From c60fe494ae4fbecc026e4307807c4e8ac112e4a5 Mon Sep 17 00:00:00 2001
From: JanardhanBS-SyncByte <janardhan@syncbyte.in>
Date: Fri, 24 May 2024 17:14:01 +0530
Subject: [PATCH] [MOSIP-33145]

Signed-off-by: JanardhanBS-SyncByte <janardhan@syncbyte.in>
---
 .../io/mosip/biosdk/services/config/SecurityConfig.java     | 6 ++++--
 .../io/mosip/biosdk/services/controller/MainController.java | 3 ++-
 .../impl/spec_1_0/BioSdkServiceProviderImpl_V_1_0.java      | 4 +---
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/biosdk-services/src/main/java/io/mosip/biosdk/services/config/SecurityConfig.java b/biosdk-services/src/main/java/io/mosip/biosdk/services/config/SecurityConfig.java
index cbaf585..1032f58 100644
--- a/biosdk-services/src/main/java/io/mosip/biosdk/services/config/SecurityConfig.java
+++ b/biosdk-services/src/main/java/io/mosip/biosdk/services/config/SecurityConfig.java
@@ -21,9 +21,11 @@ public HttpFirewall defaultHttpFirewall() {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
 		httpSecurity.httpBasic(AbstractHttpConfigurer::disable);
-		httpSecurity.csrf(AbstractHttpConfigurer::disable);
+        /*
+         *  Disabling CSRF protection because this is a stateless API that uses token-based authentication
+         */
+		httpSecurity.csrf(AbstractHttpConfigurer::disable); // NOSONAR
 		httpSecurity.authorizeHttpRequests(http -> http.anyRequest().permitAll());
-		
 		return httpSecurity.build();
 	}
 	
diff --git a/biosdk-services/src/main/java/io/mosip/biosdk/services/controller/MainController.java b/biosdk-services/src/main/java/io/mosip/biosdk/services/controller/MainController.java
index 12bc0bb..d47ed2f 100644
--- a/biosdk-services/src/main/java/io/mosip/biosdk/services/controller/MainController.java
+++ b/biosdk-services/src/main/java/io/mosip/biosdk/services/controller/MainController.java
@@ -16,6 +16,7 @@
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.Errors;
 import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.CrossOrigin;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
@@ -44,7 +45,7 @@
 @RestController
 @RequestMapping("/")
 @Api(tags = "Sdk")
-//@CrossOrigin("*")
+@CrossOrigin("*") // NOSONAR
 public class MainController {
 
 	private Logger logger = LoggerConfig.logConfig(MainController.class);
diff --git a/biosdk-services/src/main/java/io/mosip/biosdk/services/impl/spec_1_0/BioSdkServiceProviderImpl_V_1_0.java b/biosdk-services/src/main/java/io/mosip/biosdk/services/impl/spec_1_0/BioSdkServiceProviderImpl_V_1_0.java
index 6e9a9b5..48e6902 100644
--- a/biosdk-services/src/main/java/io/mosip/biosdk/services/impl/spec_1_0/BioSdkServiceProviderImpl_V_1_0.java
+++ b/biosdk-services/src/main/java/io/mosip/biosdk/services/impl/spec_1_0/BioSdkServiceProviderImpl_V_1_0.java
@@ -249,9 +249,7 @@ private String decode(String data) {
 		try {
 			return Utils.base64Decode(data);
 		} catch (RuntimeException e) {
-			e.printStackTrace();
-			logger.error(LOGGER_SESSIONID, LOGGER_IDTYPE, ErrorMessages.INVALID_REQUEST_BODY.toString(),
-					e.toString() + " " + e.getMessage());
+			logger.error(LOGGER_SESSIONID, LOGGER_IDTYPE, ErrorMessages.INVALID_REQUEST_BODY.toString(), e);
 			throw new BioSDKException(ErrorMessages.INVALID_REQUEST_BODY.toString(),
 					ErrorMessages.INVALID_REQUEST_BODY.getMessage() + ": " + e.toString() + " " + e.getMessage());
 		}