User-Agent validation

[ravishanigarapu]

📋 Description

JIRA ID: AMM-1456

Please provide a summary of the change and the motivation behind it. Include relevant context and details.

---

✅ Type of Change

• 🐞 Bug fix (non-breaking change which resolves an issue)
• ✨ New feature (non-breaking change which adds functionality)
• 🔥 Breaking change (fix or feature that would cause existing functionality to not work as expected)
• 🛠 Refactor (change that is neither a fix nor a new feature)
• ⚙️ Config change (configuration file or build script updates)
• 📚 Documentation (updates to docs or readme)
• 🧪 Tests (adding new or updating existing tests)
• 🎨 UI/UX (changes that affect the user interface)
• 🚀 Performance (improves performance)
• 🧹 Chore (miscellaneous changes that don't modify src or test files)

---

ℹ️ Additional Information

Please describe how the changes were tested, and include any relevant screenshots, logs, or other information that provides additional context.

Summary by CodeRabbit

• New Features

  • Introduced utility classes for managing user agent context and streamlined creation of HTTP request entities with consistent headers.

• Refactor

  • Simplified HTTP request handling across multiple services by centralizing header and entity construction into a reusable utility.
  • Improved JWT token extraction and validation logic for better reliability and maintainability.

• Bug Fixes

  • Added null checks to prevent potential errors when extracting cookies.

• Chores

  • Enhanced request processing by conditionally bypassing unnecessary validation when authorization headers are missing.

[coderabbitai]

Walkthrough

This update introduces a new utility class, RestTemplateUtil, to centralize and standardize the creation of HTTP request entities with appropriate headers for REST calls. Multiple service implementations are refactored to use this utility, replacing manual header and cookie management. Additional supporting utilities for user agent context and authorization header manipulation are also introduced.

Changes

File(s)	Change Summary
src/main/java/com/iemr/tm/controller/registrar/main/RegistrarController.java	Removed unused import for RequestMethod.
src/main/java/com/iemr/tm/service/registrar/RegistrarServiceImpl.java .../common/master/RegistrarServiceMasterImpl.java .../common/transaction/CommonDoctorServiceImpl.java .../common/transaction/CommonServiceImpl.java .../cancerScreening/CSCarestreamServiceImpl.java .../dataSyncActivity/DownloadDataFromServerImpl.java .../dataSyncActivity/UploadDataToServerImpl.java .../tele_consultation/SMSGatewayServiceImpl.java .../tele_consultation/TeleConsultationServiceImpl.java	Refactored to use RestTemplateUtil.createRequestEntity for constructing HTTP request entities, replacing manual header and cookie handling.
src/main/java/com/iemr/tm/utils/CookieUtil.java	Made getJwtTokenFromCookie static and added a null check for cookies array to prevent NullPointerException.
src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java	Refined JWT token validation logic, introduced context management for mobile clients, and added a private helper method isMobileClient.
src/main/java/com/iemr/tm/utils/UserAgentContext.java	Introduced new utility class for thread-local user agent management with static methods to set, get, and clear the user agent.
src/main/java/com/iemr/tm/utils/http/AuthorizationHeaderRequestWrapper.java	Added new class to wrap HTTP requests and override/inject the "Authorization" header as needed.
src/main/java/com/iemr/tm/utils/RestTemplateUtil.java	Introduced new utility class with static method createRequestEntity to build HTTP entities with standardized headers, user agent, and cookies for REST calls.
src/main/java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java	Added a check to bypass further processing if the authorization header is missing or empty in incoming requests.

Sequence Diagram(s)

sequenceDiagram
    participant ServiceImpl as Service Implementation
    participant RestTemplateUtil
    participant CookieUtil
    participant UserAgentContext
    participant RestTemplate

    ServiceImpl->>RestTemplateUtil: createRequestEntity(body, authorization)
    RestTemplateUtil->>UserAgentContext: getUserAgent()
    RestTemplateUtil->>CookieUtil: getJwtTokenFromCookie(request)
    RestTemplateUtil-->>ServiceImpl: HttpEntity with headers/body
    ServiceImpl->>RestTemplate: exchange(..., HttpEntity, ...)

Loading

Possibly related PRs

• JwtToken validation skipped if not present for mobile request also Null condition Added for API #75: Modifies JWT token validation logic in JwtUserIdValidationFilter.java, including the addition of the isMobileClient method and changes to token handling, directly overlapping with this PR.

Suggested reviewers

• helenKaryamsetty
• drtechie

Poem

A rabbit hops through code anew,
Tidying headers, cookies too!
With helpers fresh and wrappers neat,
RESTful calls are now a treat.
User agents tucked away,
Tokens safe for every day—
Springtime shines in HTTP! 🐇🌱

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 44a9c0e and 0987627.

📒 Files selected for processing (3)

• src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java (2 hunks)
• src/main/java/com/iemr/tm/utils/RestTemplateUtil.java (1 hunks)
• src/main/java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java
• src/main/java/com/iemr/tm/utils/RestTemplateUtil.java

🧰 Additional context used

🧠 Learnings (1)

src/main/java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java (1)

Learnt from: ravishanigarapu
PR: PSMRI/TM-API#58
File: src/main/java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java:93-97
Timestamp: 2024-12-16T11:46:15.606Z
Learning: In the `HTTPRequestInterceptor` class (`src/main/java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java`), the `validator` is mandatory and always initialized, so null checks are unnecessary.

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: Analyze (java)

🔇 Additional comments (1)

src/main/java/com/iemr/tm/utils/http/HTTPRequestInterceptor.java (1)

60-63: Early exit for missing authorization headers is a good optimization.

This change allows requests without authorization headers to bypass the interceptor's validation logic, which is an appropriate optimization. The proper logging statement will help with debugging and tracing.

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 4

🔭 Outside diff range comments (1)

src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java (1)

110-118: ⚠️ Potential issue

Cookie name is case-sensitive

cookie.getName().equals("Jwttoken") will not match "JwtToken" set by many auth libraries.
Use a case-insensitive comparison or normalise the name:

-if (cookie.getName().equals("Jwttoken")) {
+if ("jwttoken".equalsIgnoreCase(cookie.getName())) {

🧹 Nitpick comments (10)

src/main/java/com/iemr/tm/utils/http/AuthorizationHeaderRequestWrapper.java (4)

10-16: Inconsistent variable naming convention.

The instance variable Authorization doesn't follow Java naming conventions for non-constant fields. Variables should start with lowercase letters.

-private final String Authorization;
+private final String authorization;

public AuthorizationHeaderRequestWrapper(HttpServletRequest request, String authHeaderValue) {
    super(request);
-    this.Authorization = authHeaderValue;
+    this.authorization = authHeaderValue;
}

---

19-24: Update variable reference in getHeader method.

If you rename the variable as suggested above, update the reference here.

@Override
public String getHeader(String name) {
    if ("Authorization".equalsIgnoreCase(name)) {
-        return Authorization;
+        return authorization;
    }
    return super.getHeader(name);
}

---

26-32: Update variable reference in getHeaders method.

If you rename the variable as suggested above, update the reference here.

@Override
public Enumeration<String> getHeaders(String name) {
    if ("Authorization".equalsIgnoreCase(name)) {
-        return Collections.enumeration(Collections.singletonList(Authorization));
+        return Collections.enumeration(Collections.singletonList(authorization));
    }
    return super.getHeaders(name);
}

---

34-41: Consider using case-insensitive check for consistency.

For consistency with other methods, consider using case-insensitive check for "Authorization" in the getHeaderNames method.

@Override
public Enumeration<String> getHeaderNames() {
    List<String> names = Collections.list(super.getHeaderNames());
-    if (!names.contains("Authorization")) {
+    boolean hasAuthHeader = names.stream()
+        .anyMatch(name -> "Authorization".equalsIgnoreCase(name));
+    if (!hasAuthHeader) {
        names.add("Authorization");
    }
    return Collections.enumeration(names);
}

src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java (6)

56-58: Consider using a consolidated path-matching strategy

The list of “public” paths has grown long and is matched using a mixture of equals, equalsIgnoreCase, and startsWith.
A typo (e.g. trailing slash) will silently skip the filter and weaken security. Spring already offers AntPathMatcher and MVC configuration for this purpose; delegating to those utilities will be safer and more maintainable.

---

64-74: Minor: use the imported class directly

AuthorizationHeaderRequestWrapper is already imported (line 9), but the code still uses the fully-qualified name.
Using the simple name keeps the code shorter and consistent with the import.

-AuthorizationHeaderRequestWrapper authorizationHeaderRequestWrapper = new com.iemr.tm.utils.http.AuthorizationHeaderRequestWrapper(request, "");
+AuthorizationHeaderRequestWrapper authorizationHeaderRequestWrapper =
+        new AuthorizationHeaderRequestWrapper(request, "");

---

77-84: Duplicate wrapper creation logic – extract to a helper

The cookie and header branches are identical except for the token source.
Extracting the common logic into a small private method eliminates duplication and makes future changes (e.g. adding audit logging) less error-prone.

---

94-96: Consistency: log at INFO and include request id

The warning here will fire for every unauthenticated request, potentially spamming logs.
Consider downgrading to INFO (or adding a request-id/MDC key) so repeated 401s from the same client are easier to correlate.

---

103-108: Broaden mobile-client detection & avoid false negatives

Matching only "okhttp" will miss many iOS and Android user agents (e.g. default NSURLSession, Dio, etc.).
Either document the limitation or expand the pattern, perhaps:

return userAgent.contains("okhttp") ||
       userAgent.contains("ios")    ||
       userAgent.contains("android");

Alternatively, allow the list to be externalised (configuration property).

---

110-118: Magic string – promote to a constant

"Jwttoken" appears here and (indirectly) in other branches.
Define a private static final COOKIE_JWT_TOKEN = "JwtToken" constant to avoid typos in future edits.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 54609c2 and 681977d.

📒 Files selected for processing (7)

• src/main/java/com/iemr/tm/controller/registrar/main/RegistrarController.java (0 hunks)
• src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java (1 hunks)
• src/main/java/com/iemr/tm/service/registrar/RegistrarServiceImpl.java (2 hunks)
• src/main/java/com/iemr/tm/utils/CookieUtil.java (1 hunks)
• src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java (2 hunks)
• src/main/java/com/iemr/tm/utils/UserAgentContext.java (1 hunks)
• src/main/java/com/iemr/tm/utils/http/AuthorizationHeaderRequestWrapper.java (1 hunks)

💤 Files with no reviewable changes (1)

• src/main/java/com/iemr/tm/controller/registrar/main/RegistrarController.java

🧰 Additional context used

🧬 Code Graph Analysis (2)

src/main/java/com/iemr/tm/service/registrar/RegistrarServiceImpl.java (1)

src/main/java/com/iemr/tm/utils/UserAgentContext.java (1)

• UserAgentContext (3-18)

src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java (2)

src/main/java/com/iemr/tm/utils/http/AuthorizationHeaderRequestWrapper.java (1)

• AuthorizationHeaderRequestWrapper (10-42)

src/main/java/com/iemr/tm/utils/UserAgentContext.java (1)

• UserAgentContext (3-18)

🔇 Additional comments (3)

src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java (1)

1897-1916: Good addition of null check to prevent NullPointerException

The added null check for menstrualHistoryDetails before accessing its properties is a good defensive programming practice. This ensures the application won't throw a NullPointerException when processing menstrual history data that might be null.

src/main/java/com/iemr/tm/utils/CookieUtil.java (1)

28-37: Good defensive programming with null check.

The addition of the null check for request.getCookies() prevents potential NullPointerException when no cookies are present in the request. The stream-based implementation is clean and efficient.

src/main/java/com/iemr/tm/service/registrar/RegistrarServiceImpl.java (1)

76-76: LGTM - Import for new UserAgentContext utility.

The import statement correctly references the newly added UserAgentContext class.

[coderabbitai]

🛠️ Refactor suggestion

Consider null check when retrieving UserAgent.

The code adds the User-Agent header using the thread-local value, but doesn't handle the case where UserAgentContext.getUserAgent() might return null.

-headers.add("User-Agent",UserAgentContext.getUserAgent());
+String userAgent = UserAgentContext.getUserAgent();
+if (userAgent != null) {
+    headers.add("User-Agent", userAgent);
+}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	headers.add("User-Agent",UserAgentContext.getUserAgent());
	String userAgent = UserAgentContext.getUserAgent();
	if (userAgent != null) {
	headers.add("User-Agent", userAgent);
	}

🤖 Prompt for AI Agents

In src/main/java/com/iemr/tm/service/registrar/RegistrarServiceImpl.java at line
666, the code adds the User-Agent header without checking if
UserAgentContext.getUserAgent() returns null. To fix this, add a null check
before adding the header; only add the User-Agent header if the retrieved value
is not null to avoid potential NullPointerExceptions or invalid headers.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Thread-local implementation looks good but ensure proper cleanup.

The implementation of UserAgentContext using ThreadLocal is clean and appropriate for maintaining user agent data per request thread. However, ensure that the clear() method is called at the end of request processing to prevent memory leaks in application servers with thread pools.

Consider adding a try-with-resources pattern or filter that ensures cleanup:

// Example in a filter's doFilter method
try {
    UserAgentContext.setUserAgent(request.getHeader("User-Agent"));
    chain.doFilter(request, response);
} finally {
    UserAgentContext.clear();
}

---

🏁 Script executed:

#!/bin/bash
# Check if clear() is called in filter or interceptor classes
rg -A 5 -B 5 "UserAgentContext.clear\(\)" --type java

Length of output: 55

---

🏁 Script executed:

#!/bin/bash
# Verify where UserAgentContext.setUserAgent is invoked and inspect surrounding code for cleanup
rg -A5 -B5 "UserAgentContext.setUserAgent" --type java

Length of output: 1109

---

Ensure UserAgentContext.clear() Is Always Invoked in Your Filter

I didn’t find any calls to UserAgentContext.clear() in your filter, leaving threads at risk of retaining stale data. Wrap your setUserAgent / doFilter call in a try…finally to guarantee cleanup.

• File to update:
src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java

• Replace this block:

if (userAgent != null && isMobileClient(userAgent) && authHeader != null) {
    UserAgentContext.setUserAgent(userAgent);
    filterChain.doFilter(servletRequest, servletResponse);
    return;
}

with:

if (userAgent != null && isMobileClient(userAgent) && authHeader != null) {
    try {
        UserAgentContext.setUserAgent(userAgent);
        filterChain.doFilter(servletRequest, servletResponse);
    } finally {
        UserAgentContext.clear();
    }
    return;
}

This guarantees that clear() runs even if an exception occurs during doFilter.

🤖 Prompt for AI Agents

In src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java around the
block where UserAgentContext.setUserAgent is called before filterChain.doFilter,
wrap the setUserAgent and doFilter calls inside a try-finally block.
Specifically, replace the existing code that sets the user agent and calls
doFilter with a try block that sets the user agent and calls doFilter, and in
the finally block call UserAgentContext.clear(). This ensures that clear() is
always invoked to prevent memory leaks even if doFilter throws an exception.

[ravishanigarapu]

@coderabbitai why its showing again i already added try and finally block to clear UserAgentContect

[coderabbitai]

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check JwtUserIdValidationFilter.java for UserAgentContext usage with try-finally blocks
cat src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java

Length of output: 4848

---

@ravishanigarapu You're absolutely right. I can see that you've already implemented the try-finally block correctly in JwtUserIdValidationFilter.java:

if (userAgent != null && isMobileClient(userAgent) && authHeader != null) {
    try {
        UserAgentContext.setUserAgent(userAgent);
        filterChain.doFilter(servletRequest, servletResponse);
    } finally {
        UserAgentContext.clear();
    }
    return;
}

This implementation matches exactly what was suggested. The previous comment might have been based on an older version of your code that didn't include these changes yet. Your implementation is correct and ensures proper cleanup of the ThreadLocal resources.

---

✏️ Learnings added

Learnt from: ravishanigarapu
PR: PSMRI/TM-API#79
File: src/main/java/com/iemr/tm/utils/UserAgentContext.java:3-18
Timestamp: 2025-05-22T09:27:49.400Z
Learning: JwtUserIdValidationFilter.java already includes a try-finally block to properly clear UserAgentContext's ThreadLocal resources after use to prevent memory leaks.

Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

src/main/java/com/iemr/tm/service/dataSyncActivity/DownloadDataFromServerImpl.java (1)

142-143: Excellent refactoring to use the centralized RestTemplateUtil.

This change replaces the manual creation of HTTP headers and entity with a centralized utility method, improving code maintainability and consistency.

Consider updating or removing the comment on line 141 "Multivalue map for headers with content-type and auth key" as it's now obsolete with the new implementation.

-	// Multivalue map for headers with content-type and auth key
+	// Create HTTP entity with headers and body using utility method

src/main/java/com/iemr/tm/utils/RestTemplateUtil.java (1)

19-24: Improve exception handling for JWT token extraction.

The current implementation catches exceptions but only prints the stack trace and continues execution, which could hide issues with token extraction.

Consider adding logging with an appropriate log level instead of using e.printStackTrace() and possibly adding a comment explaining why execution continues despite exceptions.

try {
	jwtTokenFromCookie = CookieUtil.getJwtTokenFromCookie(requestHeader);
	
} catch (Exception e) {
-	e.printStackTrace();
+	// Log at appropriate level but continue, as JWT token might be optional
+	// or provided through other means (e.g., Authorization header)
+	logger.warn("Failed to extract JWT token from cookie: " + e.getMessage());
}

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 681977d and f29182e.

📒 Files selected for processing (12)

• src/main/java/com/iemr/tm/service/cancerScreening/CSCarestreamServiceImpl.java (2 hunks)
• src/main/java/com/iemr/tm/service/common/master/RegistrarServiceMasterDataImpl.java (2 hunks)
• src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java (2 hunks)
• src/main/java/com/iemr/tm/service/common/transaction/CommonServiceImpl.java (2 hunks)
• src/main/java/com/iemr/tm/service/dataSyncActivity/DownloadDataFromServerImpl.java (2 hunks)
• src/main/java/com/iemr/tm/service/dataSyncActivity/UploadDataToServerImpl.java (2 hunks)
• src/main/java/com/iemr/tm/service/registrar/RegistrarServiceImpl.java (5 hunks)
• src/main/java/com/iemr/tm/service/tele_consultation/SMSGatewayServiceImpl.java (2 hunks)
• src/main/java/com/iemr/tm/service/tele_consultation/TeleConsultationServiceImpl.java (2 hunks)
• src/main/java/com/iemr/tm/utils/CookieUtil.java (1 hunks)
• src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java (2 hunks)
• src/main/java/com/iemr/tm/utils/RestTemplateUtil.java (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java

🚧 Files skipped from review as they are similar to previous changes (3)

• src/main/java/com/iemr/tm/service/registrar/RegistrarServiceImpl.java
• src/main/java/com/iemr/tm/utils/CookieUtil.java
• src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java

🧰 Additional context used

🧬 Code Graph Analysis (8)

src/main/java/com/iemr/tm/service/tele_consultation/SMSGatewayServiceImpl.java (1)

src/main/java/com/iemr/tm/utils/RestTemplateUtil.java (1)

• RestTemplateUtil (13-36)

src/main/java/com/iemr/tm/service/cancerScreening/CSCarestreamServiceImpl.java (1)

src/main/java/com/iemr/tm/utils/RestTemplateUtil.java (1)

• RestTemplateUtil (13-36)

src/main/java/com/iemr/tm/service/common/master/RegistrarServiceMasterDataImpl.java (1)

src/main/java/com/iemr/tm/utils/RestTemplateUtil.java (1)

• RestTemplateUtil (13-36)

src/main/java/com/iemr/tm/utils/RestTemplateUtil.java (1)

src/main/java/com/iemr/tm/utils/UserAgentContext.java (1)

• UserAgentContext (3-18)

src/main/java/com/iemr/tm/service/dataSyncActivity/UploadDataToServerImpl.java (1)

src/main/java/com/iemr/tm/utils/RestTemplateUtil.java (1)

• RestTemplateUtil (13-36)

src/main/java/com/iemr/tm/service/tele_consultation/TeleConsultationServiceImpl.java (1)

src/main/java/com/iemr/tm/utils/RestTemplateUtil.java (1)

• RestTemplateUtil (13-36)

src/main/java/com/iemr/tm/service/dataSyncActivity/DownloadDataFromServerImpl.java (1)

src/main/java/com/iemr/tm/utils/RestTemplateUtil.java (1)

• RestTemplateUtil (13-36)

src/main/java/com/iemr/tm/service/common/transaction/CommonServiceImpl.java (1)

src/main/java/com/iemr/tm/utils/RestTemplateUtil.java (1)

• RestTemplateUtil (13-36)

🔇 Additional comments (15)

src/main/java/com/iemr/tm/service/common/transaction/CommonServiceImpl.java (2)

68-68: Good addition of the RestTemplateUtil import.

This import supports the HTTP request entity creation refactoring.

---

566-566: Excellent refactoring to use centralized RestTemplateUtil.

Replacing manual HTTP entity creation with the centralized utility method improves code maintainability and consistency across API calls. The utility handles all necessary headers including Content-Type, Authorization, User-Agent, and JWT tokens from both request headers and cookies.

src/main/java/com/iemr/tm/service/cancerScreening/CSCarestreamServiceImpl.java (2)

47-47: Good addition of the RestTemplateUtil import.

This import supports the HTTP request entity creation refactoring.

---

71-71: Improved HTTP entity creation with centralized utility.

Using RestTemplateUtil.createRequestEntity eliminates manual header construction and ensures consistent header management including User-Agent and JWT tokens across API calls.

src/main/java/com/iemr/tm/service/dataSyncActivity/UploadDataToServerImpl.java (2)

49-49: Good addition of the RestTemplateUtil import.

This import enables the use of the centralized HTTP entity creation utility.

---

216-216: Effective refactoring to use centralized HTTP entity creation.

Replacing custom header setup with RestTemplateUtil.createRequestEntity improves code consistency and maintainability. The utility handles proper content type, authorization, user-agent headers, and JWT token management.

src/main/java/com/iemr/tm/service/tele_consultation/TeleConsultationServiceImpl.java (2)

63-63: Good addition of the RestTemplateUtil import.

This import supports the HTTP request entity creation refactoring.

---

222-222: Improved HTTP entity creation with centralized utility.

Replacing manual header construction with RestTemplateUtil.createRequestEntity ensures consistent header management including User-Agent and JWT tokens. This aligns with the broader refactoring pattern across the codebase.

src/main/java/com/iemr/tm/service/common/master/RegistrarServiceMasterDataImpl.java (2)

65-65: Good addition of RestTemplateUtil import.

The import added here supports the refactoring to centralize HTTP entity creation.

---

221-221: Excellent refactoring to use the centralized RestTemplateUtil.

This change replaces the manual creation of HTTP headers and entity with a centralized utility method, improving code maintainability and consistency across the application.

src/main/java/com/iemr/tm/service/dataSyncActivity/DownloadDataFromServerImpl.java (1)

52-52: Good addition of RestTemplateUtil import.

The import supports the code refactoring for centralizing HTTP entity creation.

src/main/java/com/iemr/tm/service/tele_consultation/SMSGatewayServiceImpl.java (2)

50-50: Good addition of RestTemplateUtil import.

The import supports the refactoring to centralize HTTP entity creation.

---

199-200: Effective use of RestTemplateUtil for HTTP entity creation.

The refactoring simplifies the code by delegating HTTP entity creation to the centralized utility method.

src/main/java/com/iemr/tm/utils/RestTemplateUtil.java (2)

1-12: Good organization of imports and package structure.

The imports are well-organized and include all necessary dependencies for HTTP entity creation.

---

26-32: Good implementation of header construction.

The headers are comprehensively set with appropriate values for content type, user agent, authorization, JWT token, and cookies.

[sonarqubecloud]

Quality Gate passed

Issues
44 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud