private void validateAccessTokenClaims()

in src/main/java/com/epam/digital/data/platform/restapi/core/filter/HeaderValidationFilter.java [83:106]

• 19 lines of code
• 5 McCabe index (conditional complexity)

  private void validateAccessTokenClaims(HttpServletRequest request) {
    JwtClaimsDto claims;
    try {
      var token = request.getHeader(X_ACCESS_TOKEN.getHeaderName());
      claims = tokenParser.parseClaims(token);
    } catch (JwtParsingException e) {
      // should never happen but still treat the case as there are no expected claims
      claims = new JwtClaimsDto();
    }

    var missed = new ArrayList<String>();

    if (isBlank(claims.getDrfo())) {
      missed.add("drfo");
    }

    if (isBlank(claims.getFullName())) {
      missed.add("fullName");
    }

    if (isNotEmpty(missed)) {
      throw new MandatoryAccessTokenClaimMissingException(missed);
    }
  }