diff --git a/src/main/environment/common_ci.properties b/src/main/environment/common_ci.properties index e0acf3b..2d3cc3a 100644 --- a/src/main/environment/common_ci.properties +++ b/src/main/environment/common_ci.properties @@ -115,3 +115,4 @@ jwt.secret=@env.JWT_SECRET_KEY@ springdoc.api-docs.enabled=@env.SWAGGER_DOC_ENABLED@ springdoc.swagger-ui.enabled=@env.SWAGGER_DOC_ENABLED@ +cors.allowed-origins=@CORS_ALLOWED_ORIGINS@ diff --git a/src/main/environment/common_example.properties b/src/main/environment/common_example.properties index 84ef5d3..a2372f7 100644 --- a/src/main/environment/common_example.properties +++ b/src/main/environment/common_example.properties @@ -111,4 +111,5 @@ logging.level.com.iemr=DEBUG logging.level.org.springframework=INFO jwt.secret=my-32-character-ultra-secure-and-ultra-long-secret logging.path=logs/ -logging.file.name=logs/fhir-api.log \ No newline at end of file +logging.file.name=logs/fhir-api.log +cors.allowed-origins=http://localhost:* diff --git a/src/main/java/com/wipro/fhir/config/CorsConfig.java b/src/main/java/com/wipro/fhir/config/CorsConfig.java new file mode 100644 index 0000000..6417953 --- /dev/null +++ b/src/main/java/com/wipro/fhir/config/CorsConfig.java @@ -0,0 +1,25 @@ +package com.wipro.fhir.config; + +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.config.annotation.CorsRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +@Configuration +public class CorsConfig implements WebMvcConfigurer { + + @Value("${cors.allowed-origins}") + private String allowedOrigins; + + @Override + public void addCorsMappings(CorsRegistry registry) { + registry.addMapping("/**") + .allowedOriginPatterns(allowedOrigins.split(",")) + .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS") + .allowedHeaders("*") + .exposedHeaders("Authorization", "Jwttoken") // Explicitly expose headers if needed + .allowCredentials(true) + .maxAge(3600) + ; + } +} \ No newline at end of file diff --git a/src/main/java/com/wipro/fhir/controller/carecontext/CareContextController.java b/src/main/java/com/wipro/fhir/controller/carecontext/CareContextController.java index 2c119a2..dfc6c53 100644 --- a/src/main/java/com/wipro/fhir/controller/carecontext/CareContextController.java +++ b/src/main/java/com/wipro/fhir/controller/carecontext/CareContextController.java @@ -38,7 +38,7 @@ import io.lettuce.core.dynamic.annotation.Param; import io.swagger.v3.oas.annotations.Operation; -@CrossOrigin + @RestController @RequestMapping(value = "/careContext", headers = "Authorization", consumes = "application/json", produces = "application/json") public class CareContextController { @@ -46,7 +46,7 @@ public class CareContextController { @Autowired private CareContextService careContextService; - @CrossOrigin + @Operation(summary = "Generate OTP for care context linking") @PostMapping(value = { "/generateOTPForCareContext" }) public String generateOTP( @@ -69,7 +69,7 @@ public String generateOTP( return response.toString(); } - @CrossOrigin + @Operation(summary = "Validate OTP and create care context") @PostMapping(value = { "/validateOTPAndCreateCareContext" }) public String validateOTPAndCreateCareContext( @@ -94,7 +94,7 @@ public String validateOTPAndCreateCareContext( return response.toString(); } - @CrossOrigin + @Operation(summary = "Add care context to Mongo") @PostMapping(value = { "/addCarecontextToMongo" }) public String saveCareContextToMongo(@Param(value = "{}") @RequestBody String request, diff --git a/src/main/java/com/wipro/fhir/controller/eaushdhi/EAushadhiController.java b/src/main/java/com/wipro/fhir/controller/eaushdhi/EAushadhiController.java index d15fb33..868fdaa 100644 --- a/src/main/java/com/wipro/fhir/controller/eaushdhi/EAushadhiController.java +++ b/src/main/java/com/wipro/fhir/controller/eaushdhi/EAushadhiController.java @@ -47,7 +47,7 @@ * @author DE40034072 Date 01-12-2021 */ -@CrossOrigin + @RestController @RequestMapping(value = "/eAushadhi", headers = "Authorization", consumes = "application/json", produces = "application/json") public class EAushadhiController { @@ -56,7 +56,7 @@ public class EAushadhiController { private EAushadhiService eAushadhiService; private final Logger logger = LoggerFactory.getLogger(this.getClass().getName()); - @CrossOrigin + @Operation(summary = "Getting store stock details from e-aushadhi") @PostMapping(value = { "/getStoreStockDetails" }) public String getStoreStockDetails(@Param(value = "{\"facilityID\":\"Integer\"}") @RequestBody String request, @@ -90,7 +90,7 @@ public String getStoreStockDetails(@Param(value = "{\"facilityID\":\"Integer\"}" * @param Authorization * @return sync dispense data and patient information to E-Aushadhi. */ - @CrossOrigin + @Operation(summary = "Sync drug dispense data and patient details with e-aushadhi") @PostMapping(value = { "/syncDrugDispenseDetails" }) public String syncDrugDispenseAndPatientDetails( @@ -113,7 +113,7 @@ public String syncDrugDispenseAndPatientDetails( return response.toString(); } - @CrossOrigin + @Operation(summary = "Get log for stock processing") @PostMapping(value = { "/getFacilityStockProcessLog" }) public String getFacilityStockProcessLog(@RequestBody String request) { @@ -134,7 +134,7 @@ public String getFacilityStockProcessLog(@RequestBody String request) { return response.toString(); } - @CrossOrigin + @Operation(summary = "Sync e-aushadhi for patient issue details") @PostMapping(value = { "/updatePatientIssueSyncStatus" }) public String addFacility(@RequestBody String request) { diff --git a/src/main/java/com/wipro/fhir/controller/facility/FacilityController.java b/src/main/java/com/wipro/fhir/controller/facility/FacilityController.java index 3efafba..5c688cf 100644 --- a/src/main/java/com/wipro/fhir/controller/facility/FacilityController.java +++ b/src/main/java/com/wipro/fhir/controller/facility/FacilityController.java @@ -20,7 +20,7 @@ import io.swagger.v3.oas.annotations.Operation; -@CrossOrigin + @RestController @RequestMapping(value = "/facility", headers = "Authorization") public class FacilityController { @@ -31,7 +31,7 @@ public class FacilityController { Logger logger = LoggerFactory.getLogger(this.getClass().getName()); - @CrossOrigin + @Operation(summary = "Get ABDM Registered Facilities") @GetMapping(value = { "/getAbdmRegisteredFacilities" }) public String getAbdmRegisteredFacilities(@RequestHeader(value = "Authorization") String Authorization) { @@ -54,7 +54,7 @@ public String getAbdmRegisteredFacilities(@RequestHeader(value = "Authorization" } - @CrossOrigin + @Operation(summary = "Get ABDM Registered Facilities") @PostMapping(value = { "/saveAbdmFacilityId" }) public String saveAbdmFacilityForVisit(@RequestHeader(value = "Authorization") String Authorization, @RequestBody() String reqObj) { diff --git a/src/main/java/com/wipro/fhir/controller/generateresource/ResourceRequestGateway.java b/src/main/java/com/wipro/fhir/controller/generateresource/ResourceRequestGateway.java index 19253dc..7752ccf 100644 --- a/src/main/java/com/wipro/fhir/controller/generateresource/ResourceRequestGateway.java +++ b/src/main/java/com/wipro/fhir/controller/generateresource/ResourceRequestGateway.java @@ -49,7 +49,7 @@ * */ -@CrossOrigin + @RestController @RequestMapping(value = "/get/resource", headers = "Authorization", consumes = "application/json", produces = "application/json") public class ResourceRequestGateway { @@ -73,7 +73,7 @@ public class ResourceRequestGateway { * DocumentReference} * */ - @CrossOrigin + @Operation(summary = "Get OP consult record bundle") @PostMapping(value = { "/OPConsultRecord" }) public String getPatientResource(@RequestBody ResourceRequestHandler patientResourceRequest, @@ -100,7 +100,7 @@ public String getPatientResource(@RequestBody ResourceRequestHandler patientReso * DocumentReference} * */ - @CrossOrigin + @Operation(summary = "Get diagnostic report record bundle") @PostMapping(value = { "/DiagnosticReportRecord" }) public String getDiagnosticReportRecord(@RequestBody ResourceRequestHandler patientResourceRequest, @@ -126,7 +126,7 @@ public String getDiagnosticReportRecord(@RequestBody ResourceRequestHandler pati * || Organization || MedicationRequest || Binary} * */ - @CrossOrigin + @Operation(summary = "Get prescription record") @PostMapping(value = { "/PrescriptionRecord" }) public String getPrescriptionRecord(@RequestBody ResourceRequestHandler patientResourceRequest, diff --git a/src/main/java/com/wipro/fhir/controller/healthCard/GenerateHealthIDCardController.java b/src/main/java/com/wipro/fhir/controller/healthCard/GenerateHealthIDCardController.java index b6909e6..02b6006 100644 --- a/src/main/java/com/wipro/fhir/controller/healthCard/GenerateHealthIDCardController.java +++ b/src/main/java/com/wipro/fhir/controller/healthCard/GenerateHealthIDCardController.java @@ -38,7 +38,7 @@ import io.lettuce.core.dynamic.annotation.Param; import io.swagger.v3.oas.annotations.Operation; -@CrossOrigin + @RestController @RequestMapping(value = "/healthIDCard", headers = "Authorization") public class GenerateHealthIDCardController { @@ -46,7 +46,7 @@ public class GenerateHealthIDCardController { @Autowired private HealthID_CardService healthID_CardService; - @CrossOrigin + @Operation(summary = "Generate OTP for ABHA card") @PostMapping(value = { "/generateOTP" }) public String mapHealthIDToBeneficiary( @@ -68,7 +68,7 @@ public String mapHealthIDToBeneficiary( return response.toString(); } - @CrossOrigin + @Operation(summary = "Generate OTP for ABHA card") @PostMapping(value = { "/verifyOTPAndGenerateHealthCard" }) public String verifyOTPAndGenerateHealthCard( diff --git a/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIDWithBio.java b/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIDWithBio.java index 3e68923..f5ebafd 100644 --- a/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIDWithBio.java +++ b/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIDWithBio.java @@ -17,7 +17,7 @@ import io.lettuce.core.dynamic.annotation.Param; import io.swagger.v3.oas.annotations.Operation; -@CrossOrigin + @RestController @RequestMapping(value = "/healthIDWithBio", headers = "Authorization") public class CreateHealthIDWithBio { @@ -26,7 +26,7 @@ public class CreateHealthIDWithBio { @Autowired private HealthIDWithBioService healthIDWithBioService; - @CrossOrigin + @Operation(summary = "Verify Bio") @PostMapping(value = { "/verifyBio" }) public String verifyBio(@Param(value = "{\"Aadhaar\":\"String\", \"pid\":\"String\",\"bioType\":\"String\"}") @RequestBody String request, @@ -50,7 +50,7 @@ public String verifyBio(@Param(value = "{\"Aadhaar\":\"String\", \"pid\":\"Strin } - @CrossOrigin + @Operation(summary = "generate Mobile OTP") @PostMapping(value = { "/generateMobileOTP" }) public String checkAndGenerateMobileOTP( @@ -72,7 +72,7 @@ public String checkAndGenerateMobileOTP( return response.toString(); } - @CrossOrigin + @Operation(summary = "Confirm with Aadhaar Bio") @PostMapping(value = { "/confirmWithAadhaarBio" }) public String confirmWithAadhaarBio(@Param(value = "{\"txnId\":\"String\", \"pid\":\"String\",\"bioType\":\"String\",\"authType\":\"String\"}") @RequestBody String request, diff --git a/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIDWithMobileOTP.java b/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIDWithMobileOTP.java index 99eebb2..0711b41 100644 --- a/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIDWithMobileOTP.java +++ b/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIDWithMobileOTP.java @@ -40,7 +40,7 @@ import io.lettuce.core.dynamic.annotation.Param; import io.swagger.v3.oas.annotations.Operation; -@CrossOrigin + @RestController @RequestMapping(value = "/healthID", headers = "Authorization", consumes = "application/json", produces = "application/json") public class CreateHealthIDWithMobileOTP { @@ -56,7 +56,7 @@ public class CreateHealthIDWithMobileOTP { * @param Authorization * @return NDHM transactionID */ - @CrossOrigin + @Operation(summary = "generate OTP") @PostMapping(value = { "/generateOTP" }) public String generateOTP(@Param(value = "{\"mobile\":\"String\"}") @RequestBody String request, @@ -84,7 +84,7 @@ public String generateOTP(@Param(value = "{\"mobile\":\"String\"}") @RequestBody * @param Authorization * @return Generated ABHA for Beneficiary */ - @CrossOrigin + @Operation(summary = "verify OTP and generate ABHA") @PostMapping(value = { "/verifyOTPAndGenerateHealthID" }) public String verifyOTPAndGenerateHealthID( @@ -114,7 +114,7 @@ public String verifyOTPAndGenerateHealthID( * @param comingRequest * @return ABHA of Beneficiary */ - @CrossOrigin() + @Operation(summary = "Get Beneficiary ABHA details") @PostMapping(value = { "/getBenhealthID" }) public String getBenhealthID( @@ -140,7 +140,7 @@ public String getBenhealthID( return response.toString(); } - @CrossOrigin() + @Operation(summary = "Get Beneficiary Id for ABHA Id") @PostMapping(value = { "/getBenIdForhealthID" }) public String getBenIdForhealthID( diff --git a/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIDWithUID.java b/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIDWithUID.java index afafc03..0ed9166 100644 --- a/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIDWithUID.java +++ b/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIDWithUID.java @@ -38,7 +38,7 @@ import io.lettuce.core.dynamic.annotation.Param; import io.swagger.v3.oas.annotations.Operation; -@CrossOrigin + @RestController @RequestMapping(value = "/healthIDWithUID", headers = "Authorization", consumes = "application/json", produces = "application/json") public class CreateHealthIDWithUID { @@ -47,7 +47,7 @@ public class CreateHealthIDWithUID { @Autowired private HealthIDWithUIDService HealthIDWithUIDService; - @CrossOrigin + @Operation(summary = "Generate OTP") @PostMapping(value = { "/generateOTP" }) public String generateOTP(@Param(value = "{\"mobile\":\"String\"}") @RequestBody String request, @@ -70,7 +70,7 @@ public String generateOTP(@Param(value = "{\"mobile\":\"String\"}") @RequestBody return response.toString(); } - @CrossOrigin + @Operation(summary = "Verify OTP") @PostMapping(value = { "/verifyOTP" }) public String verifyOTP(@Param(value = "{\"OTP\":\"String\", \"txnId\":\"String\"}") @RequestBody String request, @@ -93,7 +93,7 @@ public String verifyOTP(@Param(value = "{\"OTP\":\"String\", \"txnId\":\"String\ return response.toString(); } - @CrossOrigin + @Operation(summary = "Check and generate OTP") @PostMapping(value = { "/checkAndGenerateMobileOTP" }) public String checkAndGenerateMobileOTP( @@ -117,7 +117,7 @@ public String checkAndGenerateMobileOTP( return response.toString(); } - @CrossOrigin + @Operation(summary = "Verify mobile OTP") @PostMapping(value = { "/verifyMobileOTP" }) public String verifyMobileOTP( @@ -141,7 +141,7 @@ public String verifyMobileOTP( return response.toString(); } - @CrossOrigin + @Operation(summary = "Create ABHA with UID") @PostMapping(value = { "/createHealthIDWithUID" }) public String createHealthIDWithUID( diff --git a/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIdRecord.java b/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIdRecord.java index 58fa5cb..119bc93 100644 --- a/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIdRecord.java +++ b/src/main/java/com/wipro/fhir/controller/healthID/CreateHealthIdRecord.java @@ -16,7 +16,7 @@ import io.swagger.v3.oas.annotations.Operation; -@CrossOrigin + @RestController @RequestMapping(value = "/healthIDRecord", headers = "Authorization", consumes = "application/json", produces = "application/json") public class CreateHealthIdRecord { @@ -32,7 +32,7 @@ public class CreateHealthIdRecord { * @param Authorization * @return BenRegID of beneficiary after mapping */ - @CrossOrigin + @Operation(summary = "Map ABHA to beneficiary") @PostMapping(value = { "/mapHealthIDToBeneficiary" }) public String mapHealthIDToBeneficiary( @@ -54,7 +54,7 @@ public String mapHealthIDToBeneficiary( } - @CrossOrigin + @Operation(summary = "Add New health ID record to healthId table") @PostMapping(value = { "/addHealthIdRecord" }) public String addRecordToHealthIdTable( diff --git a/src/main/java/com/wipro/fhir/controller/healthIDvalidate/HealthIDValidateController.java b/src/main/java/com/wipro/fhir/controller/healthIDvalidate/HealthIDValidateController.java index a1da45a..78d1055 100644 --- a/src/main/java/com/wipro/fhir/controller/healthIDvalidate/HealthIDValidateController.java +++ b/src/main/java/com/wipro/fhir/controller/healthIDvalidate/HealthIDValidateController.java @@ -38,7 +38,7 @@ import io.lettuce.core.dynamic.annotation.Param; import io.swagger.v3.oas.annotations.Operation; -@CrossOrigin + @RestController @RequestMapping(value = "/validate", headers = "Authorization") public class HealthIDValidateController { @@ -47,7 +47,7 @@ public class HealthIDValidateController { private HealthIDValidationService healthIDValidationService; private final Logger logger = LoggerFactory.getLogger(this.getClass().getName()); - @CrossOrigin + @Operation(summary = "Generate OTP for ABHA validation") @PostMapping(value = { "/generateOTPForHealthIDValidation" }) public String generateOTPForHealthIDValidation( @@ -70,7 +70,7 @@ public String generateOTPForHealthIDValidation( return response.toString(); } - @CrossOrigin + @Operation(summary = "Verify OTP for ABHA validation") @PostMapping(value = { "/verifyOTPForHealthIDValidation" }) public String verifyOTPForHealthIDValidation( diff --git a/src/main/java/com/wipro/fhir/controller/patientdatahandler/HigherHealthFacilityController.java b/src/main/java/com/wipro/fhir/controller/patientdatahandler/HigherHealthFacilityController.java index 881b16f..9c03637 100644 --- a/src/main/java/com/wipro/fhir/controller/patientdatahandler/HigherHealthFacilityController.java +++ b/src/main/java/com/wipro/fhir/controller/patientdatahandler/HigherHealthFacilityController.java @@ -34,7 +34,7 @@ import io.swagger.v3.oas.annotations.Operation; -@CrossOrigin + @RestController @RequestMapping(value = "/higher/health/facility", headers = "Authorization", consumes = "application/json", produces = "application/json") public class HigherHealthFacilityController { @@ -42,7 +42,7 @@ public class HigherHealthFacilityController { @Autowired private HigherHealthFacilityServiceImpl higherHealthFacilityServiceImpl; - @CrossOrigin + @Operation(summary = "Update beneficiary id for higher health facility") @PostMapping(value = { "/update/bengenid" }) public String feedPatientDemographicData(@RequestBody ResourceRequestHandler resourceRequestHandler) { @@ -64,7 +64,7 @@ public String feedPatientDemographicData(@RequestBody ResourceRequestHandler res } - @CrossOrigin + @Operation(summary = "Get clinical data from higher health facility") @PostMapping(value = { "/get/clinical/data" }) public String getCLinicalDataHigherhealthFacility(@RequestBody ResourceRequestHandler resourceRequestHandler) { diff --git a/src/main/java/com/wipro/fhir/controller/patientdatahandler/PatientDataGatewayController.java b/src/main/java/com/wipro/fhir/controller/patientdatahandler/PatientDataGatewayController.java index a929faa..31d3438 100644 --- a/src/main/java/com/wipro/fhir/controller/patientdatahandler/PatientDataGatewayController.java +++ b/src/main/java/com/wipro/fhir/controller/patientdatahandler/PatientDataGatewayController.java @@ -41,7 +41,7 @@ import io.swagger.v3.oas.annotations.Operation; -@CrossOrigin + @RestController @RequestMapping(value = "/patient/data", headers = "Authorization", consumes = "application/json", produces = "application/json") public class PatientDataGatewayController { @@ -51,7 +51,7 @@ public class PatientDataGatewayController { private final Logger logger = LoggerFactory.getLogger(this.getClass().getName()); - @CrossOrigin + @Operation(summary = "Patient profile search from Mongo, search parameter - healthId, healthIdNo, amritId, externalId, phoneNo, state, district, village") @PostMapping(value = { "/profile/search/demographic" }) public String patientDataSearchFromMongo(@RequestBody ResourceRequestHandler resourceRequestHandler, @@ -72,7 +72,7 @@ public String patientDataSearchFromMongo(@RequestBody ResourceRequestHandler res } - @CrossOrigin + @Operation(summary = "Patient profile search from Mongo, all data based on page no") @GetMapping(value = { "/searchWithPagination/{pageNo}" }, produces = MediaType.APPLICATION_JSON) public String patientDataSearchFromMongoPagination(@PathVariable("pageNo") Integer pageNo) { diff --git a/src/main/java/com/wipro/fhir/controller/test/Test.java b/src/main/java/com/wipro/fhir/controller/test/Test.java index 2873a05..c76b2b4 100644 --- a/src/main/java/com/wipro/fhir/controller/test/Test.java +++ b/src/main/java/com/wipro/fhir/controller/test/Test.java @@ -42,7 +42,7 @@ import io.swagger.v3.oas.annotations.Operation; -@CrossOrigin + @RestController @RequestMapping(value = "/feeds", headers = "Authorization") public class Test { @@ -53,7 +53,7 @@ public class Test { @Autowired private OPConsultRecordBundleImpl oPConsultRecordBundleImpl; - @CrossOrigin + @Operation(summary = "Test parse ATOM Feeds") @PostMapping(value = { "/parse/feed/ATOM" }) public String parseFeeds(@RequestBody ResourceRequestHandler resourceRequestHandler, diff --git a/src/main/java/com/wipro/fhir/controller/v3/abha/CreateAbhaV3Controller.java b/src/main/java/com/wipro/fhir/controller/v3/abha/CreateAbhaV3Controller.java index 4e277d9..8211235 100644 --- a/src/main/java/com/wipro/fhir/controller/v3/abha/CreateAbhaV3Controller.java +++ b/src/main/java/com/wipro/fhir/controller/v3/abha/CreateAbhaV3Controller.java @@ -15,7 +15,7 @@ import io.swagger.v3.oas.annotations.Operation; -@CrossOrigin + @RestController @RequestMapping(value = "/abhaCreation", headers = "Authorization") public class CreateAbhaV3Controller { @@ -25,7 +25,7 @@ public class CreateAbhaV3Controller { @Autowired private CreateAbhaV3Service createAbhaV3Service; - @CrossOrigin + @Operation(summary = "Generate OTP for ABHA enrollment") @PostMapping(value = { "/requestOtpForAbhaEnrollment" }) public String requestOtpForEnrollment(@RequestBody String request) { @@ -45,7 +45,7 @@ public String requestOtpForEnrollment(@RequestBody String request) { return response.toString(); } - @CrossOrigin + @Operation(summary = "ABHA enrollment by Aadhaar") @PostMapping(value = { "/abhaEnrollmentByAadhaar" }) public String abhaEnrollmentByAadhaar(@RequestBody String request) { @@ -66,7 +66,7 @@ public String abhaEnrollmentByAadhaar(@RequestBody String request) { return response.toString(); } - @CrossOrigin + @Operation(summary = "Verify Auth By ABDM for ABHA enrollment") @PostMapping(value = { "/verifyAuthByAbdm" }) public String verifyMobileForAuth(@RequestBody String request) { @@ -86,7 +86,7 @@ public String verifyMobileForAuth(@RequestBody String request) { return response.toString(); } - @CrossOrigin + @Operation(summary = "Print Abha card") @PostMapping(value = { "/printAbhaCard" }) public String printAbhaCard(@RequestBody String request) { diff --git a/src/main/java/com/wipro/fhir/controller/v3/abha/LoginAbhaV3Controller.java b/src/main/java/com/wipro/fhir/controller/v3/abha/LoginAbhaV3Controller.java index 7d69230..1e9dd56 100644 --- a/src/main/java/com/wipro/fhir/controller/v3/abha/LoginAbhaV3Controller.java +++ b/src/main/java/com/wipro/fhir/controller/v3/abha/LoginAbhaV3Controller.java @@ -15,7 +15,7 @@ import io.swagger.v3.oas.annotations.Operation; -@CrossOrigin + @RestController @RequestMapping(value = "/abhaLogin", headers = "Authorization") public class LoginAbhaV3Controller { @@ -25,7 +25,7 @@ public class LoginAbhaV3Controller { @Autowired private LoginAbhaV3Service loginAbhaV3Service; - @CrossOrigin + @Operation(summary = "Request OTP for Abha LOgin") @PostMapping(value = { "/abhaLoginRequestOtp" }) public String requestOtpForAbhaLogin(@RequestBody String request) { @@ -45,7 +45,7 @@ public String requestOtpForAbhaLogin(@RequestBody String request) { return response.toString(); } - @CrossOrigin + @Operation(summary = "verify OTP for Abha LOgin") @PostMapping(value = { "/verifyAbhaLogin" }) public String verifyAbhaLogin(@RequestBody String request) { @@ -65,7 +65,7 @@ public String verifyAbhaLogin(@RequestBody String request) { return response.toString(); } - @CrossOrigin + @Operation(summary = "Print PHR card - abha address web login") @PostMapping(value = { "/printWebLoginPhrCard" }) public String printWebLoginPhrCard(@RequestBody String request) { diff --git a/src/main/java/com/wipro/fhir/utils/DynamicCorsFilter.java b/src/main/java/com/wipro/fhir/utils/DynamicCorsFilter.java new file mode 100644 index 0000000..d2e40fe --- /dev/null +++ b/src/main/java/com/wipro/fhir/utils/DynamicCorsFilter.java @@ -0,0 +1,37 @@ +package com.wipro.fhir.utils; + +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Component; +import org.springframework.web.filter.OncePerRequestFilter; + +import java.io.IOException; +import java.util.Arrays; + +@Component +public class DynamicCorsFilter extends OncePerRequestFilter { + + @Value("${cors.allowed-origins}") + private String[] allowedOrigins; + + @Override + protected void doFilterInternal(HttpServletRequest request, + HttpServletResponse response, + FilterChain filterChain) + throws ServletException, IOException { + + String origin = request.getHeader("Origin"); + if (origin != null && Arrays.asList(allowedOrigins).contains(origin)) { + response.setHeader("Access-Control-Allow-Origin", origin); + } + + if ("OPTIONS".equalsIgnoreCase(request.getMethod())) { + response.setStatus(HttpServletResponse.SC_OK); + } else { + filterChain.doFilter(request, response); + } + } +} diff --git a/src/main/java/com/wipro/fhir/utils/FilterConfig.java b/src/main/java/com/wipro/fhir/utils/FilterConfig.java index 5a7ef36..f84ae05 100644 --- a/src/main/java/com/wipro/fhir/utils/FilterConfig.java +++ b/src/main/java/com/wipro/fhir/utils/FilterConfig.java @@ -1,5 +1,7 @@ package com.wipro.fhir.utils; + +import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -7,13 +9,19 @@ @Configuration public class FilterConfig { + @Value("${cors.allowed-origins}") + private String allowedOrigins; + @Bean public FilterRegistrationBean jwtUserIdValidationFilter( JwtAuthenticationUtil jwtAuthenticationUtil) { FilterRegistrationBean registrationBean = new FilterRegistrationBean<>(); - registrationBean.setFilter(new JwtUserIdValidationFilter(jwtAuthenticationUtil)); + + // Pass allowedOrigins explicitly to the filter constructor + JwtUserIdValidationFilter filter = new JwtUserIdValidationFilter(jwtAuthenticationUtil, allowedOrigins); + + registrationBean.setFilter(filter); registrationBean.addUrlPatterns("/*"); // Apply filter to all API endpoints return registrationBean; } - } diff --git a/src/main/java/com/wipro/fhir/utils/JwtUserIdValidationFilter.java b/src/main/java/com/wipro/fhir/utils/JwtUserIdValidationFilter.java index ef30deb..23e2274 100644 --- a/src/main/java/com/wipro/fhir/utils/JwtUserIdValidationFilter.java +++ b/src/main/java/com/wipro/fhir/utils/JwtUserIdValidationFilter.java @@ -1,9 +1,11 @@ package com.wipro.fhir.utils; import java.io.IOException; +import java.util.Arrays; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; import com.wipro.fhir.utils.http.AuthorizationHeaderRequestWrapper; @@ -22,9 +24,12 @@ public class JwtUserIdValidationFilter implements Filter { private final JwtAuthenticationUtil jwtAuthenticationUtil; private final Logger logger = LoggerFactory.getLogger(this.getClass().getName()); + private final String allowedOrigins; - public JwtUserIdValidationFilter(JwtAuthenticationUtil jwtAuthenticationUtil) { + public JwtUserIdValidationFilter(JwtAuthenticationUtil jwtAuthenticationUtil, + @Value("${cors.allowed-origins}") String allowedOrigins) { this.jwtAuthenticationUtil = jwtAuthenticationUtil; + this.allowedOrigins = allowedOrigins; } @Override @@ -38,6 +43,20 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo String contextPath = request.getContextPath(); logger.info("JwtUserIdValidationFilter invoked for path: " + path); + String origin = request.getHeader("Origin"); + if (origin != null && isOriginAllowed(origin)) { + response.setHeader("Access-Control-Allow-Origin", origin); + response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS"); + response.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type, Accept, Jwttoken"); + response.setHeader("Access-Control-Allow-Credentials", "true"); + } + + if ("OPTIONS".equalsIgnoreCase(request.getMethod())) { + logger.info("OPTIONS request - skipping JWT validation"); + response.setStatus(HttpServletResponse.SC_OK); + return; + } + // Log cookies for debugging Cookie[] cookies = request.getCookies(); if (cookies != null) { @@ -103,6 +122,16 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo } } + private boolean isOriginAllowed(String origin) { + if (origin == null || allowedOrigins == null || allowedOrigins.trim().isEmpty()) { + logger.warn("No allowed origins configured or origin is null"); + return false; + } + + return Arrays.stream(allowedOrigins.split(",")).map(String::trim) + .anyMatch(pattern -> origin.matches(pattern.replace(".", "\\.").replace("*", ".*"))); + } + private boolean isMobileClient(String userAgent) { if (userAgent == null) return false;