Merge pull request #7 from PSMRI/develop

latest pull

Author: srishtigrp78

pom.xml

@@ -11,9 +11,9 @@
 	</parent>
 	<groupId>com.iemr.ecd</groupId>
 	<artifactId>ecd-api</artifactId>
-	<version>0.0.1</version>
+	<version>3.1.0</version>
 	<packaging>war</packaging>
-	<name>ecd-api</name>
+	<name>ECD-API</name>
 	<description>ECD project</description>
 	<properties>
 		<environment>${ENV_VAR}</environment>
@@ -249,7 +249,7 @@
 
 
 	<build>
-		<finalName>ecdapi-v3.0.0</finalName>
+		<finalName>${artifactId}-${version}</finalName>
 		<plugins>
 
 			<plugin>
@@ -336,6 +336,20 @@
 							</target>
 						</configuration>
 					</execution>
+					<execution>
+						<phase>process-resources</phase>
+						<goals>
+							<goal>run</goal>
+						</goals>
+						<id>clean-property-files</id>
+						<configuration>
+							<target>
+								<delete>
+									<file file="${source-properties}" />
+								</delete>
+							</target>
+						</configuration>
+					</execution>
 				</executions>
 			</plugin>
 

src/main/environment/ecd_ci.properties

@@ -11,17 +11,18 @@ secondary.datasource.url=@env.REPORTING_DATABASE_URL@
 secondary.datasource.driver-class-name=com.mysql.jdbc.Driver
 
 ##Beneficiary Registration Url
-registerBeneficiaryUrl=@env.COMMON_API@/beneficiary/create
+registerBeneficiaryUrl=@env.COMMON_API@beneficiary/create
 
 ##Beneficiary Edit Url
 
-beneficiaryEditUrl =@env.COMMON_API_BASE_URL@/beneficiary/update
+beneficiaryEditUrl =@env.COMMON_API_BASE_URL@beneficiary/update
 jwt.secret=@env.JWT_SECRET_KEY@
 
-beneficiaryEditUrl =@env.COMMON_API@/beneficiary/update
+beneficiaryEditUrl =@env.COMMON_API@beneficiary/update
 
 
 #ELK logging file name
+logging.path=logs/
 logging.file.name=@env.ECD_API_LOGGING_FILE_NAME@
 
 

src/main/environment/ecd_dev.properties

@@ -20,3 +20,7 @@ beneficiaryEditUrl =https:localhost:8083/beneficiary/update
 springdoc.api-docs.enabled=true
 springdoc.swagger-ui.enabled=true
 
+jwt.secret=my-32-character-ultra-secure-and-ultra-long-secret
+#If both properties are set, only logging.file.name takes effect.
+logging.path=logs/
+logging.file.name=logs/ecd-api.log

src/main/environment/ecd_example.properties

@@ -65,32 +65,47 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
 		}
 
 		try {
-			// Retrieve JWT token from cookies
-			String jwtTokenFromCookie = getJwtTokenFromCookies(request);
-			logger.info("JWT token from cookie: ");
-
-			// Determine which token (cookie or header) to validate
-			String jwtToken = jwtTokenFromCookie != null ? jwtTokenFromCookie : jwtTokenFromHeader;
-			if (jwtToken == null) {
-				response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "JWT token not found in cookies or headers");
-				return;
+			String jwtFromCookie = getJwtTokenFromCookies(request);
+			String jwtFromHeader = request.getHeader("JwtToken");
+			String authHeader = request.getHeader("Authorization");
+
+			if (jwtFromCookie != null) {
+				logger.info("Validating JWT token from cookie");
+				if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromCookie)) {
+					filterChain.doFilter(servletRequest, servletResponse);
+					return;
+				}
 			}
 
-			// Validate JWT token and userId
-			boolean isValid = jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtToken);
+			if (jwtFromHeader != null) {
+				logger.info("Validating JWT token from header");
+				if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromHeader)) {
+					filterChain.doFilter(servletRequest, servletResponse);
+					return;
+				}
+			}
+			String userAgent = request.getHeader("User-Agent");
+			logger.info("User-Agent: " + userAgent);
 
-			if (isValid) {
-				// If token is valid, allow the request to proceed
+			if (userAgent != null && isMobileClient(userAgent) && authHeader != null) {
 				filterChain.doFilter(servletRequest, servletResponse);
-			} else {
-				response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid JWT token");
+				return;
 			}
+
+			logger.warn("No valid authentication token found");
+			response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized: Invalid or missing token");
+
 		} catch (Exception e) {
 			logger.error("Authorization error: ", e);
 			response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization error: " + e.getMessage());
 		}
 	}
-
+	private boolean isMobileClient(String userAgent) {
+		if (userAgent == null)
+			return false;
+		userAgent = userAgent.toLowerCase();
+		return userAgent.contains("okhttp");
+	}
 	private String getJwtTokenFromCookies(HttpServletRequest request) {
 		Cookie[] cookies = request.getCookies();
 		if (cookies != null) {

src/main/environment/ecd_test.properties

@@ -32,10 +32,6 @@ logging.level.web=INFO
 logging.level.org.springframework.web=INFO
 logging.level.org.hibernate=INFO
 
-#If both properties are set, only logging.file.name takes effect.
-logging.path=logs/
-logging.file.name=logs/ecd-api.log
-
 ## multipart file size
 spring.http.multipart.max-request-size=10MB
 spring.http.multipart.max-file-size=10MB

src/main/environment/ecd_uat.properties

@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-web>
+    <context-root>/ecd-api</context-root>
+</jboss-web>