User-Agent validation

src/main/java/com/iemr/tm/controller/registrar/main/RegistrarController.java

@@ -34,7 +34,6 @@
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
 
 import com.google.gson.Gson;

src/main/java/com/iemr/tm/service/cancerScreening/CSCarestreamServiceImpl.java

@@ -44,6 +44,7 @@
 
 import com.google.gson.Gson;
 import com.iemr.tm.utils.CookieUtil;
+import com.iemr.tm.utils.RestTemplateUtil;
 
 import jakarta.servlet.http.HttpServletRequest;
 
@@ -63,19 +64,11 @@ public int createMamographyRequest(ArrayList<Object[]> benDataForCareStream, lon
 			String Authorization) {
 		int responseData = 0;
 		RestTemplate restTemplate = new RestTemplate();
-		HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
-				.getRequest();
-		String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader);
 		try {
-			// HttpHeaders headers = new HttpHeaders();
-			MultiValueMap<String, String> headers = new LinkedMultiValueMap<String, String>();
-			headers.add("Content-Type", "application/json");
-			headers.add("AUTHORIZATION", Authorization);
-			headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie);
+
 			String requestOBJ = getOrderCreationRequestOBJ(benDataForCareStream, benRegID, benVisitID);
 
-			HttpEntity<Object> request = new HttpEntity<Object>(requestOBJ, headers);
-			// System.out.println("hello");
+			HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(requestOBJ, Authorization);
 			ResponseEntity<String> response = restTemplate.exchange(carestreamOrderCreateURL, HttpMethod.POST, request,
 					String.class);
 			if (response != null) {

src/main/java/com/iemr/tm/service/common/master/RegistrarServiceMasterDataImpl.java

@@ -62,6 +62,7 @@
 import com.iemr.tm.repo.nurse.anc.ANCCareRepo;
 import com.iemr.tm.repo.registrar.BeneficiaryImageRepo;
 import com.iemr.tm.repo.registrar.ReistrarRepoBenSearch;
+import com.iemr.tm.utils.RestTemplateUtil;
 
 @Service
 @PropertySource("classpath:application.properties")
@@ -217,11 +218,7 @@ public String getBenDetailsForLeftSideByRegIDNew(Long beneficiaryRegID, Long ben
 	public String getBenImageFromIdentityAPI(String Authorization, String comingRequest) throws Exception {
 		String returnOBJ = null;
 		RestTemplate restTemplate = new RestTemplate();
-		MultiValueMap<String, String> headers = new LinkedMultiValueMap<String, String>();
-		headers.add("Content-Type", "application/json");
-		headers.add("AUTHORIZATION", Authorization);
-
-		HttpEntity<Object> request = new HttpEntity<Object>(comingRequest, headers);
+		HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(comingRequest, Authorization);
 		ResponseEntity<String> response = restTemplate.exchange(getBenImageFromIdentity, HttpMethod.POST, request,
 				String.class);
 		returnOBJ = response.getBody();

src/main/java/com/iemr/tm/service/common/transaction/CommonDoctorServiceImpl.java

@@ -83,6 +83,7 @@
 import com.iemr.tm.service.snomedct.SnomedServiceImpl;
 import com.iemr.tm.service.tele_consultation.SMSGatewayServiceImpl;
 import com.iemr.tm.utils.CookieUtil;
+import com.iemr.tm.utils.RestTemplateUtil;
 import com.iemr.tm.utils.exception.IEMRException;
 import com.iemr.tm.utils.mapper.InputMapper;
 import com.iemr.tm.utils.mapper.OutputMapper;
@@ -989,14 +990,7 @@ public int callTmForSpecialistSlotBook(TcSpecialistSlotBookingRequestOBJ tcSpeci
 		String requestOBJ = OutputMapper.gson().toJson(tcSpecialistSlotBookingRequestOBJ);
 
 		RestTemplate restTemplate = new RestTemplate();
-		HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
-				.getRequest();
-		String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader);
-		MultiValueMap<String, String> headers = new LinkedMultiValueMap<String, String>();
-		headers.add("Content-Type", "application/json");
-		headers.add("AUTHORIZATION", Authorization);
-		headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie);
-		HttpEntity<Object> request = new HttpEntity<Object>(requestOBJ, headers);
+		HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(requestOBJ, Authorization);
 		ResponseEntity<String> response = restTemplate.exchange(tcSpecialistSlotBook, HttpMethod.POST, request,
 				String.class);
 		// System.out.println(response.getBody());

src/main/java/com/iemr/tm/service/common/transaction/CommonServiceImpl.java

@@ -65,6 +65,7 @@
 import com.iemr.tm.service.quickConsultation.QuickConsultationServiceImpl;
 import com.iemr.tm.service.tele_consultation.TeleConsultationServiceImpl;
 import com.iemr.tm.utils.CookieUtil;
+import com.iemr.tm.utils.RestTemplateUtil;
 import com.iemr.tm.utils.exception.IEMRException;
 import com.iemr.tm.utils.mapper.InputMapper;
 
@@ -553,7 +554,6 @@ public String getOpenKMDocURL(String requestOBJ, String Authorization) throws JS
 		RestTemplate restTemplate = new RestTemplate();
 		HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
 				.getRequest();
-		String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader);
 		String fileUUID = null;
 		JSONObject obj = new JSONObject(requestOBJ);
 		if (obj.has("fileID")) {
@@ -563,11 +563,7 @@ public String getOpenKMDocURL(String requestOBJ, String Authorization) throws JS
 				Map<String, Object> requestBody = new HashMap<>();
 				requestBody.put("fileUID", fileUUID);
 
-				MultiValueMap<String, String> headers = new LinkedMultiValueMap<String, String>();
-				headers.add("Content-Type", "application/json");
-				headers.add("AUTHORIZATION", Authorization);
-				headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie);
-				HttpEntity<Object> request = new HttpEntity<Object>(requestBody, headers);
+				HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(requestBody, Authorization);
 				ResponseEntity<String> response = restTemplate.exchange(openkmDocUrl, HttpMethod.POST, request,
 						String.class);
 				return response.getBody();

src/main/java/com/iemr/tm/service/dataSyncActivity/DownloadDataFromServerImpl.java

@@ -49,6 +49,7 @@
 import com.iemr.tm.data.syncActivity_syncLayer.TempVan;
 import com.iemr.tm.repo.syncActivity_syncLayer.SyncDownloadMasterRepo;
 import com.iemr.tm.repo.syncActivity_syncLayer.TempVanRepo;
+import com.iemr.tm.utils.RestTemplateUtil;
 import com.iemr.tm.utils.mapper.InputMapper;
 
 @Service
@@ -138,11 +139,8 @@ private int downloadDataFromServer(SyncDownloadMaster syncDownloadMaster, String
 		RestTemplate restTemplate = new RestTemplate();
 
 		// Multivalue map for headers with content-type and auth key
-		MultiValueMap<String, String> headers = new LinkedMultiValueMap<String, String>();
-		headers.add("Content-Type", "application/json");
-		headers.add("AUTHORIZATION", ServerAuthorization);
-		HttpEntity<Object> request = new HttpEntity<Object>(syncDownloadMaster, headers);
-
+		HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(syncDownloadMaster, ServerAuthorization);
+
 		// Call rest-template to call API to download master data for given table
 		ResponseEntity<String> response = restTemplate.exchange(dataSyncDownloadUrl, HttpMethod.POST, request,
 				String.class);

src/main/java/com/iemr/tm/service/dataSyncActivity/UploadDataToServerImpl.java

@@ -46,6 +46,7 @@
 import com.iemr.tm.data.syncActivity_syncLayer.DataSyncGroups;
 import com.iemr.tm.data.syncActivity_syncLayer.SyncUtilityClass;
 import com.iemr.tm.repo.syncActivity_syncLayer.DataSyncGroupsRepo;
+import com.iemr.tm.utils.RestTemplateUtil;
 
 /***
  * @purpose "This service is user for data sync activity from van side. Means
@@ -212,11 +213,7 @@ public String syncDataToServer(String schemaName, String tableName, String vanAu
 
 		String requestOBJ = gson.toJson(dataMap);
 
-		MultiValueMap<String, String> headers = new LinkedMultiValueMap<String, String>();
-		headers.add("Content-Type", "application/json");
-		headers.add("AUTHORIZATION", Authorization);
-		HttpEntity<Object> request = new HttpEntity<Object>(requestOBJ, headers);
-
+		HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(requestOBJ, Authorization);
 		ResponseEntity<String> response = restTemplate.exchange(dataSyncUploadUrl, HttpMethod.POST, request,
 				String.class);
 

src/main/java/com/iemr/tm/service/registrar/RegistrarServiceImpl.java

@@ -73,6 +73,8 @@
 import com.iemr.tm.repo.registrar.ReistrarRepoBenSearch;
 import com.iemr.tm.service.benFlowStatus.CommonBenStatusFlowServiceImpl;
 import com.iemr.tm.utils.CookieUtil;
+import com.iemr.tm.utils.RestTemplateUtil;
+import com.iemr.tm.utils.UserAgentContext;
 import com.iemr.tm.utils.mapper.InputMapper;
 import com.iemr.tm.utils.response.OutputResponse;
 
@@ -657,15 +659,7 @@ public String registerBeneficiary(String comingRequest, String Authorization) th
 		Long beneficiaryID = null;
 
 		RestTemplate restTemplate = new RestTemplate();
-		HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
-				.getRequest();
-		String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader);
-		MultiValueMap<String, String> headers = new LinkedMultiValueMap<String, String>();
-		headers.add("Content-Type", MediaType.APPLICATION_JSON + ";charset=utf-8");
-		// headers.add("Content-Type", MediaType.APPLICATION_JSON);
-		headers.add("AUTHORIZATION", Authorization);
-		headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie);
-		HttpEntity<Object> request = new HttpEntity<Object>(comingRequest, headers);
+		HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(comingRequest, Authorization);
 		ResponseEntity<String> response = restTemplate.exchange(registrationUrl, HttpMethod.POST, request,
 				String.class);
 		if (response.getStatusCodeValue() == 200 & response.hasBody()) {
@@ -702,15 +696,7 @@ public String registerBeneficiary(String comingRequest, String Authorization) th
 	public Integer updateBeneficiary(String comingRequest, String Authorization) throws Exception {
 		Integer returnOBJ = null;
 		RestTemplate restTemplate = new RestTemplate();
-		HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
-				.getRequest();
-		String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader);
-		MultiValueMap<String, String> headers = new LinkedMultiValueMap<String, String>();
-		// headers.add("Content-Type", "application/json");
-		headers.add("Content-Type", MediaType.APPLICATION_JSON + ";charset=utf-8");
-		headers.add("AUTHORIZATION", Authorization);
-		headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie);
-		HttpEntity<Object> request = new HttpEntity<Object>(comingRequest, headers);
+		HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(comingRequest, Authorization);
 		ResponseEntity<String> response = restTemplate.exchange(beneficiaryEditUrl, HttpMethod.POST, request,
 				String.class);
 
@@ -728,26 +714,18 @@ public Integer updateBeneficiary(String comingRequest, String Authorization) thr
 	public String beneficiaryQuickSearch(String requestObj, String Authorization) throws JSONException {
 		String returnOBJ = null;
 		RestTemplate restTemplate = new RestTemplate();
-		HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
-				.getRequest();
-		String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader);
 		JSONObject obj = new JSONObject(requestObj);
-		MultiValueMap<String, String> headers = new LinkedMultiValueMap<String, String>();
-		headers.add("Content-Type", "application/json");
-		headers.add("AUTHORIZATION", Authorization);
-		headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie);
+		HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(requestObj, Authorization);
+
 		if ((obj.has("beneficiaryID") && !obj.isNull("beneficiaryID"))
 				|| (obj.has("HealthID") && !obj.isNull("HealthID"))
 				|| (obj.has("HealthIDNumber") && !obj.isNull("HealthIDNumber"))) {
-			HttpEntity<Object> request = new HttpEntity<Object>(requestObj, headers);
 			ResponseEntity<String> response = restTemplate.exchange(registrarQuickSearchByIdUrl, HttpMethod.POST,
 					request, String.class);
 			if (response.hasBody())
 				returnOBJ = response.getBody();
-
 		} else {
 			if (obj.has("phoneNo") && !obj.isNull("phoneNo")) {
-				HttpEntity<Object> request = new HttpEntity<Object>(requestObj, headers);
 				ResponseEntity<String> response = restTemplate.exchange(registrarQuickSearchByPhoneNoUrl,
 						HttpMethod.POST, request, String.class);
 				if (response.hasBody())
@@ -762,15 +740,7 @@ public String beneficiaryQuickSearch(String requestObj, String Authorization) th
 	public String beneficiaryAdvanceSearch(String requestObj, String Authorization) throws JSONException {
 		String returnOBJ = null;
 		RestTemplate restTemplate = new RestTemplate();
-		HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
-				.getRequest();
-		String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader);
-		JSONObject obj = new JSONObject(requestObj);
-		MultiValueMap<String, String> headers = new LinkedMultiValueMap<String, String>();
-		headers.add("Content-Type", "application/json");
-		headers.add("AUTHORIZATION", Authorization);
-		headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie);
-		HttpEntity<Object> request = new HttpEntity<Object>(requestObj, headers);
+		HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(requestObj, Authorization);
 		ResponseEntity<String> response = restTemplate.exchange(registrarAdvanceSearchUrl, HttpMethod.POST, request,
 				String.class);
 

src/main/java/com/iemr/tm/service/tele_consultation/SMSGatewayServiceImpl.java

@@ -47,6 +47,7 @@
 import com.iemr.tm.data.tele_consultation.SmsRequestOBJ;
 import com.iemr.tm.repo.tc_consultation.TCRequestModelRepo;
 import com.iemr.tm.utils.CookieUtil;
+import com.iemr.tm.utils.RestTemplateUtil;
 
 import jakarta.servlet.http.HttpServletRequest;
 
@@ -195,16 +196,7 @@ public String createSMSRequest(String smsType, Long benRegID, Integer specializa
 
 	@Override
 	public String sendSMS(String request, String Authorization) {
-		HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
-				.getRequest();
-		String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader);
-		HttpHeaders headers = new HttpHeaders();
-		headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));
-		headers.set("AUTHORIZATION", Authorization);
-		headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie);
-
-		HttpEntity<Object> requestOBJ = new HttpEntity<Object>(request, headers);
-
+		HttpEntity<Object> requestOBJ = RestTemplateUtil.createRequestEntity(request, Authorization);
 		return restTemplate.exchange(sendSMSUrl, HttpMethod.POST, requestOBJ, String.class).getBody();
 	}
 }

src/main/java/com/iemr/tm/service/tele_consultation/TeleConsultationServiceImpl.java

@@ -60,6 +60,7 @@
 import com.iemr.tm.repo.tc_consultation.TeleconsultationStatsRepo;
 import com.iemr.tm.service.common.transaction.CommonServiceImpl;
 import com.iemr.tm.utils.CookieUtil;
+import com.iemr.tm.utils.RestTemplateUtil;
 import com.iemr.tm.utils.mapper.InputMapper;
 import com.iemr.tm.utils.mapper.OutputMapper;
 
@@ -218,14 +219,7 @@ public int cancelSlotForTCCancel(int userID, long benRegID, long visitCode, Stri
 			String requestOBJ = OutputMapper.gson().toJson(obj);
 
 			RestTemplate restTemplate = new RestTemplate();
-			HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
-					.getRequest();
-			String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader);
-			MultiValueMap<String, String> headers = new LinkedMultiValueMap<String, String>();
-			headers.add("Content-Type", "application/json");
-			headers.add("AUTHORIZATION", Authorization);
-			headers.add("Cookie", "Jwttoken=" + jwtTokenFromCookie);
-			HttpEntity<Object> request = new HttpEntity<Object>(requestOBJ, headers);
+			HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(requestOBJ, Authorization);
 			ResponseEntity<String> response = restTemplate.exchange(tcSpecialistSlotCancel, HttpMethod.POST, request,
 					String.class);
 

src/main/java/com/iemr/tm/utils/CookieUtil.java

@@ -24,8 +24,16 @@ public Optional<String> getCookieValue(HttpServletRequest request, String cookie
 		return Optional.empty();
 	}
 
-	public String getJwtTokenFromCookie(HttpServletRequest request) {
-		return Arrays.stream(request.getCookies()).filter(cookie -> "Jwttoken".equals(cookie.getName()))
-				.map(Cookie::getValue).findFirst().orElse(null);
+	public static String getJwtTokenFromCookie(HttpServletRequest request) {
+		Cookie[] cookies = request.getCookies();
+	    if (cookies == null) {
+	        return null; // No cookies present, return null safely
+	    }
+
+	    return Arrays.stream(cookies)
+	                 .filter(cookie -> "Jwttoken".equals(cookie.getName()))
+	                 .map(Cookie::getValue)
+	                 .findFirst()
+	                 .orElse(null);
 	}
 }

src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java

@@ -6,6 +6,8 @@
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Component;
 
+import com.iemr.tm.utils.http.AuthorizationHeaderRequestWrapper;
+
 import jakarta.servlet.Filter;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
@@ -66,29 +68,38 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
 			if (jwtFromCookie != null) {
 				logger.info("Validating JWT token from cookie");
 				if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromCookie)) {
-					filterChain.doFilter(servletRequest, servletResponse);
+
+					AuthorizationHeaderRequestWrapper authorizationHeaderRequestWrapper = new AuthorizationHeaderRequestWrapper(
+							request, "");
+					filterChain.doFilter(authorizationHeaderRequestWrapper, servletResponse);
 					return;
 				}
-			}
-
-			if (jwtFromHeader != null) {
+			} else if (jwtFromHeader != null) {
 				logger.info("Validating JWT token from header");
 				if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromHeader)) {
-					filterChain.doFilter(servletRequest, servletResponse);
+					AuthorizationHeaderRequestWrapper authorizationHeaderRequestWrapper = new AuthorizationHeaderRequestWrapper(
+							request, "");
+					filterChain.doFilter(authorizationHeaderRequestWrapper, servletResponse);
 					return;
 				}
-			}
-			String userAgent = request.getHeader("User-Agent");
-			logger.info("User-Agent: " + userAgent);
+			} else {
+				String userAgent = request.getHeader("User-Agent");
+				logger.info("User-Agent: " + userAgent);
+
+				if (userAgent != null && isMobileClient(userAgent) && authHeader != null) {
+					try {
+						UserAgentContext.setUserAgent(userAgent);
+						filterChain.doFilter(servletRequest, servletResponse);
+					} finally {
+						UserAgentContext.clear();
+					}
 
-			if (userAgent != null && isMobileClient(userAgent) && authHeader != null) {
-				filterChain.doFilter(servletRequest, servletResponse);
-				return;
+					return;
+				}
 			}
 
 			logger.warn("No valid authentication token found");
 			response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized: Invalid or missing token");
-
 		} catch (Exception e) {
 			logger.error("Authorization error: ", e);
 			response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization error: " + e.getMessage());