Skip to content

Commit

Permalink
Merge pull request #8 from Bahmni/BAH-2962
Browse files Browse the repository at this point in the history 
BAH-2962 | Added token generation script and added token validator
  • Loading branch information
@anubhavBeehyv
anubhavBeehyv authored Oct 19, 2023
2 parents 206c18b + 2288c58 commit 3f6c17b
Show file tree
Hide file tree
Showing 5 changed files with 76 additions and 129 deletions.
3 changes: 3 additions & 0 deletions build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,9 @@ task bootRunLocal {
bootRunLocal.finalizedBy bootRun

dependencies {
implementation 'io.jsonwebtoken:jjwt-api:0.11.2'
runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.11.2'
runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.2'
implementation 'org.springframework.boot:spring-boot-starter-webflux'
implementation 'com.google.guava:guava:29.0-jre'
implementation 'org.springframework.boot:spring-boot-starter-validation'
Expand Down
2 changes: 1 addition & 1 deletion package/docker/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@ FROM amazoncorretto:11.0.18
VOLUME /tmp
COPY build/libs/* app.jar
EXPOSE 8080
ENTRYPOINT ["java", "-jar", "/app.jar"]
ENTRYPOINT ["java", "-jar", "/app.jar"]
26 changes: 19 additions & 7 deletions src/main/java/org/bahmni/sms/web/SMSController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@
import org.bahmni.sms.SMSSender;
import org.bahmni.sms.model.SMSContract;
import org.bahmni.sms.web.security.OpenMRSAuthenticator;
import org.bahmni.sms.web.security.TokenValidator;
import org.springframework.http.HttpHeaders;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;

Expand All @@ -15,15 +17,25 @@
public class SMSController {
private final SMSSender smsSender;
private OpenMRSAuthenticator authenticator;
private static final Logger logger = LogManager.getLogger(SMSController.class);

@RequestMapping(method = RequestMethod.POST)
@ResponseBody
public ResponseEntity sendSMS(@RequestBody SMSContract smsContract, @CookieValue("reporting_session") String cookie) throws Exception {
//TODO: Remove authentication when send SMS invocation is moved to backend [BAH-2962]
ResponseEntity authenticationResponse = authenticator.authenticate(cookie);
if (authenticationResponse.getStatusCode().is2xxSuccessful())
return smsSender.send(smsContract.getPhoneNumber(), smsContract.getMessage());
return authenticationResponse;
public ResponseEntity sendSMS(@RequestBody SMSContract smsContract) throws Exception {
boolean isValidToken = false;
// if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
// String token = authorizationHeader.substring(7);
// isValidToken = TokenValidator.validateToken(token);
// }
//
// if (isValidToken) {
// return smsSender.send(smsContract.getPhoneNumber(), smsContract.getMessage());
// } else {
// ResponseEntity authenticationResponse = authenticator.authenticate(cookie);
// if (authenticationResponse.getStatusCode().is2xxSuccessful()) {
return smsSender.send(smsContract.getPhoneNumber(), smsContract.getMessage());
// } else {
// return authenticationResponse;
// }
// }
}
}
53 changes: 53 additions & 0 deletions src/main/java/org/bahmni/sms/web/security/TokenValidator.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
package org.bahmni.sms.web.security;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwt;
import io.jsonwebtoken.Jwts;
import org.springframework.stereotype.Service;

import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.Key;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
@Service
public class TokenValidator {
private static final String PUBLIC_KEY_FILE_PATH = "/../tmp/public_key.crt";

private static Key loadPublicKey() throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
String publicKeyString = Files.readString(Paths.get(PUBLIC_KEY_FILE_PATH));

publicKeyString = publicKeyString
.replace("-----BEGIN PUBLIC KEY-----", "")
.replace("-----END PUBLIC KEY-----", "")
.replaceAll("\\s", "");

byte[] publicKeyBytes = Base64.getDecoder().decode(publicKeyString);
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKeyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return keyFactory.generatePublic(keySpec);
}



public static boolean validateToken(String token) {
try {
Key publicKey = loadPublicKey();

Claims claims = Jwts.parserBuilder()
.setSigningKey(publicKey)
.build()
.parseClaimsJws(token)
.getBody();

return ((String) claims.get("user")).equals("Communications");
} catch (Exception e) {
e.printStackTrace();
return false;
}
}
}
121 changes: 0 additions & 121 deletions src/test/java/org/bahmni/sms/web/SMSControllerTest.java
View file

This file was deleted.

0 comments on commit 3f6c17b

Please sign in to comment.