CORS Configuration for ECD API Services

src/main/environment/ecd_ci.properties

@@ -29,4 +29,7 @@ logging.file.name=@env.ECD_API_LOGGING_FILE_NAME@
 springdoc.api-docs.enabled=@env.SWAGGER_DOC_ENABLED@
 springdoc.swagger-ui.enabled=@env.SWAGGER_DOC_ENABLED@
 
-spring.redis.host=@env.REDIS_HOST@
+spring.redis.host=@env.REDIS_HOST@
+
+cors.allowed-origins=@env.CORS_ALLOWED_ORIGINS@
+

src/main/environment/ecd_example.properties

@@ -23,4 +23,6 @@ springdoc.swagger-ui.enabled=true
 jwt.secret=my-32-character-ultra-secure-and-ultra-long-secret
 #If both properties are set, only logging.file.name takes effect.
 logging.path=logs/
-logging.file.name=logs/ecd-api.log
+logging.file.name=logs/ecd-api.log
+
+cors.allowed-origins=http://localhost:*

src/main/java/com/iemr/ecd/config/WebConfiguration.java

@@ -24,13 +24,33 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import java.util.Arrays;
+import org.springframework.beans.factory.annotation.Value;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 @Configuration
 public class WebConfiguration implements WebMvcConfigurer {
 
+	private static final Logger logger = LoggerFactory.getLogger(WebConfiguration.class);
+
+	@Value("${cors.allowed-origins}")
+	private String allowedOrigins;
+
 	@Override
 	public void addCorsMappings(CorsRegistry registry) {
-		registry.addMapping("/**").allowedMethods("*");
-	}
+		String[] originPatterns = Arrays.stream(allowedOrigins.split(","))
+				.map(String::trim)
+				.toArray(String[]::new);
 
+		logger.info("Initializing CORS configuration with allowed origins: {}", Arrays.toString(originPatterns));
+
+		registry.addMapping("/**")
+				.allowedOriginPatterns(originPatterns)
+				.allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
+				.allowedHeaders("*")
+				.exposedHeaders("Authorization", "Jwttoken")
+				.allowCredentials(true)
+				.maxAge(3600);
+	}
 }

src/main/java/com/iemr/ecd/controller/associate/AutoPreviewDialingController.java

@@ -27,7 +27,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.CrossOrigin;
+
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -47,7 +47,6 @@
 
 @RestController
 @RequestMapping(value = "/autoPreviewDialing", headers = "Authorization")
-@CrossOrigin()
 public class AutoPreviewDialingController {
 
 	@Autowired

src/main/java/com/iemr/ecd/controller/associate/BeneficiaryCallHistoryController.java

@@ -25,7 +25,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.CrossOrigin;
+
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -46,7 +46,6 @@
 
 @RestController
 @RequestMapping(value = "/callHistory", headers = "Authorization")
-@CrossOrigin()
 public class BeneficiaryCallHistoryController {
 	@Autowired
 	private BeneficiaryCallHistoryImpl beneficiaryCallHistoryImpl;

src/main/java/com/iemr/ecd/controller/associate/BeneficiaryRegistrationController.java

@@ -25,7 +25,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.CrossOrigin;
+
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestHeader;
@@ -43,14 +43,12 @@
 
 @RestController
 @RequestMapping(value = "/beneficary", headers = "Authorization")
-@CrossOrigin()
 
 public class BeneficiaryRegistrationController {
 
 	@Autowired
 	private BeneficiaryRegistrationServiceImpl beneficiaryRegistrationServiceImpl;
 
-	@CrossOrigin()
 	@PostMapping(value = "/registration", produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE)
 	@Operation(summary = "Create beneficiary registration", description = "Desc - Create Beneficiary registration")
 	@ApiResponses(value = {
@@ -67,7 +65,6 @@ public ResponseEntity<Object> beneficiaryRegistration(@RequestBody RequestBenefi
 				HttpStatus.OK);
 	}
 
-	@CrossOrigin()
 	@PostMapping(value = "/updateBeneficiaryDetails", produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE)
 	@Operation(summary = "Update beneficiary details", description = "Desc - Update Beneficiary details")
 	@ApiResponses(value = {

src/main/java/com/iemr/ecd/controller/associate/CallClosureController.java

@@ -25,7 +25,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.CrossOrigin;
+
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -42,12 +42,10 @@
 
 @RestController
 @RequestMapping(value = "/closure", headers = "Authorization")
-@CrossOrigin()
 public class CallClosureController {
 	@Autowired
 	private CallClosureImpl callClosureImpl;
 
-	@CrossOrigin()
 	@PostMapping(value = "/closeCall", produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE)
 	@Operation(summary = "Call closure", description = "Desc - Call closure")
 	@ApiResponses(value = {

src/main/java/com/iemr/ecd/controller/callallocation/CallAllocationController.java

@@ -27,7 +27,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.CrossOrigin;
+
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -50,7 +50,6 @@
 
 @RestController
 @RequestMapping(value = "/callAllocation", headers = "Authorization")
-@CrossOrigin()
 public class CallAllocationController {
 
 	@Autowired
@@ -127,7 +126,7 @@ public ResponseEntity<Object> reAllocateCalls(@RequestBody RequestCallAllocation
 	public ResponseEntity<String> updateAlerts(@RequestBody RequestCallAllocationDTO callAllocationDto) {
 		return new ResponseEntity<>(callAllocationImpl.moveAllocatedCallsToBin(callAllocationDto), HttpStatus.OK);
 	}
-	
+
 	@PostMapping(value = "/insertRecordsInOutboundCalls", produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE)
 	@Operation(summary = "Insert Records In OutboundCalls", description = "Desc - Insert Records In OutboundCalls")
 	@ApiResponses(value = {
@@ -141,7 +140,7 @@ public ResponseEntity<String> insertRecordsInOutboundCalls(@RequestBody Outbound
 		return new ResponseEntity<>(callAllocationImpl.insertRecordsInOutboundCalls(outboundCallsDTO), HttpStatus.OK);
 
 	}
-	
+
 	@GetMapping(value = "/getEligibleRecordsLanguageInfo/{psmId}/{phoneNoType}/{recordType}/{fDate}/{tDate}/{preferredLanguage}/{role}", produces = MediaType.APPLICATION_JSON_VALUE)
 	@Operation(summary = "Fetch eligible Language records for allocation", description = "Desc - Fetch eligible records for allocation")
 	@ApiResponses(value = {
@@ -153,9 +152,12 @@ public ResponseEntity<String> insertRecordsInOutboundCalls(@RequestBody Outbound
 			@ApiResponse(responseCode = CustomExceptionResponse.BAD_REQUEST_SC_V, description = CustomExceptionResponse.BAD_REQUEST_SC) })
 	public ResponseEntity<ResponseEligibleCallRecordsDTO> getEligibleRecordsLanguageInfo(@PathVariable int psmId,
 			@PathVariable String phoneNoType, @PathVariable String recordType, @PathVariable String fDate,
-			@PathVariable String tDate, @PathVariable String preferredLanguage,@PathVariable String role) throws ECDException {
+			@PathVariable String tDate, @PathVariable String preferredLanguage, @PathVariable String role)
+			throws ECDException {
 		return new ResponseEntity<>(
-				callAllocationImpl.getEligibleRecordsLanguageInfo(psmId, phoneNoType, recordType, fDate, tDate, preferredLanguage,role), HttpStatus.OK);
+				callAllocationImpl.getEligibleRecordsLanguageInfo(psmId, phoneNoType, recordType, fDate, tDate,
+						preferredLanguage, role),
+				HttpStatus.OK);
 
 	}
 

src/main/java/com/iemr/ecd/controller/callallocation/CallConfigurationController.java

@@ -27,7 +27,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.CrossOrigin;
+
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -48,7 +48,6 @@
 
 @RestController
 @RequestMapping(value = "/callConfiguration", headers = "Authorization")
-@CrossOrigin()
 public class CallConfigurationController {
 
 	@Autowired

src/main/java/com/iemr/ecd/controller/dataupload/DataTemplateController.java

@@ -29,7 +29,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.CrossOrigin;
+
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -48,7 +48,6 @@
 
 @RestController
 @RequestMapping(value = "/dataTemplate", headers = "Authorization")
-@CrossOrigin()
 public class DataTemplateController {
 
 	@Autowired

src/main/java/com/iemr/ecd/controller/dataupload/DataUploadController.java

@@ -25,7 +25,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.CrossOrigin;
+
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestHeader;
@@ -41,7 +41,6 @@
 import io.swagger.v3.oas.annotations.responses.ApiResponses;
 
 @RestController
-@CrossOrigin()
 public class DataUploadController {
 
 	@Autowired

src/main/java/com/iemr/ecd/controller/masters/MastersController.java

@@ -26,7 +26,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.CrossOrigin;
+
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestHeader;
@@ -60,7 +60,6 @@
 
 @RestController
 @RequestMapping(value = "/master", headers = "Authorization")
-@CrossOrigin()
 public class MastersController {
 	@Autowired
 	private MasterServiceImpl masterServiceImpl;
@@ -234,11 +233,14 @@ public ResponseEntity<List<Gender>> getGender() {
 		return new ResponseEntity<>(masterServiceImpl.getGenders(), HttpStatus.OK);
 
 	}
+
 	@Operation(summary = "Get agents by role id and preferred language", description = "Fetches agents filtered by both role ID and their preferred language setting")
 	@GetMapping("/getAgentsByRoleIdAndPreferredLanguage/{roleId}/{preferredLanguage}")
 	public ResponseEntity<List<AgentsViewMaster>> getAgentsByRoleIdAndLanguage(
-			@RequestHeader(value = "Authorization") String authorization, @PathVariable Integer roleId, @PathVariable String preferredLanguage) {
-		return new ResponseEntity<>(masterServiceImpl.getAgentByRoleIdAndLanguage(roleId, preferredLanguage), HttpStatus.OK);
+			@RequestHeader(value = "Authorization") String authorization, @PathVariable Integer roleId,
+			@PathVariable String preferredLanguage) {
+		return new ResponseEntity<>(masterServiceImpl.getAgentByRoleIdAndLanguage(roleId, preferredLanguage),
+				HttpStatus.OK);
 
 	}
 }

src/main/java/com/iemr/ecd/controller/outboundworklist/CallStatisticsController.java

@@ -25,7 +25,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.CrossOrigin;
+
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -42,7 +42,6 @@
 
 @RestController
 @RequestMapping(value = "/agent", headers = "Authorization")
-@CrossOrigin()
 public class CallStatisticsController {
 
 	@Autowired

src/main/java/com/iemr/ecd/controller/outboundworklist/OutBoundWorklistController.java

@@ -28,7 +28,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.CrossOrigin;
+
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -48,7 +48,6 @@
 
 @RestController
 @RequestMapping(value = "/outbound-worklist", headers = "Authorization")
-@CrossOrigin()
 public class OutBoundWorklistController {
 
 	@Autowired
@@ -68,7 +67,7 @@ public ResponseEntity<String> getMotherWorklist(@PathVariable int userId) throws
 		ObjectMapper objectMapper = new ObjectMapper();
 		objectMapper.setDateFormat(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"));
 		String resp = objectMapper.writeValueAsString(motherWorkList);
-		return  new ResponseEntity<>(resp,HttpStatus.OK);
+		return new ResponseEntity<>(resp, HttpStatus.OK);
 	}
 
 	@GetMapping(value = "/get-child-data/{userId}", produces = MediaType.APPLICATION_JSON_VALUE)

src/main/java/com/iemr/ecd/controller/quality/AgentQualityAuditorMappingController.java

@@ -27,7 +27,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.CrossOrigin;
+
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -47,7 +47,6 @@
 
 @RestController
 @RequestMapping(value = "/agentQualityAuditorMap", headers = "Authorization")
-@CrossOrigin()
 public class AgentQualityAuditorMappingController {
 	@Autowired
 	private AgentQualityAuditorMappingImpl agentQualityAuditorMappingImpl;

src/main/java/com/iemr/ecd/controller/quality/ChartsController.java

@@ -27,7 +27,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.CrossOrigin;
+
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -44,7 +44,6 @@
 
 @RestController
 @RequestMapping(value = "/charts", headers = "Authorization")
-@CrossOrigin()
 public class ChartsController {
 
 	@Autowired

src/main/java/com/iemr/ecd/controller/quality/GradeConfigurationController.java

@@ -27,7 +27,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.CrossOrigin;
+
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -47,7 +47,6 @@
 
 @RestController
 @RequestMapping(value = "/gradeConfiguration", headers = "Authorization")
-@CrossOrigin()
 public class GradeConfigurationController {
 
 	@Autowired