diff --git a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java index 969da31d..3d0248fc 100644 --- a/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java +++ b/src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java @@ -1894,24 +1894,26 @@ public BenMenstrualDetails getMenstrualHistory(Long beneficiaryRegID, Long visit BenMenstrualDetails menstrualHistoryDetails = BenMenstrualDetails.getBenMenstrualDetails(menstrualHistory); // CRs changes, 30-10-2018 - String problemID = menstrualHistoryDetails.getMenstrualProblemID(); - String problemName = menstrualHistoryDetails.getProblemName(); - - if (problemID != null && problemName != null) { - String[] problemIdArr = problemID.split(","); - String[] problemNameArr = problemName.split(","); - ArrayList> menstrualProblemList = new ArrayList<>(); - Map menstrualProblemMap = null; - - if (problemIdArr.length == problemNameArr.length) { - for (int i = 0; i < problemIdArr.length; i++) { - menstrualProblemMap = new HashMap(); - menstrualProblemMap.put("menstrualProblemID", problemIdArr[i]); - menstrualProblemMap.put("problemName", problemNameArr[i]); - menstrualProblemList.add(menstrualProblemMap); + if (null != menstrualHistoryDetails) { + String problemID = menstrualHistoryDetails.getMenstrualProblemID(); + String problemName = menstrualHistoryDetails.getProblemName(); + + if (problemID != null && problemName != null) { + String[] problemIdArr = problemID.split(","); + String[] problemNameArr = problemName.split(","); + ArrayList> menstrualProblemList = new ArrayList<>(); + Map menstrualProblemMap = null; + + if (problemIdArr.length == problemNameArr.length) { + for (int i = 0; i < problemIdArr.length; i++) { + menstrualProblemMap = new HashMap(); + menstrualProblemMap.put("menstrualProblemID", problemIdArr[i]); + menstrualProblemMap.put("problemName", problemNameArr[i]); + menstrualProblemList.add(menstrualProblemMap); + } } + menstrualHistoryDetails.setMenstrualProblemList(menstrualProblemList); } - menstrualHistoryDetails.setMenstrualProblemList(menstrualProblemList); } return menstrualHistoryDetails; diff --git a/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java index 3da6123d..193cc65d 100644 --- a/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java +++ b/src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java @@ -48,49 +48,60 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo logger.info("No cookies found in the request"); } - // Log headers for debugging - String jwtTokenFromHeader = request.getHeader("Jwttoken"); - logger.info("JWT token from header: "); - // Skip login and public endpoints if (path.equals(contextPath + "/user/userAuthenticate") || path.equalsIgnoreCase(contextPath + "/user/logOutUserFromConcurrentSession") - || path.startsWith(contextPath + "/swagger-ui") - || path.startsWith(contextPath + "/v3/api-docs") - || path.startsWith(contextPath + "/user/refreshToken") - || path.startsWith(contextPath + "/public")) { + || path.startsWith(contextPath + "/swagger-ui") || path.startsWith(contextPath + "/v3/api-docs") + || path.startsWith(contextPath + "/user/refreshToken") || path.startsWith(contextPath + "/public")) { logger.info("Skipping filter for path: " + path); filterChain.doFilter(servletRequest, servletResponse); return; } try { - // Retrieve JWT token from cookies - String jwtTokenFromCookie = getJwtTokenFromCookies(request); - logger.info("JWT token from cookie: "); - - // Determine which token (cookie or header) to validate - String jwtToken = jwtTokenFromCookie != null ? jwtTokenFromCookie : jwtTokenFromHeader; - if (jwtToken == null) { - response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "JWT token not found in cookies or headers"); - return; + String jwtFromCookie = getJwtTokenFromCookies(request); + String jwtFromHeader = request.getHeader("JwtToken"); + String authHeader = request.getHeader("Authorization"); + + if (jwtFromCookie != null) { + logger.info("Validating JWT token from cookie"); + if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromCookie)) { + filterChain.doFilter(servletRequest, servletResponse); + return; + } } - // Validate JWT token and userId - boolean isValid = jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtToken); + if (jwtFromHeader != null) { + logger.info("Validating JWT token from header"); + if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromHeader)) { + filterChain.doFilter(servletRequest, servletResponse); + return; + } + } + String userAgent = request.getHeader("User-Agent"); + logger.info("User-Agent: " + userAgent); - if (isValid) { - // If token is valid, allow the request to proceed + if (userAgent != null && isMobileClient(userAgent) && authHeader != null) { filterChain.doFilter(servletRequest, servletResponse); - } else { - response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid JWT token"); + return; } + + logger.warn("No valid authentication token found"); + response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized: Invalid or missing token"); + } catch (Exception e) { logger.error("Authorization error: ", e); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization error: " + e.getMessage()); } } + private boolean isMobileClient(String userAgent) { + if (userAgent == null) + return false; + userAgent = userAgent.toLowerCase(); + return userAgent.contains("okhttp"); // iOS (custom clients) + } + private String getJwtTokenFromCookies(HttpServletRequest request) { Cookie[] cookies = request.getCookies(); if (cookies != null) {