AMM-1456 : JWT validation (#84)

* Skip the JwtToken validation if request coming from mobile

* Added condition for Android,ios

* CI properties change

* Verified acceptance crietaria conditions

* Indent and okhttp validated

* Handled Authorization in Header

* Jwttoken and user-agent validation

* null check

Author: ravishanigarapu

src/main/java/com/wipro/fhir/service/api_channel/APIChannelImpl.java

@@ -39,6 +39,7 @@
 import com.wipro.fhir.data.request_handler.ResourceRequestHandler;
 import com.wipro.fhir.data.request_handler.UserAuthAPIResponse;
 import com.wipro.fhir.utils.CookieUtil;
+import com.wipro.fhir.utils.RestTemplateUtil;
 import com.wipro.fhir.utils.exception.FHIRException;
 import com.wipro.fhir.utils.mapper.InputMapper;
 
@@ -72,15 +73,9 @@ public String benSearchByBenID(String Authorization, ResourceRequestHandler reso
 		String responseBody = null;
 		if (restTemplate == null)
 			restTemplate = new RestTemplate();
-		HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
-				.getRequest();
-		String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader);
-
-		MultiValueMap<String, String> header = getHttpHeader(Authorization, "application/json");
-		HttpEntity<Object> urlRequestOBJ = new HttpEntity<Object>(resourceRequestHandler, header);
-		header.add("Cookie", "Jwttoken=" + jwtTokenFromCookie);
-
-		ResponseEntity<String> response = restTemplate.exchange(benSearchByBenIDURL, HttpMethod.POST, urlRequestOBJ,
+		
+		HttpEntity<Object> request = RestTemplateUtil.createRequestEntity(resourceRequestHandler, Authorization);
+		ResponseEntity<String> response = restTemplate.exchange(benSearchByBenIDURL, HttpMethod.POST, request,
 				String.class);
 
 		if (response.getStatusCodeValue() == 200 && response.hasBody()) {
@@ -111,12 +106,8 @@ public String userAuthentication() throws FHIRException {
 			restTemplate = new RestTemplate();
 		HttpServletRequest requestHeader = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
 				.getRequest();
-		String jwtTokenFromCookie = cookieUtil.getJwtTokenFromCookie(requestHeader);
-
-		MultiValueMap<String, String> header = getHttpHeader(null, "application/json");
-		HttpEntity<Object> urlRequestOBJ = new HttpEntity<Object>(userDetails, header);
-		header.add("Cookie", "Jwttoken=" + jwtTokenFromCookie);
-
+		
+		HttpEntity<Object> urlRequestOBJ = RestTemplateUtil.createRequestEntity(userDetails, requestHeader.getHeader("Authorization"));
 		ResponseEntity<String> response = restTemplate.exchange(userAuthURL, HttpMethod.POST, urlRequestOBJ,
 				String.class);
 

src/main/java/com/wipro/fhir/utils/CookieUtil.java

@@ -24,7 +24,10 @@ public Optional<String> getCookieValue(HttpServletRequest request, String cookie
 		return Optional.empty();
 	}
 
-	public String getJwtTokenFromCookie(HttpServletRequest request) {
+	public static String getJwtTokenFromCookie(HttpServletRequest request) {
+		if (request.getCookies() == null) {
+	        return null;  // If cookies are null, return null safely.
+	    }
 		return Arrays.stream(request.getCookies()).filter(cookie -> "Jwttoken".equals(cookie.getName()))
 				.map(Cookie::getValue).findFirst().orElse(null);
 	}

src/main/java/com/wipro/fhir/utils/JwtUserIdValidationFilter.java

@@ -6,6 +6,8 @@
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Component;
 
+import com.wipro.fhir.utils.http.AuthorizationHeaderRequestWrapper;
+
 import jakarta.servlet.Filter;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
@@ -29,6 +31,7 @@ public JwtUserIdValidationFilter(JwtAuthenticationUtil jwtAuthenticationUtil) {
 	public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
 			throws IOException, ServletException {
 		HttpServletRequest request = (HttpServletRequest) servletRequest;
+		
 		HttpServletResponse response = (HttpServletResponse) servletResponse;
 
 		String path = request.getRequestURI();
@@ -47,11 +50,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
 		} else {
 			logger.info("No cookies found in the request");
 		}
-
-		// Log headers for debugging
-		String jwtTokenFromHeader = request.getHeader("Jwttoken");
-		logger.info("JWT token from header: ");
-
+		
 		// Skip login and public endpoints
 		if (shouldSkipPath(path, contextPath)) {
 			filterChain.doFilter(servletRequest, servletResponse);
@@ -66,24 +65,33 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
 			if (jwtFromCookie != null) {
 				logger.info("Validating JWT token from cookie");
 				if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromCookie)) {
-					filterChain.doFilter(servletRequest, servletResponse);
+
+					AuthorizationHeaderRequestWrapper authorizationHeaderRequestWrapper = new AuthorizationHeaderRequestWrapper(
+							request, "");
+					filterChain.doFilter(authorizationHeaderRequestWrapper, servletResponse);
 					return;
 				}
-			}
-
-			if (jwtFromHeader != null) {
+			} else if (jwtFromHeader != null) {
 				logger.info("Validating JWT token from header");
 				if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromHeader)) {
-					filterChain.doFilter(servletRequest, servletResponse);
+					AuthorizationHeaderRequestWrapper authorizationHeaderRequestWrapper = new AuthorizationHeaderRequestWrapper(
+							request, "");
+					filterChain.doFilter(authorizationHeaderRequestWrapper, servletResponse);
+					return;
+				}
+			} else {
+				String userAgent = request.getHeader("User-Agent");
+				logger.info("User-Agent: " + userAgent);
+
+				if (userAgent != null && isMobileClient(userAgent) && authHeader != null) {
+					try {
+						UserAgentContext.setUserAgent(userAgent);
+						filterChain.doFilter(servletRequest, servletResponse);
+					} finally {
+						UserAgentContext.clear();
+					}
 					return;
 				}
-			}
-			String userAgent = request.getHeader("User-Agent");
-			logger.info("User-Agent: " + userAgent);
-
-			if (userAgent != null && isMobileClient(userAgent) && authHeader != null) {
-				filterChain.doFilter(servletRequest, servletResponse);
-				return;
 			}
 
 			logger.warn("No valid authentication token found");

src/main/java/com/wipro/fhir/utils/RestTemplateUtil.java

@@ -0,0 +1,50 @@
+package com.wipro.fhir.utils;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import jakarta.servlet.http.HttpServletRequest;
+
+public class RestTemplateUtil {
+	private final static Logger logger = LoggerFactory.getLogger(RestTemplateUtil.class);
+	
+	public static HttpEntity<Object> createRequestEntity(Object body, String authorization) {
+        
+		ServletRequestAttributes servletRequestAttributes = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes());
+		if (servletRequestAttributes == null) {
+			MultiValueMap<String, String> headers = new LinkedMultiValueMap<>();
+			headers.add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE + ";charset=utf-8");
+			headers.add(HttpHeaders.AUTHORIZATION, authorization);
+			return new HttpEntity<>(body, headers);
+		}
+		HttpServletRequest requestHeader = servletRequestAttributes.getRequest();
+        String jwtTokenFromCookie = null;
+		try {
+			jwtTokenFromCookie = CookieUtil.getJwtTokenFromCookie(requestHeader);
+			
+		} catch (Exception e) {
+			logger.error("Error while getting jwtToken from Cookie" + e.getMessage() );
+		}
+
+        MultiValueMap<String, String> headers = new LinkedMultiValueMap<>();
+        headers.add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE + ";charset=utf-8");
+        if(null != UserAgentContext.getUserAgent()) {
+        	headers.add(HttpHeaders.USER_AGENT, UserAgentContext.getUserAgent());
+        }
+        headers.add(HttpHeaders.AUTHORIZATION, authorization);
+        headers.add("JwtToken",requestHeader.getHeader("JwtToken"));
+        if(null != jwtTokenFromCookie) {
+        	headers.add(HttpHeaders.COOKIE, "Jwttoken=" + jwtTokenFromCookie);
+        }
+
+        return new HttpEntity<>(body, headers);
+    }
+
+}

src/main/java/com/wipro/fhir/utils/UserAgentContext.java

@@ -0,0 +1,18 @@
+package com.wipro.fhir.utils;
+
+public class UserAgentContext {
+	private static final ThreadLocal<String> userAgentHolder = new ThreadLocal<>();
+
+    public static void setUserAgent(String userAgent) {
+        userAgentHolder.set(userAgent);
+    }
+
+    public static String getUserAgent() {
+        return userAgentHolder.get();
+    }
+
+    public static void clear() {
+        userAgentHolder.remove();
+    }
+
+}

src/main/java/com/wipro/fhir/utils/http/AuthorizationHeaderRequestWrapper.java

@@ -0,0 +1,41 @@
+package com.wipro.fhir.utils.http;
+
+
+import java.util.*;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequestWrapper;
+
+public class AuthorizationHeaderRequestWrapper extends HttpServletRequestWrapper{
+	private final String Authorization;
+
+    public AuthorizationHeaderRequestWrapper(HttpServletRequest request, String authHeaderValue) {
+        super(request);
+        this.Authorization = authHeaderValue;
+    }
+
+    @Override
+    public String getHeader(String name) {
+        if ("Authorization".equalsIgnoreCase(name)) {
+            return Authorization;
+        }
+        return super.getHeader(name);
+    }
+
+    @Override
+    public Enumeration<String> getHeaders(String name) {
+        if ("Authorization".equalsIgnoreCase(name)) {
+            return Collections.enumeration(Collections.singletonList(Authorization));
+        }
+        return super.getHeaders(name);
+    }
+
+    @Override
+    public Enumeration<String> getHeaderNames() {
+        List<String> names = Collections.list(super.getHeaderNames());
+        if (!names.contains("Authorization")) {
+            names.add("Authorization");
+        }
+        return Collections.enumeration(names);
+    }
+}

src/main/java/com/wipro/fhir/utils/http/HTTPRequestInterceptor.java

@@ -59,6 +59,10 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons
 		boolean status = true;
 		logger.debug("In preHandle we are Intercepting the Request");
 		String authorization = request.getHeader("Authorization");
+		if (authorization == null || authorization.isEmpty()) {
+	        logger.info("Authorization header is null or empty. Skipping HTTPRequestInterceptor.");
+	        return true; // Allow the request to proceed without validation
+	    }
 		logger.debug("RequestURI::" + request.getRequestURI() + " || Authorization ::" + authorization
 				+ " || method :: " + request.getMethod());
 		if (!request.getMethod().equalsIgnoreCase("OPTIONS")) {