +++ b/src/main/java/com/iemr/mmu/utils/RestTemplateUtil.java @@ -0,0 +1,43 @@ +package com.iemr.mmu.utils; + +import org.springframework.http.HttpEntity; +import org.springframework.http.HttpHeaders; +import org.springframework.http.MediaType; +import org.springframework.util.LinkedMultiValueMap; +import org.springframework.util.MultiValueMap; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import jakarta.servlet.http.HttpServletRequest; + +public class RestTemplateUtil { + public static HttpEntity createRequestEntity(Object body, String authorization) { + + ServletRequestAttributes servletRequestAttributes = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()); + if (servletRequestAttributes == null) { + MultiValueMap headers = new LinkedMultiValueMap<>(); + headers.add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE + ";charset=utf-8"); + headers.add(HttpHeaders.AUTHORIZATION, authorization); + return new HttpEntity<>(body, headers); + } + HttpServletRequest requestHeader = servletRequestAttributes.getRequest(); + String jwtTokenFromCookie = null; + try { + jwtTokenFromCookie = CookieUtil.getJwtTokenFromCookie(requestHeader); + + } catch (Exception e) { + e.printStackTrace(); + } + + MultiValueMap headers = new LinkedMultiValueMap<>(); + headers.add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE + ";charset=utf-8"); + headers.add(HttpHeaders.USER_AGENT, UserAgentContext.getUserAgent()); + headers.add(HttpHeaders.AUTHORIZATION, authorization); + headers.add("JwtToken",requestHeader.getHeader("JwtToken")); + headers.add(HttpHeaders.COOKIE, "Jwttoken=" + jwtTokenFromCookie); + + return new HttpEntity<>(body, headers); + } + +} + diff --git a/src/main/java/com/iemr/mmu/utils/UserAgentContext.java b/src/main/java/com/iemr/mmu/utils/UserAgentContext.java new file mode 100644 index 00000000..eeebc3ba --- /dev/null +++ b/src/main/java/com/iemr/mmu/utils/UserAgentContext.java @@ -0,0 +1,19 @@ +package com.iemr.mmu.utils; + +public class UserAgentContext { + private static final ThreadLocal userAgentHolder = new ThreadLocal<>(); + + public static void setUserAgent(String userAgent) { + userAgentHolder.set(userAgent); + } + + public static String getUserAgent() { + return userAgentHolder.get(); + } + + public static void clear() { + userAgentHolder.remove(); + } + +} + diff --git a/src/main/java/com/iemr/mmu/utils/http/AuthorizationHeaderRequestWrapper.java b/src/main/java/com/iemr/mmu/utils/http/AuthorizationHeaderRequestWrapper.java new file mode 100644 index 00000000..1079ebff --- /dev/null +++ b/src/main/java/com/iemr/mmu/utils/http/AuthorizationHeaderRequestWrapper.java @@ -0,0 +1,43 @@ +package com.iemr.mmu.utils.http; + +import java.util.Collections; +import java.util.Enumeration; +import java.util.List; + +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequestWrapper; + +public class AuthorizationHeaderRequestWrapper extends HttpServletRequestWrapper{ + private final String Authorization; + + public AuthorizationHeaderRequestWrapper(HttpServletRequest request, String authHeaderValue) { + super(request); + this.Authorization = authHeaderValue; + } + + @Override + public String getHeader(String name) { + if ("Authorization".equalsIgnoreCase(name)) { + return Authorization; + } + return super.getHeader(name); + } + + @Override + public Enumeration getHeaders(String name) { + if ("Authorization".equalsIgnoreCase(name)) { + return Collections.enumeration(Collections.singletonList(Authorization)); + } + return super.getHeaders(name); + } + + @Override + public Enumeration getHeaderNames() { + List names = Collections.list(super.getHeaderNames()); + if (!names.contains("Authorization")) { + names.add("Authorization"); + } + return Collections.enumeration(names); + } +} + diff --git a/src/main/java/com/iemr/mmu/utils/http/HttpInterceptor.java b/src/main/java/com/iemr/mmu/utils/http/HttpInterceptor.java index 1c799988..9a5adeba 100644 --- a/src/main/java/com/iemr/mmu/utils/http/HttpInterceptor.java +++ b/src/main/java/com/iemr/mmu/utils/http/HttpInterceptor.java @@ -60,6 +60,10 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons boolean status = true; logger.debug("In preHandle we are Intercepting the Request"); String authorization = request.getHeader("Authorization"); + if (authorization == null || authorization.isEmpty()) { + logger.info("Authorization header is null or empty. Skipping HTTPRequestInterceptor."); + return true; // Allow the request to proceed without validation + } logger.debug("RequestURI:: {} " , request.getRequestURI() , " || Authorization :: {} " , authorization + " || method :: {} " , request.getMethod()); if (!request.getMethod().equalsIgnoreCase("OPTIONS")) { From e06a30a4f9e8a68470fc3cef9a0acbb9b724a4b1 Mon Sep 17 00:00:00 2001 From: Ravi Shanigarapu Date: Thu, 22 May 2025 19:46:03 +0530 Subject: [PATCH 2/3] null check --- .../com/iemr/mmu/utils/RestTemplateUtil.java | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/src/main/java/com/iemr/mmu/utils/RestTemplateUtil.java b/src/main/java/com/iemr/mmu/utils/RestTemplateUtil.java index 82d1304d..6e048869 100644 --- a/src/main/java/com/iemr/mmu/utils/RestTemplateUtil.java +++ b/src/main/java/com/iemr/mmu/utils/RestTemplateUtil.java @@ -1,5 +1,7 @@ package com.iemr.mmu.utils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.http.HttpEntity; import org.springframework.http.HttpHeaders; import org.springframework.http.MediaType; @@ -11,6 +13,8 @@ import jakarta.servlet.http.HttpServletRequest; public class RestTemplateUtil { + private final static Logger logger = LoggerFactory.getLogger(RestTemplateUtil.class); + public static HttpEntity createRequestEntity(Object body, String authorization) { ServletRequestAttributes servletRequestAttributes = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()); @@ -26,18 +30,21 @@ public static HttpEntity createRequestEntity(Object body, String authori jwtTokenFromCookie = CookieUtil.getJwtTokenFromCookie(requestHeader); } catch (Exception e) { - e.printStackTrace(); + logger.error("Error while getting jwtToken from Cookie" + e.getMessage() ); } MultiValueMap headers = new LinkedMultiValueMap<>(); headers.add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE + ";charset=utf-8"); - headers.add(HttpHeaders.USER_AGENT, UserAgentContext.getUserAgent()); + if(null != UserAgentContext.getUserAgent()) { + headers.add(HttpHeaders.USER_AGENT, UserAgentContext.getUserAgent()); + } headers.add(HttpHeaders.AUTHORIZATION, authorization); headers.add("JwtToken",requestHeader.getHeader("JwtToken")); - headers.add(HttpHeaders.COOKIE, "Jwttoken=" + jwtTokenFromCookie); + if(null != jwtTokenFromCookie) { + headers.add(HttpHeaders.COOKIE, "Jwttoken=" + jwtTokenFromCookie); + } return new HttpEntity<>(body, headers); } -} - +} \ No newline at end of file From 0951bfb1517d6e79668b5f98eb27facb65cbd9ee Mon Sep 17 00:00:00 2001 From: Ravi Shanigarapu Date: Sun, 25 May 2025 18:04:14 +0530 Subject: [PATCH 3/3] Constants and null check added --- src/main/java/com/iemr/mmu/utils/Constants.java | 9 +++++++++ .../com/iemr/mmu/utils/JwtUserIdValidationFilter.java | 9 ++++----- src/main/java/com/iemr/mmu/utils/RestTemplateUtil.java | 3 ++- 3 files changed, 15 insertions(+), 6 deletions(-) create mode 100644 src/main/java/com/iemr/mmu/utils/Constants.java diff --git a/src/main/java/com/iemr/mmu/utils/Constants.java b/src/main/java/com/iemr/mmu/utils/Constants.java new file mode 100644 index 00000000..34c2b93c --- /dev/null +++ b/src/main/java/com/iemr/mmu/utils/Constants.java @@ -0,0 +1,9 @@ +package com.iemr.mmu.utils; + +public class Constants { + public static final String JWT_TOKEN = "Jwttoken"; + public static final String USER_AGENT = "User-Agent"; + public static final String OKHTTP = "okhttp"; + + private Constants() {} +} diff --git a/src/main/java/com/iemr/mmu/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/mmu/utils/JwtUserIdValidationFilter.java index b12307ff..f2be56c7 100644 --- a/src/main/java/com/iemr/mmu/utils/JwtUserIdValidationFilter.java +++ b/src/main/java/com/iemr/mmu/utils/JwtUserIdValidationFilter.java @@ -51,7 +51,6 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo } // Log headers for debugging - String jwtTokenFromHeader = request.getHeader("Jwttoken"); logger.info("JWT token from header: "); // Skip login and public endpoints @@ -68,7 +67,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo try { String jwtFromCookie = getJwtTokenFromCookies(request); - String jwtFromHeader = request.getHeader("JwtToken"); + String jwtFromHeader = request.getHeader(Constants.JWT_TOKEN); String authHeader = request.getHeader("Authorization"); if (jwtFromCookie != null) { @@ -88,7 +87,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo return; } } else { - String userAgent = request.getHeader("User-Agent"); + String userAgent = request.getHeader(Constants.USER_AGENT); logger.info("User-Agent: " + userAgent); if (userAgent != null && isMobileClient(userAgent) && authHeader != null) { try { @@ -112,13 +111,13 @@ private boolean isMobileClient(String userAgent) { if (userAgent == null) return false; userAgent = userAgent.toLowerCase(); - return userAgent.contains("okhttp"); // iOS (custom clients) + return userAgent.contains(Constants.OKHTTP); // iOS (custom clients) } private String getJwtTokenFromCookies(HttpServletRequest request) { Cookie[] cookies = request.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { - if (cookie.getName().equals("Jwttoken")) { + if (cookie.getName().equalsIgnoreCase(Constants.JWT_TOKEN)) { return cookie.getValue(); } } diff --git a/src/main/java/com/iemr/mmu/utils/RestTemplateUtil.java b/src/main/java/com/iemr/mmu/utils/RestTemplateUtil.java index 6e048869..18e1037e 100644 --- a/src/main/java/com/iemr/mmu/utils/RestTemplateUtil.java +++ b/src/main/java/com/iemr/mmu/utils/RestTemplateUtil.java @@ -39,7 +39,8 @@ public static HttpEntity createRequestEntity(Object body, String authori headers.add(HttpHeaders.USER_AGENT, UserAgentContext.getUserAgent()); } headers.add(HttpHeaders.AUTHORIZATION, authorization); - headers.add("JwtToken",requestHeader.getHeader("JwtToken")); + if(null != requestHeader.getHeader(Constants.JWT_TOKEN)) + headers.add(Constants.JWT_TOKEN,requestHeader.getHeader(Constants.JWT_TOKEN)); if(null != jwtTokenFromCookie) { headers.add(HttpHeaders.COOKIE, "Jwttoken=" + jwtTokenFromCookie); }