SUPPORT-8838 fixes

backend/pom.xml

@@ -182,6 +182,10 @@
       <groupId>com.github.lookfirst</groupId>
       <artifactId>sardine</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.apache.tika</groupId>
+      <artifactId>tika-core</artifactId>
+    </dependency>
   </dependencies>
   <build>
     <finalName>${project.parent.artifactId}</finalName>

backend/src/main/java/ervu/service/fileupload/EmployeeInfoFileUploadService.java

@@ -1,5 +1,6 @@
 package ervu.service.fileupload;
 
+import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 import java.sql.Timestamp;
 import java.time.LocalDateTime;
@@ -16,6 +17,11 @@ import ervu.model.fileupload.EmployeeInfoKafkaMessage;
 import ervu.model.fileupload.FileInfo;
 import ervu.model.fileupload.FileStatus;
 import org.apache.kafka.clients.producer.ProducerRecord;
+import org.apache.tika.Tika;
+import org.apache.tika.mime.MediaType;
+import org.apache.tika.mime.MimeType;
+import org.apache.tika.mime.MimeTypeException;
+import org.apache.tika.mime.MimeTypes;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Qualifier;
@@ -70,6 +76,10 @@ public class EmployeeInfoFileUploadService {
   }
 
   public boolean saveEmployeeInformationFile(MultipartFile multipartFile, String formType, String authToken, String offset) {
+
+    if (!isValid(multipartFile)){
+      return false;
+    }
     String fileUploadUrl = this.url + "/" + getNewFilename(multipartFile.getOriginalFilename());
     LocalDateTime now = LocalDateTime.now();
 
@@ -116,6 +126,37 @@ public class EmployeeInfoFileUploadService {
     }
   }
 
+  private boolean isValid(MultipartFile multipartFile) {
+
+    if (multipartFile == null) {
+      return false;
+    }
+    try {
+      String contentType = new Tika().detect(multipartFile.getBytes());
+      MimeTypes defaultMimeTypes = MimeTypes.getDefaultMimeTypes();
+      MimeType mimeType = defaultMimeTypes.forName(contentType);
+      boolean isText = mimeType.getType().equals(MediaType.TEXT_PLAIN);
+
+      if (!isText) {
+        logger.info("Trying to upload file={} with wrong mime type={}",
+            multipartFile.getOriginalFilename(), mimeType
+        );
+      }
+      return isText;
+    }
+    catch (MimeTypeException e) {
+      logger.error(
+          "Couldn't get mime type from bytes for file=" + multipartFile.getOriginalFilename(), e);
+      return false;
+    }
+    catch (IOException e) {
+      logger.error("Error while checking file type, file=" + multipartFile.getOriginalFilename(),
+          e
+      );
+      return false;
+    }
+  }
+
   private boolean sendMessage(String message) {
     ProducerRecord<String, String> record = new ProducerRecord<>(this.kafkaTopicName, message);
     record.headers().add("messageId", UUID.randomUUID().toString().getBytes(StandardCharsets.UTF_8));

backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/UnauthorizedEntryPoint.java

@@ -21,9 +21,10 @@ public class UnauthorizedEntryPoint implements AuthenticationEntryPoint {
       response.setStatus(HttpServletResponse.SC_OK);
     }
     else {
-      response.sendError(HttpServletResponse.SC_UNAUTHORIZED,
-          "Unauthorized: Authentication token was either missing or invalid."
-      );
+      response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+      response.setContentType("application/json;charset=UTF-8");
+      response.getWriter()
+          .write("\"Unauthorized: Authentication token was either missing or invalid.\"");
     }
   }
 }

pom.xml

@@ -55,10 +55,6 @@
             <groupId>ru.micord.gar</groupId>
             <artifactId>gar-client</artifactId>
           </exclusion>
-          <exclusion>
-            <groupId>org.apache.tika</groupId>
-            <artifactId>tika-core</artifactId>
-          </exclusion>
           <exclusion>
             <groupId>org.mnode.ical4j</groupId>
             <artifactId>ical4j</artifactId>