JwtToken validation skipped if not present for mobile request also Null condition Added for API (#75)

* Reverted Changes

* removed Unused imports

* Update application.properties

* Swagger changes

* Null Condition Added

* AMM-1456

* Indent format

Author: ravishanigarapu

src/main/java/com/iemr/tm/service/common/transaction/CommonNurseServiceImpl.java

@@ -1894,24 +1894,26 @@ public BenMenstrualDetails getMenstrualHistory(Long beneficiaryRegID, Long visit
 		BenMenstrualDetails menstrualHistoryDetails = BenMenstrualDetails.getBenMenstrualDetails(menstrualHistory);
 
 		// CRs changes, 30-10-2018
-		String problemID = menstrualHistoryDetails.getMenstrualProblemID();
-		String problemName = menstrualHistoryDetails.getProblemName();
-
-		if (problemID != null && problemName != null) {
-			String[] problemIdArr = problemID.split(",");
-			String[] problemNameArr = problemName.split(",");
-			ArrayList<Map<String, Object>> menstrualProblemList = new ArrayList<>();
-			Map<String, Object> menstrualProblemMap = null;
-
-			if (problemIdArr.length == problemNameArr.length) {
-				for (int i = 0; i < problemIdArr.length; i++) {
-					menstrualProblemMap = new HashMap<String, Object>();
-					menstrualProblemMap.put("menstrualProblemID", problemIdArr[i]);
-					menstrualProblemMap.put("problemName", problemNameArr[i]);
-					menstrualProblemList.add(menstrualProblemMap);
+		if (null != menstrualHistoryDetails) {
+			String problemID = menstrualHistoryDetails.getMenstrualProblemID();
+			String problemName = menstrualHistoryDetails.getProblemName();
+
+			if (problemID != null && problemName != null) {
+				String[] problemIdArr = problemID.split(",");
+				String[] problemNameArr = problemName.split(",");
+				ArrayList<Map<String, Object>> menstrualProblemList = new ArrayList<>();
+				Map<String, Object> menstrualProblemMap = null;
+
+				if (problemIdArr.length == problemNameArr.length) {
+					for (int i = 0; i < problemIdArr.length; i++) {
+						menstrualProblemMap = new HashMap<String, Object>();
+						menstrualProblemMap.put("menstrualProblemID", problemIdArr[i]);
+						menstrualProblemMap.put("problemName", problemNameArr[i]);
+						menstrualProblemList.add(menstrualProblemMap);
+					}
 				}
+				menstrualHistoryDetails.setMenstrualProblemList(menstrualProblemList);
 			}
-			menstrualHistoryDetails.setMenstrualProblemList(menstrualProblemList);
 		}
 
 		return menstrualHistoryDetails;

src/main/java/com/iemr/tm/utils/JwtUserIdValidationFilter.java

@@ -48,49 +48,60 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
 			logger.info("No cookies found in the request");
 		}
 
-		// Log headers for debugging
-		String jwtTokenFromHeader = request.getHeader("Jwttoken");
-		logger.info("JWT token from header: ");
-
 		// Skip login and public endpoints
 		if (path.equals(contextPath + "/user/userAuthenticate")
 				|| path.equalsIgnoreCase(contextPath + "/user/logOutUserFromConcurrentSession")
-				|| path.startsWith(contextPath + "/swagger-ui")
-				|| path.startsWith(contextPath + "/v3/api-docs")
-				|| path.startsWith(contextPath + "/user/refreshToken")
-				|| path.startsWith(contextPath + "/public")) {
+				|| path.startsWith(contextPath + "/swagger-ui") || path.startsWith(contextPath + "/v3/api-docs")
+				|| path.startsWith(contextPath + "/user/refreshToken") || path.startsWith(contextPath + "/public")) {
 			logger.info("Skipping filter for path: " + path);
 			filterChain.doFilter(servletRequest, servletResponse);
 			return;
 		}
 
 		try {
-			// Retrieve JWT token from cookies
-			String jwtTokenFromCookie = getJwtTokenFromCookies(request);
-			logger.info("JWT token from cookie: ");
-
-			// Determine which token (cookie or header) to validate
-			String jwtToken = jwtTokenFromCookie != null ? jwtTokenFromCookie : jwtTokenFromHeader;
-			if (jwtToken == null) {
-				response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "JWT token not found in cookies or headers");
-				return;
+			String jwtFromCookie = getJwtTokenFromCookies(request);
+			String jwtFromHeader = request.getHeader("JwtToken");
+			String authHeader = request.getHeader("Authorization");
+
+			if (jwtFromCookie != null) {
+				logger.info("Validating JWT token from cookie");
+				if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromCookie)) {
+					filterChain.doFilter(servletRequest, servletResponse);
+					return;
+				}
 			}
 
-			// Validate JWT token and userId
-			boolean isValid = jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtToken);
+			if (jwtFromHeader != null) {
+				logger.info("Validating JWT token from header");
+				if (jwtAuthenticationUtil.validateUserIdAndJwtToken(jwtFromHeader)) {
+					filterChain.doFilter(servletRequest, servletResponse);
+					return;
+				}
+			}
+			String userAgent = request.getHeader("User-Agent");
+			logger.info("User-Agent: " + userAgent);
 
-			if (isValid) {
-				// If token is valid, allow the request to proceed
+			if (userAgent != null && isMobileClient(userAgent) && authHeader != null) {
 				filterChain.doFilter(servletRequest, servletResponse);
-			} else {
-				response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid JWT token");
+				return;
 			}
+
+			logger.warn("No valid authentication token found");
+			response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized: Invalid or missing token");
+
 		} catch (Exception e) {
 			logger.error("Authorization error: ", e);
 			response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization error: " + e.getMessage());
 		}
 	}
 
+	private boolean isMobileClient(String userAgent) {
+		if (userAgent == null)
+			return false;
+		userAgent = userAgent.toLowerCase();
+		return userAgent.contains("okhttp"); // iOS (custom clients)
+	}
+
 	private String getJwtTokenFromCookies(HttpServletRequest request) {
 		Cookie[] cookies = request.getCookies();
 		if (cookies != null) {