From 3c583420b7d7a16fa9c82642480b87a0edffcdea Mon Sep 17 00:00:00 2001 From: Mithun James <1007084+drtechie@users.noreply.github.com> Date: Fri, 23 May 2025 14:59:53 +0530 Subject: [PATCH 1/5] fix: ensure get login response passes right response --- .../controller/users/IEMRAdminController.java | 73 ++++++++++++++++++- .../java/com/iemr/common/utils/JwtUtil.java | 4 + 2 files changed, 75 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java index 9256cca3..d0810681 100644 --- a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java +++ b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java @@ -209,6 +209,8 @@ public String userAuthenticate( responseObj.put("refreshToken", refreshToken); } + // responseObj ==> helper + response.setResponse(responseObj.toString()); } catch (Exception e) { logger.error("userAuthenticate failed with error " + e.getMessage(), e); @@ -483,8 +485,50 @@ public String superUserAuthenticate( public String getLoginResponse(HttpServletRequest request) { OutputResponse response = new OutputResponse(); try { - response.setResponse(sessionObject.getSessionObject(request.getHeader("Authorization"))); - } catch (RedisSessionException e) { + String authHeader = request.getHeader("Authorization"); + if (authHeader == null) { + // Try JWT token from header first + String jwtToken = request.getHeader("Jwttoken"); + + // If not in header, try cookie + if (jwtToken == null) { + Cookie[] cookies = request.getCookies(); + if (cookies != null) { + for (Cookie cookie : cookies) { + if ("jwtToken".equals(cookie.getName())) { + jwtToken = cookie.getValue(); + break; + } + } + } + } + + if (jwtToken == null) { + throw new IEMRException("No authentication token found in header or cookie"); + } + + // Extract user ID from the JWT token + String userId = jwtUtil.getUserIdFromToken(jwtToken); + + // Get user details and prepare response + User user = iemrAdminUserServiceImpl.getUserById(Long.parseLong(userId)); + if (user == null) { + throw new IEMRException("User not found"); + } + + String remoteAddress = request.getHeader("X-FORWARDED-FOR"); + if (remoteAddress == null || remoteAddress.trim().length() == 0) { + remoteAddress = request.getRemoteAddr(); + } + + // Use the helper method to prepare response + JSONObject responseObj = prepareAuthenticationResponse(user, remoteAddress, request.getRemoteHost()); + response.setResponse(responseObj.toString()); + } else { + response.setResponse(sessionObject.getSessionObject(authHeader)); + } + } catch (Exception e) { + logger.error("getLoginResponse failed with error " + e.getMessage(), e); response.setError(e); } return response.toString(); @@ -1057,4 +1101,29 @@ public ResponseEntity getJwtTokenFromCookie(HttpServletRequest httpReque return ResponseEntity.status(HttpStatus.NOT_FOUND).body("JWT token not found"); } + private JSONObject prepareAuthenticationResponse(User mUser, String remoteAddress, String remoteHost) throws Exception { + JSONObject resMap = new JSONObject(); + JSONObject serviceRoleMultiMap = new JSONObject(); + JSONObject serviceRoleMap = new JSONObject(); + JSONArray serviceRoleList = new JSONArray(); + JSONObject previlegeObj = new JSONObject(); + + if (mUser != null) { + createUserMapping(mUser, resMap, serviceRoleMultiMap, serviceRoleMap, serviceRoleList, previlegeObj); + } else { + resMap.put("isAuthenticated", false); + } + + JSONObject responseObj = new JSONObject(resMap.toString()); + JSONArray previlageObjs = new JSONArray(); + Iterator services = previlegeObj.keys(); + while (services.hasNext()) { + String service = (String) services.next(); + previlageObjs.put(previlegeObj.getJSONObject(service)); + } + responseObj.put("previlegeObj", previlageObjs); + + return iemrAdminUserServiceImpl.generateKeyAndValidateIP(responseObj, remoteAddress, remoteHost); + } + } diff --git a/src/main/java/com/iemr/common/utils/JwtUtil.java b/src/main/java/com/iemr/common/utils/JwtUtil.java index c0241954..56e49549 100644 --- a/src/main/java/com/iemr/common/utils/JwtUtil.java +++ b/src/main/java/com/iemr/common/utils/JwtUtil.java @@ -90,6 +90,10 @@ public long getRefreshTokenExpiration() { return REFRESH_EXPIRATION_TIME; } + public String getUserIdFromToken(String token) { + return getAllClaimsFromToken(token).get("userId", String.class); + } + // Additional helper methods public String getJtiFromToken(String token) { return getAllClaimsFromToken(token).getId(); From 265e911f47eaccf887ffce7105c96443d6ac3708 Mon Sep 17 00:00:00 2001 From: Ravi Shanigarapu Date: Fri, 23 May 2025 16:52:48 +0530 Subject: [PATCH 2/5] Null condition added and previliges added --- .../controller/users/IEMRAdminController.java | 56 ++++++++++--------- .../service/users/IEMRAdminUserService.java | 3 + .../users/IEMRAdminUserServiceImpl.java | 2 +- 3 files changed, 34 insertions(+), 27 deletions(-) diff --git a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java index d0810681..de8e2c40 100644 --- a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java +++ b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java @@ -354,32 +354,35 @@ private void createUserMapping(User mUser, JSONObject resMap, JSONObject service if (mUser.getDesignation() != null) { resMap.put("designation", new JSONObject(mUser.getDesignation().toString())); } - for (UserServiceRoleMapping m_UserServiceRoleMapping : mUser.getM_UserServiceRoleMapping()) { - serviceRoleMultiMap.put( - m_UserServiceRoleMapping.getM_ProviderServiceMapping().getM_ServiceMaster().getServiceName(), - m_UserServiceRoleMapping.getM_Role().getRoleName()); - String serv = m_UserServiceRoleMapping.getM_ProviderServiceMapping().getM_ServiceMaster().getServiceName(); - if (!previlegeObj.has(serv)) { - previlegeObj.put(serv, new JSONObject( - m_UserServiceRoleMapping.getM_ProviderServiceMapping().getM_ServiceMaster().toString())); - previlegeObj.getJSONObject(serv).put("serviceName", serv); - previlegeObj.getJSONObject(serv).put("serviceID", - m_UserServiceRoleMapping.getM_ProviderServiceMapping().getProviderServiceMapID()); - previlegeObj.getJSONObject(serv).put("providerServiceMapID", - m_UserServiceRoleMapping.getM_ProviderServiceMapping().getProviderServiceMapID()); - previlegeObj.getJSONObject(serv).put("apimanClientKey", - m_UserServiceRoleMapping.getM_ProviderServiceMapping().getAPIMANClientKey()); - previlegeObj.getJSONObject(serv).put("roles", new JSONArray()); - previlegeObj.getJSONObject(serv).put("stateID", - m_UserServiceRoleMapping.getM_ProviderServiceMapping().getStateID()); - previlegeObj.getJSONObject(serv).put("agentID", m_UserServiceRoleMapping.getAgentID()); - previlegeObj.getJSONObject(serv).put("agentPassword", m_UserServiceRoleMapping.getAgentPassword()); - } - JSONArray roles = previlegeObj.getJSONObject(serv).getJSONArray("roles"); + if (null != mUser.getM_UserServiceRoleMapping()) { + for (UserServiceRoleMapping m_UserServiceRoleMapping : mUser.getM_UserServiceRoleMapping()) { + serviceRoleMultiMap.put( + m_UserServiceRoleMapping.getM_ProviderServiceMapping().getM_ServiceMaster().getServiceName(), + m_UserServiceRoleMapping.getM_Role().getRoleName()); + String serv = m_UserServiceRoleMapping.getM_ProviderServiceMapping().getM_ServiceMaster() + .getServiceName(); + if (!previlegeObj.has(serv)) { + previlegeObj.put(serv, new JSONObject( + m_UserServiceRoleMapping.getM_ProviderServiceMapping().getM_ServiceMaster().toString())); + previlegeObj.getJSONObject(serv).put("serviceName", serv); + previlegeObj.getJSONObject(serv).put("serviceID", + m_UserServiceRoleMapping.getM_ProviderServiceMapping().getProviderServiceMapID()); + previlegeObj.getJSONObject(serv).put("providerServiceMapID", + m_UserServiceRoleMapping.getM_ProviderServiceMapping().getProviderServiceMapID()); + previlegeObj.getJSONObject(serv).put("apimanClientKey", + m_UserServiceRoleMapping.getM_ProviderServiceMapping().getAPIMANClientKey()); + previlegeObj.getJSONObject(serv).put("roles", new JSONArray()); + previlegeObj.getJSONObject(serv).put("stateID", + m_UserServiceRoleMapping.getM_ProviderServiceMapping().getStateID()); + previlegeObj.getJSONObject(serv).put("agentID", m_UserServiceRoleMapping.getAgentID()); + previlegeObj.getJSONObject(serv).put("agentPassword", m_UserServiceRoleMapping.getAgentPassword()); + } + JSONArray roles = previlegeObj.getJSONObject(serv).getJSONArray("roles"); // roles.put(new JSONObject(m_UserServiceRoleMapping.getM_Role().toString())); - JSONObject roleObject = new JSONObject(m_UserServiceRoleMapping.getM_Role().toString()); - roleObject.put("isSanjeevani", m_UserServiceRoleMapping.getIsSanjeevani()); - roles.put(roleObject); + JSONObject roleObject = new JSONObject(m_UserServiceRoleMapping.getM_Role().toString()); + roleObject.put("isSanjeevani", m_UserServiceRoleMapping.getIsSanjeevani()); + roles.put(roleObject); + } } Iterator keySet = serviceRoleMultiMap.keys(); while (keySet.hasNext()) { @@ -486,7 +489,7 @@ public String getLoginResponse(HttpServletRequest request) { OutputResponse response = new OutputResponse(); try { String authHeader = request.getHeader("Authorization"); - if (authHeader == null) { + if (authHeader.isEmpty()) { // Try JWT token from header first String jwtToken = request.getHeader("Jwttoken"); @@ -1109,6 +1112,7 @@ private JSONObject prepareAuthenticationResponse(User mUser, String remoteAddres JSONObject previlegeObj = new JSONObject(); if (mUser != null) { + mUser.setM_UserServiceRoleMapping(iemrAdminUserServiceImpl.getUserServiceRoleMapping(mUser.getUserID())); createUserMapping(mUser, resMap, serviceRoleMultiMap, serviceRoleMap, serviceRoleList, previlegeObj); } else { resMap.put("isAuthenticated", false); diff --git a/src/main/java/com/iemr/common/service/users/IEMRAdminUserService.java b/src/main/java/com/iemr/common/service/users/IEMRAdminUserService.java index 3f1d8068..89e238c0 100644 --- a/src/main/java/com/iemr/common/service/users/IEMRAdminUserService.java +++ b/src/main/java/com/iemr/common/service/users/IEMRAdminUserService.java @@ -36,6 +36,7 @@ import com.iemr.common.data.users.M_Role; import com.iemr.common.data.users.User; import com.iemr.common.data.users.UserSecurityQMapping; +import com.iemr.common.data.users.UserServiceRoleMapping; import com.iemr.common.data.users.ServiceRoleScreenMapping; import com.iemr.common.model.user.ForceLogoutRequestModel; import com.iemr.common.model.user.LoginRequestModel; @@ -118,6 +119,8 @@ public List getUserServiceRoleMappingForProvider(Integ User getUserById(Long userId) throws IEMRException; + List getUserServiceRoleMapping(Long userID) throws IEMRException; + } diff --git a/src/main/java/com/iemr/common/service/users/IEMRAdminUserServiceImpl.java b/src/main/java/com/iemr/common/service/users/IEMRAdminUserServiceImpl.java index a9a7858d..9a46eaef 100644 --- a/src/main/java/com/iemr/common/service/users/IEMRAdminUserServiceImpl.java +++ b/src/main/java/com/iemr/common/service/users/IEMRAdminUserServiceImpl.java @@ -659,7 +659,7 @@ public ArrayList getAllLoginSecurityQuestions() { return result; } - private List getUserServiceRoleMapping(Long userID) throws IEMRException { + public List getUserServiceRoleMapping(Long userID) throws IEMRException { List userServiceRoleMappings = new ArrayList(); Set resultSet = userRoleMappingRepository.getUserRoleMappingForUser(userID); if (resultSet.size() == 0) { From 268fd39e99093adb1fbca806ab35ccd5de26b5d3 Mon Sep 17 00:00:00 2001 From: Mithun James <1007084+drtechie@users.noreply.github.com> Date: Fri, 23 May 2025 17:34:45 +0530 Subject: [PATCH 3/5] fix: remove comment --- .../com/iemr/common/controller/users/IEMRAdminController.java | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java index de8e2c40..eeb005ce 100644 --- a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java +++ b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java @@ -209,8 +209,6 @@ public String userAuthenticate( responseObj.put("refreshToken", refreshToken); } - // responseObj ==> helper - response.setResponse(responseObj.toString()); } catch (Exception e) { logger.error("userAuthenticate failed with error " + e.getMessage(), e); From 077cb1c8ccc8c3ff3b8a7d28aa46d4a438aad90a Mon Sep 17 00:00:00 2001 From: Mithun James <1007084+drtechie@users.noreply.github.com> Date: Fri, 23 May 2025 17:41:22 +0530 Subject: [PATCH 4/5] fix: cookie name and case --- .../com/iemr/common/controller/users/IEMRAdminController.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java index eeb005ce..8a1cca17 100644 --- a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java +++ b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java @@ -1091,7 +1091,7 @@ public ResponseEntity getJwtTokenFromCookie(HttpServletRequest httpReque if (cookies != null) { for (Cookie cookie : cookies) { - if ("jwtToken".equals(cookie.getName())) { + if ("Jwttoken".equals(cookie.getName())) { String jwtToken = cookie.getValue(); // Return the JWT token in the response return ResponseEntity.ok(jwtToken); From 6fc56fae15fa7fb1258862ab3f97b6e6a863258e Mon Sep 17 00:00:00 2001 From: Ravi Shanigarapu Date: Fri, 23 May 2025 18:08:28 +0530 Subject: [PATCH 5/5] Equalignorecase added --- .../com/iemr/common/controller/users/IEMRAdminController.java | 2 +- src/main/java/com/iemr/common/utils/CookieUtil.java | 2 +- .../java/com/iemr/common/utils/JwtUserIdValidationFilter.java | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java index de8e2c40..a8f343d5 100644 --- a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java +++ b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java @@ -1093,7 +1093,7 @@ public ResponseEntity getJwtTokenFromCookie(HttpServletRequest httpReque if (cookies != null) { for (Cookie cookie : cookies) { - if ("jwtToken".equals(cookie.getName())) { + if ("Jwttoken".equalsIgnoreCase(cookie.getName())) { String jwtToken = cookie.getValue(); // Return the JWT token in the response return ResponseEntity.ok(jwtToken); diff --git a/src/main/java/com/iemr/common/utils/CookieUtil.java b/src/main/java/com/iemr/common/utils/CookieUtil.java index 85abf4e9..12da4137 100644 --- a/src/main/java/com/iemr/common/utils/CookieUtil.java +++ b/src/main/java/com/iemr/common/utils/CookieUtil.java @@ -69,7 +69,7 @@ public static String getJwtTokenFromCookie(HttpServletRequest request) { if (request.getCookies() == null) { return null; // If cookies are null, return null safely. } - return Arrays.stream(request.getCookies()).filter(cookie -> "Jwttoken".equals(cookie.getName())) + return Arrays.stream(request.getCookies()).filter(cookie -> "Jwttoken".equalsIgnoreCase(cookie.getName())) .map(Cookie::getValue).findFirst().orElse(null); } } diff --git a/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java b/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java index 2dff1792..6bbf29bb 100644 --- a/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java +++ b/src/main/java/com/iemr/common/utils/JwtUserIdValidationFilter.java @@ -41,7 +41,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo Cookie[] cookies = request.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { - if ("userId".equals(cookie.getName())) { + if ("userId".equalsIgnoreCase(cookie.getName())) { logger.warn("userId found in cookies! Clearing it..."); clearUserIdCookie(response); // Explicitly remove userId cookie } @@ -133,7 +133,7 @@ private String getJwtTokenFromCookies(HttpServletRequest request) { Cookie[] cookies = request.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { - if (cookie.getName().equals("Jwttoken")) { + if (cookie.getName().equalsIgnoreCase("Jwttoken")) { return cookie.getValue(); } }