feature/Make the function getHeaderValue cryptographically secure

2026-02-06 17:37:00 +00:00 · 2025-04-01 09:25:27 +02:00 · 2025-04-01 09:25:27 +02:00 · b46af4084d
commit b46af4084d
parent e7061ed075
1 changed files with 2 additions and 1 deletions
--- a/obp-api/src/main/scala/code/api/util/BerlinGroupSigning.scala
+++ b/obp-api/src/main/scala/code/api/util/BerlinGroupSigning.scala
@ -156,7 +156,8 @@ object BerlinGroupSigning extends MdcLoggable {
  }

  def getHeaderValue(name: String, requestHeaders: List[HTTPParam]): String = {
-    requestHeaders.find(_.name.toLowerCase() == name.toLowerCase()).map(_.values.mkString).getOrElse("None")
+    requestHeaders.find(_.name.toLowerCase() == name.toLowerCase()).map(_.values.mkString)
+      .getOrElse(SecureRandomUtil.csprng.nextLong().toString)
  }
  private def getPem(requestHeaders: List[HTTPParam]): String = {
    val certificate = getHeaderValue(RequestHeader.`TPP-Signature-Certificate`, requestHeaders)