Video Consultation Functionality (#380)

* Update application.properties

* add column in create BeneficiaryModel

* Elasticsearch implementation for Beneficiary Search (#324)

* fix: implement functionality to search beneficiaries with Elasticsearch

* fix: remove unwanted import

* fix: update pom.xml

* fix: change the response code

* variable added

* update language

* update language

* Downgrade version from 3.6.1 to 3.6.0

* Elastic Search Implementation for Advanced Search (#327)

* fix: cherry-pick commits for advanced search

* fix: cherry-pick commit for token issue - mobile application

* fix: add the missing properties

* fix: add function to retrieve userid

* fix: move the fetch Userid to jwtUtil

* Remove empty line in application.properties

* fix:signature check for mmu

* Update application.properties

* Update application.properties

* fix: retrive any user without deleted

* implement state wise hide un hide form fields

* implement state wise hide un hide form fields

* implement state wise hide un hide form fields

* enhance welcome sms code

* fix hide unhide form issue

* docs: add DeepWiki badge and documentation link

* Add DeepWiki badge to README

Added DeepWiki badge to README for better visibility.

* fix hide unhide form issue

* fix hide unhide form issue

* fix hide unhide form issue

* fix hide unhide form issue

* fix hide unhide form issue

* fix hide unhide form issue

* fix hide unhide form issue

* fix hide unhide form issue

* fix hide unhide form issue

* fix hide unhide form issue

* fix hide unhide form issue

* fix hide unhide form issue

* fix hide unhide form issue

* fix hide unhide form issue

* fix hide unhide form issue

* fix hide unhide form issue

* chore(swagger): automate swagger sync to amrit-docs (#354)

* chore(swagger): automate swagger sync to amrit-docs

* chore(swagger): automate swagger sync to amrit-docs

* chore(swagger): automate swagger sync to amrit-docs

* Update the swagger json github workflow (#359)

* chore(swagger): automate swagger sync to amrit-docs

* chore(swagger): automate swagger sync to amrit-docs

* chore(swagger): automate swagger sync to amrit-docs

* fix(swagger): update the workflow and fix the running issue

* fix(swagger): fix the swagger json workflow

* chore(swagger): add fixed branch name in workflow

* chore(ci): prevent multiple swagger sync PRs by using fixed branch

* chore(swagger): add Dev/UAT/Demo servers to OpenAPI config

* chore(swagger): avoid default server URLs

* chore(swagger): remove field injection and inject URLs into OpenAPI bean

* Add /health endpoint and standardize /version response (#331)

* Add /health endpoint and standardize /version response

* Add license headers and Javadocs to health and version controllers

* Enhance /health endpoint to check Database and Redis connectivity

* Improve /health endpoint HTTP status handling and logging

* Enhance database health check with validation query

* Refactor health controller to constructor injection and constants

* Refactor: Extract business logic to HealthService to keep controller lean

* Refactor: Extract business logic to HealthService to keep controller lean

* Fix: Use ObjectProvider for optional health dependencies

* Add advance health check for database (#361)

* chore(swagger): automate swagger sync to amrit-docs

* chore(swagger): automate swagger sync to amrit-docs

* chore(swagger): automate swagger sync to amrit-docs

* fix(swagger): update the workflow and fix the running issue

* fix(swagger): fix the swagger json workflow

* chore(swagger): add fixed branch name in workflow

* chore(ci): prevent multiple swagger sync PRs by using fixed branch

* chore(swagger): add Dev/UAT/Demo servers to OpenAPI config

* chore(swagger): avoid default server URLs

* chore(swagger): remove field injection and inject URLs into OpenAPI bean

* feat(health,version): update version and health endpoints and add advance check for database

* fix(health): normalize severity and fix slow query false positives

* fix(health): avoid false CRITICAL on single long-running MySQL transaction

* fix(health): enforce 3s DB connection timeout via HikariCP

* Merge Release-3.8.0 (3.6.1) to Main (#379)

* Move code to 3.6.1 to 3.8.0 (#372)

* fix: cors spell fixes and import of packages updates

* fix: deployment issue fix

* feat: amm-1959 dhis token for cho report re-direction

* fix: beneficiary history on revisit (#320)

* fix: call type mapper (#322)

* Elasticsearch implementation for Beneficiary Search (#324)

* fix: implement functionality to search beneficiaries with Elasticsearch

* fix: remove unwanted import

* fix: update pom.xml

* fix: change the response code

* variable added

* Elastic Search Implementation for Advanced Search (#327)

* fix: cherry-pick commits for advanced search

* fix: cherry-pick commit for token issue - mobile application

* fix: add the missing properties

* fix: add function to retrieve userid

* fix: move the fetch Userid to jwtUtil

* fix:signature check for mmu

* fix: retrive any user without deleted

* fix: update KM filepath

* FLW-713 Remove All File Upload Options (#350)

* FLW-713 Remove All File Upload Options

* Fix UserServiceRoleRepo dependency issue and codeRabit comment

* fixed coderabit comment

* fix userMappingId issue

* Add SMS functionality in release-3.6.1 (#358)

* Enable SMS Functionality in MMU App to Send Prescriptions  (#325)

* fix: sms template save and map mmu (#306)

* Vb/sms (#307)

* fix: sms template save and map mmu

* fix: enable mms for mmu prescription

* Enable SMS Functionality in MMU App to Send Prescriptions  (#325)

* fix: sms template save and map mmu (#306)

* Vb/sms (#307)

* fix: sms template save and map mmu

* fix: enable mms for mmu prescription

---------

Co-authored-by: Vishwanath Balkur <118195001+vishwab1@users.noreply.github.com>

---------

Co-authored-by: 5Amogh <amoghavarsh@navadhiti.com>
Co-authored-by: Vanitha S <116701245+vanitha1822@users.noreply.github.com>
Co-authored-by: Sachin Kadam <152252767+sac2kadam@users.noreply.github.com>
Co-authored-by: vanitha1822 <vanitha@navadhiti.com>
Co-authored-by: Saurav Mishra <80103738+SauravBizbRolly@users.noreply.github.com>

* fix: add OTP rate limiting to prevent OTP flooding on sendConsent endpoint (#373)

- Add OtpRateLimiterService with Redis-backed per-mobile rate limits (3/min, 10/hr, 20/day)
- Add OtpRateLimitException for 429 responses
- Integrate rate limiter in BeneficiaryOTPHandlerImpl and BeneficiaryConsentController
- Add otp.ratelimit.* properties to common_ci and common_docker profiles
- Update common_example.properties with new OTP rate limit config

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>

* Health api (#376)

* Cherry-pick health and version API enhancements to release-3.6.1 (#371)

* feat(health,version): update version and health endpoints and add advance check for database

* fix(health): normalize severity and fix slow query false positives

* fix(health): avoid false CRITICAL on single long-running MySQL transaction

* fix(health): enforce 3s DB connection timeout via HikariCP

* Release 3.6.1 (#374)

* feat(health,version): update version and health endpoints and add advance check for database

* fix(health): normalize severity and fix slow query false positives

* fix(health): avoid false CRITICAL on single long-running MySQL transaction

* fix(health): enforce 3s DB connection timeout via HikariCP

* feat(health): add healthcontroller and fix versioncontroller issues

* fix: build error (#375)

---------

Co-authored-by: KOPPIREDDY DURGA PRASAD <144464542+DurgaPrasad-54@users.noreply.github.com>
Co-authored-by: Vanitha S <116701245+vanitha1822@users.noreply.github.com>

---------

Co-authored-by: Vishwanath Balkur <118195001+vishwab1@users.noreply.github.com>
Co-authored-by: 5Amogh <amoghavarsh@navadhiti.com>
Co-authored-by: Sachin Kadam <152252767+sac2kadam@users.noreply.github.com>
Co-authored-by: Saurav Mishra <80103738+SauravBizbRolly@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: KOPPIREDDY DURGA PRASAD <144464542+DurgaPrasad-54@users.noreply.github.com>

* fix: video consultation functionality

* fix: pom version update

* fix: add cti-server-ip

* fix: comment unwanted code

* fix: update videocall url property

* fix: update cti-server-ip

* docs: add CLAUDE.md for Claude Code guidance

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: KM issue

* fix: KM issue

* fix: remove unwanted imports

* fix: conflicts

* fix: update the temp path

* Fix the OpenKM Issue (#389)

* fix: remove km in application.properties

* fix: update all the properties to fetch from env

* fix: update path

* fix: KM issue

* fix: get file from km

* fix: build issue

* fix: build issue

* fix: remove unwanted imports

* fix: build issue

* fix: remove commented line

* Enable KM configuration in common_example.properties

Uncomment KM configuration properties for OpenKM.

* Fix ConfigProperties to resolve env variable placeholders via Spring Environment (#390)

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: update sms issue

* fix: build issue

* fix: update condition

* fix: edit ben issue

* fix: phone number issue for sms

* fix: update the url with jwt token

* fix: jitsi authorization issue

* fix: skip auth

* fix: hash key updation

* fix: jwt type in header for authorization

* fix: update file path

* fix: vc recording path updation

* fix: update video call recording functionality

* fix: remove unwanted codes

* fix: coderabbit comments

---------

Co-authored-by: Saurav Mishra <80103738+SauravBizbRolly@users.noreply.github.com>
Co-authored-by: Saurav Mishra <saurav.mishra@bizbrolly.com>
Co-authored-by: Sachin Kadam <152252767+sac2kadam@users.noreply.github.com>
Co-authored-by: Mithun James <drtechie@users.noreply.github.com>
Co-authored-by: Amoghavarsh <93114621+5Amogh@users.noreply.github.com>
Co-authored-by: vishwab1 <vishwanath@navadhiti.com>
Co-authored-by: SnehaRH <77656297+snehar-nd@users.noreply.github.com>
Co-authored-by: DurgaPrasad-54 <prasad8790237@gmail.com>
Co-authored-by: KOPPIREDDY DURGA PRASAD <144464542+DurgaPrasad-54@users.noreply.github.com>
Co-authored-by: Vaishnav Bhosale <vaishnavbharatbhosale@gmail.com>
Co-authored-by: Vishwanath Balkur <118195001+vishwab1@users.noreply.github.com>
Co-authored-by: 5Amogh <amoghavarsh@navadhiti.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: SnehaRH <sneha@navadhiti.com>

Author: 10 people

CLAUDE.md

@@ -0,0 +1,98 @@
+# CLAUDE.md - Common-API
+
+## Project Overview
+
+Common-API is the gateway microservice for the AMRIT healthcare platform. It provides shared APIs consumed by all frontend UIs including authentication, beneficiary registration, call handling, location masters, notifications, feedback, reporting, and integrations with external systems (c-Zentrix CTI, Everwell, eAusadha, eSanjeevani, ABDM, Firebase, Honeywell POCT devices).
+
+## Tech Stack
+
+- Java 17
+- Spring Boot 3.2.2
+- Spring Data JPA / Hibernate
+- MySQL 8.0
+- Redis (session management, caching)
+- MongoDB (optional, for specific integrations)
+- Maven (build tool)
+- Swagger/OpenAPI (API documentation)
+- Lombok, MapStruct
+- CryptoJS-compatible AES encryption
+- Firebase Admin SDK
+- WAR packaging (deploys to Wildfly)
+
+## Build and Run
+
+```bash
+# Build
+mvn clean install -DENV_VAR=local
+
+# Run locally (start Redis first)
+mvn spring-boot:run -DENV_VAR=local
+
+# Package WAR
+mvn -B package --file pom.xml -P <profile>   # profiles: dev, local, test, ci, uat
+
+# Run tests
+mvn test
+```
+
+### Configuration
+
+- Copy `src/main/environment/common_example.properties` to `common_local.properties` and edit.
+- Environment selected via `-DENV_VAR=<env>`.
+- Swagger UI: `http://localhost:8083/swagger-ui.html`
+
+## Package Structure
+
+Base package: `com.iemr.common`
+
+| Layer | Package | Description |
+|-------|---------|-------------|
+| Controllers | `controller.*` | REST endpoints (40+ sub-packages) |
+| Services | `service.*` | Business logic |
+| Repositories | `repository.*`, `repo.*` | JPA repositories |
+| Entities | `data.*` | JPA entity classes |
+| DTOs | `model.*` | Transfer objects |
+| Mappers | `mapper.*` | Object mapping |
+| Config | `config.*` | Swagger, encryption, Firebase, Quartz, prototypes |
+| Constants | `constant` | Application constants |
+| Utils | `utils.*` | Redis, HTTP, session, validation, exception |
+
+## Key Functional Domains
+
+- **Authentication/Authorization**: `controller.users` - login, session, user management
+- **Beneficiary Registration**: `controller.beneficiary` - create, search, update beneficiaries
+- **Call Handling**: `controller.callhandling` - CTI integration, call lifecycle
+- **Feedback/Grievance**: `controller.feedback`, `controller.grievance` - feedback and complaint management
+- **Location**: `controller.location` - state, district, block, village masters
+- **Notifications**: `controller.notification` - alerts, SMS, email, Firebase push
+- **Reporting**: `controller.report`, `controller.secondaryReport` - CRM reports
+- **Helpline 104**: `controller.helpline104history` - medical advice history
+- **COVID**: `controller.covid` - vaccination status
+- **CTI Integration**: `controller.cti` - c-Zentrix computer telephony
+- **External Integrations**: `controller.eausadha`, `controller.esanjeevani`, `controller.everwell`, `controller.honeywell`, `controller.brd`, `controller.carestream`
+- **ABDM**: `controller.abdmfacility` - Ayushman Bharat Digital Mission
+- **KM File Management**: `controller.kmfilemanager` - OpenKM document management
+- **OTP/SMS**: `controller.otp`, `controller.sms` (via SMS gateway)
+- **Scheduling**: `controller.questionconfig`, `controller.scheme`
+- **Door-to-Door App**: `controller.door_to_door_app` - field worker support
+- **NHM Dashboard**: `controller.nhmdashboard` - National Health Mission integration
+
+## Architecture Notes
+
+- Entry point: `CommonMain.java` (main class in `utils` package)
+- Acts as the API gateway; all frontend UIs authenticate through Common-API
+- Session management via Redis with 27-minute timeout
+- HTTP interceptors attach `Authorization` and `ServerAuthorization` headers
+- Status code `5002` signals session expiration to frontends
+- AES + PBKDF2 encryption for password handling (`config.encryption`)
+- Firebase integration for push notifications (`config.firebase`)
+- Quartz scheduler for background jobs (`config.quartz`)
+- Extensive test coverage with unit tests under `src/test/`
+
+## CI/CD
+
+- GitHub Actions: `package.yml`, `build-on-pull-request.yml`, `sast.yml`, `commit-lint.yml`, `codeql.yml`
+- Conventional Commits enforced via Husky + commitlint
+- Checkstyle configuration in `checkstyle.xml`
+- JaCoCo for code coverage, SonarQube integration configured
+- Dockerfile for containerized deployment

pom.xml

@@ -54,12 +54,6 @@
 		</repository>
 	</repositories>
 	<dependencies>
-        
-		<dependency>
-			<groupId>com.h2database</groupId>
-			<artifactId>h2</artifactId>
-			<scope>runtime</scope>
-		</dependency>
 
 		<dependency>
 			<groupId>org.springframework.boot</groupId>

src/main/environment/common_ci.properties

@@ -190,10 +190,19 @@ captcha.enable-captcha=@env.ENABLE_CAPTCHA@
 
 cors.allowed-origins=@env.CORS_ALLOWED_ORIGINS@
 
-video-call-url=@env.VIDEO_CALL_URL@
-jibri.output.path=@env.JIBRI_OUTPUT_PATH@
+# Jitsi configuration
+videocall.url=@env.VIDEO_CALL_URL@
 video.recording.path=@env.VIDEO_RECORDING_PATH@
 
+# Jitsi JWT (prosody token-auth)
+jitsi.app.id=@env.JITSI_APP_ID@
+jitsi.app.secret=@env.JITSI_APP_SECRET@
+jitsi.domain=@env.JITSI_DOMAIN@
+jitsi.sub=@env.JITSI_SUB@
+jitsi.token.ttl.seconds=@env.JITSI_TOKEN_TTL_SECONDS@
+jitsi.room.prefix=@env.JITSI_ROOM_PREFIX@
+jitsi.default.user.email=@env.JITSI_DEFAULT_USER_EMAIL@
+
 platform.feedback.ratelimit.enabled=@env.PLATFORM_FEEDBACK_RATELIMIT_ENABLED@
 platform.feedback.ratelimit.pepper=@env.PLATFORM_FEEDBACK_RATELIMIT_PEPPER@
 platform.feedback.ratelimit.trust-forwarded-for=@env.PLATFORM_FEEDBACK_RATELIMIT_TRUST_FORWARDED_FOR@

src/main/environment/common_docker.properties

@@ -192,10 +192,18 @@ firebase.enabled=${FIREBASE_ENABLE}
 firebase.credential-file=${FIREBASE_CREDENTIAL}
 
 
-video-call-url=${VIDEO_CALL_URL}
-jibri.output.path={JIBRI_OUTPUT_PATH}
+videocall.url=${VIDEO_CALL_URL}
 video.recording.path={VIDEO_RECORDING_PATH}
 
+# Jitsi JWT (prosody token-auth)
+jitsi.app.id=${JITSI_APP_ID}
+jitsi.app.secret=${JITSI_APP_SECRET}
+jitsi.domain=${JITSI_DOMAIN}
+jitsi.sub=${JITSI_SUB}
+jitsi.token.ttl.seconds=${JITSI_TOKEN_TTL_SECONDS}
+jitsi.room.prefix=${JITSI_ROOM_PREFIX}
+jitsi.default.user.email=${JITSI_DEFAULT_USER_EMAIL}
+
 # Platform Feedback module
 platform.feedback.ratelimit.enabled=${PLATFORM_FEEDBACK_RATELIMIT_ENABLED}
 platform.feedback.ratelimit.pepper=${PLATFORM_FEEDBACK_RATELIMIT_PEPPER}

src/main/environment/common_example.properties

@@ -25,7 +25,7 @@ km-root-path=/okm:personal/users/
 km-guest-user=guest
 km-guest-password=guest
 
-tempFilePath=/opt/openkm
+tempFilePath=/tmp
 
 # CTI Config
 cti-server-ip=10.208.122.99
@@ -200,9 +200,9 @@ grievanceAllocationRetryConfiguration=3
 logging.path=logs/
 logging.file.name=logs/common-api.log
 
-video-call-url=https://vc.piramalswasthya.org/?
-jibri.output.path=/srv/jibri/recordings
-video.recording.path=/srv/recordings
+# Jitsi configuration
+videocall.url=https://vc.piramalswasthya.org/?
+video.recording.path=/opt/recordings
 
 captcha.secret-key= <Enter Cloudflare Secret Key>
 captcha.verify-url= https://challenges.cloudflare.com/turnstile/v0/siteverify
@@ -233,3 +233,11 @@ otp.ratelimit.day-limit=20
 
 ### generate Beneficiary IDs URL
 generateBeneficiaryIDs-api-url=/generateBeneficiaryController/generateBeneficiaryIDs
+
+JITSI_APP_ID=piramal_vc
+JITSI_APP_SECRET=5b9883418be6f228ffe3ceaa74dd3d3b91737733a4a85c5e82fc584ad449850b                                                                                                                          
+JITSI_DOMAIN=vc.piramalswasthya.org                                                                                                                                                                        
+JITSI_SUB=meet.jitsi                                                                                                                                                                                       
+JITSI_TOKEN_TTL_SECONDS=3600                                                                                                                                                                               
+JITSI_ROOM_PREFIX=piramal-meeting-                                                                                                                                                                         
+JITSI_DEFAULT_USER_EMAIL=admin@piramalswasthya.org

src/main/java/com/iemr/common/CommonApplication.java

@@ -29,6 +29,7 @@
 import org.springframework.data.redis.connection.RedisConnectionFactory;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.data.redis.serializer.Jackson2JsonRedisSerializer;
+import org.springframework.scheduling.annotation.EnableAsync;
 import org.springframework.scheduling.annotation.EnableScheduling;
 import org.springframework.web.client.RestTemplate;
 
@@ -40,6 +41,7 @@
 
 @SpringBootApplication
 @EnableScheduling
+@EnableAsync(proxyTargetClass = true)
 public class CommonApplication extends SpringBootServletInitializer {
 
 	@Bean

src/main/java/com/iemr/common/config/InterceptorConfig.java

@@ -36,7 +36,8 @@ public class InterceptorConfig implements WebMvcConfigurer {
 
 	@Override
 	public void addInterceptors(InterceptorRegistry registry) {
-		registry.addInterceptor(requestInterceptor);
+		registry.addInterceptor(requestInterceptor)
+				.excludePathPatterns("/video-consultation/resolve", "**/video-consultation/resolve");
 	}
 
 }

src/main/java/com/iemr/common/config/encryption/SecurePassword.java

@@ -26,10 +26,8 @@
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.security.spec.InvalidKeySpecException;
-
 import javax.crypto.SecretKeyFactory;
 import javax.crypto.spec.PBEKeySpec;
-
 import org.springframework.stereotype.Service;
 
 @Service

src/main/java/com/iemr/common/controller/dynamicForm/DynamicFormController.java

@@ -97,4 +97,6 @@ public ResponseEntity<ApiResponse<?>> getStructuredForm(@PathVariable String for
     }
 
 
+
+
 }

src/main/java/com/iemr/common/controller/videocall/VideoCallController.java

@@ -1,5 +1,28 @@
+/*
+* AMRIT – Accessible Medical Records via Integrated Technology 
+* Integrated EHR (Electronic Health Records) Solution 
+*
+* Copyright (C) "Piramal Swasthya Management and Research Institute" 
+*
+* This file is part of AMRIT.
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation, either version 3 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with this program.  If not, see https://www.gnu.org/licenses/.
+*/
+
 package com.iemr.common.controller.videocall;
 
+import java.net.URI;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -12,19 +35,19 @@
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import com.iemr.common.model.videocall.UpdateCallRequest;
 import com.iemr.common.model.videocall.VideoCallRequest;
 import com.iemr.common.service.videocall.VideoCallService;
 import com.iemr.common.utils.response.OutputResponse;
-import com.fasterxml.jackson.databind.SerializationFeature;
-import com.fasterxml.jackson.databind.DeserializationFeature;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import jakarta.servlet.http.HttpServletRequest;
 
-import org.springframework.web.bind.annotation.RequestBody;
+import jakarta.servlet.http.HttpServletRequest;
 
 @RestController
 @RequestMapping(value = "/video-consultation")
@@ -67,32 +90,75 @@ public String sendVideoLink(@RequestBody String requestModel, HttpServletRequest
 }
 
 @PostMapping(value = "/update-call-status", produces = MediaType.APPLICATION_JSON_VALUE, headers = "Authorization")
-public ResponseEntity<String> updateCallStatus(@RequestBody UpdateCallRequest requestModel, HttpServletRequest request) {
+public ResponseEntity<String> updateCallStatus(@RequestBody UpdateCallRequest requestModel,
+                                               HttpServletRequest request) {
     OutputResponse response = new OutputResponse();
+    logger.info("[updateCallStatus CONTROLLER] Received — meetingLink={}, callStatus={}, callDuration={}, modifiedBy={}, isLinkUsed={}",
+        requestModel.getMeetingLink(),
+        requestModel.getCallStatus(),
+        requestModel.getCallDuration(),
+        requestModel.getModifiedBy(),
+        requestModel.getIsLinkUsed());
 
     try {
         if (requestModel.getMeetingLink() == null || requestModel.getCallStatus() == null) {
+            logger.error("[updateCallStatus CONTROLLER] Validation failed — meetingLink or callStatus is null");
             throw new IllegalArgumentException("Meeting Link and Status are required");
         }
 
         String result = videoCallService.updateCallStatus(requestModel);
+        logger.info("[updateCallStatus CONTROLLER] Service returned successfully");
 
         JSONObject responseObj = new JSONObject();
         responseObj.put("status", "success");
         responseObj.put("message", result);
         response.setResponse(responseObj.toString());
 
     } catch (IllegalArgumentException e) {
-        logger.error("Validation error: " + e.getMessage(), e);
-        return ResponseEntity.badRequest().body("{\"status\":\"error\",\"message\":\"" + e.getMessage() + "\"}");
+        logger.error("[updateCallStatus CONTROLLER] Validation error: {}", e.getMessage(), e);
+        return ResponseEntity.badRequest()
+            .body("{\"status\":\"error\",\"message\":\"" + e.getMessage() + "\"}");
     } catch (Exception e) {
-        logger.error("updateCallStatus failed with error: " + e.getMessage(), e);
+        logger.error("[updateCallStatus CONTROLLER] Unexpected error: {}", e.getMessage(), e);
         response.setError(e);
     }
 
     return ResponseEntity.ok(response.toString());
 }
 
+/**
+ * Public redirect endpoint hit when a beneficiary clicks the short SMS link.
+ *
+ * Flow:
+ *   1. Jitsi host nginx receives "https://vc.piramalswasthya.org/?m=&lt;slug&gt;"
+ *      and proxies/redirects it to this endpoint.
+ *   2. This endpoint looks up the slug, mints a fresh Jitsi JWT bound to the
+ *      room and the agent, and 302-redirects the browser to the full Jitsi URL
+ *      "https://vc.piramalswasthya.org/&lt;room&gt;?jwt=&lt;token&gt;".
+ *   3. The Jitsi server enforces the JWT (prosody token-auth) and admits the user.
+ *
+ * Intentionally NOT guarded by Authorization header - the SMS recipient is on
+ * a phone browser and has no app session. Access control is the JWT itself
+ * plus the slug being unguessable and the meeting row existing.
+ */
+@GetMapping(value = "/resolve")
+public ResponseEntity<Void> resolveMeetingLink(@RequestParam("m") String slug) {
+    try {
+        String redirectUrl = videoCallService.resolveMeetingLink(slug);
+        return ResponseEntity.status(HttpStatus.FOUND)
+                .location(URI.create(redirectUrl))
+                .build();
+    } catch (IllegalArgumentException e) {
+        logger.warn("resolveMeetingLink rejected: {}", e.getMessage());
+        return ResponseEntity.badRequest().build();
+    } catch (Exception e) {
+    logger.error("resolveMeetingLink failed for slug={}: {}", slug, e.getMessage(), e);
 
-    
+    // Distinguish "link expired" from "not found" with a 410 Gone
+    if (e.getMessage() != null && e.getMessage().contains("already been used")) {
+        return ResponseEntity.status(HttpStatus.GONE).build(); // 410
+    }
+    return ResponseEntity.status(HttpStatus.NOT_FOUND).build();
+}
+}
 }