From 4b7b33373c3796cc638798c8fc582c3e88d39648 Mon Sep 17 00:00:00 2001
From: Ankit Singh <101859999+ankitmashu@users.noreply.github.com>
Date: Thu, 3 Oct 2024 18:14:33 +0530
Subject: [PATCH] ownerid and provider id check

---
 .../JwtAuthenticationServiceImpl.java         | 34 +++++++++++++------
 1 file changed, 24 insertions(+), 10 deletions(-)

diff --git a/src/main/java/iudx/resource/server/authenticator/JwtAuthenticationServiceImpl.java b/src/main/java/iudx/resource/server/authenticator/JwtAuthenticationServiceImpl.java
index 3ab99577..6c8e1af0 100644
--- a/src/main/java/iudx/resource/server/authenticator/JwtAuthenticationServiceImpl.java
+++ b/src/main/java/iudx/resource/server/authenticator/JwtAuthenticationServiceImpl.java
@@ -167,7 +167,7 @@ public AuthenticationService tokenInterospect(
         .compose(
             providerUserHandler -> {
               if (isIngestionEntitiesEndpoint(authenticationInfo)) {
-                return validateProviderUser(providerUserHandler, result.jwtData.getDid());
+                return validateProviderUser(providerUserHandler, result.jwtData);
               } else {
                 return Future.succeededFuture(true);
               }
@@ -465,8 +465,12 @@ Future<String> getProviderUserId(String id) {
                 response.forEach(
                     json -> {
                       JsonObject res = (JsonObject) json;
-                      String providerUserId = res.getString("providerUserId");
-                      LOGGER.info("providerUserId: " + providerUserId);
+                      String providerUserId = null;
+                      providerUserId = res.getString("providerUserId");
+                      if (providerUserId == null) {
+                        providerUserId = res.getString("ownerUserId");
+                        LOGGER.info(" owneruserid : " + providerUserId);
+                      }
                       promise.complete(providerUserId);
                     });
 
@@ -480,16 +484,26 @@ Future<String> getProviderUserId(String id) {
     return promise.future();
   }
 
-  Future<Boolean> validateProviderUser(String providerUserId, String did) {
+  Future<Boolean> validateProviderUser(String providerUserId, JwtData jwtData) {
     LOGGER.trace("validateProviderUser() started");
     Promise<Boolean> promise = Promise.promise();
     try {
-      if (did.equalsIgnoreCase(providerUserId)) {
-        LOGGER.info("success");
-        promise.complete(true);
-      } else {
-        LOGGER.error("fail");
-        promise.fail("incorrect providerUserId");
+      if (jwtData.getRole().equalsIgnoreCase("delegate")) {
+        if (jwtData.getDid().equalsIgnoreCase(providerUserId)) {
+          LOGGER.info("success");
+          promise.complete(true);
+        } else {
+          LOGGER.error("fail");
+          promise.fail("incorrect providerUserId");
+        }
+      } else if (jwtData.getRole().equalsIgnoreCase("provider")) {
+        if (jwtData.getSub().equalsIgnoreCase(providerUserId)) {
+          LOGGER.info("success");
+          promise.complete(true);
+        } else {
+          LOGGER.error("fail");
+          promise.fail("incorrect providerUserId");
+        }
       }
     } catch (Exception e) {
       LOGGER.error("exception occurred while validating provider user : " + e.getMessage());