From e354ac27feb4805e41aeadbdfdf3861e7957e9e8 Mon Sep 17 00:00:00 2001
From: aalicic <adnan@leads.ba>
Date: Fri, 4 Feb 2022 00:36:47 +0100
Subject: [PATCH] VIC-35: Make all data accessible per tenant add forward
 origin headers

---
 .../api/service/ConsultingTypeService.java    | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/src/main/java/de/caritas/cob/agencyservice/api/service/ConsultingTypeService.java b/src/main/java/de/caritas/cob/agencyservice/api/service/ConsultingTypeService.java
index 9a0e3a0d..8ca0f9b2 100644
--- a/src/main/java/de/caritas/cob/agencyservice/api/service/ConsultingTypeService.java
+++ b/src/main/java/de/caritas/cob/agencyservice/api/service/ConsultingTypeService.java
@@ -5,10 +5,16 @@
 import de.caritas.cob.agencyservice.consultingtypeservice.generated.ApiClient;
 import de.caritas.cob.agencyservice.consultingtypeservice.generated.web.ConsultingTypeControllerApi;
 import de.caritas.cob.agencyservice.consultingtypeservice.generated.web.model.ExtendedConsultingTypeResponseDTO;
+import java.util.Collections;
+import java.util.stream.Collectors;
+import javax.servlet.http.HttpServletRequest;
 import lombok.NonNull;
 import lombok.RequiredArgsConstructor;
 import org.springframework.cache.annotation.Cacheable;
+import org.springframework.http.HttpHeaders;
 import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
 
 /**
  * Service class to communicate with the ConsultingTypeService.
@@ -36,6 +42,26 @@ public ExtendedConsultingTypeResponseDTO getExtendedConsultingTypeResponseDTO(
 
   private void addDefaultHeaders(ApiClient apiClient) {
     var headers = this.securityHeaderSupplier.getCsrfHttpHeaders();
+    addOriginHeader(headers);
     headers.forEach((key, value) -> apiClient.addDefaultHeader(key, value.iterator().next()));
   }
+
+  private void addOriginHeader(HttpHeaders headers) {
+    String originHeaderValue = getOriginHeaderValue();
+    if (originHeaderValue != null) {
+      headers.add("origin", originHeaderValue);
+    }
+  }
+
+  private String getOriginHeaderValue() {
+    HttpServletRequest request =
+        ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes())
+            .getRequest();
+
+    return Collections.list(request.getHeaderNames())
+        .stream()
+        .collect(Collectors.toMap(h -> h, request::getHeader)).get("host");
+  }
+
+
 }