diff --git a/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/CallbackController.java b/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/CallbackController.java index 5f0e26c..b4a6e02 100644 --- a/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/CallbackController.java +++ b/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/CallbackController.java @@ -30,6 +30,7 @@ import javax.validation.Valid; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import org.springframework.http.CacheControl; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; @@ -77,9 +78,13 @@ public ResponseEntity callback( if (tokenContent.containsKey("sub") && tokenContent.get("sub") instanceof String) { this.backendService.saveResult(subject, request); - return ResponseEntity.ok().build(); + return ResponseEntity.ok() + .cacheControl(CacheControl.noCache()) + .build(); } } - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build(); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED) + .cacheControl(CacheControl.noCache()) + .build(); } } diff --git a/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/DccTokenController.java b/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/DccTokenController.java index 70218dd..4c2931c 100644 --- a/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/DccTokenController.java +++ b/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/DccTokenController.java @@ -31,6 +31,7 @@ import javax.validation.Valid; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import org.springframework.http.CacheControl; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; @@ -84,9 +85,14 @@ public ResponseEntity token( final HttpHeaders headers = new HttpHeaders(); headers.set("X-Nonce", accessTockenPayload.getNonce()); - return ResponseEntity.ok().headers(headers).body(accessToken); + return ResponseEntity.ok() + .headers(headers) + .cacheControl(CacheControl.noCache()) + .body(accessToken); } } - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build(); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED) + .cacheControl(CacheControl.noCache()) + .build(); } } diff --git a/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/IdentityController.java b/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/IdentityController.java index 46ddd66..5caa92b 100644 --- a/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/IdentityController.java +++ b/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/IdentityController.java @@ -27,7 +27,9 @@ import io.swagger.v3.oas.annotations.responses.ApiResponses; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import org.springframework.http.CacheControl; import org.springframework.http.MediaType; +import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RestController; @@ -37,11 +39,11 @@ @RequiredArgsConstructor public class IdentityController { - public static final String PATH_ALL = "/identity"; - - private static final String PATH_ELEMENT = "/identity/{element}"; - - private static final String PATH_ELEMENT_TYPE = "/identity/{element}/{type}"; + static final String PATH_ALL = "/identity"; + + static final String PATH_ELEMENT = "/identity/{element}"; + + static final String PATH_ELEMENT_TYPE = "/identity/{element}/{type}"; private final IdentityService identityService; @@ -61,12 +63,14 @@ public class IdentityController { @ApiResponse(responseCode = "404", description = "Not Found"), @ApiResponse(responseCode = "500", description = "Internal Server Error"), }) - @GetMapping(value = {PATH_ALL, PATH_ELEMENT, PATH_ELEMENT_TYPE}, produces = MediaType.APPLICATION_JSON_VALUE) - public IdentityResponse identity( + @GetMapping(value = { PATH_ALL, PATH_ELEMENT, PATH_ELEMENT_TYPE }, produces = MediaType.APPLICATION_JSON_VALUE) + public ResponseEntity identity( @PathVariable(name = "element", required = false) final String element, @PathVariable(name = "type", required = false) final String type) { log.debug("Incoming GET request to '{}' with element '{}' and type '{}'", PATH_ELEMENT_TYPE, element, type); - return identityService.getIdentity(element, type); + return ResponseEntity.ok() + .cacheControl(CacheControl.noCache()) + .body(identityService.getIdentity(element, type)); } } diff --git a/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/InitializeController.java b/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/InitializeController.java index 1a99461..c84e96c 100644 --- a/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/InitializeController.java +++ b/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/InitializeController.java @@ -27,7 +27,9 @@ import io.swagger.v3.oas.annotations.responses.ApiResponses; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import org.springframework.http.CacheControl; import org.springframework.http.MediaType; +import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RestController; @@ -38,7 +40,7 @@ public class InitializeController { private static final String PATH = "/initialize/{subject}"; - + private final InitializeService initializeService; /** @@ -57,9 +59,12 @@ public class InitializeController { @ApiResponse(responseCode = "500", description = "Internal Server Error"), }) @GetMapping(value = PATH, produces = MediaType.APPLICATION_JSON_VALUE) - public QrCodeDto initialize(@PathVariable(value = "subject", required = true) final String subject) { + public ResponseEntity initialize( + @PathVariable(value = "subject", required = true) final String subject) { log.debug("Incoming GET request to '{}' with subject '{}'", PATH, subject); - - return initializeService.getBySubject(subject); + + return ResponseEntity.ok() + .cacheControl(CacheControl.noCache()) + .body(initializeService.getBySubject(subject)); } } diff --git a/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/RejectController.java b/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/RejectController.java index d0f7ae2..5f67d0b 100644 --- a/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/RejectController.java +++ b/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/RejectController.java @@ -26,6 +26,7 @@ import io.swagger.v3.oas.annotations.responses.ApiResponses; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import org.springframework.http.CacheControl; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; @@ -58,8 +59,12 @@ public ResponseEntity reject(@RequestHeader("Authorization") final String token) log.debug("Incoming GET request to '{}' with token '{}'", PATH, token); if (accessTokenService.isValid(token)) { - return ResponseEntity.ok().build(); + return ResponseEntity.ok() + .cacheControl(CacheControl.noCache()) + .build(); } - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build(); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED) + .cacheControl(CacheControl.noCache()) + .build(); } } diff --git a/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/ValidationStatusController.java b/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/ValidationStatusController.java index c404ff2..49f478a 100644 --- a/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/ValidationStatusController.java +++ b/src/main/java/eu/europa/ec/dgc/validation/decorator/controller/ValidationStatusController.java @@ -30,6 +30,7 @@ import java.util.Map; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import org.springframework.http.CacheControl; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; @@ -73,11 +74,17 @@ public ResponseEntity status(@RequestHeader("Authorization") final final String subject = (String) tokenContent.get("sub"); final ValidationServiceStatusResponse status = this.validationStatusService.determineStatus(subject); if (status.getResultToken() != null) { - return ResponseEntity.status(status.getHttpStatusCode()).body(status.getResultToken()); + return ResponseEntity.status(status.getHttpStatusCode()) + .cacheControl(CacheControl.noCache()) + .body(status.getResultToken()); } - return ResponseEntity.status(status.getHttpStatusCode()).build(); + return ResponseEntity.status(status.getHttpStatusCode()) + .cacheControl(CacheControl.noCache()) + .build(); } } - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build(); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED) + .cacheControl(CacheControl.noCache()) + .build(); } }