jwt api implementation

pom.xml

@@ -49,10 +49,10 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter</artifactId>
 		</dependency>
-		<dependency> 
-			<groupId>co.elastic.logging</groupId> 
-			<artifactId>logback-ecs-encoder</artifactId> 
-			<version>1.3.2</version> 
+		<dependency>
+			<groupId>co.elastic.logging</groupId>
+			<artifactId>logback-ecs-encoder</artifactId>
+			<version>1.3.2</version>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
@@ -125,8 +125,7 @@
 			<version>1.5.5.Final</version>
 		</dependency>
 
-		<!--
-		https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-data-jpa -->
+		<!-- https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-data-jpa -->
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-data-jpa</artifactId>
@@ -197,14 +196,12 @@
 			<artifactId>spring-boot-starter-mail</artifactId>
 		</dependency>
 
-		<!--
-		https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-data-redis -->
+		<!-- https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-data-redis -->
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-data-redis</artifactId>
 		</dependency>
-		<!--
-		https://mvnrepository.com/artifact/org.springframework.session/spring-session-data-redis -->
+		<!-- https://mvnrepository.com/artifact/org.springframework.session/spring-session-data-redis -->
 		<dependency>
 			<groupId>org.springframework.session</groupId>
 			<artifactId>spring-session-data-redis</artifactId>
@@ -225,24 +222,21 @@
 			<version>7.0.0</version>
 		</dependency>
 
-		<!--
-		https://mvnrepository.com/artifact/ca.uhn.hapi.fhir/hapi-fhir-structures-r4 -->
+		<!-- https://mvnrepository.com/artifact/ca.uhn.hapi.fhir/hapi-fhir-structures-r4 -->
 		<dependency>
 			<groupId>ca.uhn.hapi.fhir</groupId>
 			<artifactId>hapi-fhir-structures-r4</artifactId>
 			<version>7.0.0</version>
 		</dependency>
 
-		<!--
-		https://mvnrepository.com/artifact/ca.uhn.hapi.fhir/hapi-fhir-server -->
+		<!-- https://mvnrepository.com/artifact/ca.uhn.hapi.fhir/hapi-fhir-server -->
 		<dependency>
 			<groupId>ca.uhn.hapi.fhir</groupId>
 			<artifactId>hapi-fhir-server</artifactId>
 			<version>7.0.0</version>
 		</dependency>
 
-		<!--
-		https://mvnrepository.com/artifact/ca.uhn.hapi.fhir/hapi-fhir-validation -->
+		<!-- https://mvnrepository.com/artifact/ca.uhn.hapi.fhir/hapi-fhir-validation -->
 		<dependency>
 			<groupId>ca.uhn.hapi.fhir</groupId>
 			<artifactId>hapi-fhir-validation</artifactId>
@@ -255,8 +249,7 @@
 			</exclusions>
 		</dependency>
 
-		<!--
-		https://mvnrepository.com/artifact/ca.uhn.hapi.fhir/hapi-fhir-validation-resources-r4 -->
+		<!-- https://mvnrepository.com/artifact/ca.uhn.hapi.fhir/hapi-fhir-validation-resources-r4 -->
 		<dependency>
 			<groupId>ca.uhn.hapi.fhir</groupId>
 			<artifactId>hapi-fhir-validation-resources-r4</artifactId>
@@ -273,11 +266,31 @@
 			<artifactId>jacoco-maven-plugin</artifactId>
 			<version>0.8.11</version>
 		</dependency>
-	<dependency>
+		<dependency>
 			<groupId>org.springframework</groupId>
 			<artifactId>spring-web</artifactId>
 			<version>6.1.12</version>
 		</dependency>
+		<!-- https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt-api -->
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-api</artifactId>
+			<version>0.12.6</version>
+		</dependency>
+		<!-- https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt-impl -->
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-impl</artifactId>
+			<version>0.12.6</version>
+			<scope>runtime</scope>
+		</dependency>
+		<!-- https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt-jackson -->
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-jackson</artifactId>
+			<version>0.12.6</version>
+			<scope>runtime</scope>
+		</dependency>
 	</dependencies>
 
 
@@ -370,8 +383,7 @@
 									${target-properties} and
 									${source-properties}
 								</echo>
-								<concat destfile="${target-properties}"
-									append="yes"
+								<concat destfile="${target-properties}" append="yes"
 									force="yes">
 									<fileset file="${source-properties}">
 									</fileset>

src/main/environment/common_ci.properties

@@ -86,6 +86,7 @@ prescription=TMPrescription SMS
 
 ### Redis IP
 spring.redis.host=localhost
+jwt.secret=@JWT_SECRET_KEY@
 
 
 

src/main/environment/common_dev.properties

@@ -86,6 +86,7 @@ prescription=TMPrescription SMS
 
 ### Redis IP
 spring.redis.host=localhost
+jwt.secret=@JWT_SECRET_KEY@
 
 
 

src/main/environment/common_example.properties

@@ -86,6 +86,7 @@ prescription=TMPrescription SMS
 
 ### Redis IP
 spring.redis.host=localhost
+jwt.secret=@JWT_SECRET_KEY@
 
 
 

src/main/environment/common_prod.properties

@@ -88,6 +88,7 @@ prescription=TMPrescription SMS
 
 ### Redis IP
 spring.redis.host=localhost
+jwt.secret=@JWT_SECRET_KEY@
 
 
 

src/main/environment/common_test.properties

@@ -90,6 +90,7 @@ prescription=TMPrescription SMS
 
 ### Redis IP
 spring.redis.host=localhost
+jwt.secret=@JWT_SECRET_KEY@
 
 
 

src/main/environment/common_uat.properties

@@ -90,6 +90,7 @@ prescription=TMPrescription SMS
 
 ### Redis IP
 spring.redis.host=localhost
+jwt.secret=@JWT_SECRET_KEY@
 
 
 

src/main/java/com/iemr/hwc/utils/CookieUtil.java

@@ -0,0 +1,41 @@
+package com.iemr.hwc.utils;
+
+import java.util.Arrays;
+import java.util.Optional;
+
+import org.springframework.stereotype.Service;
+
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+@Service
+public class CookieUtil {
+
+	public Optional<String> getCookieValue(HttpServletRequest request, String cookieName) {
+		Cookie[] cookies = request.getCookies();
+		if (cookies != null) {
+			for (Cookie cookie : cookies) {
+				if (cookieName.equals(cookie.getName())) {
+					return Optional.of(cookie.getValue());
+				}
+			}
+		}
+		return Optional.empty();
+	}
+
+	public void addJwtTokenToCookie(String Jwttoken, HttpServletResponse response) {
+		// Create a new cookie with the JWT token
+		Cookie cookie = new Cookie("Jwttoken", Jwttoken);
+		cookie.setHttpOnly(true); // Prevent JavaScript access for security
+		cookie.setSecure(true); // Ensure the cookie is sent only over HTTPS
+		cookie.setMaxAge(60 * 60 * 24); // 1 day expiration time
+		cookie.setPath("/"); // Make the cookie available for the entire application
+		response.addCookie(cookie); // Add the cookie to the response
+	}
+
+	public String getJwtTokenFromCookie(HttpServletRequest request) {
+		return Arrays.stream(request.getCookies()).filter(cookie -> "Jwttoken".equals(cookie.getName()))
+				.map(Cookie::getValue).findFirst().orElse(null);
+	}
+}

src/main/java/com/iemr/hwc/utils/JwtAuthenticationUtil.java

@@ -0,0 +1,91 @@
+package com.iemr.hwc.utils;
+
+import java.util.Optional;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Component;
+
+import com.iemr.hwc.data.login.Users;
+import com.iemr.hwc.repo.login.UserLoginRepo;
+import com.iemr.hwc.utils.exception.IEMRException;
+
+import io.jsonwebtoken.Claims;
+import jakarta.servlet.http.HttpServletRequest;
+
+@Component
+public class JwtAuthenticationUtil {
+
+	@Autowired
+	private CookieUtil cookieUtil;
+	@Autowired
+	private JwtUtil jwtUtil;
+	@Autowired
+	private UserLoginRepo userLoginRepo;
+	private final Logger logger = LoggerFactory.getLogger(this.getClass().getName());
+
+	public JwtAuthenticationUtil(CookieUtil cookieUtil, JwtUtil jwtUtil) {
+		this.cookieUtil = cookieUtil;
+		this.jwtUtil = jwtUtil;
+	}
+
+	public ResponseEntity<String> validateJwtToken(HttpServletRequest request) {
+		Optional<String> jwtTokenOpt = cookieUtil.getCookieValue(request, "Jwttoken");
+
+		if (jwtTokenOpt.isEmpty()) {
+			return ResponseEntity.status(HttpStatus.UNAUTHORIZED)
+					.body("Error 401: Unauthorized - JWT Token is not set!");
+		}
+
+		String jwtToken = jwtTokenOpt.get();
+
+		// Validate the token
+		Claims claims = jwtUtil.validateToken(jwtToken);
+		if (claims == null) {
+			return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Error 401: Unauthorized - Invalid JWT Token!");
+		}
+
+		// Extract username from token
+		String usernameFromToken = claims.getSubject();
+		if (usernameFromToken == null || usernameFromToken.isEmpty()) {
+			return ResponseEntity.status(HttpStatus.UNAUTHORIZED)
+					.body("Error 401: Unauthorized - Username is missing!");
+		}
+
+		// Return the username if valid
+		return ResponseEntity.ok(usernameFromToken);
+	}
+
+	public boolean validateUserIdAndJwtToken(String jwtToken) throws IEMRException {
+		try {
+			// Validate JWT token and extract claims
+			Claims claims = jwtUtil.validateToken(jwtToken);
+
+			if (claims == null) {
+				throw new IEMRException("Invalid JWT token.");
+			}
+
+			String userId = claims.get("userId", String.class);
+			String tokenUsername = jwtUtil.extractUsername(jwtToken);
+
+			// Fetch user based on userId from the database or cache
+			Users user = userLoginRepo.getUserByUserID(Long.parseLong(userId));
+			if (user == null) {
+				throw new IEMRException("Invalid User ID.");
+			}
+
+			// Check if the token's username matches the user retrieved by userId
+			if (!user.getUserName().equalsIgnoreCase(tokenUsername)) {
+				throw new IEMRException("JWT token and User ID mismatch.");
+			}
+
+			return true; // Valid userId and JWT token
+		} catch (Exception e) {
+			logger.error("Validation failed: " + e.getMessage(), e);
+			throw new IEMRException("Validation error: " + e.getMessage(), e);
+		}
+	}
+}