Resolved conflicts

Jenkinsfile

@@ -56,7 +56,7 @@ pipeline {
           }
         }
         script {
-          sh 'ssh ubuntu@46.105.65.89 "sh gepafin-production-api.sh"'
+           sh 'ssh ubuntu@79.137.88.15 "sh gepafin-production-api.sh"'
         }
       }
     }

pom.xml

@@ -116,10 +116,6 @@
 			<artifactId>jjwt-jackson</artifactId>
 			<version>0.11.5</version>
 		</dependency>
-		<dependency>
-			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-web</artifactId>
-		</dependency>
 		<dependency>
 		    <groupId>jakarta.validation</groupId>
 		    <artifactId>jakarta.validation-api</artifactId>
@@ -140,13 +136,57 @@
 		    <version>0.23.0</version>
 		</dependency>
 		
+		<!-- https://mvnrepository.com/artifact/org.springframework.security/spring-security-saml2-service-provider -->
+		<dependency>
+	        <groupId>org.springframework.security</groupId>
+	        <artifactId>spring-security-saml2-service-provider</artifactId>
+	    </dependency>
+
+		<!-- https://mvnrepository.com/artifact/org.opensaml/opensaml-core -->
+		<dependency>
+		    <groupId>org.opensaml</groupId>
+		    <artifactId>opensaml-core</artifactId>
+		 <version>4.2.0</version>
+		</dependency>
+	
+		
+		<!-- https://mvnrepository.com/artifact/org.opensaml/opensaml-saml-api -->
+		<dependency>
+		    <groupId>org.opensaml</groupId>
+		    <artifactId>opensaml-saml-api</artifactId>
+		    <version>4.2.0</version>
+		</dependency>
+		
+			
+		<!-- https://mvnrepository.com/artifact/org.opensaml/opensaml-saml-impl -->
+		<dependency>
+		    <groupId>org.opensaml</groupId>
+		    <artifactId>opensaml-saml-impl</artifactId>
+		    <version>4.2.0</version>
+		</dependency>
+
+
+
 		<dependency>
 			<groupId>org.springframework.cloud</groupId>
 			<artifactId>spring-cloud-starter-openfeign</artifactId>
 			<version>4.1.3</version>
 		</dependency>
 		
+		<dependency>
+    <groupId>org.apache.santuario</groupId>
+    <artifactId>xmlsec</artifactId>
+    <version>2.3.0</version> <!-- or latest -->
+</dependency>
+
+
 	</dependencies>
+<repositories>
+    <repository>
+        <id>shibboleth</id>
+        <url>https://build.shibboleth.net/nexus/content/repositories/releases/</url>
+    </repository>
+</repositories>
 
 
 	<build>
@@ -158,7 +198,6 @@
 			<plugin>
 				<groupId>org.liquibase</groupId>
 				<artifactId>liquibase-maven-plugin</artifactId>
-				<version>4.20.0</version>
 				<configuration>
 					<propertyFile>src/main/resources/application.properties</propertyFile>
 				</configuration>

src/main/java/net/gepafin/tendermanagement/config/SamlConfig.java

@@ -0,0 +1,203 @@
+package net.gepafin.tendermanagement.config;
+
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.security.KeyFactory;
+import java.security.PrivateKey;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.time.Instant;
+import java.util.UUID;
+
+import org.bouncycastle.util.io.pem.PemReader;
+import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
+import org.opensaml.saml.common.SAMLVersion;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.core.AuthnContextClassRef;
+import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration;
+import org.opensaml.saml.saml2.core.AuthnRequest;
+import org.opensaml.saml.saml2.core.RequestedAuthnContext;
+import org.opensaml.saml.saml2.core.impl.AuthnContextClassRefBuilder;
+import org.opensaml.saml.saml2.core.impl.RequestedAuthnContextBuilder;
+import org.opensaml.security.x509.BasicX509Credential;
+import org.opensaml.xmlsec.config.impl.DefaultSecurityConfigurationBootstrap;
+import org.opensaml.xmlsec.signature.Signature;
+import org.opensaml.xmlsec.signature.support.SignatureConstants;
+import org.opensaml.xmlsec.signature.support.Signer;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.saml2.core.Saml2X509Credential;
+import org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository;
+import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
+import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
+import org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding;
+import org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver;
+import org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver;
+import org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver;
+import org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver;
+
+@Configuration
+public class SamlConfig {
+
+    private final Logger logger = LoggerFactory.getLogger(SamlConfig.class);
+
+    @Value("${base-url}")
+    String baseUrl;
+    
+    @Value("${spid.ipd.base.url}")
+    String ipdBaseUrl;
+    
+    @Value("${active.profile.folder}")
+    String activeProfileFolder;
+
+    @Bean
+    public RelyingPartyRegistrationRepository relyingPartyRegistrationRepository() {
+
+        String entityId = baseUrl + "/v1/saml/gw/metadata";
+        String acsUrl = baseUrl + "/login/saml2/sso/loginumbria";
+
+        RelyingPartyRegistration registration = RelyingPartyRegistration.withRegistrationId("loginumbria")
+                .entityId(entityId)
+                .signingX509Credentials(credentials -> {
+                    try {
+                        credentials.add(Saml2X509Credential.signing(readPrivateKey(), readCertificate()));
+                    } catch (Exception e) {
+                        e.printStackTrace();
+                    }
+                })
+                .assertionConsumerServiceLocation(acsUrl)
+                .assertingPartyDetails(details -> details.entityId(ipdBaseUrl + "/gw/metadata")
+                    .singleSignOnServiceLocation(ipdBaseUrl + "/gw/SSOProxy/SAML2")
+                    .singleSignOnServiceBinding(Saml2MessageBinding.POST)
+                    .wantAuthnRequestsSigned(true)
+                    .verificationX509Credentials(credentials -> {
+                        try {
+                            // Load the IDP's public certificate for verifying the SAML response signature
+                            credentials.add(Saml2X509Credential.verification(readIdpCertificate()));
+                        } catch (Exception e) {
+                            e.printStackTrace();
+                        }
+                    })
+                )
+                .build();
+
+        return new InMemoryRelyingPartyRegistrationRepository(registration);
+    }
+    
+    public AuthnRequest createSignedAuthnRequest(PrivateKey privateKey, X509Certificate certificate) throws Exception {
+        AuthnRequest authnRequest = (AuthnRequest) XMLObjectProviderRegistrySupport.getBuilderFactory()
+                .getBuilder(AuthnRequest.DEFAULT_ELEMENT_NAME)
+                .buildObject(AuthnRequest.DEFAULT_ELEMENT_NAME);
+
+        authnRequest.setID("_" + UUID.randomUUID().toString());
+        authnRequest.setVersion(SAMLVersion.VERSION_20);
+       // authnRequest.setIssueInstant(new DateTime());
+        authnRequest.setIssueInstant(Instant.now());
+
+
+        // Sign the AuthnRequest
+       // BasicCredential signingCredential = new BasicCredential(certificate, privateKey);
+        BasicX509Credential signingCredential = new BasicX509Credential(certificate, privateKey);
+
+        Signature signature = (Signature) XMLObjectProviderRegistrySupport.getBuilderFactory()
+                .getBuilder(Signature.DEFAULT_ELEMENT_NAME)
+                .buildObject(Signature.DEFAULT_ELEMENT_NAME);
+
+        signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); 
+        signature.setSigningCredential(signingCredential);
+        signature.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1); // Set RSA-SHA1
+
+        authnRequest.setSignature(signature);
+        DefaultSecurityConfigurationBootstrap.buildDefaultSignatureSigningConfiguration();
+
+        // Marshall and sign the object
+        XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(authnRequest).marshall(authnRequest);
+        Signer.signObject(signature);
+
+        return authnRequest;
+    }
+
+@Bean
+public Saml2AuthenticationRequestResolver authenticationRequestResolver(RelyingPartyRegistrationRepository registrations) {
+    RelyingPartyRegistrationResolver registrationResolver = new DefaultRelyingPartyRegistrationResolver(registrations);
+    OpenSaml4AuthenticationRequestResolver authenticationRequestResolver = new OpenSaml4AuthenticationRequestResolver(registrationResolver);
+
+    authenticationRequestResolver.setAuthnRequestCustomizer((context) -> {
+        // Set the required attributes
+        AuthnRequest authnRequest = context.getAuthnRequest();
+        authnRequest.setID("_" + UUID.randomUUID().toString()); // Add a unique ID
+        authnRequest.setVersion(SAMLVersion.VERSION_20); // Ensure version is 2.0
+        authnRequest.setProtocolBinding(SAMLConstants.SAML2_POST_BINDING_URI); // HTTP-POST
+
+        // Set Authentication Context
+        authnRequest.setRequestedAuthnContext(buildRequestedAuthnContext());
+
+        // Log the SAML AuthnRequest after setting context
+        String samlRequest = SamlRequestLogger.convertSAMLObjectToString(authnRequest);
+        logger.info("SAML AuthnRequest after setting context: " + samlRequest);
+    });
+
+    return authenticationRequestResolver;
+}
+
+private RequestedAuthnContext buildRequestedAuthnContext() {
+    AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder();
+    AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject(
+        SAMLConstants.SAML20_NS, AuthnContextClassRef.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX
+    );
+    // Set the SPID Level 2 authentication context
+    authnContextClassRef.setURI("urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword");
+
+    RequestedAuthnContextBuilder requestedAuthnContextBuilder = new RequestedAuthnContextBuilder();
+    RequestedAuthnContext requestedAuthnContext = requestedAuthnContextBuilder.buildObject();
+    requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
+    requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef);
+
+    return requestedAuthnContext;
+}
+    
+    public PrivateKey readPrivateKey() throws Exception {
+        // Path to your private key PEM file
+        try (PemReader pemReader = new PemReader(new InputStreamReader(readKey(activeProfileFolder + "/saml/private-key.pem")))) {
+            // Read the PEM content
+            byte[] pemContent = pemReader.readPemObject().getContent();
+            // Decode the PEM content
+            PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(pemContent);
+            KeyFactory keyFactory = KeyFactory.getInstance("RSA"); // Use RSA algorithm
+            // Generate and return the PrivateKey
+            return keyFactory.generatePrivate(keySpec);
+        }
+    }
+    public X509Certificate readCertificate() throws Exception {
+        // Path to your certificate PEM fileFile
+        try (InputStream inStream = readKey(activeProfileFolder + "/saml/public-cert.pem")) {
+            CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
+            return (X509Certificate) certFactory.generateCertificate(inStream);
+        }
+    }
+    
+    public X509Certificate readIdpCertificate() throws Exception {
+        // Path to your IDP public certificate PEM file
+        try (InputStream inStream = readKey(activeProfileFolder + "/saml/idp-certificate.pem")) {
+            CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
+            return (X509Certificate) certFactory.generateCertificate(inStream);
+        }
+    }
+
+    
+    public InputStream readKey(String path) throws IOException {
+        ClassLoader classLoader = getClass().getClassLoader();
+        InputStream inputStream = classLoader.getResourceAsStream(path);
+        
+        if (inputStream == null) {
+            throw new FileNotFoundException("file not found : "+path);
+        }
+        return inputStream;
+    }
+}

src/main/java/net/gepafin/tendermanagement/config/SamlFailureHandler.java

@@ -0,0 +1,35 @@
+package net.gepafin.tendermanagement.config;
+
+import java.io.IOException;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.authentication.AuthenticationFailureHandler;
+import org.springframework.stereotype.Component;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+@Component
+public class SamlFailureHandler implements AuthenticationFailureHandler {
+	
+    private final Logger logger = LoggerFactory.getLogger(SamlSuccessHandler.class);
+    
+	@Value("${fe.base.url}")
+	private String feBaseUrl;
+	
+	@Override
+    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
+                                        AuthenticationException exception) throws IOException {
+        try {
+            logger.error("SAML login failed: " + exception.getMessage());
+
+			response.sendRedirect(feBaseUrl + "/login");
+        } catch (Exception e) {
+            logger.error("Error processing SAML failure handler", e);
+        }
+    }
+	
+}

src/main/java/net/gepafin/tendermanagement/config/SamlRequestLogger.java

@@ -0,0 +1,22 @@
+package net.gepafin.tendermanagement.config;
+
+import org.opensaml.core.xml.io.MarshallingException;
+import org.opensaml.core.xml.util.XMLObjectSupport;
+import org.opensaml.saml.saml2.core.AuthnRequest;
+import org.w3c.dom.Element;
+
+import net.shibboleth.utilities.java.support.xml.SerializeSupport;
+
+public class SamlRequestLogger {
+
+    public static String convertSAMLObjectToString(AuthnRequest authnRequest) {
+        try {
+            Element element = XMLObjectSupport.marshall(authnRequest);
+            return SerializeSupport.prettyPrintXML(element); // Pretty print XML using SerializeSupport
+        } catch (MarshallingException e) {
+            e.printStackTrace();
+            return "Error converting SAML object to XML";
+        }
+    }
+}
+

src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java

@@ -0,0 +1,98 @@
+package net.gepafin.tendermanagement.config;
+
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal;
+import org.springframework.security.saml2.provider.service.authentication.Saml2Authentication;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
+import org.springframework.stereotype.Component;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import net.gepafin.tendermanagement.constants.GepafinConstant;
+import net.gepafin.tendermanagement.entities.SamlResponseEntity;
+import net.gepafin.tendermanagement.entities.UserEntity;
+import net.gepafin.tendermanagement.repositories.SamlResponseRepository;
+import net.gepafin.tendermanagement.repositories.UserRepository;
+import net.gepafin.tendermanagement.util.Utils;
+import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException;
+import net.gepafin.tendermanagement.web.rest.api.errors.Status;
+
+@Component
+public class SamlSuccessHandler implements AuthenticationSuccessHandler {
+
+	private final Logger logger = LoggerFactory.getLogger(SamlSuccessHandler.class);
+
+	@Autowired
+	private SamlResponseRepository samlResponseLogRepository;
+
+	@Autowired
+	private UserRepository userRepository;
+
+	@Value("${fe.base.url}")
+	private String feBaseUrl;
+
+	@Override
+	public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
+			Authentication authentication) throws IOException {
+		try {
+			logger.info("SAML login in Authentication Success Handler");
+			Saml2Authentication samlAuth = (Saml2Authentication) authentication;
+			Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) samlAuth.getPrincipal();
+
+			Map<String, List<Object>> userAttributes = principal.getAttributes();
+			String token = Utils.generateSecureToken();
+			logger.info("SAML User Attributes: " + userAttributes);
+
+			SamlResponseEntity samlResponseLogEntity = new SamlResponseEntity();
+			samlResponseLogEntity.setAuthenticationObject(authentication.toString());
+
+			ObjectMapper objectMapper = new ObjectMapper();
+			String userAttributesJson = objectMapper.writeValueAsString(userAttributes);
+			samlResponseLogEntity.setAuthenticationObject(userAttributesJson);
+			samlResponseLogEntity.setToken(token);
+			samlResponseLogRepository.save(samlResponseLogEntity);
+			
+			String redirectUrl = feBaseUrl;
+
+			logger.info("SAML login successful for user: " + principal.getName());
+			String cf = userAttributes.get("CodiceFiscale").get(0).toString();
+			UserEntity userEntity = userRepository.findByBeneficiaryCodiceFiscale(cf).orElse(null);
+			if (userEntity == null) {
+				redirectUrl += "/registration?temp_token=" + token;
+			} else {
+				redirectUrl += "/login?temp_token=" + token;
+			}
+			response.sendRedirect(redirectUrl);
+			logger.info("SAML redirect Url: " + redirectUrl);
+		} catch (Exception e) {
+			logger.error("Error processing SAML success handler", e);
+		}
+	}
+
+	public void validateToken(String token, String codiceFiscale) {
+		SamlResponseEntity samlResponseLogEntity = samlResponseLogRepository.findByToken(token);
+		if (samlResponseLogEntity == null) {
+			throw new CustomValidationException(Status.VALIDATION_ERROR,
+					Translator.toLocale(GepafinConstant.INVALID_TOKEN_MSG));
+		}
+		Map<String, List<Object>> userAttributes = Utils
+				.convertStringIntoMap(samlResponseLogEntity.getAuthenticationObject());
+		String cf = userAttributes.get("CodiceFiscale").get(0).toString();
+		if (codiceFiscale == null || Boolean.FALSE.equals(codiceFiscale.equals(cf))) {
+			throw new CustomValidationException(Status.VALIDATION_ERROR,
+					Translator.toLocale(GepafinConstant.INVALID_TOKEN_MSG));
+		}
+		samlResponseLogRepository.delete(samlResponseLogEntity);
+	}
+
+}

src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java

@@ -1,6 +1,7 @@
 package net.gepafin.tendermanagement.config;
 
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
@@ -23,6 +24,7 @@ import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 import org.springframework.web.filter.CorsFilter;
 import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
 
+
 import io.swagger.v3.oas.models.Components;
 import io.swagger.v3.oas.models.OpenAPI;
 import io.swagger.v3.oas.models.security.SecurityRequirement;
@@ -35,19 +37,25 @@ import net.gepafin.tendermanagement.config.jwt.TokenProvider;
 @EnableWebSecurity
 @EnableMethodSecurity(prePostEnabled = true)
 public class SecurityConfig {
-
     private final TokenProvider tokenProvider;
+    private final SamlSuccessHandler samlSuccessHandler;
+    private final SamlFailureHandler samlFailureHandler;
+    
+    @Value("${base-url}") 
+    String baseUrl;
     
     @Autowired
-    public SecurityConfig(TokenProvider tokenProvider) {
+    public SecurityConfig(TokenProvider tokenProvider, SamlSuccessHandler samlSuccessHandler, SamlFailureHandler samlFailureHandler) {
         this.tokenProvider = tokenProvider;
+        this.samlSuccessHandler =samlSuccessHandler;
+        this.samlFailureHandler=samlFailureHandler;
     }
     
+
     @Bean
     public AuthenticationManager authenticationManager(AuthenticationConfiguration config) throws Exception {
         return config.getAuthenticationManager();
     }
-
     @Bean
     public PasswordEncoder passwordEncoder() {
         return new BCryptPasswordEncoder();
@@ -75,8 +83,8 @@ public class SecurityConfig {
 
         CorsConfiguration config = new CorsConfiguration();
         config.addAllowedOrigin("*");
-	    config.addAllowedMethod("*");
+        config.addAllowedMethod("*");
-	    config.addAllowedHeader("*");
+        config.addAllowedHeader("*");
         config.setMaxAge(3600l);
 
         if (config.getAllowedOrigins() != null && !config.getAllowedOrigins().isEmpty()) {
@@ -86,23 +94,30 @@ public class SecurityConfig {
         }
         return new CorsFilter(source);
     }
-
-
     @Bean
-    public SecurityFilterChain securityFilterChain(HttpSecurity http, MvcRequestMatcher.Builder mvc) throws Exception {
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
-        http
+        http.csrf(AbstractHttpConfigurer::disable).authorizeHttpRequests(auth -> auth
-                .csrf(AbstractHttpConfigurer::disable)
+                // Allow public access to the login endpoints
-                .authorizeHttpRequests(auth -> auth
+                .requestMatchers("/v1/user/login").permitAll() // JWT-based login
-                        .requestMatchers(mvc.pattern(HttpMethod.POST, "/v1/user/login")).permitAll()
+                .requestMatchers("/v1/user").permitAll() // User registration
-                        .requestMatchers("/swagger-ui/**").permitAll()
+                .requestMatchers("/v1/user/sso/validate/existing-user/{token}").permitAll()
-                        .requestMatchers("/v1/api-docs/**").permitAll()
+                .requestMatchers("/v1/user/sso/validate/new-user/{token}").permitAll()
-                        .anyRequest().authenticated()
+                .requestMatchers("/v1/saml/**").permitAll() // JWT-based login
-                )
+                .requestMatchers("/saml2/**").permitAll() // SAML login initiation
-                .sessionManagement(session -> session
+                .requestMatchers("/swagger-ui/**").permitAll() // Swagger docs
-                        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                .requestMatchers("/v1/api-docs/**").permitAll() // API docs
-                )
+                .anyRequest().authenticated())
+                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                 .addFilterBefore(corsFilter(), UsernamePasswordAuthenticationFilter.class)
-                .addFilterBefore(new JWTFilter(tokenProvider), UsernamePasswordAuthenticationFilter.class);
+                .addFilterBefore(new JWTFilter(tokenProvider), UsernamePasswordAuthenticationFilter.class)
+                // Add SAML2 login configuration (for BENEFICIARI)
+                /*
+                 * .saml2Login(saml -> saml.loginPage("/saml/login") // Entry point for SAML
+                 * login .defaultSuccessUrl("/") // Redirect after successful SAML login );
+                 */
+				.saml2Login(saml -> saml.defaultSuccessUrl("/").successHandler(samlSuccessHandler)
+						.failureHandler(samlFailureHandler));
+
 
         return http.build();
     }
@@ -116,4 +131,6 @@ public class SecurityConfig {
                         new SecurityScheme().type(SecurityScheme.Type.HTTP)
                                 .scheme("bearer").bearerFormat("JWT")));
     }
+    
+   
 }

src/main/java/net/gepafin/tendermanagement/config/jwt/TokenProvider.java

@@ -82,10 +82,11 @@ public class TokenProvider {
         log.info("JWT Secret Key initialized.");
     }
 
-    public String createToken(Authentication authentication, Boolean rememberMe, UserEntity user) {
+    public String createToken(Boolean rememberMe, UserEntity user) {
-        String authorities = authentication.getAuthorities().stream()
+//        String authorities = authentication.getAuthorities().stream()
-                .map(GrantedAuthority::getAuthority)
+//                .map(GrantedAuthority::getAuthority)
-                .collect(Collectors.joining(","));
+//                .collect(Collectors.joining(","));
+    	String authorities = user.getRoleEntity().getRoleType();
         Long now;
         Date validity;
 
@@ -99,7 +100,7 @@ public class TokenProvider {
             log.info("Creating token with standard validity of {} seconds.", this.tokenValidityInSeconds);
         }
 
-        String payload = authentication.getName();
+        String payload = user.getEmail();
         if(user != null) {
             payload += ":"+user.getId();
         }

src/main/java/net/gepafin/tendermanagement/constants/GepafinConstant.java

@@ -136,7 +136,6 @@ public class GepafinConstant {
     public static final String APPLICATION_IS_INCOMPLETE_MSG = "application.is.incomplete";
     public static final String AUTHORIZATION = "Authorization";
     public static final String CHECK_VATNUMBER_V2_NEW_URL = "https://imprese.openapi.it/advance";
-    public static final String VATNUMBER_V2 = "https://imprese.openapi.it/advance";
     public static final String VALIDATION_FIELD_CUSTOM="validation.field.custom";
     public static final String VALIDATION_CODICE_FISCALE = "validation.codice.fiscale";
     public static final String VALIDATION_CAP = "validation.cap";
@@ -155,6 +154,29 @@ public class GepafinConstant {
     public static final String IS_CAP="isCAP";
     public static final String IS_CODICE_FISCALE="isCodiceFiscale";
     public static final String IS_PIVA="isPIVA";
-
     public static final String FAILED_RETAIN_FIELD="failed.retain.field";
+	public static final String USER_ALREADY_EXIST_MSG = "user.already.exist.msg";
+	public static final String TOKEN_VALIDATE_SUCCESS_MSE = "token.validate.success";
+	public static final String INVALID_REQUEST = "invalid.request";
+	public static final String CODICE_FISCALE_EXISTS = "codice.fiscale.exists";
+    public static final String TOTAL_STEPS_NOT_BE_ZERO="total.steps.not.zero";
+    public static final String COMPLETED_STEPS_NOT_VALID="completed.steps.not.valid";
+    public static final String FIELD_ID_NOT_FOUND="field.id.not.found";
+	public static final String VALIDATE_EMAIL = "validate.email";
+	public static final String ROLE_ID_MANDATORY = "role.id.mandatory";
+	public static final String VALIDATE_PASSWORD = "validate.password";
+	
+	public static final String COMPANY_CREATED_SUCCESS_MSG = "company.created.success";
+	public static final String COMPANY_UPDATED_SUCCESS_MSG = "company.updated.success";
+	public static final String COMPANY_DELETE_SUCCESS_MSG = "company.delete.success";
+	public static final String COMPANY_GET_SUCCESS_MSG = "company.get.success";
+	public static final String COMPANY_NOT_FOUND_MSG = "company.not.found";
+	public static final String CHECK_VATNUMBER_SUCCESS_MSG = "check.vatnumber.success";
+	public static final String INVALID_VATNUMBER = "invalid.vatnumber";
+	public static final String VATNUMBER_MANDATORY = "vatnumber.mandatory";
+	public static final String VATNUMBER_ALREADY_EXISTS = "vatnumber.already.exists";
+	public static final String INVALID_EMAIL = "invalid.email";
+	public static final String UNAUTHORIZED = "UNAUTHORIZED";
+	public static final String COMPANY_ID_MANDATORY = "company.id.mandatory";
+    public static final String USER_ALREADY_CONNECTED_TO_COMPANY = "user.already.connected.to.company";
 }

src/main/java/net/gepafin/tendermanagement/dao/ApplicationDao.java

@@ -4,26 +4,32 @@ import net.gepafin.tendermanagement.config.Translator;
 import net.gepafin.tendermanagement.constants.GepafinConstant;
 import net.gepafin.tendermanagement.entities.*;
 import net.gepafin.tendermanagement.enums.ApplicationStatusTypeEnum;
+import net.gepafin.tendermanagement.enums.DocumentSourceTypeEnum;
 import net.gepafin.tendermanagement.enums.RoleStatusEnum;
 import net.gepafin.tendermanagement.model.request.ApplicationFormFieldRequestBean;
 import net.gepafin.tendermanagement.model.request.ApplicationRequest;
 import net.gepafin.tendermanagement.model.request.ApplicationRequestBean;
 import net.gepafin.tendermanagement.model.response.*;
-import net.gepafin.tendermanagement.repositories.ApplicationFormFieldRepository;
+import net.gepafin.tendermanagement.repositories.*;
-import net.gepafin.tendermanagement.repositories.ApplicationFormRepository;
-import net.gepafin.tendermanagement.repositories.ApplicationRepository;
 import net.gepafin.tendermanagement.service.CallService;
+import net.gepafin.tendermanagement.service.DocumentService;
 import net.gepafin.tendermanagement.service.FormService;
 import net.gepafin.tendermanagement.util.DateTimeUtil;
+import net.gepafin.tendermanagement.util.FieldValidator;
 import net.gepafin.tendermanagement.util.Utils;
+import net.gepafin.tendermanagement.util.Validator;
 import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException;
 import net.gepafin.tendermanagement.web.rest.api.errors.ResourceNotFoundException;
 import net.gepafin.tendermanagement.web.rest.api.errors.Status;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.jpa.domain.Specification;
 import org.springframework.stereotype.Component;
 
+import jakarta.persistence.criteria.Predicate;
+
+import java.text.MessageFormat;
 import java.time.LocalDateTime;
 import java.util.*;
 import java.util.stream.Collectors;
@@ -48,16 +54,36 @@ public class ApplicationDao {
     @Autowired
     private FormService formService;
 
-    public ApplicationResponseBean createApplication(ApplicationRequestBean applicationRequestBean, UserEntity userEntity, Long formId,Long applicationId) {
+    @Autowired
+    private DocumentService documentService;
+
+    @Autowired
+    private CallDao callDao;
+
+    @Autowired
+    private FlowFormDao flowFormDao;
+
+    @Autowired
+    private FlowEdgesRepository flowEdgesRepository;
+
+    @Autowired
+    private FlowDataRepository flowDataRepository;
+    
+    @Autowired
+    private Validator validator;
+
+
+    public ApplicationResponseBean createApplication(ApplicationRequestBean applicationRequestBean, UserEntity userEntity, Long formId, Long applicationId) {
         FormEntity formEntity = formService.validateForm(formId);
-        CallEntity call = callService.validatePublishedCall(formEntity.getCall().getId());
+        callService.validatePublishedCall(formEntity.getCall().getId());
+        validateFormFields(applicationRequestBean,formEntity);
         ApplicationEntity applicationEntity = validateApplication(applicationId);
-        if(Boolean.TRUE.equals(applicationEntity.getStatus().equals(ApplicationStatusTypeEnum.SUBMIT.getValue()))){
+        if(Boolean.TRUE.equals(applicationEntity.getStatus().equals(ApplicationStatusTypeEnum.SUBMIT.getValue()))) {
             throw new CustomValidationException(Status.BAD_REQUEST,Translator.toLocale(GepafinConstant.APPLICATION_ALREADY_SUBMITTED));
         }
         formService.validateFormField(applicationRequestBean.getFormFields(),applicationEntity,formEntity);
         ApplicationFormEntity applicationFormEntity =  getApplicationFormOrCreate(formEntity, applicationEntity);
-        createOrUpdateMultipleFormFields(applicationRequestBean.getFormFields(), applicationFormEntity);
+        createOrUpdateMultipleFormFields(applicationRequestBean.getFormFields(), applicationFormEntity,formEntity);
         return getApplicationById(applicationEntity.getId(),formEntity.getId());
     }
 
@@ -66,12 +92,6 @@ public class ApplicationDao {
         return applicationFormEntity1;
     }
 
-    public void validateFormId(FormEntity formEntity, CallEntity callEntity) {
-        if (Boolean.FALSE.equals(formEntity.getId().equals(callEntity.getInitialForm()))) {
-            throw new CustomValidationException(Status.BAD_REQUEST,Translator.toLocale(GepafinConstant.FORM_ID_DOES_NOT_MACTHES));
-        }
-    }
-
     public ApplicationFormEntity createApplicationFormEntity(ApplicationEntity application, FormEntity formEntity) {
         ApplicationFormEntity applicationFormEntity = new ApplicationFormEntity();
         applicationFormEntity.setApplication(application);
@@ -80,9 +100,10 @@ public class ApplicationDao {
         return applicationFormEntity;
     }
 
-    public ApplicationEntity createApplicationEntity(UserEntity user, CallEntity call) {
+    public ApplicationEntity createApplicationEntity(UserEntity user, CallEntity call, CompanyEntity companyEntity) {
         ApplicationEntity entity = new ApplicationEntity();
-        entity.setUser(user);
+        entity.setUserId(user.getId());
+        entity.setCompany(companyEntity);
         entity.setCall(call);
         entity.setIsDeleted(false);
         entity.setStatus(ApplicationStatusTypeEnum.DRAFT.getValue());
@@ -95,17 +116,57 @@ public class ApplicationDao {
         ApplicationEntity applicationEntity = validateApplication(id);
        ApplicationFormEntity applicationFormEntity = applicationFormRepository.findByApplicationIdAndFormId(applicationEntity.getId(),formId);
         List<ApplicationFormFieldResponseBean> applicationFormFieldResponseBeans=new ArrayList<>();
-        ApplicationFormFieldResponseBean applicationFormFieldResponseBeans1=null;
         List<ApplicationFormFieldEntity> applicationFormFieldEntities = applicationFormFieldRepository.findByApplicationFormId(applicationFormEntity.getId());
-            for(ApplicationFormFieldEntity applicationFormFieldEntity:applicationFormFieldEntities) {
+        applicationFormFieldResponseBeans=createApplicationFormFieldResponse(applicationFormFieldEntities, applicationFormEntity, applicationFormFieldResponseBeans);
-                applicationFormFieldResponseBeans1 = convertApplicationFormFieldEntityToApplicationFormFieldResponseBean(applicationFormFieldEntity, applicationFormEntity.getId());
-                applicationFormFieldResponseBeans.add(applicationFormFieldResponseBeans1);
-            }
         ApplicationResponseBean applicationResponseBean= convertApplicationEntityToApplicationResponseBean(applicationEntity);
         applicationResponseBean.setFormFields(applicationFormFieldResponseBeans);
         return applicationResponseBean;
     }
 
+    private List<ApplicationFormFieldResponseBean> createApplicationFormFieldResponse(
+            List<ApplicationFormFieldEntity> applicationFormFieldEntities,
+            ApplicationFormEntity applicationFormEntity,
+            List<ApplicationFormFieldResponseBean> applicationFormFieldResponseBeans) {
+
+        List<ContentResponseBean> contentResponseBeans = Utils.convertJsonStringToList(
+                applicationFormEntity.getForm().getContent(), ContentResponseBean.class);
+
+        for (ApplicationFormFieldEntity applicationFormFieldEntity : applicationFormFieldEntities) {
+
+            Optional<ContentResponseBean> fileUploadContent = contentResponseBeans.stream()
+                    .filter(contentResponseBean -> "fileupload".equals(contentResponseBean.getName()) &&
+                            contentResponseBean.getId().equals(applicationFormFieldEntity.getFieldId()))
+                    .findFirst();
+
+            List<DocumentResponseBean> documentResponseBeans = new ArrayList<>();
+            if (fileUploadContent.isPresent()) {
+                String documentId = applicationFormFieldEntity.getFieldValue();
+                if (documentId != null && !documentId.isEmpty()) {
+                    documentResponseBeans = Arrays.stream(documentId.split(","))
+                            .map(String::trim)
+                            .map(Long::parseLong)
+                            .map(docId -> {
+                                DocumentEntity documentEntity = documentService.validateDocument(docId);
+                                if (Boolean.FALSE.equals(DocumentSourceTypeEnum.APPLICATION.getValue().equals(documentEntity.getSource()))) {
+                                    throw new CustomValidationException(Status.NOT_FOUND,Translator.toLocale(GepafinConstant.DOCUMENT_NOT_FOUND));
+                                }
+                                return documentEntity;
+                            })
+                            .map(callDao::convertToDocumentResponseBean)
+                            .collect(Collectors.toList());
+                }
+            }
+            ApplicationFormFieldResponseBean responseBean = convertApplicationFormFieldEntityToApplicationFormFieldResponseBean(
+                    applicationFormFieldEntity, applicationFormEntity.getId());
+            if (!documentResponseBeans.isEmpty()) {
+                responseBean.setFieldValue(documentResponseBeans);
+            }
+            applicationFormFieldResponseBeans.add(responseBean);
+        }
+
+        return applicationFormFieldResponseBeans;
+    }
+
     public void deleteById(Long id) {
         log.info("Deleting application with ID: {}", id);
 
@@ -115,58 +176,99 @@ public class ApplicationDao {
         log.info("Application deleted with ID: {}", id);
     }
 
-    public List<ApplicationResponse> getAllApplications(UserEntity userEntity, Long callId) {
+//    public List<ApplicationResponse> getAllApplications(UserEntity userEntity, Long callId, CompanyEntity companyEntity) {
-        RoleStatusEnum roleStatus = RoleStatusEnum.valueOf(userEntity.getRoleEntity().getRoleType());
+//        boolean isBeneficiary = validator.checkIsBeneficiary();
-        boolean isBeneficiary = RoleStatusEnum.ROLE_BENEFICIARY.equals(roleStatus);
+//        
+//        log.info("Fetching applications for RoleType: {}", userEntity.getRoleEntity().getRoleType());
+//        List<ApplicationResponse> applicationResponses = new ArrayList<>();
+//
+//        if (callId != null) {
+//            // Fetch based on callId and user if role is BENEFICIARY, otherwise fetch all for the call
+//            log.info("Fetching applications for callId: {}", callId);
+//            CallEntity call = callService.validateCall(callId);
+//
+//            // Use a single method to handle both conditions for consistency
+//            List<ApplicationEntity> applicationEntities = isBeneficiary
+//                    ? applicationRepository.findByUserIdAndCallIdAndIsDeletedFalse(userEntity.getId(), call.getId())
+//                            .map(List::of) // Convert Optional<ApplicationEntity> to a List of one element
+//                            .orElse(List.of()) // If not present, return an empty list
+//                    : applicationRepository.findByCallIdAndIsDeletedFalse(call.getId());
+//
+//            applicationResponses = applicationEntities.stream()
+//                    .map(this::getApplicationResponse)
+//                    .collect(Collectors.toList());
+//
+//        } else {
+//            // Fetch all applications for the user if BENEFICIARY, or fetch all applications in general
+//            List<ApplicationEntity> applicationEntities = isBeneficiary
+//                    ? applicationRepository.findByUserIdAndIsDeletedFalse(companyEntity.getId())
+//                    : applicationRepository.findByIsDeletedFalse();
+//
+//            applicationResponses = applicationEntities.stream()
+//                    .map(this::getApplicationResponse)
+//                    .collect(Collectors.toList());
+//        }
+//
+//        return applicationResponses;
+//    }
     
-        log.info("Fetching applications for RoleType: {}", roleStatus);
+    public List<ApplicationResponse> getAllApplications(UserEntity userEntity, Long callId, Long companyId) {
-        List<ApplicationResponse> applicationResponses = new ArrayList<>();
     	
-        if (callId != null) {
+        log.info("Fetching applications for RoleType: {}", userEntity.getRoleEntity().getRoleType());
-            // Fetch based on callId and user if role is BENEFICIARY, otherwise fetch all for the call
-            log.info("Fetching applications for callId: {}", callId);
-            CallEntity call = callService.validateCall(callId);
 
-            // Use a single method to handle both conditions for consistency
+        Specification<ApplicationEntity> spec = search(userEntity.getId(), callId, companyId);
-            List<ApplicationEntity> applicationEntities = isBeneficiary
-                    ? applicationRepository.findByUserIdAndCallIdAndIsDeletedFalse(userEntity.getId(), call.getId())
-                            .map(List::of) // Convert Optional<ApplicationEntity> to a List of one element
-                            .orElse(List.of()) // If not present, return an empty list
-                    : applicationRepository.findByCallIdAndIsDeletedFalse(call.getId());
 
-            applicationResponses = applicationEntities.stream()
+        List<ApplicationEntity> applicationEntities = applicationRepository.findAll(spec);
-                    .map(this::getApplicationResponse)
-                    .collect(Collectors.toList());
 
-        } else {
+        return applicationEntities.stream()
-            // Fetch all applications for the user if BENEFICIARY, or fetch all applications in general
+                .map(this::getApplicationResponse)
-            List<ApplicationEntity> applicationEntities = isBeneficiary
+                .collect(Collectors.toList());
-                    ? applicationRepository.findByUserIdAndIsDeletedFalse(userEntity.getId())
-                    : applicationRepository.findByIsDeletedFalse();
-
-            applicationResponses = applicationEntities.stream()
-                    .map(this::getApplicationResponse)
-                    .collect(Collectors.toList());
-        }
-
-        return applicationResponses;
     }
 
 
-    private ApplicationResponse getApplicationResponse(ApplicationEntity applicationEntity) {
+	private Specification<ApplicationEntity> search(Long userId, Long callId, Long companyId) {
+		return (root, query, builder) -> {
+			Boolean isBeneficiary = validator.checkIsBeneficiary();
+			Predicate predicate = builder.isFalse(root.get("isDeleted"));
+			if (isBeneficiary) {
+				predicate = builder.and(predicate, builder.equal(root.get("userId"), userId));
+			}
+			if (callId != null) {
+				predicate = builder.and(predicate, builder.equal(root.get("call").get("id"), callId));
+			}
+			if (companyId != null) {
+				predicate = builder.and(predicate, builder.equal(root.get("company").get("id"), companyId));
+			}
+			return predicate;
+		};
+	}
+
+	private ApplicationResponse getApplicationResponse(ApplicationEntity applicationEntity) {
         ApplicationResponse responseBean = new ApplicationResponse();
+        List<FlowEdgesEntity> flowEdgesList = flowEdgesRepository.findByCallId(applicationEntity.getCall().getId());
+        Long totalFormSteps = flowFormDao.calculateTotalSteps(flowEdgesList);
+        Long completedSteps= Long.valueOf(flowFormDao.getCompletedSteps(applicationEntity));
+        Integer progress=calculateProgress(totalFormSteps,completedSteps);
         responseBean.setId(applicationEntity.getId());
+        responseBean.setProgress(progress);
+        responseBean.setCallTitle(applicationEntity.getCall().getName());
+        responseBean.setCallEndDate(applicationEntity.getCall().getEndDate());
+        responseBean.setModifiedDate(applicationEntity.getCall().getUpdatedDate());
         responseBean.setCallId(applicationEntity.getCall().getId());
         responseBean.setSubmissionDate(applicationEntity.getSubmissionDate());
         responseBean.setStatus(applicationEntity.getStatus());
         responseBean.setComments(applicationEntity.getComments());
+        responseBean.setCompanyId(applicationEntity.getCompany().getId());
+        responseBean.setCompanyName(applicationEntity.getCompany().getCompanyName());
         return responseBean;
     }
 
-    public ApplicationEntity validateApplication(Long id) {
+	public ApplicationEntity validateApplication(Long id) {
-        ApplicationEntity applicationEntity= applicationRepository.findById(id).orElseThrow(() ->new ResourceNotFoundException(Status.NOT_FOUND, Translator.toLocale(GepafinConstant.APPLICATION_NOT_FOUND_MSG)));
+		ApplicationEntity applicationEntity = applicationRepository.findById(id)
-        return applicationEntity;
+				.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
-    }
+						Translator.toLocale(GepafinConstant.APPLICATION_NOT_FOUND_MSG)));
+		return applicationEntity;
+	}
 
     private ApplicationResponseBean convertApplicationEntityToApplicationResponseBean(ApplicationEntity entity) {
         ApplicationResponseBean response = new ApplicationResponseBean();
@@ -188,18 +290,21 @@ public class ApplicationDao {
         return applicationFormEntity;
     }
 
-    public List<ApplicationFormFieldEntity> createOrUpdateMultipleFormFields(List<ApplicationFormFieldRequestBean> formFieldResponseBeans, ApplicationFormEntity applicationFormEntity) {
+    public List<ApplicationFormFieldEntity> createOrUpdateMultipleFormFields(List<ApplicationFormFieldRequestBean> formFieldResponseBeans, ApplicationFormEntity applicationFormEntity,FormEntity formEntity) {
         List<ApplicationFormFieldEntity> existingFields = applicationFormFieldRepository.findByApplicationFormId(applicationFormEntity.getId());
 
         List<ApplicationFormFieldEntity> applicationFormFieldEntity = formFieldResponseBeans.stream()
-                .map(requestBean -> createOrUpdateApplicationFormField(requestBean, applicationFormEntity,existingFields))
+                .map(requestBean -> createOrUpdateApplicationFormField(requestBean, applicationFormEntity,existingFields,formEntity))
                 .collect(Collectors.toList());
         return applicationFormFieldEntity;
     }
 
-    public ApplicationFormFieldEntity createOrUpdateApplicationFormField(ApplicationFormFieldRequestBean applicationFormFieldRequestBean, ApplicationFormEntity applicationFormEntity,List<ApplicationFormFieldEntity> applicationFormFieldEntities ) {
+    public ApplicationFormFieldEntity createOrUpdateApplicationFormField(ApplicationFormFieldRequestBean applicationFormFieldRequestBean, ApplicationFormEntity applicationFormEntity,List<ApplicationFormFieldEntity> applicationFormFieldEntities ,FormEntity formEntity) {
 
         ApplicationFormFieldEntity applicationFormFieldEntity=null;
+
+        validateFileUploadDocuments(applicationFormFieldRequestBean, formEntity);
+
         if(applicationFormFieldEntities==null || applicationFormFieldEntities.isEmpty()){
             applicationFormFieldEntity = new ApplicationFormFieldEntity();
             applicationFormFieldEntity.setApplicationForm(applicationFormEntity);
@@ -207,6 +312,9 @@ public class ApplicationDao {
             for (ApplicationFormFieldEntity applicationFormFieldEntity1 : applicationFormFieldEntities) {
                 if (applicationFormFieldEntity1.getFieldId().equals(applicationFormFieldRequestBean.getFieldId())) {
                     applicationFormFieldEntity = applicationFormFieldEntity1;
+                    if(applicationFormEntity.getForm().getId().equals(applicationFormEntity.getApplication().getCall().getInitialForm())){
+                        validateRequiredFields(applicationFormEntity.getForm(),applicationFormEntity.getApplication(), applicationFormFieldRequestBean.getFieldId());
+                    }
                     break;
                 } else {
                     applicationFormFieldEntity = new ApplicationFormFieldEntity();
@@ -215,10 +323,37 @@ public class ApplicationDao {
             }
         }
         Utils.setIfUpdated(applicationFormFieldEntity::getFieldId, applicationFormFieldEntity::setFieldId, applicationFormFieldRequestBean.getFieldId());
-        Utils.setIfUpdated(applicationFormFieldEntity::getFieldValue, applicationFormFieldEntity::setFieldValue, applicationFormFieldRequestBean.getFieldValue());
+    if(applicationFormFieldRequestBean.getFieldValue() ==null ||  Boolean.FALSE.equals(applicationFormFieldRequestBean.getFieldValue().isEmpty())) {
+        applicationFormFieldEntity.setFieldValue(applicationFormFieldRequestBean.getFieldValue());
+    }
         return applicationFormFieldRepository.save(applicationFormFieldEntity);
     }
 
+    private List<Long> validateFileUploadDocuments(ApplicationFormFieldRequestBean applicationFormFieldRequestBean, FormEntity formEntity) {
+        List<Long> documentIds=null;
+        List<ContentResponseBean> contentResponseBeans=Utils.convertJsonStringToList(formEntity.getContent(),ContentResponseBean.class);
+        for (ContentResponseBean contentResponseBean:contentResponseBeans){
+            if(Boolean.TRUE.equals(contentResponseBean.getName().equals("fileupload"))){
+                if(contentResponseBean.getId().equals(applicationFormFieldRequestBean.getFieldId())) {
+                    String documentId = applicationFormFieldRequestBean.getFieldValue();
+                    documentIds = validateDocumentIds(documentId);
+                }
+            }
+        }
+        return documentIds;
+    }
+
+    private List<Long> validateDocumentIds(String documentId) {
+        if (documentId != null && !documentId.isEmpty()) {
+            return Arrays.stream(documentId.split(","))
+                    .map(Long::parseLong)
+                    .peek(docId -> documentService.validateDocument(docId))
+                    .collect(Collectors.toList());
+        }
+        return Collections.emptyList();
+    }
+
+
     public ApplicationFormFieldEntity validateApplicationFormField(Long applicationFormFieldId) {
         Optional<ApplicationFormFieldEntity> applicationFormFieldEntity = applicationFormFieldRepository.findById(applicationFormFieldId);
         if (applicationFormFieldEntity.isEmpty()) {
@@ -253,15 +388,19 @@ public class ApplicationDao {
         return applicationEntity;
     }
 
-    public ApplicationGetResponseBean getApplicationByFormId( Long applicationId,Long formId, UserEntity userEntity) {
+    public ApplicationGetResponseBean getApplicationByFormId( Long applicationId, Long formId, UserEntity userEntity) {
         List<FormApplicationResponse> formApplicationResponses = new ArrayList<>();
         List<FormEntity> formEntities = new ArrayList<>();
-        ApplicationEntity applicationEntity = applicationRepository.findById(applicationId)
+        boolean isBeneficiary = isBeneficiary(userEntity);
+        ApplicationEntity applicationEntity = isBeneficiary
+                ? applicationRepository.findByIdAndUserIdAndIsDeletedFalse(applicationId, userEntity.getId())
+                .orElseThrow(() -> new CustomValidationException(Status.BAD_REQUEST, Translator.toLocale(GepafinConstant.APPLICATION_NOT_FOUND_MSG)))
+                : applicationRepository.findById(applicationId)
+                .stream().findFirst()
                 .orElseThrow(() -> new CustomValidationException(Status.BAD_REQUEST, Translator.toLocale(GepafinConstant.APPLICATION_NOT_FOUND_MSG)));
-
         if (formId != null) {
             FormEntity formEntity = formService.validateForm(formId);
-            Optional<ApplicationEntity> application = applicationRepository.findByUserIdAndCallIdAndIsDeletedFalse(userEntity.getId(),
+            Optional<ApplicationEntity> application = applicationRepository.findByIdAndUserIdAndCallIdAndIsDeletedFalse(applicationId, userEntity.getId(),
                     formEntity.getCall().getId());
             applicationEntity=application.get();
             formEntities.add(formEntity);
@@ -279,6 +418,12 @@ public class ApplicationDao {
         return createApplicationGetResponseBean(applicationEntity, formEntities, formApplicationResponses);
     }
 
+    private boolean isBeneficiary(UserEntity userEntity) {
+        RoleStatusEnum roleStatus = RoleStatusEnum.valueOf(userEntity.getRoleEntity().getRoleType());
+        boolean isBeneficiary = RoleStatusEnum.ROLE_BENEFICIARY.equals(roleStatus);
+        return isBeneficiary;
+    }
+
     private void addFormApplication(FormEntity formEntity, ApplicationEntity applicationEntity,
 			List<FormApplicationResponse> formApplicationResponses) {
     	FormApplicationResponse formApplicationResponse = processForm(formEntity, applicationEntity);
@@ -290,12 +435,12 @@ public class ApplicationDao {
 
 	public FormApplicationResponse processForm(FormEntity formEntity, ApplicationEntity applicationEntity) {
     	FormApplicationResponse formApplicationResponse = createFormApplicationResponse(formEntity);
+        List<ApplicationFormFieldResponseBean> applicationFormFieldResponseBeans =new ArrayList<>();
         ApplicationFormEntity applicationFormEntity = applicationFormRepository.findByApplicationIdAndFormId(applicationEntity.getId(), formEntity.getId());
         if(applicationFormEntity!=null) {
             List<ApplicationFormFieldEntity> applicationFormFieldEntities = applicationFormFieldRepository.findByApplicationFormId(applicationFormEntity.getId());
 //            formApplicationResponse = createFormApplicationResponse(formEntity);
-            List<ApplicationFormFieldResponseBean> applicationFormFieldResponseBeans = convertApplicationFormFieldEntitiesToApplicationFormFieldResponseBeans(applicationFormFieldEntities, applicationFormEntity.getId());
+            applicationFormFieldResponseBeans = createApplicationFormFieldResponse(applicationFormFieldEntities, applicationFormEntity,applicationFormFieldResponseBeans);
-
             formApplicationResponse.setFormFields(applicationFormFieldResponseBeans);
         }
         return formApplicationResponse;
@@ -315,6 +460,8 @@ public class ApplicationDao {
         applicationGetResponseBean.setSubmissionDate(applicationEntity.getSubmissionDate());
         applicationGetResponseBean.setCallId(applicationEntity.getCall().getId());
         applicationGetResponseBean.setCallTitle(applicationEntity.getCall().getName());
+        applicationGetResponseBean.setCompanyId(applicationEntity.getCompany().getId());
+        applicationGetResponseBean.setCompanyName(applicationEntity.getCompany().getCompanyName());
         return applicationGetResponseBean;
     }
 
@@ -327,44 +474,43 @@ public class ApplicationDao {
         return formApplicationResponse;
     }
 
-    public ApplicationResponse createApplicationByCallId(ApplicationRequest applicationRequest,Long callId,UserEntity userEntity){
+	public ApplicationResponse createApplicationByCallId(CompanyEntity companyEntity,
-            CallEntity call=callService.validateCall(callId);
+			ApplicationRequest applicationRequest, Long callId, UserEntity userEntity) {
-         call = callService.validatePublishedCall(call.getId());
+		CallEntity call = callService.validateCall(callId);
-        checkIfApplicationExists(call,userEntity);
+		call = callService.validatePublishedCall(call.getId());
-        ApplicationEntity applicationEntity=createApplicationEntity(userEntity,call);
+		checkIfApplicationExists(call, companyEntity);
-        applicationEntity.setComments(applicationRequest.getComments());
+		ApplicationEntity applicationEntity = createApplicationEntity(userEntity, call, companyEntity);
-        applicationEntity=saveApplicationEntity(applicationEntity);
+		applicationEntity.setComments(applicationRequest.getComments());
-        ApplicationResponse applicationResponse=getApplicationResponse(applicationEntity);
+		applicationEntity = saveApplicationEntity(applicationEntity);
-        return applicationResponse;
+		ApplicationResponse applicationResponse = getApplicationResponse(applicationEntity);
-    }
+		return applicationResponse;
-    public void checkIfApplicationExists(CallEntity call,UserEntity userEntity){
+	}
-        Optional<ApplicationEntity> applicationEntity=applicationRepository.findByUserIdAndCallIdAndIsDeletedFalse(userEntity.getId(),call.getId());
+    public void checkIfApplicationExists(CallEntity call, CompanyEntity companyEntity){
+        Optional<ApplicationEntity> applicationEntity=applicationRepository.findByCompanyIdAndCallIdAndIsDeletedFalse(companyEntity.getId(),call.getId());
         if(applicationEntity.isPresent()){
             throw new CustomValidationException(Status.BAD_REQUEST,Translator.toLocale(GepafinConstant.APPLICATION_ALREADY_EXISTS));
         }
     }
 
-
-	public ApplicationEntity getApplicationByCallAndUser(CallEntity call, UserEntity userEntity) {
-		return applicationRepository.findByUserIdAndCallIdAndIsDeletedFalse(userEntity.getId(), call.getId())
-				.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
-						Translator.toLocale(GepafinConstant.APPLICATION_NOT_FOUND_MSG)));
-
-	}
-
     public void updateApplicationStatus(Long applicationId, ApplicationStatusTypeEnum status) {
         ApplicationEntity applicationEntity = validateApplication(applicationId);
 
         if (status.equals(ApplicationStatusTypeEnum.SUBMIT)) {
-            CallEntity callEntity = applicationEntity.getCall();
+//            CallEntity callEntity = applicationEntity.getCall();
-            Long initialFormId = callEntity.getInitialForm();
+//            Long initialFormId = callEntity.getInitialForm();
-            Long finalFormId = callEntity.getFinalForm();
+//            Long finalFormId = callEntity.getFinalForm();
-//            if (initialFormId == null || finalFormId == null) {
+////            if (initialFormId == null || finalFormId == null) {
+////                throw new CustomValidationException(Status.BAD_REQUEST, Translator.toLocale(GepafinConstant.APPLICATION_IS_INCOMPLETE_MSG));
+////            }
+//            ApplicationFormEntity initialApplicationForm = applicationFormRepository.findByApplicationIdAndFormId(applicationEntity.getId(), initialFormId);
+//            ApplicationFormEntity finalApplicationForm = applicationFormRepository.findByApplicationIdAndFormId(applicationEntity.getId(), finalFormId);
+//            if (initialApplicationForm == null || finalApplicationForm == null) {
 //                throw new CustomValidationException(Status.BAD_REQUEST, Translator.toLocale(GepafinConstant.APPLICATION_IS_INCOMPLETE_MSG));
 //            }
-            ApplicationFormEntity initialApplicationForm = applicationFormRepository.findByApplicationIdAndFormId(applicationEntity.getId(), initialFormId);
+            List<FlowEdgesEntity> flowEdgesList = flowEdgesRepository.findByCallId(applicationEntity.getCall().getId());
-            ApplicationFormEntity finalApplicationForm = applicationFormRepository.findByApplicationIdAndFormId(applicationEntity.getId(), finalFormId);
+                Long totalSteps=flowFormDao.calculateTotalSteps(flowEdgesList);
-            if (initialApplicationForm == null || finalApplicationForm == null) {
+                Integer completedSteps=flowFormDao.getCompletedSteps(applicationEntity);
+            if (totalSteps.intValue() != completedSteps) {
                 throw new CustomValidationException(Status.BAD_REQUEST, Translator.toLocale(GepafinConstant.APPLICATION_IS_INCOMPLETE_MSG));
             }
             applicationEntity.setStatus(ApplicationStatusTypeEnum.SUBMIT.getValue());
@@ -374,4 +520,78 @@ public class ApplicationDao {
         }
         saveApplicationEntity(applicationEntity);
     }
+
+    public Integer calculateProgress(Long totalSteps, Long completedSteps) {
+        if (FieldValidator.isNullOrZero(totalSteps)) {
+            throw new CustomValidationException(Status.BAD_REQUEST,Translator.toLocale(GepafinConstant.TOTAL_STEPS_NOT_BE_ZERO));
+        }
+
+        if (completedSteps < 0 || completedSteps > totalSteps) {
+            throw new CustomValidationException(Status.BAD_REQUEST,Translator.toLocale(GepafinConstant.COMPLETED_STEPS_NOT_VALID));
+        }
+
+        double progress = ((double) completedSteps / totalSteps) * 100;
+        return (int) Math.round(progress);
+    }
+    public void validateFormFields(ApplicationRequestBean request, FormEntity formEntity) {
+    
+        List<ContentResponseBean> contentResponseBeans=Utils.convertJsonStringToList(formEntity.getContent(),ContentResponseBean.class);
+
+        List<ApplicationFormFieldRequestBean> requestFields = request.getFormFields();
+
+        Map<String, String> contentMap = contentResponseBeans.stream()
+                .collect(Collectors.toMap(ContentResponseBean::getId, ContentResponseBean::getLabel)); // Change getLabel() if needed
+        FieldValidator validator = FieldValidator.create();
+        for (ApplicationFormFieldRequestBean requestField : requestFields) {
+            String fieldId = requestField.getFieldId();
+
+            if (!contentMap.containsKey(fieldId)) {
+            validator.addError(MessageFormat.format(Translator.toLocale(GepafinConstant.FIELD_ID_NOT_FOUND), fieldId));
+            }
+
+        }
+        validator.validate();
+    }
+
+    public void validateRequiredFields(FormEntity formEntity, ApplicationEntity applicationEntity, String fieldId) {
+        FlowDataEntity flowDataEntity = flowDataRepository.findByFormIdAndCallId(
+                formEntity.getId(), applicationEntity.getCall().getId());
+
+        if (flowDataEntity == null) {
+            return;
+        }
+
+        ApplicationFormFieldEntity applicationFormFieldEntity = applicationFormFieldRepository
+                .findByFieldIdAndApplicationFormFormIdAndApplicationFormApplicationId(
+                        flowDataEntity.getChoosenField(), formEntity.getId(), applicationEntity.getId())
+                .orElse(null);
+
+        if (applicationFormFieldEntity == null || !fieldId.equals(applicationFormFieldEntity.getFieldId())) {
+            return;
+        }
+        List<Long> nextFormIds = flowEdgesRepository.findBySourceIdAndCallId(
+                        formEntity.getId(), applicationEntity.getCall().getId())
+                .stream()
+                .map(FlowEdgesEntity::getTargetId)
+                .collect(Collectors.toList());
+
+        Optional<Long> nextFormIdOptional = flowDataRepository.findByChoosenValueAndFormIdIn(
+                        applicationFormFieldEntity.getFieldValue(), nextFormIds)
+                .map(FlowDataEntity::getFormId);
+
+        if (nextFormIdOptional.isPresent()) {
+            Long nextFormId = nextFormIdOptional.get();
+
+            FormEntity nextForm = formService.validateForm(nextFormId);
+            ApplicationFormEntity nextApplicationFormEntity = applicationFormRepository.findByApplicationIdAndFormId(
+                    applicationEntity.getId(), nextForm.getId());
+
+            if (nextApplicationFormEntity != null) {
+                List<ApplicationFormFieldEntity> nextApplicationFormFieldEntities = applicationFormFieldRepository.findByApplicationFormId(nextApplicationFormEntity.getId());
+                applicationFormFieldRepository.deleteAll(nextApplicationFormFieldEntities);
+                applicationFormRepository.delete(nextApplicationFormEntity);
+            }
+        }
+    }
+
 }

src/main/java/net/gepafin/tendermanagement/dao/CallDao.java

@@ -1,5 +1,6 @@
 package net.gepafin.tendermanagement.dao;
 
+import java.math.BigDecimal;
 import java.time.LocalDate;
 import java.time.LocalDateTime;
 import java.util.ArrayList;
@@ -10,6 +11,7 @@ import java.util.stream.Collectors;
 import net.gepafin.tendermanagement.enums.DocumentSourceTypeEnum;
 import net.gepafin.tendermanagement.model.response.*;
 import net.gepafin.tendermanagement.service.*;
+import net.gepafin.tendermanagement.util.DateTimeUtil;
 import net.gepafin.tendermanagement.util.Utils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
@@ -124,6 +126,17 @@ public class CallDao {
 			callEntity.setConfidi(createCallRequest.getConfidi());
 		}
 		callEntity.setDocumentationRequested(createCallRequest.getDocumentationRequested());
+		if (createCallRequest.getAmountMin() != null && createCallRequest.getAmountMin().compareTo(BigDecimal.ZERO) < 0) {
+			throw new CustomValidationException(Status.VALIDATION_ERROR,Translator.toLocale(GepafinConstant.AMOUNT_GREATER_THAN_ZERO_MSG));
+		}
+		callEntity.setAmountMin(createCallRequest.getAmountMin());
+		if(createCallRequest.getEmail()!=null && Boolean.FALSE.equals(Utils.isValidEmail(createCallRequest.getEmail()))){
+			throw new CustomValidationException(Status.VALIDATION_ERROR,Translator.toLocale(GepafinConstant.VALIDATION_EMAIL,createCallRequest.getEmail()));
+		}
+		callEntity.setEmail(createCallRequest.getEmail());
+		callEntity.setPhoneNumber(createCallRequest.getPhoneNumber());
+		callEntity.setStartTime(DateTimeUtil.parseTime(createCallRequest.getStartTime()));
+		callEntity.setEndTime(DateTimeUtil.parseTime(createCallRequest.getEndTime()));
 		callEntity = callRepository.save(callEntity);
 		return callEntity;
 	}
@@ -259,6 +272,11 @@ public class CallDao {
 		createCallResponseBean.setDocumentationRequested(callEntity.getDocumentationRequested());
 		createCallResponseBean.setPriorityArea(callEntity.getPriorityArea());
 		createCallResponseBean.setConfidi(callEntity.getConfidi());
+		createCallResponseBean.setAmountMin(callEntity.getAmountMin());
+		createCallResponseBean.setPhoneNumber(callEntity.getPhoneNumber());
+		createCallResponseBean.setEndTime(callEntity.getEndTime());
+		createCallResponseBean.setStartTime(callEntity.getStartTime());
+		createCallResponseBean.setEmail(callEntity.getEmail());
 		createCallResponseBean.setCreatedDate(callEntity.getCreatedDate());
 		createCallResponseBean.setUpdatedDate(callEntity.getUpdatedDate());
 		return createCallResponseBean;
@@ -456,6 +474,18 @@ public class CallDao {
 		setIfUpdated(callEntity::getAmountMax, callEntity::setAmountMax, updateCallRequest.getAmountMax());
 		setIfUpdated(callEntity::getDocumentationRequested, callEntity::setDocumentationRequested,
 				updateCallRequest.getDocumentationRequested());
+
+		if (updateCallRequest.getAmountMin() != null && updateCallRequest.getAmountMin().compareTo(BigDecimal.ZERO) < 0) {
+			throw new CustomValidationException(Status.VALIDATION_ERROR,Translator.toLocale(GepafinConstant.AMOUNT_GREATER_THAN_ZERO_MSG));
+		}
+		if(updateCallRequest.getEmail()!=null && Boolean.FALSE.equals(Utils.isValidEmail(updateCallRequest.getEmail()))){
+			throw new CustomValidationException(Status.VALIDATION_ERROR,Translator.toLocale(GepafinConstant.VALIDATION_EMAIL,updateCallRequest.getEmail()));
+		}
+		setIfUpdated(callEntity::getAmountMin, callEntity::setAmountMin, updateCallRequest.getAmountMin());
+		setIfUpdated(callEntity::getEmail, callEntity::setEmail, updateCallRequest.getEmail());
+		setIfUpdated(callEntity::getPhoneNumber, callEntity::setPhoneNumber, updateCallRequest.getPhoneNumber());
+		setIfUpdated(callEntity::getStartTime, callEntity::setStartTime, DateTimeUtil.parseTime(updateCallRequest.getStartTime()));
+		setIfUpdated(callEntity::getEndTime, callEntity::setEndTime, DateTimeUtil.parseTime(updateCallRequest.getEndTime()));
 		setIfUpdated(callEntity::getConfidi, callEntity::setConfidi, updateCallRequest.getConfidi());
 		updateLookUpData(callEntity, updateCallRequest.getAimedTo(), LookUpDataTypeEnum.AIMED_TO);
 		updateFaq(updateCallRequest.getFaq(), callEntity, userEntity, LookUpDataTypeEnum.FAQ);
@@ -531,6 +561,11 @@ public class CallDao {
 		callDetailsResponseBean.setThreshold(callEntity.getThreshold());
 		callDetailsResponseBean.setDocumentationRequested(callEntity.getDocumentationRequested());
 		callDetailsResponseBean.setPriorityArea(callEntity.getPriorityArea());
+		callDetailsResponseBean.setAmountMin(callEntity.getAmountMin());
+		callDetailsResponseBean.setEmail(callEntity.getEmail());
+		callDetailsResponseBean.setEndTime(callEntity.getEndTime());
+		callDetailsResponseBean.setStartTime(callEntity.getStartTime());
+		callDetailsResponseBean.setPhoneNumber(callEntity.getPhoneNumber());
 		callDetailsResponseBean.setCreatedDate(callEntity.getCreatedDate());
 		callDetailsResponseBean.setUpdatedDate(callEntity.getUpdatedDate());
 		return callDetailsResponseBean;

src/main/java/net/gepafin/tendermanagement/dao/CompanyDao.java

@@ -0,0 +1,175 @@
+package net.gepafin.tendermanagement.dao;
+
+import java.util.List;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import net.gepafin.tendermanagement.config.Translator;
+import net.gepafin.tendermanagement.constants.GepafinConstant;
+import net.gepafin.tendermanagement.entities.CompanyEntity;
+import net.gepafin.tendermanagement.entities.UserEntity;
+import net.gepafin.tendermanagement.entities.UserWithCompanyEntity;
+import net.gepafin.tendermanagement.model.request.CompanyRequest;
+import net.gepafin.tendermanagement.model.response.CompanyResponse;
+import net.gepafin.tendermanagement.repositories.CompanyRepository;
+import net.gepafin.tendermanagement.repositories.UserWithCompanyRepository;
+import net.gepafin.tendermanagement.service.UserService;
+import net.gepafin.tendermanagement.util.Utils;
+import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException;
+import net.gepafin.tendermanagement.web.rest.api.errors.ResourceNotFoundException;
+import net.gepafin.tendermanagement.web.rest.api.errors.Status;
+
+@Component
+public class CompanyDao {
+
+	@Autowired
+	private CompanyRepository companyRepository;
+
+	@Autowired
+	private UserService userService;
+
+	@Autowired
+	private UserWithCompanyRepository userWithCompanyRepository;
+
+	public CompanyResponse createCompany(UserEntity userEntity, CompanyRequest companyRequest) {
+		CompanyEntity existingCompany = companyRepository.findByVatNumber(companyRequest.getVatNumber());
+		if (existingCompany != null) {
+			UserWithCompanyEntity existingRelation = userWithCompanyRepository.findByUserIdAndCompanyId(userEntity.getId(), existingCompany.getId())
+					.orElse(null);
+			if (existingRelation == null) {
+				createUserWithCompanyRelation(userEntity, existingCompany);
+			} else {
+				throw new CustomValidationException(Status.VALIDATION_ERROR,
+						Translator.toLocale(GepafinConstant.USER_ALREADY_CONNECTED_TO_COMPANY));
+			}
+			return convertCompanyEntityToCompanyResponse(existingCompany);
+		} else {
+			validateCompany(companyRequest);
+			CompanyEntity companyEntity = convertCompanyRequestToCompanyEntity(companyRequest);
+			companyRepository.save(companyEntity);
+			createUserWithCompanyRelation(userEntity, companyEntity);
+			return convertCompanyEntityToCompanyResponse(companyEntity);
+		}
+	}
+
+
+	private void validateCompany(CompanyRequest companyRequest) {
+		
+		if (Boolean.FALSE.equals(StringUtils.isEmpty(companyRequest.getEmail()))
+				&& Boolean.FALSE.equals(Utils.isValidEmail(companyRequest.getEmail()))) {
+			throw new CustomValidationException(Status.VALIDATION_ERROR,
+					Translator.toLocale(GepafinConstant.INVALID_EMAIL));
+		}
+		if (StringUtils.isEmpty(companyRequest.getVatNumber())) {
+			throw new CustomValidationException(Status.VALIDATION_ERROR,
+					Translator.toLocale(GepafinConstant.VATNUMBER_MANDATORY));
+		}
+		if (companyRepository.existsByVatNumber(companyRequest.getVatNumber())) {
+			throw new CustomValidationException(Status.VALIDATION_ERROR,
+					Translator.toLocale(GepafinConstant.VATNUMBER_ALREADY_EXISTS));
+		}
+	}
+
+	private UserWithCompanyEntity createUserWithCompanyRelation(UserEntity userEntity, CompanyEntity companyEntity) {
+		UserWithCompanyEntity userWithCompanyEntity = new UserWithCompanyEntity();
+		if (userEntity.getBeneficiary() != null) {
+			userWithCompanyEntity.setBeneficiaryId(userEntity.getBeneficiary().getId());
+		}
+		userWithCompanyEntity.setCompanyId(companyEntity.getId());
+		userWithCompanyEntity.setUserId(userEntity.getId());
+		return userWithCompanyRepository.save(userWithCompanyEntity);
+	}
+
+	private CompanyEntity convertCompanyRequestToCompanyEntity(CompanyRequest request) {
+		CompanyEntity entity = new CompanyEntity();
+		entity.setCompanyName(request.getCompanyName());
+		entity.setVatNumber(request.getVatNumber());
+		entity.setCodiceFiscale(request.getCodiceFiscale());
+		entity.setAddress(request.getAddress());
+		entity.setPhoneNumber(request.getPhoneNumber());
+		entity.setCity(request.getCity());
+		entity.setProvince(request.getProvince());
+		entity.setCap(request.getCap());
+		entity.setCountry(request.getCountry());
+		entity.setPec(request.getPec());
+		entity.setEmail(request.getEmail());
+		entity.setNumberOfEmployees(request.getNumberOfEmployees());
+		entity.setAnnualRevenue(request.getAnnualRevenue());
+		return entity;
+	}
+
+	private CompanyResponse convertCompanyEntityToCompanyResponse(CompanyEntity entity) {
+		CompanyResponse response = new CompanyResponse();
+		response.setId(entity.getId());
+		response.setCompanyName(entity.getCompanyName());
+		response.setVatNumber(entity.getVatNumber());
+		response.setCodiceFiscale(entity.getCodiceFiscale());
+		response.setAddress(entity.getAddress());
+		response.setPhoneNumber(entity.getPhoneNumber());
+		response.setCity(entity.getCity());
+		response.setProvince(entity.getProvince());
+		response.setCap(entity.getCap());
+		response.setCountry(entity.getCountry());
+		response.setPec(entity.getPec());
+		response.setEmail(entity.getEmail());
+		response.setNumberOfEmployees(entity.getNumberOfEmployees());
+		response.setAnnualRevenue(entity.getAnnualRevenue());
+		response.setCreatedDate(entity.getCreatedDate());
+		response.setUpdatedDate(entity.getUpdatedDate());
+		return response;
+	}
+
+	public CompanyResponse updateCompany(UserEntity userEntity, Long companyId, CompanyRequest companyRequest) {
+		CompanyEntity companyEntity = validateCompany(companyId);
+		Utils.setIfUpdated(companyEntity::getCompanyName, companyEntity::setCompanyName,
+				companyRequest.getCompanyName());
+		Utils.setIfUpdated(companyEntity::getVatNumber, companyEntity::setVatNumber, companyRequest.getVatNumber());
+		Utils.setIfUpdated(companyEntity::getCodiceFiscale, companyEntity::setCodiceFiscale,
+				companyRequest.getCodiceFiscale());
+		Utils.setIfUpdated(companyEntity::getAddress, companyEntity::setAddress, companyRequest.getAddress());
+		Utils.setIfUpdated(companyEntity::getPhoneNumber, companyEntity::setPhoneNumber,
+				companyRequest.getPhoneNumber());
+		Utils.setIfUpdated(companyEntity::getCity, companyEntity::setCity, companyRequest.getCity());
+		Utils.setIfUpdated(companyEntity::getProvince, companyEntity::setProvince, companyRequest.getProvince());
+		Utils.setIfUpdated(companyEntity::getCap, companyEntity::setCap, companyRequest.getCap());
+		Utils.setIfUpdated(companyEntity::getCountry, companyEntity::setCountry, companyRequest.getCountry());
+		Utils.setIfUpdated(companyEntity::getPec, companyEntity::setPec, companyRequest.getPec());
+		Utils.setIfUpdated(companyEntity::getEmail, companyEntity::setEmail, companyRequest.getEmail());
+		Utils.setIfUpdated(companyEntity::getNumberOfEmployees, companyEntity::setNumberOfEmployees,
+				companyRequest.getNumberOfEmployees());
+		Utils.setIfUpdated(companyEntity::getAnnualRevenue, companyEntity::setAnnualRevenue,
+				companyRequest.getAnnualRevenue());
+		companyRepository.save(companyEntity);
+		return convertCompanyEntityToCompanyResponse(companyEntity);
+	}
+
+	public CompanyEntity validateCompany(Long companyId) {
+		return companyRepository.findById(companyId).orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
+				Translator.toLocale(GepafinConstant.COMPANY_NOT_FOUND_MSG)));
+	}
+
+	public CompanyResponse getCompany(UserEntity userEntity, Long companyId) {
+		return convertCompanyEntityToCompanyResponse(validateCompany(companyId));
+	}
+
+	public void deleteCompany(UserEntity userEntity, Long companyId) {
+		CompanyEntity companyEntity = validateCompany(companyId);
+		companyRepository.delete(companyEntity);
+		userWithCompanyRepository.deleteByCompanyId(companyId);
+	}
+
+	public List<CompanyResponse> getCompanyByUserId(Long userId) {
+		UserEntity userEntity = userService.validateUser(userId);
+		List<Long> companyIds = userWithCompanyRepository.findCompanyIdByUserId(userEntity.getId());
+		List<CompanyEntity> list = companyRepository.findByIdIn(companyIds);
+		return list.stream().map(this::convertCompanyEntityToCompanyResponse).toList();
+	}
+
+	public UserWithCompanyEntity validateUserWithCompny(Long userId, Long companyId) {
+		return userWithCompanyRepository.findByUserIdAndCompanyId(userId, companyId).orElseThrow(() -> new CustomValidationException(Status.UNAUTHORIZED,
+				Translator.toLocale(GepafinConstant.UNAUTHORIZED)));
+	}
+
+}

src/main/java/net/gepafin/tendermanagement/dao/FaqDao.java

@@ -12,8 +12,11 @@ import net.gepafin.tendermanagement.model.request.FaqReq;
 import net.gepafin.tendermanagement.model.response.FaqResponseBean;
 import net.gepafin.tendermanagement.repositories.FaqRepository;
 import net.gepafin.tendermanagement.service.CallService;
+import net.gepafin.tendermanagement.service.CompanyService;
 import net.gepafin.tendermanagement.service.LookUpDataService;
 import net.gepafin.tendermanagement.util.DateTimeUtil;
+import net.gepafin.tendermanagement.util.Validator;
+import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException;
 import net.gepafin.tendermanagement.web.rest.api.errors.ResourceNotFoundException;
 import net.gepafin.tendermanagement.web.rest.api.errors.Status;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -36,11 +39,24 @@ public class FaqDao {
 	@Autowired
 	private LookUpDataService lookUpDataService;
 	
-	public FaqResponseBean createFaq(FaqReq faqRequest, UserEntity userEntity, Long callId) {
+	@Autowired
-		FaqEntity entity = new FaqEntity();
+	private Validator validator;
+	
+	@Autowired
+	private CompanyService companyService;
+
+	public FaqResponseBean createFaq(FaqReq faqRequest, UserEntity userEntity, Long callId, Long companyId) {
 		CallEntity callEntity = callService.validateCall(callId);
-		entity = createOrUpdateFaqEntity(faqRequest, callEntity, userEntity,
+		FaqEntity entity = createOrUpdateFaqEntity(faqRequest, callEntity, userEntity,
 				LookUpDataEntity.LookUpDataTypeEnum.FAQ);
+		if (validator.checkIsBeneficiary() && companyId == null) {
+			throw new CustomValidationException(Status.VALIDATION_ERROR,
+					Translator.toLocale(GepafinConstant.COMPANY_ID_MANDATORY));
+		}
+		if(companyId!=null) {	
+			companyService.validateCompany(companyId);
+			entity.setCompanyId(companyId);
+		}
 		faqRepository.save(entity);
 		return convertToFaqResponseBean(entity);
 	}

src/main/java/net/gepafin/tendermanagement/dao/FlowDao.java

@@ -4,19 +4,16 @@ import net.gepafin.tendermanagement.config.Translator;
 import net.gepafin.tendermanagement.constants.GepafinConstant;
 import net.gepafin.tendermanagement.entities.CallEntity;
 import net.gepafin.tendermanagement.entities.FlowDataEntity;
-import net.gepafin.tendermanagement.entities.FlowDataEntity;
 import net.gepafin.tendermanagement.entities.FlowEdgesEntity;
+import net.gepafin.tendermanagement.enums.CallStatusEnum;
 import net.gepafin.tendermanagement.model.request.FlowDataRequestBean;
 import net.gepafin.tendermanagement.model.request.FlowEdgesRequestBean;
 import net.gepafin.tendermanagement.model.request.FlowRequestBean;
-import net.gepafin.tendermanagement.model.response.EvaluationCriteriaResponseBean;
 import net.gepafin.tendermanagement.model.response.FlowDataResponseBean;
 import net.gepafin.tendermanagement.model.response.FlowEdgesResponseBean;
 import net.gepafin.tendermanagement.model.response.FlowResponseBean;
 import net.gepafin.tendermanagement.repositories.CallRepository;
 import net.gepafin.tendermanagement.repositories.FlowDataRepository;
-import net.gepafin.tendermanagement.repositories.FlowDataRepository;
-import net.gepafin.tendermanagement.repositories.FlowEdgesRepository;
 import net.gepafin.tendermanagement.repositories.FlowEdgesRepository;
 import net.gepafin.tendermanagement.service.CallService;
 import net.gepafin.tendermanagement.service.FormService;
@@ -28,7 +25,6 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
 import java.time.LocalDateTime;
-import java.util.ArrayList;
 import java.util.List;
 import java.util.stream.Collectors;
 
@@ -193,6 +189,7 @@ public class FlowDao {
             return null;
         }
         flowResponseBean.setCallId(call.getId());
+        flowResponseBean.setCallStatus(CallStatusEnum.valueOf(call.getStatus()));
         flowResponseBean.setInitialForm(call.getInitialForm());
         flowResponseBean.setFinalForm(call.getFinalForm());
         return flowResponseBean;

src/main/java/net/gepafin/tendermanagement/dao/FlowFormDao.java

@@ -1,10 +1,9 @@
 package net.gepafin.tendermanagement.dao;
 
-import java.util.List;
+import java.util.*;
-import java.util.Optional;
-import java.util.Set;
-import java.util.stream.Collectors;
 
+import net.gepafin.tendermanagement.enums.ApplicationStatusTypeEnum;
+import net.gepafin.tendermanagement.repositories.*;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
@@ -18,13 +17,8 @@ import net.gepafin.tendermanagement.entities.FlowEdgesEntity;
 import net.gepafin.tendermanagement.entities.FormEntity;
 import net.gepafin.tendermanagement.enums.FormActionEnum;
 import net.gepafin.tendermanagement.model.response.NextOrPreviousFormResponse;
-import net.gepafin.tendermanagement.repositories.ApplicationFormFieldRepository;
-import net.gepafin.tendermanagement.repositories.ApplicationFormRepository;
-import net.gepafin.tendermanagement.repositories.FlowDataRepository;
-import net.gepafin.tendermanagement.repositories.FlowEdgesRepository;
 import net.gepafin.tendermanagement.service.FormService;
 import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException;
-import net.gepafin.tendermanagement.web.rest.api.errors.ResourceNotFoundException;
 import net.gepafin.tendermanagement.web.rest.api.errors.Status;
 
 @Component
@@ -47,6 +41,9 @@ public class FlowFormDao {
 	
 	@Autowired
 	private FormService formService;
+	@Autowired
+	private FormDao formDao;
+
 
 	
 //	Long getNextForm(FormEntity currentFormEntity, ApplicationEntity applicationEntity) {
@@ -177,52 +174,79 @@ public class FlowFormDao {
 	            .orElse(null);
 	}
 	
-	public Long getPreviousForm(FormEntity currentFormEntity, ApplicationEntity applicationEntity) {
+//	public Long getPreviousForm(FormEntity currentFormEntity, ApplicationEntity applicationEntity) {
-	    // Retrieve the flow edges for the previous forms
+//	    // Retrieve the flow edges for the previous forms
-	    List<FlowEdgesEntity> flowEdgesList = flowEdgesRepository.findByTargetIdAndCallId(
+//	    List<FlowEdgesEntity> flowEdgesList = flowEdgesRepository.findByTargetIdAndCallId(
-	            currentFormEntity.getId(), applicationEntity.getCall().getId());
+//	            currentFormEntity.getId(), applicationEntity.getCall().getId());
+//
+//	    if (flowEdgesList.isEmpty()) {
+//	    	return null;
+////	        throw new ResourceNotFoundException(Status.NOT_FOUND,
+////	                Translator.toLocale(GepafinConstant.PREVIOUS_FORM_NOT_FOUND));
+//	    }
+//
+//	    // If only one edge exists, return the source form ID
+//	    if (flowEdgesList.size() == 1) {
+//	        return flowEdgesList.get(0).getSourceId();
+//	    }
+//
+//	    // For multiple edges, find the previous form based on the chosen value
+//	    List<Long> previousFormIds = flowEdgesList.stream()
+//	            .map(FlowEdgesEntity::getSourceId)
+//	            .toList();
+//
+//	    // Fetch the flow data based on previous form IDs
+//	    List<FlowDataEntity> flowDataList = flowDataRepository.findByFormIdInAndCallId(
+//	            previousFormIds, applicationEntity.getCall().getId());
+//
+//	    List<String> chosenValues = flowDataList.stream()
+//	            .map(FlowDataEntity::getChoosenValue)
+//	            .toList();
+//
+//	    // Fetch the previous forms based on the chosen field values
+//	    Set<FormEntity> formList = applicationFormFieldRepository
+//	            .findByFieldValueInAndApplicationFormApplicationId(chosenValues, applicationEntity.getId()).stream()
+//	            .map(fieldEntity -> fieldEntity.getApplicationForm().getForm())
+//	            .collect(Collectors.toSet());
+//
+//	    // Find next form IDs recursively for all forms in the formList
+//	    List<Long> fieldIds = formList.stream()
+//	            .map(formEntity -> getNextForm(formEntity, applicationEntity))
+//	            .toList();
+//
+//	    // Return the first matching previous form ID that corresponds to a next form
+//	    return previousFormIds.stream()
+//	            .filter(fieldIds::contains)
+//	            .findFirst().orElse(null);
+//	}
 
-	    if (flowEdgesList.isEmpty()) {
+	public Long getPreviousForm(FormEntity currentFormEntity, ApplicationEntity applicationEntity) {
-	    	return null;
+
+		List<FlowEdgesEntity> flowEdgesList = flowEdgesRepository.findByTargetIdAndCallId(
+				currentFormEntity.getId(), applicationEntity.getCall().getId());
+
+		if (flowEdgesList.isEmpty()) {
+			return null;
 //	        throw new ResourceNotFoundException(Status.NOT_FOUND,
 //	                Translator.toLocale(GepafinConstant.PREVIOUS_FORM_NOT_FOUND));
 	    }
 
-	    // If only one edge exists, return the source form ID
+	    // // If only one edge exists, return the source form ID
-	    if (flowEdgesList.size() == 1) {
+	    // if (flowEdgesList.size() == 1) {
-	        return flowEdgesList.get(0).getSourceId();
+	    //     return flowEdgesList.get(0).getSourceId();
-	    }
+	    // }
 
 	    // For multiple edges, find the previous form based on the chosen value
-	    List<Long> previousFormIds = flowEdgesList.stream()
+		List<Long> previousFormIds = flowEdgesList.stream()
-	            .map(FlowEdgesEntity::getSourceId)
+				.map(FlowEdgesEntity::getSourceId)
-	            .toList();
+				.toList();
 
-	    // Fetch the flow data based on previous form IDs
+		List<ApplicationFormEntity> applicationFormEntities=applicationFormRepository.findByFormIdInAndApplicationId(previousFormIds,applicationEntity.getId());
-	    List<FlowDataEntity> flowDataList = flowDataRepository.findByFormIdInAndCallId(
-	            previousFormIds, applicationEntity.getCall().getId());
 
-	    List<String> chosenValues = flowDataList.stream()
+		applicationFormEntities.sort(Comparator.comparing(ApplicationFormEntity::getCreatedDate).reversed());
-	            .map(FlowDataEntity::getChoosenValue)
-	            .toList();
 
-	    // Fetch the previous forms based on the chosen field values
+		return applicationFormEntities.isEmpty() ? null : applicationFormEntities.get(0).getForm().getId();
-	    Set<FormEntity> formList = applicationFormFieldRepository
-	            .findByFieldValueInAndApplicationFormApplicationId(chosenValues, applicationEntity.getId()).stream()
-	            .map(fieldEntity -> fieldEntity.getApplicationForm().getForm())
-	            .collect(Collectors.toSet());
-
-	    // Find next form IDs recursively for all forms in the formList
-	    List<Long> fieldIds = formList.stream()
-	            .map(formEntity -> getNextForm(formEntity, applicationEntity))
-	            .toList();
-
-	    // Return the first matching previous form ID that corresponds to a next form
-	    return previousFormIds.stream()
-	            .filter(fieldIds::contains)
-	            .findFirst().orElse(null);
 	}
-
 	public NextOrPreviousFormResponse getnextOrPreviousForm(ApplicationEntity applicationEntity, Long formId,
 			FormActionEnum action) {
 		Long calculatedFormId = null;
@@ -248,37 +272,71 @@ public class FlowFormDao {
 			}
 		}
 		NextOrPreviousFormResponse nextOrPreviousFormResponse = null;
-		if (calculatedFormId != null) {
+		if (calculatedFormId == null && formId == null) {
-			nextOrPreviousFormResponse = setNextOrPreviousResponse(calculatedFormId, applicationEntity);
+			FormEntity form=formService.validateForm(applicationEntity.getCall().getInitialForm());
+			calculatedFormId=form.getId();
 		}
+		if (calculatedFormId == null) {
+			calculatedFormId=formId;
+		}
+		nextOrPreviousFormResponse = setNextOrPreviousResponse(calculatedFormId, applicationEntity);
+
 		return nextOrPreviousFormResponse;
 	}
 
 	private NextOrPreviousFormResponse setNextOrPreviousResponse(Long calculatedFormId, ApplicationEntity applicationEntity) {
 		NextOrPreviousFormResponse nextOrPreviousFormResponse = new NextOrPreviousFormResponse();
+		Integer completedSteps=0;
 		FormEntity formEntity = formService.validateForm(calculatedFormId);
 		nextOrPreviousFormResponse.setFormId(calculatedFormId);
+		nextOrPreviousFormResponse.setApplicationStatus(ApplicationStatusTypeEnum.valueOf(applicationEntity.getStatus()));
 		nextOrPreviousFormResponse.setApplicationFormResponse(
 				applicationDao.processForm(formEntity, applicationEntity));
 		nextOrPreviousFormResponse.setCallId(applicationEntity.getCall().getId());
 		nextOrPreviousFormResponse.setCallTitle(applicationEntity.getCall().getName());
+		nextOrPreviousFormResponse.setCompanyId(applicationEntity.getCompany().getId());
+		nextOrPreviousFormResponse.setCompanyName(applicationEntity.getCompany().getCompanyName());
 		
 		List<FlowEdgesEntity> flowEdgesList = flowEdgesRepository.findByCallId(applicationEntity.getCall().getId());
-		Long totalFormSteps = 3l;
+		Long totalFormSteps = calculateTotalSteps(flowEdgesList);
-		if (flowEdgesList.size() == 1) {
+		Long currentStep = calculateCurrentStep(formEntity);
-			totalFormSteps = 2l;
+		nextOrPreviousFormResponse.setTotalFormSteps(totalFormSteps);
+		completedSteps = getCompletedSteps(applicationEntity);
+		nextOrPreviousFormResponse.setCompletedSteps(Long.valueOf(completedSteps));
+		nextOrPreviousFormResponse.setCurrentStep(currentStep);
+		return nextOrPreviousFormResponse;
+	}
+
+	public Integer getCompletedSteps(ApplicationEntity applicationEntity) {
+		 Integer completedSteps=0;
+		List<ApplicationFormEntity> applicationFormList = applicationFormRepository.findByApplicationId(applicationEntity.getId());
+		List<ApplicationFormFieldEntity> applicationFormFieldEntities=new ArrayList<>();
+		for (ApplicationFormEntity applicationFormEntity:applicationFormList){
+			applicationFormFieldEntities=applicationFormFieldRepository.findByApplicationFormId(applicationFormEntity.getId());
+			Boolean isCompleted=formDao.validateCompletedSteps(applicationFormFieldEntities, applicationEntity, applicationFormEntity.getForm());
+			if(Boolean.TRUE.equals(isCompleted)){
+				completedSteps++;
+			}
 		}
+		return completedSteps;
+	}
+
+	public Long calculateCurrentStep(FormEntity formEntity) {
 		Long currentStep = 2l;
 		if (formEntity.getId().equals(formEntity.getCall().getInitialForm())) {
 			currentStep = 1l;
 		} else if (formEntity.getId().equals(formEntity.getCall().getFinalForm())) {
 			currentStep = 3l;
 		}
-		List<ApplicationFormEntity> applicationFormList = applicationFormRepository.findByApplicationId(applicationEntity.getId());
+		return currentStep;
-		nextOrPreviousFormResponse.setTotalFormSteps(totalFormSteps);
+	}
-		nextOrPreviousFormResponse.setCompletedSteps(Long.valueOf(applicationFormList.size()));
+
-		nextOrPreviousFormResponse.setCurrentStep(currentStep);
+	public Long calculateTotalSteps(List<FlowEdgesEntity> flowEdgesList) {
-		return nextOrPreviousFormResponse;
+		Long totalFormSteps = 3l;
+		if (flowEdgesList.size() == 1) {
+			totalFormSteps = 2l;
+		}
+		return totalFormSteps;
 	}
 
 	private Long getDefaultForm(ApplicationEntity applicationEntity) {

src/main/java/net/gepafin/tendermanagement/dao/FormDao.java

@@ -73,6 +73,7 @@ public class FormDao {
         formResponseBean.setContent(Utils.convertJsonStringToList(formEntity.getContent(), ContentResponseBean.class));
         formResponseBean.setLabel(formEntity.getLabel());
         formResponseBean.setCallId(formEntity.getCall().getId());
+        formResponseBean.setCallStatus(formEntity.getCall().getStatus());
         return formResponseBean;
     }
     public FormResponseBean createForm(Long callId,FormRequest formRequest){
@@ -140,6 +141,13 @@ public class FormDao {
                                             );
                                         }
                                     }
+                                    else {
+                                        Utils.setIfUpdated(formEntity::getLabel, formEntity::setLabel, formRequest.getLabel());
+                                        Utils.setIfUpdated(formEntity::getContent, formEntity::setContent, setContentResponseBean(formRequest.getContent()));
+                                        formEntity.setUpdatedDate(DateTimeUtil.DateServerToUTC(LocalDateTime.now()));
+                                        formEntity = saveFormEntity(formEntity);
+                                        return convertFormEntityToFormResponseBean(formEntity);
+                                    }
                                 }
                             }
                         }
@@ -197,6 +205,8 @@ public class FormDao {
     public void validateFormField(List<ApplicationFormFieldRequestBean> applicationFormFieldRequestList, ApplicationEntity applicationEntity, FormEntity formEntity) {
     	Map<String, Object> formFieldMap = new LinkedHashMap<String, Object>();
     	for(ApplicationFormFieldRequestBean applicationFormFieldRequestBean:applicationFormFieldRequestList) {
+            if(applicationFormFieldRequestBean.getFieldValue()==null || applicationFormFieldRequestBean.getFieldValue().isEmpty())
+                continue;
     		formFieldMap.put(applicationFormFieldRequestBean.getFieldId(),applicationFormFieldRequestBean.getFieldValue());
     	}
 
@@ -206,22 +216,23 @@ public class FormDao {
         FieldValidator validator = FieldValidator.create();
         formResponseBean.getContent().forEach(contentResponseBean -> {
             String fieldId = contentResponseBean.getId();
-            String value = String.valueOf(formFieldMap.get(fieldId));
+            String value = (String) formFieldMap.get(fieldId);
+            String fieldLabel=contentResponseBean.getLabel();
 
             if(value == null && isApplicationFormExist) {
                 return;
             }
             FieldValidatorBean fieldValidatorBean  = Utils.convertSourceObjectToDestinationObject(contentResponseBean.getValidators(), FieldValidatorBean.class);
             validator
-                    .notNull(value, fieldId)
+                    .minLength(value, fieldValidatorBean.getMinLength(), fieldLabel)  // Only applies if minLength is not null
-                    .isRequired(value,fieldValidatorBean.getIsRequired(),fieldId)
+                    .maxLength(value, fieldValidatorBean.getMaxLength(), fieldLabel)  // Only applies if maxLength is not null
-                    .minLength(value, fieldValidatorBean.getMinLength(), fieldId)  // Only applies if minLength is not null
+                    .matchesPattern(value, fieldValidatorBean.getPattern(), fieldLabel) // Only applies if pattern is present
-                    .maxLength(value, fieldValidatorBean.getMaxLength(), fieldId)  // Only applies if maxLength is not null
+                    .validateCustom(value, fieldValidatorBean.getCustom(), fieldLabel);  // Add the custom validation here
-                    .matchesPattern(value, fieldValidatorBean.getPattern(), fieldId) // Only applies if pattern is present
-                    .validateCustom(value, fieldValidatorBean.getCustom(), fieldId);  // Add the custom validation here
             if (fieldValidatorBean.getCustom() != null && fieldValidatorBean.getCustom().equals(GepafinConstant.IS_PIVA)) {
-               String error = validateVatNumber(value, fieldValidatorBean.getCustom(), fieldId);
+               String error = validateVatNumber(value, fieldValidatorBean.getCustom(), fieldLabel);
-               validator.addError(error);
+              if(error != null) {
+                  validator.addError(error);
+              }
            }
         });
         validator.validate();
@@ -234,9 +245,31 @@ public class FormDao {
         return false;
     }
 
+    public Boolean validateCompletedSteps(List<ApplicationFormFieldEntity> applicationFormFieldEntityList, ApplicationEntity applicationEntity, FormEntity formEntity) {
+        Map<String, Object> formFieldMap = new LinkedHashMap<String, Object>();
+        for(ApplicationFormFieldEntity applicationFormFieldEntity:applicationFormFieldEntityList) {
+            formFieldMap.put(applicationFormFieldEntity.getFieldId(),applicationFormFieldEntity.getFieldValue());
+        }
+
+        FormResponseBean formResponseBean = convertFormEntityToFormResponseBean(formEntity);
+        FieldValidator validator = FieldValidator.create();
+        formResponseBean.getContent().forEach(contentResponseBean -> {
+            String fieldId = contentResponseBean.getId();
+            String value = (String) formFieldMap.get(fieldId);
+
+            FieldValidatorBean fieldValidatorBean  = Utils.convertSourceObjectToDestinationObject(contentResponseBean.getValidators(), FieldValidatorBean.class);
+            validator
+                    .isRequired(value,fieldValidatorBean.getIsRequired(),fieldId);
+        });
+        if (validator.hasErrors()) {
+            return false; // Validation failed, return false
+        }
+        return true;
+    }
     public String validateVatNumber(String value,String customRule,String fieldId){
         String error=null;
-        if (value.matches("^\\d{1,11}$")) {
+
+        if (value!=null && value.matches("^\\d{1,11}$")) {
             Map<String, Object> customData=null;
             try {
                 Map<String, Object> vatCheckResponse = vatCheckDao.checkVatNumberApi(value);
@@ -249,4 +282,5 @@ public class FormDao {
         }
         return error;
     }
+
 }

src/main/java/net/gepafin/tendermanagement/dao/RoleDao.java

@@ -4,6 +4,7 @@ import net.gepafin.tendermanagement.config.Translator;
 import net.gepafin.tendermanagement.constants.GepafinConstant;
 import net.gepafin.tendermanagement.entities.RegionEntity;
 import net.gepafin.tendermanagement.entities.RoleEntity;
+import net.gepafin.tendermanagement.enums.RoleStatusEnum;
 import net.gepafin.tendermanagement.model.request.RoleReq;
 import net.gepafin.tendermanagement.model.response.RegionResponseBean;
 import net.gepafin.tendermanagement.model.response.RoleResponseBean;
@@ -119,4 +120,8 @@ public class RoleDao {
         log.info("Total roles found: {}", roles.size());
         return roles;
     }
+    
+    public RoleEntity getRoleByType(RoleStatusEnum roleStatus) {
+        return roleRepository.findByRoleType(roleStatus.getValue());  
+    }
 }

src/main/java/net/gepafin/tendermanagement/dao/UserDao.java

@@ -4,36 +4,47 @@ import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import net.gepafin.tendermanagement.config.Translator;
 import net.gepafin.tendermanagement.constants.GepafinConstant;
+import net.gepafin.tendermanagement.entities.BeneficiaryEntity;
 import net.gepafin.tendermanagement.entities.RoleEntity;
 import net.gepafin.tendermanagement.entities.UserEntity;
+import net.gepafin.tendermanagement.enums.RoleStatusEnum;
 import net.gepafin.tendermanagement.enums.UserStatusEnum;
 import net.gepafin.tendermanagement.model.request.*;
+import net.gepafin.tendermanagement.model.response.CompanyResponse;
 import net.gepafin.tendermanagement.model.response.RoleResponseBean;
+import net.gepafin.tendermanagement.model.response.UserSamlResponse;
 import net.gepafin.tendermanagement.model.response.UserResponseBean;
 import net.gepafin.tendermanagement.model.util.JWTToken;
+import net.gepafin.tendermanagement.repositories.BeneficiaryRepository;
 import net.gepafin.tendermanagement.repositories.UserRepository;
+import net.gepafin.tendermanagement.service.CompanyService;
 import net.gepafin.tendermanagement.service.impl.AuthenticationService;
+import net.gepafin.tendermanagement.util.Utils;
 import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException;
 import net.gepafin.tendermanagement.web.rest.api.errors.ResourceNotFoundException;
 import net.gepafin.tendermanagement.web.rest.api.errors.Status;
+
+import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Component;
 import org.springframework.stereotype.Repository;
-import java.security.SecureRandom;
+
-import java.util.Base64;
+import java.util.List;
 
 import static net.gepafin.tendermanagement.util.Utils.setIfUpdated;
 
-@Repository
+@Component
 public class UserDao {
 
     private final Logger log = LoggerFactory.getLogger(UserDao.class);
 
     @Autowired
     private UserRepository userRepository;
-
+    @Autowired
+    private CompanyDao companyDao;
     @Autowired
     private AuthenticationService authService;
 
@@ -43,24 +54,84 @@ public class UserDao {
     @Autowired
     private RoleDao roleDao;
     
-    public UserResponseBean createUser(UserReq userReq) {
+    @Autowired
-        log.info("Creating user with email: {}", userReq.getEmail());
+    private BeneficiaryRepository beneficiaryRepository;
-        if (userRepository.existsByEmailIgnoreCase(userReq.getEmail())) {
+
-            log.error("User creation failed: Email {} already exists", userReq.getEmail());
+    
-            throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.EMAIL_ALREADY_EXISTS));
+    public JWTToken createUser(HttpServletRequest request, String tempToken, UserReq userReq) {
+    	validateUserRequest(tempToken, userReq);
+		validatePassword(userReq.getPassword(), userReq.getConfPassword(), tempToken);
+        
+		RoleEntity roleEntity = getRoleEntity(userReq.getRoleId());
+		BeneficiaryEntity beneficiary = createBeneficiary(roleEntity, userReq); 
+        UserEntity userEntity = convertUserRequestToUserEntity(beneficiary, roleEntity, userReq);
+        log.info("User created with ID: {}", userEntity.getId());
+        return authService.getJWTTokenBean(userEntity, Boolean.TRUE);
+    }
+    
+	private BeneficiaryEntity createBeneficiary(RoleEntity roleEntity, UserReq userReq) {
+		BeneficiaryEntity beneficiaryEntity = null;
+		if (RoleStatusEnum.ROLE_BENEFICIARY.getValue().equals(roleEntity.getRoleType())) {
+			beneficiaryEntity = new BeneficiaryEntity();
+			beneficiaryEntity.setAddress(userReq.getAddress());
+			beneficiaryEntity.setCity(userReq.getCity());
+			beneficiaryEntity.setCodiceFiscale(userReq.getCodiceFiscale());
+			beneficiaryEntity.setCountry(userReq.getCountry());
+			beneficiaryEntity.setDateOfBirth(userReq.getDateOfBirth());
+			beneficiaryEntity.setEmail(userReq.getEmail());
+			beneficiaryEntity.setFirstName(userReq.getFirstName());
+			beneficiaryEntity.setLastName(userReq.getLastName());
+			beneficiaryEntity.setOrganization(userReq.getOrganization());
+			beneficiaryEntity.setPhoneNumber(userReq.getPhoneNumber());
+            beneficiaryEntity =beneficiaryRepository.save(beneficiaryEntity);
+		}
+		return beneficiaryEntity;
+	}
+
+	private void validateUserRequest(String tempToken, UserReq userReq) {
+		if (Boolean.FALSE.equals(Utils.isValidEmail(userReq.getEmail()))) {
+			throw new CustomValidationException(Status.VALIDATION_ERROR,
+					Translator.toLocale(GepafinConstant.VALIDATE_EMAIL));
+		}
+		log.info("Creating user with email: {}", userReq.getEmail());
+		if (userRepository.existsByEmailIgnoreCase(userReq.getEmail())) {
+			log.error("User creation failed: Email {} already exists", userReq.getEmail());
+			throw new CustomValidationException(Status.VALIDATION_ERROR,
+					Translator.toLocale(GepafinConstant.EMAIL_ALREADY_EXISTS));
+		}
+		if (Boolean.FALSE.equals(StringUtils.isEmpty(userReq.getCodiceFiscale()))
+				&& userRepository.existsByBeneficiaryCodiceFiscale(userReq.getCodiceFiscale())) {
+			log.error("User creation failed: CodiceFiscale {} already exists", userReq.getCodiceFiscale());
+			throw new CustomValidationException(Status.VALIDATION_ERROR,
+					Translator.toLocale(GepafinConstant.CODICE_FISCALE_EXISTS));
+		}
+		if (tempToken == null && userReq.getRoleId() == null) {
+			throw new ResourceNotFoundException(Status.VALIDATION_ERROR,
+					Translator.toLocale(GepafinConstant.ROLE_ID_MANDATORY));
+		}
+		if (tempToken != null) {
+			userReq.setRoleId(null);
+		}
+	}
+
+	private void validatePassword(String password, String confirmPassword, String tempToken) {
+        if (StringUtils.isEmpty(password) || StringUtils.isEmpty(confirmPassword)) {
+        	if(tempToken == null) {        		
+        		throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.VALIDATE_PASSWORD));
+        	}else if(Boolean.FALSE.equals(StringUtils.isEmpty(password) && StringUtils.isEmpty(confirmPassword))){
+        		throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.VALIDATE_PASSWORD));
+        	}
         }
-        if (!userReq.getPassword().equals(userReq.getConfPassword())) {
+
-            log.error("User creation failed: Passwords do not match for email {}", userReq.getEmail());
+        if (password != null && !password.equals(confirmPassword)) {
+            log.error("User creation failed: Passwords do not match");
             throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.PASSWORD_DOESNT_MATCH));
         }
-        if (userReq.getPassword().length() < 8) {
+
-            log.error("User creation failed: Password length is less than 8 characters for email {}", userReq.getEmail());
+        if (password != null && password.length() < 8) {
+            log.error("User creation failed: Password length is less than 8 characters");
             throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.PASSWORD_MIN_LEN));
         }
-        UserEntity userEntity = convertUserRequestToUserEntity(userReq);
-        userEntity = userRepository.save(userEntity);
-        log.info("User created with ID: {}", userEntity.getId());
-        return convertUserEntityToUserResponse(userEntity);
     }
 
     public UserResponseBean updateUser(Long userId, UpdateUserReq userReq) {
@@ -86,50 +157,79 @@ public class UserDao {
         return convertUserEntityToUserResponse(userEntity);
     }
 
-    private UserEntity convertUserRequestToUserEntity(UserReq userReq) {
+    private UserEntity convertUserRequestToUserEntity(BeneficiaryEntity beneficiary, RoleEntity roleEntity, UserReq userReq) {
         UserEntity userEntity = new UserEntity();
-        userEntity.setPassword(passwordEncoder.encode(userReq.getPassword()));
+        if(Boolean.FALSE.equals(StringUtils.isEmpty(userReq.getPassword()))) {
+        	userEntity.setPassword(passwordEncoder.encode(userReq.getPassword()));
+        }
+        userEntity.setRoleEntity(roleEntity);
         userEntity.setEmail(userReq.getEmail());
-        userEntity.setFirstName(userReq.getFirstName());
+        userEntity.setStatus(UserStatusEnum.ACTIVE.getValue());
-        userEntity.setStatus(UserStatusEnum.PENDING_VERIFICATION.getValue());
+        userEntity.setBeneficiary(beneficiary);
-        userEntity.setLastName(userReq.getLastName());
+		if (Boolean.FALSE.equals(RoleStatusEnum.ROLE_BENEFICIARY.getValue().equals(roleEntity.getRoleType()))) {
-        userEntity.setOrganization(userReq.getOrganization());
+			userEntity.setFirstName(userReq.getFirstName());
-        userEntity.setAddress(userReq.getAddress());
+			userEntity.setLastName(userReq.getLastName());
-        userEntity.setPhoneNumber(userReq.getPhoneNumber());
+			userEntity.setOrganization(userReq.getOrganization());
-        userEntity.setRoleEntity(roleDao.validateRole(userReq.getRoleId()));
+			userEntity.setAddress(userReq.getAddress());
-        return userEntity;
+			userEntity.setPhoneNumber(userReq.getPhoneNumber());
+			userEntity.setDateOfBirth(userReq.getDateOfBirth());
+		}
+        return userRepository.save(userEntity);
     }
 
-    private UserResponseBean convertUserEntityToUserResponse(UserEntity userEntity) {
+    private RoleEntity getRoleEntity(Long roleId) {
-        UserResponseBean userResponseBean = new UserResponseBean();
+		if(roleId != null) {
-        userResponseBean.setId(userEntity.getId());
+			return roleDao.validateRole(roleId);
-        userResponseBean.setCreatedDate(userEntity.getCreatedDate());
+		} else {
-        userResponseBean.setUpdatedDate(userEntity.getUpdatedDate());
+			return roleDao.getRoleByType(RoleStatusEnum.ROLE_BENEFICIARY);
-        userResponseBean.setEmail(userEntity.getEmail());
+		}
-        userResponseBean.setFirstName(userEntity.getFirstName());
+	}
-        userResponseBean.setLastName(userEntity.getLastName());
-        userResponseBean.setPhoneNumber(userEntity.getPhoneNumber());
-        userResponseBean.setOrganization(userEntity.getOrganization());
-        userResponseBean.setAddress(userEntity.getAddress());
-        userResponseBean.setCity(userEntity.getCity());
-        userResponseBean.setCountry(userEntity.getCountry());
-        userResponseBean.setStatus(UserStatusEnum.valueOf(userEntity.getStatus()));
-        RoleResponseBean roleResponseBean = roleDao.convertRoleEntityToRoleResponse(userEntity.getRoleEntity());
-        userResponseBean.setRole(roleResponseBean);
-        userResponseBean.setLastLogin(userEntity.getLastLogin());
-        return userResponseBean;
-    }
 
-    public UserResponseBean getUserById(Long id) {
+	private UserResponseBean convertUserEntityToUserResponse(UserEntity userEntity) {
-        log.info("Fetching user with ID: {}", id);
+		UserResponseBean userResponseBean = new UserResponseBean();
-        UserEntity userEntity=validateUser(id);
+		userResponseBean.setId(userEntity.getId());
+		userResponseBean.setCreatedDate(userEntity.getCreatedDate());
+		userResponseBean.setUpdatedDate(userEntity.getUpdatedDate());
+		userResponseBean.setEmail(userEntity.getEmail());
+		userResponseBean.setStatus(UserStatusEnum.valueOf(userEntity.getStatus()));
+		RoleResponseBean roleResponseBean = roleDao.convertRoleEntityToRoleResponse(userEntity.getRoleEntity());
+		userResponseBean.setRole(roleResponseBean);
+		userResponseBean.setLastLogin(userEntity.getLastLogin());
+        List<CompanyResponse> companyResponseBeans = companyDao.getCompanyByUserId(userEntity.getId());
+        userResponseBean.setCompanies(companyResponseBeans);
+		if (userEntity.getBeneficiary() == null) {
+			userResponseBean.setFirstName(userEntity.getFirstName());
+			userResponseBean.setLastName(userEntity.getLastName());
+			userResponseBean.setPhoneNumber(userEntity.getPhoneNumber());
+			userResponseBean.setOrganization(userEntity.getOrganization());
+			userResponseBean.setAddress(userEntity.getAddress());
+			userResponseBean.setCity(userEntity.getCity());
+			userResponseBean.setCountry(userEntity.getCountry());
+			userResponseBean.setDateOfBirth(userEntity.getDateOfBirth());
+		} else {
+			userResponseBean.setFirstName(userEntity.getBeneficiary().getFirstName());
+			userResponseBean.setLastName(userEntity.getBeneficiary().getLastName());
+			userResponseBean.setPhoneNumber(userEntity.getBeneficiary().getPhoneNumber());
+			userResponseBean.setOrganization(userEntity.getBeneficiary().getOrganization());
+			userResponseBean.setAddress(userEntity.getBeneficiary().getAddress());
+			userResponseBean.setCity(userEntity.getBeneficiary().getCity());
+			userResponseBean.setCountry(userEntity.getBeneficiary().getCountry());
+			userResponseBean.setCodiceFiscale(userEntity.getBeneficiary().getCodiceFiscale());
+			userResponseBean.setDateOfBirth(userEntity.getBeneficiary().getDateOfBirth());
+		}
+		return userResponseBean;
+	}
+
+	public UserResponseBean getUserById(Long id) {
+		log.info("Fetching user with ID: {}", id);
+		UserEntity userEntity = validateUser(id);
 //        if (!UserStatusEnum.ACTIVE.getValue().equals(userEntity.getStatus())) {
 //            log.info("User with ID: {} is not active", id);
 //            throw new ResourceNotFoundException(Status.NOT_FOUND, Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG));
 //        }
-        log.info("User found: {}", userEntity);
+		log.info("User found: {}", userEntity);
-        return convertUserEntityToUserResponse(userEntity);
+		return convertUserEntityToUserResponse(userEntity);
-    }
+	}
 
     public void deleteUser(Long id) {
         log.info("Deleting user with ID: {}", id);
@@ -150,14 +250,6 @@ public class UserDao {
 				.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
 						Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)));
 	}
-    public String generateSecureToken() {
-        SecureRandom secureRandom = new SecureRandom();
-        byte[] tokenBytes = new byte[24];
-        secureRandom.nextBytes(tokenBytes);
-        String token = Base64.getUrlEncoder().withoutPadding().encodeToString(tokenBytes);
-        log.debug("Generated secure token: {}", token);
-        return token;
-    }
 
     public String initiatePasswordReset(InitiatePasswordResetReq resetReq) {
         UserEntity user = userRepository.findByEmail(resetReq.getEmail());
@@ -165,7 +257,7 @@ public class UserDao {
             log.info("Password reset attempt for non-existent user: {}", resetReq.getEmail());
             throw new ResourceNotFoundException(Status.NOT_FOUND, Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG));
         }
-        String token = generateSecureToken();
+        String token = Utils.generateSecureToken();
         user.setResetPasswordToken(token);
         userRepository.save(user);
         log.info("Password reset token generated for user: {}", resetReq.getEmail());
@@ -227,4 +319,12 @@ public class UserDao {
         return convertUserEntityToUserResponse(userEntity);
     }
 
+	public JWTToken validateExistingUserToken(String token) {
+		return authService.validateExistingUserToken(token);
+	}
+
+	public UserSamlResponse validateNewUserToken(String token) {
+		return authService.validateNewUserToken(token);
+	}
+
 }

src/main/java/net/gepafin/tendermanagement/dao/VatCheckDao.java

@@ -1,8 +1,13 @@
 package net.gepafin.tendermanagement.dao;
 
 import feign.FeignException;
+import net.gepafin.tendermanagement.config.Translator;
 import net.gepafin.tendermanagement.constants.GepafinConstant;
 import net.gepafin.tendermanagement.service.feignClient.VatCheckService;
+import net.gepafin.tendermanagement.util.Utils;
+import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException;
+import net.gepafin.tendermanagement.web.rest.api.errors.Status;
+
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -67,8 +72,17 @@ public class VatCheckDao {
             }
         } catch (FeignException ex) {
             log.error("Exception occurred while checking vat number: {0}", ex);
-            throw ex;
+            Utils.callException(ex.status(), ex);
         }
         return responseBody;
     }
+
+	public Map<String, Object> checkVatNumber(String vatNumber) {
+		try {
+			return checkVatNumberApi(vatNumber);
+		} catch (Exception e) {
+			throw new CustomValidationException(Status.VALIDATION_ERROR,
+					Translator.toLocale(GepafinConstant.INVALID_VATNUMBER));
+		}
+	}
 }

src/main/java/net/gepafin/tendermanagement/entities/ApplicationEntity.java

@@ -13,9 +13,12 @@ import java.time.LocalDateTime;
 @Builder
 public class ApplicationEntity extends BaseEntity {
 
+	@Column(name = "USER_ID")
+	private Long userId;
+	
     @ManyToOne
-    @JoinColumn(name = "USER_ID", nullable = false)
+    @JoinColumn(name = "COMPANY_ID", nullable = false)
-    private UserEntity user;
+	private CompanyEntity company;
 
     @Column(name = "SUBMISSION_DATE")
     private LocalDateTime submissionDate;

src/main/java/net/gepafin/tendermanagement/entities/BeneficiaryEntity.java

@@ -0,0 +1,47 @@
+package net.gepafin.tendermanagement.entities;
+
+import java.time.LocalDateTime;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Table;
+import jakarta.validation.constraints.Email;
+import lombok.Data;
+
+@Entity
+@Table(name = "BENEFICIARY")
+@Data
+public class BeneficiaryEntity extends BaseEntity {
+
+    @Email
+    @Column(name = "EMAIL")
+    private String email;
+
+    @Column(name = "FIRST_NAME")
+    private String firstName;
+
+    @Column(name = "LAST_NAME")
+    private String lastName;
+
+    @Column(name = "PHONE_NUMBER")
+    private String phoneNumber;
+
+    @Column(name = "ORGANIZATION")
+    private String organization;
+
+    @Column(name = "ADDRESS")
+    private String address;
+
+    @Column(name = "CITY")
+    private String city;
+
+    @Column(name = "COUNTRY")
+    private String country;
+    
+    @Column(name = "CODICE_FISCALE")
+    private String codiceFiscale;
+    
+    @Column(name = "DATE_OF_BIRTH")
+    private LocalDateTime dateOfBirth;
+    
+}

src/main/java/net/gepafin/tendermanagement/entities/CallEntity.java

@@ -8,6 +8,7 @@ import lombok.Builder;
 
 import java.math.BigDecimal;
 import java.time.LocalDateTime;
+import java.time.LocalTime;
 
 @Entity
 @Table(name = "CALL")
@@ -68,5 +69,20 @@ public class CallEntity extends BaseEntity {
 
     @Column(name="FINAL_FORM")
     private Long finalForm;
+
+    @Column(name = "AMOUNT_MIN")
+    private BigDecimal amountMin;
+
+    @Column(name="EMAIL")
+    private String email;
+
+    @Column(name = "PHONE_NUMBER")
+    private String phoneNumber;
+
+    @Column(name = "START_TIME")
+    private LocalTime startTime;
+
+    @Column(name = "END_TIME")
+    private LocalTime endTime;
 }
 

src/main/java/net/gepafin/tendermanagement/entities/CompanyEntity.java

@@ -0,0 +1,53 @@
+package net.gepafin.tendermanagement.entities;
+
+import java.math.BigDecimal;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Table;
+import lombok.Data;
+
+@Entity
+@Table(name = "COMPANY")
+@Data
+public class CompanyEntity extends BaseEntity{
+
+    @Column(name = "COMPANY_NAME")
+    private String companyName;
+
+    @Column(name = "VAT_NUMBER")
+    private String vatNumber;
+
+    @Column(name = "CODICE_FISCALE")
+    private String codiceFiscale;
+
+    @Column(name = "ADDRESS")
+    private String address;
+
+    @Column(name = "PHONE_NUMBER")
+    private String phoneNumber;
+
+    @Column(name = "CITY")
+    private String city;
+
+    @Column(name = "PROVINCE")
+    private String province;
+    
+    @Column(name = "CAP")
+    private String cap;
+    
+    @Column(name = "COUNTRY")
+    private String country;
+    
+    @Column(name = "PEC")
+    private String pec;
+    
+    @Column(name = "EMAIL")
+    private String email;
+    
+    @Column(name = "NUMBER_OF_EMPLOYEES")
+    private String numberOfEmployees;
+    
+    @Column(name = "ANNUAL_REVENUE")
+    private BigDecimal annualRevenue;
+}

src/main/java/net/gepafin/tendermanagement/entities/FaqEntity.java

@@ -42,5 +42,8 @@ public class FaqEntity extends BaseEntity {
     @Column(name ="IS_DELETED", nullable = false)
     private Boolean isDeleted = false;
     
+    @Column(name ="COMPANY_ID")
+    private Long companyId;
+
 }
 

src/main/java/net/gepafin/tendermanagement/entities/SamlResponseEntity.java

@@ -0,0 +1,20 @@
+package net.gepafin.tendermanagement.entities;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Table;
+import lombok.Data;
+
+@Entity
+@Table(name = "SAML_RESPONSE")
+@Data
+public class SamlResponseEntity extends BaseEntity{
+	
+	@Column(name = "AUTHENTICATION_OBJECT")
+	private String authenticationObject;
+	
+	@Column(name = "TOKEN")
+	private String token;
+	
+
+}

src/main/java/net/gepafin/tendermanagement/entities/UserEntity.java

@@ -1,6 +1,5 @@
 package net.gepafin.tendermanagement.entities;
 
-import com.fasterxml.jackson.annotation.JsonValue;
 import jakarta.persistence.*;
 import jakarta.validation.constraints.Email;
 
@@ -17,7 +16,7 @@ import java.time.LocalDateTime;
 @Setter
 public class UserEntity extends BaseEntity {
 
-    @Column(name = "PASSWORD", columnDefinition = "TEXT",nullable = false)
+    @Column(name = "PASSWORD", columnDefinition = "TEXT",nullable = true)
     @JsonIgnore
     private String password;
 
@@ -30,7 +29,6 @@ public class UserEntity extends BaseEntity {
     @JsonIgnore
     private RoleEntity roleEntity;
     
-
     @Column(name = "LAST_LOGIN")
     private LocalDateTime lastLogin;
 
@@ -60,4 +58,11 @@ public class UserEntity extends BaseEntity {
 
     @Column(name = "RESET_PASSWORD_TOKEN", length = 255, nullable = true)
     private String resetPasswordToken;
+    
+    @Column(name = "DATE_OF_BIRTH")
+    private LocalDateTime dateOfBirth;
+    
+    @OneToOne
+    @JoinColumn(name = "BENEFICIARY_ID")
+    private BeneficiaryEntity beneficiary;
 }

src/main/java/net/gepafin/tendermanagement/entities/UserWithCompanyEntity.java

@@ -0,0 +1,22 @@
+package net.gepafin.tendermanagement.entities;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Table;
+import lombok.Data;
+
+@Entity
+@Table(name = "USER_WITH_COMPANY")
+@Data
+public class UserWithCompanyEntity extends BaseEntity{
+	
+	@Column(name = "USER_ID")
+	Long userId;
+	
+	@Column(name = "BENEFICIARY_ID")
+	Long beneficiaryId;
+	
+	@Column(name = "COMPANY_ID")
+	Long companyId;
+
+}

src/main/java/net/gepafin/tendermanagement/model/request/CompanyRequest.java

@@ -0,0 +1,24 @@
+package net.gepafin.tendermanagement.model.request;
+
+import java.math.BigDecimal;
+
+import lombok.Data;
+
+@Data
+public class CompanyRequest {
+
+    private String companyName;
+    private String vatNumber;
+    private String codiceFiscale;
+    private String address;
+    private String phoneNumber;
+    private String city;
+    private String province;
+    private String cap;
+    private String country;
+    private String pec;
+    private String email;
+    private String numberOfEmployees;
+    private BigDecimal annualRevenue;
+
+}

src/main/java/net/gepafin/tendermanagement/model/request/CreateCallRequestStep1.java

@@ -2,7 +2,9 @@ package net.gepafin.tendermanagement.model.request;
 
 import java.math.BigDecimal;
 import java.time.LocalDateTime;
+import java.time.LocalTime;
 import java.util.List;
+
 import lombok.Data;
 
 @Data
@@ -26,6 +28,16 @@ public class CreateCallRequestStep1 {
 
     private String documentationRequested;
 
+    private BigDecimal amountMin;
+
+    private String email;
+
+    private String phoneNumber;
+
+    private String startTime;
+
+    private String endTime;
+
     private Boolean confidi;
 
     private List<FaqReq> faq;

src/main/java/net/gepafin/tendermanagement/model/request/UpdateCallRequestStep1.java

@@ -2,6 +2,7 @@ package net.gepafin.tendermanagement.model.request;
 
 import java.math.BigDecimal;
 import java.time.LocalDateTime;
+import java.time.LocalTime;
 import java.util.List;
 
 import lombok.Data;
@@ -25,6 +26,16 @@ public class UpdateCallRequestStep1 {
 
 	private String documentationRequested;
 
+	private BigDecimal amountMin;
+
+	private String email;
+
+	private String phoneNumber;
+
+	private String startTime;
+
+	private String endTime;
+
 	private Boolean confidi;
 
 	private List<FaqReq> faq;

src/main/java/net/gepafin/tendermanagement/model/request/UserReq.java

@@ -1,20 +1,15 @@
 package net.gepafin.tendermanagement.model.request;
 
-import jakarta.validation.constraints.Email;
+import java.time.LocalDateTime;
-import jakarta.validation.constraints.NotBlank;
-import jakarta.validation.constraints.NotEmpty;
-import jakarta.validation.constraints.NotNull;
 import lombok.Data;
 
 @Data
 public class UserReq {
 
-    @NotBlank
-    @Email
     private String email;
-    @NotEmpty
+    
     private String password;
-    @NotEmpty
+    
     private String confPassword;
 
     private String firstName;
@@ -22,7 +17,7 @@ public class UserReq {
     private String lastName;
 
     private String phoneNumber;
-    @NotNull
+    
     private Long roleId;
 
     private String organization;
@@ -33,4 +28,8 @@ public class UserReq {
 
     private String country;
     
+    private String codiceFiscale;
+    
+    private LocalDateTime dateOfBirth;
+
 }

src/main/java/net/gepafin/tendermanagement/model/response/ApplicationFormFieldResponseBean.java

@@ -12,5 +12,5 @@ public class ApplicationFormFieldResponseBean extends BaseBean {
 
     private String fieldId;
 
-    private String fieldValue;
+    private Object fieldValue;
 }

src/main/java/net/gepafin/tendermanagement/model/response/ApplicationGetResponseBean.java

@@ -20,6 +20,10 @@ public class ApplicationGetResponseBean {
     
     private String callTitle;
     
+    private Long companyId;
+    
+    private String companyName;
+
     private List<FormApplicationResponse> form;
 
 }

src/main/java/net/gepafin/tendermanagement/model/response/ApplicationResponse.java

@@ -13,10 +13,22 @@ public class ApplicationResponse{
 
     private Long callId;
 
+    private String callTitle;
+
+    private LocalDateTime callEndDate;
+
+    private LocalDateTime modifiedDate;
+
+    private Integer progress;
+
     private LocalDateTime submissionDate;
 
     private String status;
 
     private String comments;
     
+    private Long companyId;
+    
+    private String companyName;
+
 }

src/main/java/net/gepafin/tendermanagement/model/response/CallDetailsResponseBean.java

@@ -5,6 +5,7 @@ import net.gepafin.tendermanagement.enums.CallStatusEnum;
 
 import java.math.BigDecimal;
 import java.time.LocalDateTime;
+import java.time.LocalTime;
 import java.util.List;
 @Data
 public class CallDetailsResponseBean {
@@ -37,6 +38,16 @@ public class CallDetailsResponseBean {
 
     private String documentationRequested;
 
+    private BigDecimal amountMin;
+
+    private String email;
+
+    private String phoneNumber;
+
+    private LocalTime startTime;
+
+    private LocalTime endTime;
+
     private LocalDateTime createdDate;
 
     private LocalDateTime updatedDate;

src/main/java/net/gepafin/tendermanagement/model/response/CallResponse.java

@@ -2,6 +2,7 @@ package net.gepafin.tendermanagement.model.response;
 
 import java.math.BigDecimal;
 import java.time.LocalDateTime;
+import java.time.LocalTime;
 import java.util.List;
 
 import lombok.Data;
@@ -40,6 +41,16 @@ public class CallResponse {
     
     private Boolean confidi;
 
+    private BigDecimal amountMin;
+
+    private String email;
+
+    private String phoneNumber;
+
+    private LocalTime startTime;
+
+    private LocalTime endTime;
+
     private LocalDateTime createdDate;
 
     private LocalDateTime updatedDate;

src/main/java/net/gepafin/tendermanagement/model/response/CompanyResponse.java

@@ -0,0 +1,25 @@
+package net.gepafin.tendermanagement.model.response;
+
+import java.math.BigDecimal;
+
+import lombok.Data;
+import net.gepafin.tendermanagement.model.BaseBean;
+
+@Data
+public class CompanyResponse extends BaseBean{
+	
+    private String companyName;
+    private String vatNumber;
+    private String codiceFiscale;
+    private String address;
+    private String phoneNumber;
+    private String city;
+    private String province;
+    private String cap;
+    private String country;
+    private String pec;
+    private String email;
+    private String numberOfEmployees;
+    private BigDecimal annualRevenue;
+    
+}

src/main/java/net/gepafin/tendermanagement/model/response/FlowResponseBean.java

@@ -1,6 +1,7 @@
 package net.gepafin.tendermanagement.model.response;
 
 import lombok.Data;
+import net.gepafin.tendermanagement.enums.CallStatusEnum;
 import net.gepafin.tendermanagement.model.request.FlowDataRequestBean;
 import net.gepafin.tendermanagement.model.request.FlowEdgesRequestBean;
 
@@ -11,6 +12,8 @@ public class FlowResponseBean {
 
     private Long callId;
 
+    private CallStatusEnum callStatus;
+
     private Long initialForm;
 
     private Long finalForm;

src/main/java/net/gepafin/tendermanagement/model/response/FormResponseBean.java

@@ -9,6 +9,8 @@ public class FormResponseBean {
 
     private Long id;
 
+    private String callStatus;
+
     private String label;
 
     private Long callId;

src/main/java/net/gepafin/tendermanagement/model/response/LoginResponse.java

@@ -6,6 +6,7 @@ import lombok.NoArgsConstructor;
 import lombok.Setter;
 
 import java.time.LocalDateTime;
+import java.util.List;
 
 @Getter
 @Setter
@@ -36,7 +37,13 @@ public class LoginResponse {
 
     private LocalDateTime lastLogin;
     
+    private String codiceFiscale;
+    
+    private LocalDateTime dateOfBirth;
+
     private LocalDateTime createdDate;
 
     private LocalDateTime updatedDate;
+
+    private List<CompanyResponse> companies;
 }

src/main/java/net/gepafin/tendermanagement/model/response/NextOrPreviousFormResponse.java

@@ -1,6 +1,7 @@
 package net.gepafin.tendermanagement.model.response;
 
 import lombok.Data;
+import net.gepafin.tendermanagement.enums.ApplicationStatusTypeEnum;
 
 @Data
 public class NextOrPreviousFormResponse {
@@ -17,6 +18,12 @@ public class NextOrPreviousFormResponse {
 	
 	private Long currentStep;
 	
+	private Long companyId;
+	
+	private String companyName;
+
+	private ApplicationStatusTypeEnum applicationStatus;
+	
 	private FormApplicationResponse applicationFormResponse;
 
 }

src/main/java/net/gepafin/tendermanagement/model/response/UserResponseBean.java

@@ -6,6 +6,7 @@ import net.gepafin.tendermanagement.enums.UserStatusEnum;
 import net.gepafin.tendermanagement.model.BaseBean;
 
 import java.time.LocalDateTime;
+import java.util.List;
 
 @Getter
 @Setter
@@ -33,4 +34,9 @@ public class UserResponseBean extends BaseBean {
 
     private LocalDateTime lastLogin;
     
+    private String codiceFiscale;
+    
+    private LocalDateTime dateOfBirth;
+
+    private List<CompanyResponse> companies;
 }

src/main/java/net/gepafin/tendermanagement/model/response/UserSamlResponse.java

@@ -0,0 +1,13 @@
+package net.gepafin.tendermanagement.model.response;
+
+import lombok.Data;
+
+@Data
+public class UserSamlResponse {
+
+	private String codiceFiscale;
+	
+    private String firstName;
+
+    private String lastName;
+}

src/main/java/net/gepafin/tendermanagement/repositories/ApplicationFormRepository.java

@@ -17,4 +17,5 @@ public interface ApplicationFormRepository extends JpaRepository<ApplicationForm
 
 	public List<ApplicationFormEntity> findByApplicationIdOrderByCreatedDateAsc(Long applicationId);
 
+    public List<ApplicationFormEntity> findByFormIdInAndApplicationId(List<Long> formIds,Long applicationId);
 }

src/main/java/net/gepafin/tendermanagement/repositories/ApplicationRepository.java

@@ -3,6 +3,7 @@ package net.gepafin.tendermanagement.repositories;
 import net.gepafin.tendermanagement.entities.ApplicationEntity;
 import net.gepafin.tendermanagement.entities.FaqEntity;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
@@ -11,9 +12,7 @@ import java.util.List;
 import java.util.Optional;
 
 @Repository
-public interface ApplicationRepository extends JpaRepository<ApplicationEntity,Long> {
+public interface ApplicationRepository extends JpaRepository<ApplicationEntity, Long>, JpaSpecificationExecutor<ApplicationEntity> {
-
-    public Optional<ApplicationEntity> findByUserIdAndCallIdAndIsDeletedFalse(Long userId,Long callId);
 
     public List<ApplicationEntity> findByUserIdAndIsDeletedFalse(Long userId);
 
@@ -23,4 +22,12 @@ public interface ApplicationRepository extends JpaRepository<ApplicationEntity,L
 	public List<ApplicationEntity> findByCallIdAndIsDeletedFalse(Long callId);
 
 	public List<ApplicationEntity> findByIsDeletedFalse();
+
+    public Optional<ApplicationEntity> findByIdAndUserIdAndIsDeletedFalse(Long id,Long userId);
+
+	Optional<ApplicationEntity> findByCompanyIdAndCallIdAndIsDeletedFalse(Long companyId, Long callId);
+
+	public Optional<ApplicationEntity> findByIdAndUserIdAndCallIdAndIsDeletedFalse(Long applicationId, Long userId,
+			Long callId);
+
 }

src/main/java/net/gepafin/tendermanagement/repositories/BeneficiaryRepository.java

@@ -0,0 +1,11 @@
+package net.gepafin.tendermanagement.repositories;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import net.gepafin.tendermanagement.entities.BeneficiaryEntity;
+
+@Repository
+public interface BeneficiaryRepository extends JpaRepository<BeneficiaryEntity, Long> {
+
+}

src/main/java/net/gepafin/tendermanagement/repositories/CompanyRepository.java

@@ -0,0 +1,18 @@
+package net.gepafin.tendermanagement.repositories;
+
+import java.util.List;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import net.gepafin.tendermanagement.entities.CompanyEntity;
+
+@Repository
+public interface CompanyRepository extends JpaRepository<CompanyEntity, Long> {
+
+	List<CompanyEntity> findByIdIn(List<Long> companyIds);
+
+	Boolean existsByVatNumber(String vatNumber);
+	CompanyEntity findByVatNumber(String vatNumber);
+
+}

src/main/java/net/gepafin/tendermanagement/repositories/FormRepository.java

@@ -10,4 +10,6 @@ import java.util.List;
 public interface FormRepository extends JpaRepository<FormEntity,Long> {
 
     List<FormEntity> findByCallId(Long callId);
+
+    List<FormEntity> findByIdIn(List<Long> formId);
 }

src/main/java/net/gepafin/tendermanagement/repositories/RoleRepository.java

@@ -6,4 +6,6 @@ import org.springframework.stereotype.Repository;
 
 @Repository
 public interface RoleRepository extends JpaRepository<RoleEntity, Long> {
+
+	RoleEntity findByRoleType(String roleType);
 }

src/main/java/net/gepafin/tendermanagement/repositories/SamlResponseRepository.java

@@ -0,0 +1,13 @@
+package net.gepafin.tendermanagement.repositories;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import net.gepafin.tendermanagement.entities.SamlResponseEntity;
+
+@Repository
+public interface SamlResponseRepository extends JpaRepository<SamlResponseEntity, Long> {
+
+	SamlResponseEntity findByToken(String token);
+
+}

src/main/java/net/gepafin/tendermanagement/repositories/UserRepository.java

@@ -2,11 +2,20 @@ package net.gepafin.tendermanagement.repositories;
 
 import net.gepafin.tendermanagement.entities.UserEntity;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
 
 import java.util.Optional;
 
+@Repository
 public interface UserRepository extends JpaRepository<UserEntity, Long> {
+	
     Optional<UserEntity> findByEmailIgnoreCase(String email);
+    
     boolean existsByEmailIgnoreCase(String email);
+    
     UserEntity findByEmail(String email);
+    
+    Optional<UserEntity> findByBeneficiaryCodiceFiscale(String codiceFiscale);
+
+	boolean existsByBeneficiaryCodiceFiscale(String codiceFiscale);
 }

src/main/java/net/gepafin/tendermanagement/repositories/UserWithCompanyRepository.java

@@ -0,0 +1,22 @@
+package net.gepafin.tendermanagement.repositories;
+
+import java.util.List;
+import java.util.Optional;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.query.Param;
+
+import net.gepafin.tendermanagement.entities.UserWithCompanyEntity;
+
+
+public interface UserWithCompanyRepository extends JpaRepository<UserWithCompanyEntity, Long> {
+
+	void deleteByCompanyId(Long companyId);
+
+	@Query("SELECT uwc.companyId FROM UserWithCompanyEntity uwc WHERE uwc.userId = :userId")
+	List<Long> findCompanyIdByUserId(@Param("userId") Long userId);
+
+	Optional<UserWithCompanyEntity> findByUserIdAndCompanyId(Long userId, Long companyId);
+
+}

src/main/java/net/gepafin/tendermanagement/service/ApplicationService.java

@@ -19,15 +19,16 @@ public interface ApplicationService {
 
     ApplicationGetResponseBean getApplicationByFormId(HttpServletRequest request, Long applicationId,Long formId);
 
-    List<ApplicationResponse> getAllApplications(HttpServletRequest request,Long callId);
+    List<ApplicationResponse> getAllApplications(HttpServletRequest request,Long callId, Long companyId);
 
     void deleteApplication(HttpServletRequest request, Long applicationId);
 
     public ApplicationEntity validateApplication(Long userId);
 
-    public ApplicationResponse createApplication(HttpServletRequest request, ApplicationRequest applicationRequest, Long callId);
+    public ApplicationResponse createApplication(HttpServletRequest request, Long companyId, ApplicationRequest applicationRequest, Long callId);
 
 	public NextOrPreviousFormResponse getNextOrPreviousForm(HttpServletRequest request, Long applicationId, Long formId, FormActionEnum action);
 
 	public void updateApplicationStatus(HttpServletRequest request, Long applicationId, ApplicationStatusTypeEnum status);
+
 }

src/main/java/net/gepafin/tendermanagement/service/CompanyService.java

@@ -0,0 +1,30 @@
+package net.gepafin.tendermanagement.service;
+
+import java.util.List;
+import java.util.Map;
+
+import jakarta.servlet.http.HttpServletRequest;
+import net.gepafin.tendermanagement.entities.CompanyEntity;
+import net.gepafin.tendermanagement.entities.UserWithCompanyEntity;
+import net.gepafin.tendermanagement.model.request.CompanyRequest;
+import net.gepafin.tendermanagement.model.response.CompanyResponse;
+
+public interface CompanyService {
+
+	CompanyResponse createCompany(HttpServletRequest request, CompanyRequest companyRequest);
+
+	CompanyResponse updateCompany(HttpServletRequest request, Long companyId, CompanyRequest companyRequest);
+
+	CompanyResponse getCompany(HttpServletRequest request, Long companyId);
+
+	void deleteCompany(HttpServletRequest request, Long companyId);
+
+	List<CompanyResponse> getCompanyByUserId(HttpServletRequest request, Long userId);
+
+	Map<String, Object> checkVatNumber(HttpServletRequest request, String vatNumber);
+
+	CompanyEntity validateCompany(Long companyId);
+
+	UserWithCompanyEntity validateUserWithCompny(Long userId, Long companyId);
+
+}

src/main/java/net/gepafin/tendermanagement/service/DocumentService.java

@@ -1,6 +1,7 @@
 package net.gepafin.tendermanagement.service;
 
 import jakarta.servlet.http.HttpServletRequest;
+import net.gepafin.tendermanagement.entities.DocumentEntity;
 import net.gepafin.tendermanagement.enums.DocumentSourceTypeEnum;
 import net.gepafin.tendermanagement.enums.DocumentTypeEnum;
 import net.gepafin.tendermanagement.model.response.DocumentResponseBean;
@@ -17,4 +18,6 @@ public interface DocumentService {
     public DocumentResponseBean updateDocument(HttpServletRequest httpServletRequest, Long documentId, MultipartFile file, DocumentTypeEnum documentTypeEnum);
 
     public DocumentResponseBean getDocument(HttpServletRequest httpServletRequest,Long documentId);
-}
+
+    public DocumentEntity validateDocument(Long id);
+    }

src/main/java/net/gepafin/tendermanagement/service/FaqService.java

@@ -11,7 +11,7 @@ import net.gepafin.tendermanagement.model.response.FaqResponseBean;
 
 public interface FaqService {
 
-    FaqResponseBean createFaq(HttpServletRequest request,Long callId, FaqReq faqRequest);
+    FaqResponseBean createFaq(HttpServletRequest request,Long callId, Long companyId, FaqReq faqRequest);
 
     FaqResponseBean getFaqById(HttpServletRequest request, Long id);
 

src/main/java/net/gepafin/tendermanagement/service/UserService.java

@@ -8,11 +8,12 @@ import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import net.gepafin.tendermanagement.enums.UserStatusEnum;
 import net.gepafin.tendermanagement.model.request.*;
+import net.gepafin.tendermanagement.model.response.UserSamlResponse;
 import net.gepafin.tendermanagement.model.response.UserResponseBean;
 import net.gepafin.tendermanagement.model.util.JWTToken;
 
 public interface UserService {
-    UserResponseBean createUser(UserReq userReq);
+	JWTToken createUser(HttpServletRequest request, String tempToken, UserReq userReq);
 
     UserResponseBean updateUser(Long userId, UpdateUserReq userReq);
 
@@ -35,4 +36,8 @@ public interface UserService {
     UserResponseBean updateUserStatus(Long userId, UserStatusEnum statusReq);
 
     UserResponseBean getValidUser(HttpServletRequest request);
+
+    JWTToken validateExistingUserToken(HttpServletRequest request, String token);
+
+	UserSamlResponse validateNewUserToken(HttpServletRequest request, String token);
 }

src/main/java/net/gepafin/tendermanagement/service/feignClient/VatCheckService.java

@@ -11,7 +11,7 @@ import org.springframework.web.bind.annotation.RequestHeader;
 import java.net.URI;
 import java.util.Map;
 
-@FeignClient(value = "vat-check-service", url = GepafinConstant.VATNUMBER_V2)
+@FeignClient(value = "vat-check-service", url = GepafinConstant.CHECK_VATNUMBER_V2_NEW_URL)
 public interface VatCheckService {
 
 

src/main/java/net/gepafin/tendermanagement/service/impl/ApplicationServiceImpl.java

@@ -4,6 +4,7 @@ import jakarta.servlet.http.HttpServletRequest;
 import net.gepafin.tendermanagement.dao.ApplicationDao;
 import net.gepafin.tendermanagement.dao.FlowFormDao;
 import net.gepafin.tendermanagement.entities.ApplicationEntity;
+import net.gepafin.tendermanagement.entities.CompanyEntity;
 import net.gepafin.tendermanagement.entities.UserEntity;
 import net.gepafin.tendermanagement.model.request.ApplicationRequest;
 import net.gepafin.tendermanagement.enums.ApplicationStatusTypeEnum;
@@ -35,10 +36,11 @@ public class ApplicationServiceImpl implements ApplicationService {
 
     @Override
     @Transactional(rollbackFor = Exception.class)
-    public ApplicationResponseBean createApplication(HttpServletRequest request, ApplicationRequestBean applicationRequestBean,Long applicationId, Long formId) {
+	public ApplicationResponseBean createApplication(HttpServletRequest request,
-        UserEntity userEntity = validator.validateUser(request);
+			ApplicationRequestBean applicationRequestBean, Long applicationId, Long formId) {
-        return applicationDao.createApplication(applicationRequestBean,userEntity,formId,applicationId);
+		UserEntity userEntity = validator.validateUser(request);
-    }
+		return applicationDao.createApplication(applicationRequestBean, userEntity, formId, applicationId);
+	}
 
     @Override
     @Transactional(readOnly = true)
@@ -60,9 +62,10 @@ public class ApplicationServiceImpl implements ApplicationService {
 
     @Override
     @Transactional(rollbackFor = Exception.class)
-    public ApplicationResponse createApplication(HttpServletRequest request, ApplicationRequest applicationRequest, Long callId) {
+    public ApplicationResponse createApplication(HttpServletRequest request, Long companyId, ApplicationRequest applicationRequest, Long callId) {
         UserEntity userEntity = validator.validateUser(request);
-        return applicationDao.createApplicationByCallId(applicationRequest,callId,userEntity);
+        CompanyEntity companyEntity = validator.validateUSerWithCompany(request, companyId);
+        return applicationDao.createApplicationByCallId(companyEntity, applicationRequest, callId, userEntity);
     }
     
     @Override
@@ -80,8 +83,11 @@ public class ApplicationServiceImpl implements ApplicationService {
 
     @Override
     @Transactional(readOnly = true)
-    public List<ApplicationResponse> getAllApplications(HttpServletRequest request,Long callId) {
+	public List<ApplicationResponse> getAllApplications(HttpServletRequest request, Long callId, Long companyId) {
-        UserEntity userEntity = validator.validateUser(request);
+		UserEntity userEntity = validator.validateUser(request);
-        return applicationDao.getAllApplications(userEntity,callId);
+		if (companyId != null) {
-    }
+			validator.validateUSerWithCompany(request, companyId);
+		}
+		return applicationDao.getAllApplications(userEntity, callId, companyId);
+	}
 }

src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java

@@ -5,16 +5,23 @@ import jakarta.servlet.http.HttpServletResponse;
 import net.gepafin.tendermanagement.config.Translator;
 import net.gepafin.tendermanagement.config.jwt.TokenProvider;
 import net.gepafin.tendermanagement.constants.GepafinConstant;
+import net.gepafin.tendermanagement.dao.CompanyDao;
 import net.gepafin.tendermanagement.dao.RoleDao;
+import net.gepafin.tendermanagement.entities.SamlResponseEntity;
 import net.gepafin.tendermanagement.entities.UserEntity;
 import net.gepafin.tendermanagement.enums.UserStatusEnum;
 import net.gepafin.tendermanagement.model.request.LoginReq;
+import net.gepafin.tendermanagement.model.response.CompanyResponse;
 import net.gepafin.tendermanagement.model.response.LoginResponse;
 import net.gepafin.tendermanagement.model.response.RoleResponseBean;
+import net.gepafin.tendermanagement.model.response.UserSamlResponse;
 import net.gepafin.tendermanagement.model.util.JWTToken;
+import net.gepafin.tendermanagement.repositories.SamlResponseRepository;
 import net.gepafin.tendermanagement.repositories.UserRepository;
 import net.gepafin.tendermanagement.util.DateTimeUtil;
+import net.gepafin.tendermanagement.util.Utils;
 import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException;
+import net.gepafin.tendermanagement.web.rest.api.errors.ResourceNotFoundException;
 import net.gepafin.tendermanagement.web.rest.api.errors.Status;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -27,6 +34,8 @@ import org.springframework.security.web.authentication.logout.SecurityContextLog
 import org.springframework.stereotype.Service;
 
 import java.time.LocalDateTime;
+import java.util.List;
+import java.util.Map;
 
 @Service
 public class AuthenticationService {
@@ -35,6 +44,8 @@ public class AuthenticationService {
 
     private final TokenProvider tokenProvider;
     private final AuthenticationManager authenticationManager;
+	@Autowired
+	private CompanyDao companyDao;
 
     @Autowired
     private UserRepository userRepository;
@@ -42,6 +53,9 @@ public class AuthenticationService {
     @Autowired
     private RoleDao roleDao;
 
+    @Autowired
+    private SamlResponseRepository samlResponseLogRepository;
+
     @Autowired
     public AuthenticationService(TokenProvider tokenProvider, AuthenticationManager authenticationManager) {
         this.tokenProvider = tokenProvider;
@@ -55,46 +69,67 @@ public class AuthenticationService {
 		Authentication authentication = this.authenticationManager.authenticate(authenticationToken);
 		SecurityContextHolder.getContext().setAuthentication(authentication);
 		log.info("Authentication successful for email: {}", loginReq.getEmail());
-		UserEntity user = userRepository.findByEmailIgnoreCase(loginReq.getEmail()).orElseThrow(()-> new CustomValidationException(Status.NOT_FOUND,
+		UserEntity user = userRepository.findByEmailIgnoreCase(loginReq.getEmail())
-				Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)));
+				.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
-		 if (Boolean.FALSE.equals(UserStatusEnum.ACTIVE.getValue().equals(user.getStatus()))) {
+						Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)));
-             throw new CustomValidationException(Status.NOT_FOUND,
+		if (Boolean.FALSE.equals(UserStatusEnum.ACTIVE.getValue().equals(user.getStatus()))) {
-                     Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG));
+			throw new ResourceNotFoundException(Status.NOT_FOUND,
+					Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG));
 		}
+		return getJWTTokenBean(user, loginReq.getRememberMe());
+	}
+   
+	public JWTToken getJWTTokenBean(UserEntity user, Boolean rememberMe) {
 		user.setLastLogin(DateTimeUtil.DateServerToUTC(LocalDateTime.now()));
 		userRepository.save(user);
-		String token = tokenProvider.createToken(authentication, loginReq.getRememberMe(), user);
+		String token = tokenProvider.createToken(rememberMe, user);
-		log.info("JWT token generated for email: {}", loginReq.getEmail());
+		log.info("JWT token generated for email: {}", user.getEmail());
 		RoleResponseBean roleResponseBean = roleDao.convertRoleEntityToRoleResponse(user.getRoleEntity());
 
 		LoginResponse loginResponse = getLoginResponse(user, roleResponseBean);
 
 		JWTToken jwtToken = new JWTToken(token, loginResponse);
 
-            log.info("Login successful for email: {}", loginReq.getEmail());
+		log.info("Login successful for email: {}", user.getEmail());
-            return jwtToken;
+		return jwtToken;
-    }
+	}
 
-    private static LoginResponse getLoginResponse(UserEntity user, RoleResponseBean roleResponseBean) {
+	private  LoginResponse getLoginResponse(UserEntity user, RoleResponseBean roleResponseBean) {
-        LoginResponse loginResponse = new LoginResponse();
+		LoginResponse loginResponse = new LoginResponse();
-        loginResponse.setId(user.getId());
+		loginResponse.setEmail(user.getEmail());
-        loginResponse.setEmail(user.getEmail());
+		loginResponse.setId(user.getId());
-        loginResponse.setFirstName(user.getFirstName());
+		List<CompanyResponse> companyResponseBeans = companyDao.getCompanyByUserId(user.getId());
-        loginResponse.setLastName(user.getLastName());
+		loginResponse.setCompanies(companyResponseBeans);
-        loginResponse.setRole(roleResponseBean);
+		loginResponse.setRole(roleResponseBean);
-        loginResponse.setPhoneNumber(user.getPhoneNumber());
+		loginResponse.setStatus(user.getStatus());
-        loginResponse.setAddress(user.getAddress());
+		loginResponse.setLastLogin(user.getLastLogin());
-        loginResponse.setOrganization(user.getOrganization());
-        loginResponse.setCountry(user.getCountry());
-        loginResponse.setStatus(user.getStatus());
-        loginResponse.setCity(user.getCity());
-        loginResponse.setLastLogin(user.getLastLogin());
         loginResponse.setCreatedDate(user.getCreatedDate());
         loginResponse.setUpdatedDate(user.getUpdatedDate());
+		if (user.getBeneficiary() == null) {
+			loginResponse.setFirstName(user.getFirstName());
+	        loginResponse.setLastName(user.getLastName());
+	        loginResponse.setPhoneNumber(user.getPhoneNumber());
+	        loginResponse.setAddress(user.getAddress());
+	        loginResponse.setOrganization(user.getOrganization());
+	        loginResponse.setCountry(user.getCountry());
+	        loginResponse.setCity(user.getCity());
+	        loginResponse.setDateOfBirth(user.getDateOfBirth());
+		}else {
+			loginResponse.setFirstName(user.getBeneficiary().getFirstName());
+	        loginResponse.setLastName(user.getBeneficiary().getLastName());
+	        loginResponse.setPhoneNumber(user.getBeneficiary().getPhoneNumber());
+	        loginResponse.setAddress(user.getBeneficiary().getAddress());
+	        loginResponse.setOrganization(user.getBeneficiary().getOrganization());
+	        loginResponse.setCountry(user.getBeneficiary().getCountry());
+	        loginResponse.setCity(user.getBeneficiary().getCity());
+	        loginResponse.setCodiceFiscale(user.getBeneficiary().getCodiceFiscale());
+	        loginResponse.setDateOfBirth(user.getBeneficiary().getDateOfBirth());
+		}
+        
         return loginResponse;
     }
-     public void logout(HttpServletRequest request, HttpServletResponse response)
+     public void logout(HttpServletRequest request, HttpServletResponse response) {  
-    {  Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+    	Authentication auth = SecurityContextHolder.getContext().getAuthentication();
         if (auth != null) {
             String token = tokenProvider.extractTokenFromRequest(request);
             tokenProvider.invalidateToken(token);
@@ -102,6 +137,53 @@ public class AuthenticationService {
         }
         SecurityContextHolder.getContext().setAuthentication(null);
         SecurityContextHolder.clearContext();
-}
+    }
+
+ 	public JWTToken validateExistingUserToken(String token) {
+		SamlResponseEntity samlResponseLogEntity = samlResponseLogRepository.findByToken(token);
+		if (samlResponseLogEntity == null) {
+			log.info("Invalid spid login token : {}", token);
+			throw new CustomValidationException(Status.VALIDATION_ERROR,
+					Translator.toLocale(GepafinConstant.INVALID_TOKEN_MSG));
+		}
+		Map<String, List<Object>> userAttributes = Utils
+				.convertStringIntoMap(samlResponseLogEntity.getAuthenticationObject());
+		String cf = userAttributes.get("CodiceFiscale").get(0).toString();
+		UserEntity userEntity = userRepository.findByBeneficiaryCodiceFiscale(cf)
+				.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
+						Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)));
+		samlResponseLogRepository.delete(samlResponseLogEntity);
+
+		return getJWTTokenBean(userEntity, Boolean.TRUE);
+	}
+
+
+	public UserSamlResponse validateNewUserToken(String token) {
+		SamlResponseEntity samlResponseLogEntity = samlResponseLogRepository.findByToken(token);
+		if (samlResponseLogEntity == null) {
+			log.info("Invalid spid login token : {}", token);
+			throw new CustomValidationException(Status.VALIDATION_ERROR,
+					Translator.toLocale(GepafinConstant.INVALID_TOKEN_MSG));
+		}
+		Map<String, List<Object>> userAttributes = Utils
+				.convertStringIntoMap(samlResponseLogEntity.getAuthenticationObject());
+		String cf = userAttributes.get("CodiceFiscale").get(0).toString();
+		if (userRepository.existsByBeneficiaryCodiceFiscale(cf)) {
+			throw new ResourceNotFoundException(Status.NOT_FOUND,
+					Translator.toLocale(GepafinConstant.USER_ALREADY_EXIST_MSG));
+		}
+		UserSamlResponse userSamlResponse = new UserSamlResponse();
+		userSamlResponse.setCodiceFiscale(cf);
+		if (userAttributes.containsKey("nome") && userAttributes.get("nome") != null
+				&& !userAttributes.get("nome").isEmpty()) {
+			userSamlResponse.setFirstName(userAttributes.get("nome").get(0).toString());
+		}
+		if (userAttributes.containsKey("cognome") && userAttributes.get("cognome") != null
+				&& !userAttributes.get("cognome").isEmpty()) {
+			userSamlResponse.setLastName(userAttributes.get("cognome").get(0).toString());
+		}
+		userSamlResponse.setCodiceFiscale(cf);
+		return userSamlResponse;
+	}
 }
 

src/main/java/net/gepafin/tendermanagement/service/impl/CallValidatorServiceImpl.java

@@ -10,6 +10,7 @@ import net.gepafin.tendermanagement.model.response.CallResponse;
 import net.gepafin.tendermanagement.model.response.FlowResponseBean;
 import net.gepafin.tendermanagement.model.response.FormResponseBean;
 import net.gepafin.tendermanagement.util.FieldValidator;
+import net.gepafin.tendermanagement.util.Utils;
 import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException;
 import net.gepafin.tendermanagement.web.rest.api.errors.Status;
 
@@ -28,6 +29,10 @@ public class CallValidatorServiceImpl {
 				.notNull(response.getAmount(), "amount")
 				.notNull(response.getAmountMax(), "amountMax")
 				.notNull(response.getThreshold(), "threshold")
+				.notNull(response.getEmail(),"email")
+				.notNull(response.getAmountMin(),"amountMin")
+				.notNull(response.getStartTime(),"startTime")
+				.notNull(response.getEndTime(),"endTime")
 				.notNull(response.getDocumentationRequested(), "documentationRequested")
 				.notEmpty(response.getAimedTo(), "aimedTo")
 				.notEmpty(response.getCriteria(), "criteria")

src/main/java/net/gepafin/tendermanagement/service/impl/CompanyServiceImpl.java

@@ -0,0 +1,83 @@
+package net.gepafin.tendermanagement.service.impl;
+
+import java.util.List;
+import java.util.Map;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import jakarta.servlet.http.HttpServletRequest;
+import net.gepafin.tendermanagement.dao.CompanyDao;
+import net.gepafin.tendermanagement.dao.VatCheckDao;
+import net.gepafin.tendermanagement.entities.CompanyEntity;
+import net.gepafin.tendermanagement.entities.UserEntity;
+import net.gepafin.tendermanagement.entities.UserWithCompanyEntity;
+import net.gepafin.tendermanagement.model.request.CompanyRequest;
+import net.gepafin.tendermanagement.model.response.CompanyResponse;
+import net.gepafin.tendermanagement.service.CompanyService;
+import net.gepafin.tendermanagement.util.Validator;
+
+@Service
+public class CompanyServiceImpl implements CompanyService {
+	
+	@Autowired
+	private Validator validator;
+	
+	@Autowired
+	private CompanyDao companyDao;	
+	
+	@Autowired
+	private VatCheckDao vatCheckDao;
+	
+	@Override
+	@Transactional(rollbackFor = Exception.class)
+	public CompanyResponse createCompany(HttpServletRequest request, CompanyRequest companyRequest) {
+		UserEntity userEntity =validator.validateUser(request);
+		return companyDao.createCompany(userEntity, companyRequest);
+	}
+	
+	@Override
+	@Transactional(rollbackFor = Exception.class)
+	public CompanyResponse updateCompany(HttpServletRequest request, Long companyId, CompanyRequest companyRequest) {
+		UserEntity userEntity =validator.validateUser(request);
+		return companyDao.updateCompany(userEntity, companyId, companyRequest);
+	}
+	
+	@Override
+	@Transactional(readOnly = true)
+	public CompanyResponse getCompany(HttpServletRequest request, Long companyId) {
+		UserEntity userEntity =validator.validateUser(request);
+		return companyDao.getCompany(userEntity, companyId);
+	}
+	
+	@Override
+	@Transactional(rollbackFor = Exception.class)
+	public void deleteCompany(HttpServletRequest request, Long companyId) {
+		UserEntity userEntity =validator.validateUser(request);
+		companyDao.deleteCompany(userEntity, companyId);
+	}
+	
+	@Override
+	@Transactional(readOnly = true)
+	public List<CompanyResponse> getCompanyByUserId(HttpServletRequest request, Long userId) {
+		UserEntity userEntity = validator.validateUser(request);
+		return companyDao.getCompanyByUserId(userId);
+	}
+	
+	@Override
+	@Transactional(readOnly = true)
+	public Map<String, Object> checkVatNumber(HttpServletRequest request, String vatNumber) {
+		return vatCheckDao.checkVatNumber(vatNumber);
+	}
+	@Override
+	public CompanyEntity validateCompany(Long companyId) {
+		return companyDao.validateCompany(companyId);
+	}
+	
+	@Override
+	public UserWithCompanyEntity validateUserWithCompny(Long userId, Long companyId) {
+		return companyDao.validateUserWithCompny(userId, companyId);
+	}
+	
+}

src/main/java/net/gepafin/tendermanagement/service/impl/DocumentServiceImpl.java

@@ -4,6 +4,7 @@ import java.util.List;
 
 import jakarta.servlet.http.HttpServletRequest;
 import net.gepafin.tendermanagement.dao.DocumentDao;
+import net.gepafin.tendermanagement.entities.DocumentEntity;
 import net.gepafin.tendermanagement.enums.DocumentSourceTypeEnum;
 import net.gepafin.tendermanagement.enums.DocumentTypeEnum;
 import net.gepafin.tendermanagement.model.response.DocumentResponseBean;
@@ -40,4 +41,10 @@ public class DocumentServiceImpl implements DocumentService {
     public DocumentResponseBean getDocument(HttpServletRequest httpServletRequest, Long documentId) {
         return documentDao.getDocument(documentId);
     }
+
+    @Override
+    public DocumentEntity validateDocument(Long id){
+        return documentDao.validateDocument(id);
+    }
+
 }

src/main/java/net/gepafin/tendermanagement/service/impl/FaqServiceImpl.java

@@ -25,9 +25,9 @@ public class FaqServiceImpl implements FaqService {
     private Validator validator;
 
     @Override
-    public FaqResponseBean createFaq(HttpServletRequest request,Long callId, FaqReq faqRequest) {
+    public FaqResponseBean createFaq(HttpServletRequest request,Long callId, Long companyId, FaqReq faqRequest) {
         UserEntity userEntity = validator.validateUser(request);
-        return faqDao.createFaq(faqRequest, userEntity,callId);
+        return faqDao.createFaq(faqRequest, userEntity, callId, companyId);
     }
 
     @Override

src/main/java/net/gepafin/tendermanagement/service/impl/UserServiceImpl.java

@@ -2,22 +2,25 @@ package net.gepafin.tendermanagement.service.impl;
 
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
-import net.gepafin.tendermanagement.config.jwt.TokenProvider;
+import net.gepafin.tendermanagement.config.SamlSuccessHandler;
 import net.gepafin.tendermanagement.dao.UserDao;
 import net.gepafin.tendermanagement.entities.UserEntity;
 import net.gepafin.tendermanagement.model.request.LoginReq;
 import net.gepafin.tendermanagement.model.request.UpdateUserReq;
 import net.gepafin.tendermanagement.model.request.UserReq;
+import net.gepafin.tendermanagement.enums.RoleStatusEnum;
 import net.gepafin.tendermanagement.enums.UserStatusEnum;
 import net.gepafin.tendermanagement.model.request.*;
+import net.gepafin.tendermanagement.model.response.UserSamlResponse;
 import net.gepafin.tendermanagement.model.response.UserResponseBean;
 import net.gepafin.tendermanagement.model.util.JWTToken;
 import net.gepafin.tendermanagement.service.UserService;
+import net.gepafin.tendermanagement.util.Validator;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
-import java.util.Map;
 
 
 @Service
@@ -25,12 +28,22 @@ public class UserServiceImpl implements UserService {
 
     @Autowired
     private UserDao userDao;
-    @Autowired
-    private TokenProvider tokenProvider;
     
+    @Autowired
+    private Validator validator;
+    
+    @Autowired
+    private SamlSuccessHandler samlSuccessHandler;
+
+    @Override
     @Transactional(rollbackFor = Exception.class)
-    public UserResponseBean createUser(UserReq userReq) {
+    public JWTToken createUser(HttpServletRequest request, String tempToken, UserReq userReq) {
-        return userDao.createUser(userReq);
+		if (tempToken == null) {
+			validator.validateRequest(request,RoleStatusEnum.ROLE_SUPER_ADMIN);
+		}else {
+			samlSuccessHandler.validateToken(tempToken, userReq.getCodiceFiscale());
+		}
+        return userDao.createUser(request, tempToken, userReq);
     }
 
 
@@ -89,8 +102,17 @@ public class UserServiceImpl implements UserService {
     @Override
     @Transactional(readOnly = true)
     public UserResponseBean getValidUser(HttpServletRequest request) {
-        Map<String, Object> userInfo= tokenProvider.getUserInfoAndUserIdFromToken(request);
+        UserEntity user=validator.validateUser(request);
-        UserEntity user=tokenProvider.validateUser(userInfo);
         return userDao.getUserById(user.getId());
     }
+    
+    @Override
+    @Transactional(rollbackFor = Exception.class)
+    public JWTToken validateExistingUserToken(HttpServletRequest request, String token) {
+    	return userDao.validateExistingUserToken(token);
+    }
+    @Override
+    public UserSamlResponse validateNewUserToken(HttpServletRequest request, String token) {
+    	return userDao.validateNewUserToken(token);
+    }
 }

src/main/java/net/gepafin/tendermanagement/util/DateTimeUtil.java

@@ -1,16 +1,29 @@
 package net.gepafin.tendermanagement.util;
 
+import com.fasterxml.jackson.core.JsonParser;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.DeserializationContext;
+import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException;
+import net.gepafin.tendermanagement.web.rest.api.errors.Status;
 import org.springframework.stereotype.Component;
 
+import java.io.IOException;
 import java.time.LocalDateTime;
+import java.time.LocalTime;
 import java.time.ZoneId;
 import java.time.ZonedDateTime;
+import java.time.format.DateTimeFormatter;
+import java.time.format.DateTimeParseException;
 import java.util.Calendar;
 import java.util.Date;
+import java.util.regex.Pattern;
 
 @Component
 public class DateTimeUtil {
 
+	private static final Pattern TIME_PATTERN = Pattern.compile(
+			"^((([01]?\\d|2[0-3]):([0-5]\\d)(:[0-5]\\d)?(\\s?[AP]M)?)|((0?[1-9]|1[0-2]):([0-5]\\d)(:[0-5]\\d)?\\s?[AP]M))$");
+
 
 	public static LocalDateTime DateServerToUTC(LocalDateTime systemDate) {
 
@@ -50,4 +63,27 @@ public class DateTimeUtil {
           .from(localDateTime.atZone(ZoneId.systemDefault())
           .toInstant());
     }
+
+	public static LocalTime parseTime(String timeString) throws DateTimeParseException {
+		DateTimeFormatter formatter;
+		if(timeString==null) {
+			return null;
+		}
+		if (!TIME_PATTERN.matcher(timeString).matches()) {
+			throw new CustomValidationException(Status.BAD_REQUEST,"Invalid time format: " + timeString);
+		}
+		// Try to parse using default formats if no format is provided
+		String[] defaultFormats = {"HH:mm:ss", "HH:mm", "HH:mm:ss a", "hh:mm a"};
+		for (String defaultFormat : defaultFormats) {
+			formatter = DateTimeFormatter.ofPattern(defaultFormat);
+			try {
+				return LocalTime.parse(timeString, formatter);
+			} catch (DateTimeParseException e) {
+				// Continue to the next format
+			}
+		}
+
+		// If all parsing attempts fail, throw an exception
+		throw new CustomValidationException(Status.BAD_REQUEST,"Failed to parse time: " + timeString);
+	}
 }

src/main/java/net/gepafin/tendermanagement/util/FieldValidator.java

@@ -27,16 +27,16 @@ public class FieldValidator {
 	private VatCheckDao vatCheckDao;
 
 
-	public FieldValidator notNull(Object object, String fieldName) {
+	public FieldValidator notNull(Object object, String fieldLabel) {
 		if (Objects.isNull(object)) {
-			errors.add(MessageFormat.format(Translator.toLocale(GepafinConstant.FIELD_NOT_NULL), fieldName));
+			errors.add(MessageFormat.format(Translator.toLocale(GepafinConstant.FIELD_NOT_NULL), fieldLabel));
 		}
 		return this;
 	}
 
-	public FieldValidator notEmpty(List<?> list, String fieldName) {
+	public FieldValidator notEmpty(List<?> list, String fieldLabel) {
 		if (list == null || list.isEmpty()) {
-			errors.add(MessageFormat.format(Translator.toLocale(GepafinConstant.FIELD_NOT_EMPTY), fieldName));
+			errors.add(MessageFormat.format(Translator.toLocale(GepafinConstant.FIELD_NOT_EMPTY), fieldLabel));
 		}
 		return this;
 	}
@@ -46,23 +46,23 @@ public class FieldValidator {
 			throw new ValidationException(Status.VALIDATION_ERROR, errors, Translator.toLocale(GepafinConstant.VALIDATION_MESSAGE));
 		}
 	}
-	public FieldValidator minLength(String value, Long minLength, String fieldName) {
+	public FieldValidator minLength(String value, Long minLength, String fieldLabel) {
 		if (minLength != null && value != null && value.length() < minLength) {
-			errors.add(MessageFormat.format(Translator.toLocale(GepafinConstant.VALIDATION_FIELD_MIN_LENGTH), fieldName, minLength));
+			errors.add(MessageFormat.format(Translator.toLocale(GepafinConstant.VALIDATION_FIELD_MIN_LENGTH), fieldLabel, minLength));
 		}
 		return this;
 	}
 
-	public FieldValidator maxLength(String value, Long maxLength, String fieldName) {
+	public FieldValidator maxLength(String value, Long maxLength, String fieldLabel) {
 		if (maxLength != null && value != null && value.length() > maxLength) {
-			errors.add(MessageFormat.format(Translator.toLocale(GepafinConstant.VALIDATION_FIELD_MAX_LENGTH), fieldName, maxLength));
+			errors.add(MessageFormat.format(Translator.toLocale(GepafinConstant.VALIDATION_FIELD_MAX_LENGTH), fieldLabel, maxLength));
 		}
 		return this;
 	}
 
-	public FieldValidator matchesPattern(String value, String pattern, String fieldName) {
+	public FieldValidator matchesPattern(String value, String pattern, String fieldLabel) {
 		if (value != null && pattern != null && !value.matches(pattern)) {
-			errors.add(MessageFormat.format(Translator.toLocale(GepafinConstant.VALIDATION_FIELD_PATTERN), fieldName));
+			errors.add(MessageFormat.format(Translator.toLocale(GepafinConstant.VALIDATION_FIELD_PATTERN), fieldLabel));
 		}
 		return this;
 	}
@@ -147,4 +147,7 @@ public class FieldValidator {
 		}
 		return this;
 	}
+	public boolean hasErrors() {
+		return !errors.isEmpty();
+	}
 }

src/main/java/net/gepafin/tendermanagement/util/Utils.java

@@ -1,27 +1,37 @@
 package net.gepafin.tendermanagement.util;
 
-import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.core.json.JsonReadFeature;
-import com.fasterxml.jackson.core.type.TypeReference;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.DeserializationFeature;
-import com.fasterxml.jackson.databind.type.TypeFactory;
-import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
-import io.micrometer.common.util.StringUtils;
-import org.apache.commons.collections4.MapUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
 import java.lang.reflect.Field;
 import java.lang.reflect.Type;
 import java.nio.charset.StandardCharsets;
+import java.security.SecureRandom;
 import java.util.Base64;
 import java.util.List;
 import java.util.Map;
 import java.util.function.Consumer;
 import java.util.function.Supplier;
+import java.util.regex.Pattern;
 import java.util.stream.Collectors;
 
+import org.apache.commons.collections4.MapUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpStatus;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.core.json.JsonReadFeature;
+import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.type.TypeFactory;
+import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
+
+import feign.FeignException;
+import io.micrometer.common.util.StringUtils;
+import net.gepafin.tendermanagement.web.rest.api.errors.FeignClientForbiddenException;
+import net.gepafin.tendermanagement.web.rest.api.errors.FeignClientNotFoundException;
+import net.gepafin.tendermanagement.web.rest.api.errors.FeignClientUnauthorizedException;
+import net.gepafin.tendermanagement.web.rest.api.errors.FeignClientValidationException;
+
 
 public class Utils {
 
@@ -161,4 +171,60 @@ public class Utils {
 			}
 		}
 	}
+
+	public static String encodeData(String data) {
+        return Base64.getEncoder().encodeToString(data.getBytes(StandardCharsets.UTF_8));
+    }
+
+    public static String decodeData(String token) {
+        byte[] decodedBytes = Base64.getDecoder().decode(token);
+        return new String(decodedBytes, StandardCharsets.UTF_8);
+    }
+
+	public static String generateSecureToken() {
+        SecureRandom secureRandom = new SecureRandom();
+        byte[] tokenBytes = new byte[24];
+        secureRandom.nextBytes(tokenBytes);
+        String token = Base64.getUrlEncoder().withoutPadding().encodeToString(tokenBytes);
+        log.debug("Generated secure token: {}", token);
+        return token;
+    }
+
+	public static Map<String, List<Object>> convertStringIntoMap(String jsonString) {
+		try {
+			return mapper.readValue(jsonString, new TypeReference<Map<String, List<Object>>>() {
+			});
+		} catch (Exception e) {
+			log.error("Error converting object: " + e.getMessage(), e);
+			return null;
+		}
+	}
+	
+	public static void callException(Integer staus, FeignException ex) {
+		switch (staus) {
+		case 400:
+			throw new FeignClientValidationException(HttpStatus.valueOf(staus), ex.getMessage());
+
+		case 401:
+			throw new FeignClientUnauthorizedException(HttpStatus.valueOf(staus), ex.getMessage());
+
+		case 403:
+			throw new FeignClientForbiddenException(HttpStatus.valueOf(staus), ex.getMessage());
+
+		case 404:
+			throw new FeignClientNotFoundException(HttpStatus.valueOf(staus), ex.getMessage());
+		default:
+			log.error("Exception occured  :- {0}", ex);
+			throw ex;
+		}
+	}
+	
+	public static Boolean isValidEmail(String email) {
+		String EMAIL_REGEX = "^[A-Za-z0-9+_.-]+@[A-Za-z0-9.-]+$";
+		if (email == null || email.isEmpty()) {
+			return false;
+		}
+		Pattern pattern = Pattern.compile(EMAIL_REGEX);
+		return pattern.matcher(email).matches();
+	}
 }

src/main/java/net/gepafin/tendermanagement/util/Validator.java

@@ -1,11 +1,21 @@
 package net.gepafin.tendermanagement.util;
 
 import jakarta.servlet.http.HttpServletRequest;
+import net.gepafin.tendermanagement.config.Translator;
 import net.gepafin.tendermanagement.config.jwt.TokenProvider;
+import net.gepafin.tendermanagement.constants.GepafinConstant;
+import net.gepafin.tendermanagement.entities.CompanyEntity;
 import net.gepafin.tendermanagement.entities.UserEntity;
+import net.gepafin.tendermanagement.enums.RoleStatusEnum;
+import net.gepafin.tendermanagement.service.CompanyService;
 import net.gepafin.tendermanagement.service.UserService;
+import net.gepafin.tendermanagement.web.rest.api.errors.Status;
+import net.gepafin.tendermanagement.web.rest.api.errors.UnauthorizedAccessException;
 
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 
 import java.util.Map;
@@ -19,6 +29,9 @@ public class Validator {
     @Autowired
     private UserService userService;
     
+    @Autowired
+    private CompanyService companyService;
+
     public Map<String, Object> getUserInfoFromToken(HttpServletRequest request) {
         return tokenProvider.getUserInfoAndUserIdFromToken(request);
     }
@@ -28,4 +41,50 @@ public class Validator {
 		return userService.validateUser(Long.parseLong(userInfo.get("userId").toString()));
 	}
 
+	public Boolean checkIsSuperAdmin() {
+		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+		if (authentication != null && authentication.isAuthenticated()) {
+			// Check if the user has the ROLE_SUPER_ADMIN authority
+			for (GrantedAuthority authority : authentication.getAuthorities()) {
+				if (RoleStatusEnum.ROLE_SUPER_ADMIN.getValue().equals(authority.getAuthority())) {
+					return true;
+				}
+			}
+		}
+		return false;
+	}
+
+	public void validateRequest(HttpServletRequest request,RoleStatusEnum role) {
+		if (RoleStatusEnum.ROLE_SUPER_ADMIN.equals(role) && Boolean.FALSE.equals(checkIsSuperAdmin())) {
+			throw new UnauthorizedAccessException(Status.UNAUTHORIZED, Translator.toLocale(GepafinConstant.INVALID_REQUEST));
+		}
+	}
+
+	public CompanyEntity validateUSerWithCompany(HttpServletRequest request, Long companyId) {
+		if (checkIsSuperAdmin()) {
+			return companyService.validateCompany(companyId);
+		}
+		Map<String, Object> userInfo = tokenProvider.getUserInfoAndUserIdFromToken(request);
+		companyService.validateUserWithCompny(getUserId(userInfo), companyId);
+		return companyService.validateCompany(companyId);
+	}
+
+	private Long getUserId(Map<String, Object> userInfo) {
+		return Long.parseLong(userInfo.get("userId").toString());
+	}
+
+	public Boolean checkIsBeneficiary() {
+		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+		if (authentication != null && authentication.isAuthenticated()) {
+			// Check if the user has the ROLE_SUPER_ADMIN authority
+			for (GrantedAuthority authority : authentication.getAuthorities()) {
+				if (RoleStatusEnum.ROLE_BENEFICIARY.getValue().equals(authority.getAuthority())) {
+					return true;
+				}
+			}
+		}
+		return false;
+	}
+	
 }

src/main/java/net/gepafin/tendermanagement/web/rest/api/ApplicationApi.java

@@ -67,7 +67,8 @@ public interface ApplicationApi {
                             @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
     @GetMapping(value = "", produces = "application/json")
     ResponseEntity<Response<List<ApplicationResponse>>> getAllApplications(HttpServletRequest request,
-      @Parameter(description = "The call id", required = false) @RequestParam(value = "callId", required = false) Long callId);
+      @Parameter(description = "The call id", required = false) @RequestParam(value = "callId", required = false) Long callId,
+      @Parameter(description = "The company id", required = false) @RequestParam(value = "companyId", required = false) Long companyId);
 
     @Operation(summary = "Api to delete application",
             responses = {
@@ -93,9 +94,10 @@ public interface ApplicationApi {
                             @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
     @PostMapping(value = "/call/{callId}",
             produces = { "application/json" })
-    ResponseEntity<Response<ApplicationResponse>> createApplicationByCallId(HttpServletRequest request,
+	ResponseEntity<Response<ApplicationResponse>> createApplicationByCallId(HttpServletRequest request,
-                                                                        @Parameter(description = " Flow request object", required = true) @Valid @RequestBody ApplicationRequest applicationRequest,
+			@Parameter(description = "The company ID", required = true) @RequestParam(value = "companyId", required = true) Long companyId,
-                                                                        @Parameter(description = "The call ID", required = true) @PathVariable("callId") Long callId);
+			@Parameter(description = " Flow request object", required = true) @Valid @RequestBody ApplicationRequest applicationRequest,
+			@Parameter(description = "The call ID", required = true) @PathVariable("callId") Long callId);
 
 
 

src/main/java/net/gepafin/tendermanagement/web/rest/api/CompanyApi.java

@@ -0,0 +1,97 @@
+package net.gepafin.tendermanagement.web.rest.api;
+
+import java.util.List;
+import java.util.Map;
+
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.PutMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestParam;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.Parameter;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.ExampleObject;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import net.gepafin.tendermanagement.model.request.CompanyRequest;
+import net.gepafin.tendermanagement.model.response.CompanyResponse;
+import net.gepafin.tendermanagement.model.util.Response;
+import net.gepafin.tendermanagement.web.rest.api.errors.ErrorConstants;
+
+public interface CompanyApi {
+
+	@Operation(summary = "Api to create company", responses = { @ApiResponse(responseCode = "200", description = "OK"),
+			@ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.NOTFOUND_ERROR_EXAMPLE) })),
+			@ApiResponse(responseCode = "401", description = "Unauthorized", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.UNAUTHORIZED_ERROR_EXAMPLE) })),
+			@ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
+	@PostMapping(value = "", produces = { "application/json" })
+	ResponseEntity<Response<CompanyResponse>> createCompany(HttpServletRequest request,
+			@Parameter(description = "Company request object", required = true) @RequestBody CompanyRequest companyRequest);
+
+	@Operation(summary = "Api to update company", responses = { @ApiResponse(responseCode = "200", description = "OK"),
+			@ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.NOTFOUND_ERROR_EXAMPLE) })),
+			@ApiResponse(responseCode = "401", description = "Unauthorized", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.UNAUTHORIZED_ERROR_EXAMPLE) })),
+			@ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
+	@PutMapping(value = "/{companyId}", produces = { "application/json" })
+	ResponseEntity<Response<CompanyResponse>> updateCompany(HttpServletRequest request,
+			@Parameter(description = "The company id", required = true) @PathVariable("companyId") Long companyId,
+			@Parameter(description = "Company request object", required = true) @RequestBody CompanyRequest companyRequest);
+
+	@Operation(summary = "Api to delete company", responses = { @ApiResponse(responseCode = "200", description = "OK"),
+			@ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.NOTFOUND_ERROR_EXAMPLE) })),
+			@ApiResponse(responseCode = "401", description = "Unauthorized", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.UNAUTHORIZED_ERROR_EXAMPLE) })),
+			@ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
+	@DeleteMapping(value = "/{companyId}", produces = { "application/json" })
+	ResponseEntity<Response<Void>> deleteCompany(HttpServletRequest request,
+			@Parameter(description = "The company id", required = true) @PathVariable("companyId") Long companyId);
+
+	@Operation(summary = "Api to get company", responses = { @ApiResponse(responseCode = "200", description = "OK"),
+			@ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.NOTFOUND_ERROR_EXAMPLE) })),
+			@ApiResponse(responseCode = "401", description = "Unauthorized", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.UNAUTHORIZED_ERROR_EXAMPLE) })),
+			@ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
+	@GetMapping(value = "/{companyId}", produces = { "application/json" })
+	ResponseEntity<Response<CompanyResponse>> getCompany(HttpServletRequest request,
+			@Parameter(description = "The company id", required = true) @PathVariable("companyId") Long companyId);
+
+	@Operation(summary = "Api to get company by user Id", responses = {
+			@ApiResponse(responseCode = "200", description = "OK"),
+			@ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.NOTFOUND_ERROR_EXAMPLE) })),
+			@ApiResponse(responseCode = "401", description = "Unauthorized", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.UNAUTHORIZED_ERROR_EXAMPLE) })),
+			@ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
+	@GetMapping(value = "/user/{userId}", produces = { "application/json" })
+	ResponseEntity<Response<List<CompanyResponse>>> getCompanyByUserId(HttpServletRequest request,
+			@Parameter(description = "The company id", required = true) @PathVariable("userId") Long userId);
+	
+	@Operation(summary = "Api to check vatNumber", responses = { @ApiResponse(responseCode = "200", description = "OK"),
+			@ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.NOTFOUND_ERROR_EXAMPLE) })),
+			@ApiResponse(responseCode = "401", description = "Unauthorized", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.UNAUTHORIZED_ERROR_EXAMPLE) })),
+			@ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+					@ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
+	@GetMapping(value = "/vatNumber", produces = { "application/json" })
+	ResponseEntity<Response<Map<String,Object>>> checkVatNumber(HttpServletRequest request,
+			@Parameter(description = "The vatNumber of company", required = true) @RequestParam("vatNumber") String vatNumber);
+
+}

src/main/java/net/gepafin/tendermanagement/web/rest/api/DocumentApi.java

@@ -31,9 +31,13 @@ public interface DocumentApi {
                     @ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
                             @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) }))})
     @PostMapping(value = "/uploadFile/source/{sourceId}", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
-    default ResponseEntity<Response<List<DocumentResponseBean>>> uploadFile(HttpServletRequest httpServletRequest, @Parameter(description = "Source Id", required = true) @PathVariable("sourceId") Long sourceId, @RequestParam DocumentSourceTypeEnum sourceType, @RequestParam("file") List<MultipartFile> files, @RequestParam("documentType") DocumentTypeEnum documentTypeEnum) {
+	default ResponseEntity<Response<List<DocumentResponseBean>>> uploadFile(HttpServletRequest httpServletRequest,
-        return new ResponseEntity<>(HttpStatus.NOT_IMPLEMENTED);
+			@Parameter(description = "Source Id", required = true) @PathVariable("sourceId") Long sourceId,
-    }
+			@RequestParam("sourceType") DocumentSourceTypeEnum sourceType,
+			@RequestParam("file") List<MultipartFile> files,
+			@RequestParam("documentType") DocumentTypeEnum documentTypeEnum) {
+		return new ResponseEntity<>(HttpStatus.NOT_IMPLEMENTED);
+	}
 
     @Operation(summary = "API to delete a file by document id",
             responses = {

src/main/java/net/gepafin/tendermanagement/web/rest/api/FaqApi.java

@@ -24,7 +24,7 @@ public interface FaqApi {
             })
     @PostMapping(value = "/call/{callId}", consumes = "application/json", produces = "application/json")
     ResponseEntity<Response<FaqResponseBean>> createFaq(HttpServletRequest request, @Parameter(description = "call id", required = true)
-    @PathVariable("callId") Long callId, @Valid @RequestBody FaqReq faqRequest);
+    @PathVariable("callId") Long callId, @RequestParam(value = "companyId", required = false) Long companyId, @Valid @RequestBody FaqReq faqRequest);
 
     @Operation(summary = "API to get FAQ by id",
             responses = {

src/main/java/net/gepafin/tendermanagement/web/rest/api/FlowApi.java

@@ -9,7 +9,6 @@ import jakarta.servlet.http.HttpServletRequest;
 import jakarta.validation.Valid;
 import net.gepafin.tendermanagement.model.request.FlowRequestBean;
 import net.gepafin.tendermanagement.model.response.FlowResponseBean;
-import net.gepafin.tendermanagement.model.response.FormResponseBean;
 import net.gepafin.tendermanagement.model.util.Response;
 import net.gepafin.tendermanagement.web.rest.api.errors.ErrorConstants;
 import org.springframework.http.MediaType;
@@ -18,7 +17,6 @@ import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
-import java.util.List;
 
 @Validated
 public interface FlowApi {

src/main/java/net/gepafin/tendermanagement/web/rest/api/FormApi.java

@@ -49,6 +49,7 @@ public interface FormApi {
                             @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
     @PutMapping(value = "/{formId}",
             produces = { "application/json" })
+    @PreAuthorize("hasRole('ROLE_SUPER_ADMIN')")
     ResponseEntity<Response<FormResponseBean>> updateForm(HttpServletRequest request,
             @Parameter(description = "The form ID", required = true) @PathVariable("formId") Long formId,
             @Parameter(description = "form request object", required = true) @Valid @RequestBody FormRequest formRequest,@Parameter(description = "force delete flow ",required = true)@RequestParam(value = "forceDeleteFlow",required = true)Boolean forceDeleteFlow);
@@ -78,6 +79,7 @@ public interface FormApi {
                     @ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
                             @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
     @DeleteMapping(value = "/{formId}")
+    @PreAuthorize("hasRole('ROLE_SUPER_ADMIN')")
     ResponseEntity<Response<Void>> deleteForm(HttpServletRequest request,
             @Parameter(description = "The form ID", required = true) @PathVariable("formId") Long formId);
 

src/main/java/net/gepafin/tendermanagement/web/rest/api/FormFieldApi.java

@@ -13,6 +13,7 @@ import net.gepafin.tendermanagement.model.util.Response;
 import net.gepafin.tendermanagement.web.rest.api.errors.ErrorConstants;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
@@ -30,6 +31,7 @@ public interface FormFieldApi {
                             @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) }))
             })
     @PostMapping(value = "", produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE)
+    @PreAuthorize("hasRole('ROLE_SUPER_ADMIN')")
     public ResponseEntity<Response<FormFieldResponseBean>> createFormField(HttpServletRequest request,
                                                                       @Parameter(description = "form field request object", required = true)
                                                                  @Valid @RequestBody FormFieldRequest formFieldRequest);
@@ -46,6 +48,7 @@ public interface FormFieldApi {
                             @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
     @PutMapping(value = "/{formFieldId}",
             produces = { "application/json" })
+    @PreAuthorize("hasRole('ROLE_SUPER_ADMIN')")
     ResponseEntity<Response<FormFieldResponseBean>> updateFormField(HttpServletRequest request,
                                                           @Parameter(description = "The form field ID", required = true) @PathVariable("formFieldId") Long formFieldId,
                                                           @Parameter(description = "form  field request object", required = true) @Valid @RequestBody FormFieldRequest formFieldRequest);
@@ -61,6 +64,7 @@ public interface FormFieldApi {
                             @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
     @GetMapping(value = "/{formFieldId}",
             produces = { "application/json" })
+    @PreAuthorize("hasRole('ROLE_SUPER_ADMIN')")
     ResponseEntity<Response<FormFieldResponseBean>> getFormFieldById(HttpServletRequest request,
                                                            @Parameter(description = "The form field ID", required = true) @PathVariable("formFieldId") Long formFieldId);
 
@@ -75,6 +79,7 @@ public interface FormFieldApi {
                     @ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
                             @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
     @DeleteMapping(value = "/{formFieldId}")
+    @PreAuthorize("hasRole('ROLE_SUPER_ADMIN')")
     ResponseEntity<Response<Void>> deleteForm(HttpServletRequest request,
                                               @Parameter(description = "The form field ID", required = true) @PathVariable("formFieldId") Long formFieldId);
 
@@ -89,6 +94,7 @@ public interface FormFieldApi {
                             @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
     @GetMapping(value = "",
             produces = { "application/json" })
+    @PreAuthorize("hasRole('ROLE_SUPER_ADMIN')")
     ResponseEntity<Response<List<FormFieldResponseBean>>> getAllFormField(HttpServletRequest request);
 
 }

src/main/java/net/gepafin/tendermanagement/web/rest/api/SamlApi.java

@@ -0,0 +1,30 @@
+package net.gepafin.tendermanagement.web.rest.api;
+
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.ExampleObject;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import net.gepafin.tendermanagement.web.rest.api.errors.ErrorConstants;
+
+public interface SamlApi {
+	
+	  
+    @Operation(summary = "Api to get SP metadata",
+            responses = {
+                    @ApiResponse(responseCode = "200", description = "OK"),
+                    @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+                            @ExampleObject(value = ErrorConstants.NOTFOUND_ERROR_EXAMPLE) })),
+                    @ApiResponse(responseCode = "401", description = "Unauthorized", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+                            @ExampleObject(value = ErrorConstants.UNAUTHORIZED_ERROR_EXAMPLE) })),
+                    @ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+                            @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
+    @GetMapping(value = "/gw/metadata",
+            produces = { "application/json" })
+    ResponseEntity<String> getMetadata(HttpServletRequest request);
+
+}

src/main/java/net/gepafin/tendermanagement/web/rest/api/UserApi.java

@@ -10,6 +10,7 @@ import jakarta.servlet.http.HttpServletResponse;
 import jakarta.validation.Valid;
 import net.gepafin.tendermanagement.enums.UserStatusEnum;
 import net.gepafin.tendermanagement.model.request.*;
+import net.gepafin.tendermanagement.model.response.UserSamlResponse;
 import net.gepafin.tendermanagement.model.response.UserResponseBean;
 import net.gepafin.tendermanagement.model.util.JWTToken;
 import net.gepafin.tendermanagement.model.util.Response;
@@ -37,10 +38,11 @@ public interface UserApi {
     @RequestMapping(value = "",
             produces = {"application/json"},
             method = RequestMethod.POST)
-    @PreAuthorize("hasRole('ROLE_SUPER_ADMIN')")
+//    @PreAuthorize("hasRole('ROLE_SUPER_ADMIN')")
-    default ResponseEntity<Response<UserResponseBean>> createUser(
+    default ResponseEntity<Response<JWTToken>> createUser(HttpServletRequest request,
+    		@Parameter(description = "temp spid Token", required = false) @RequestParam(value = "tempToken", required = false) String tempToken,
             @Parameter(description = "User request object", required = true) @Validated @RequestBody UserReq userReq) {
-        return new ResponseEntity<Response<UserResponseBean>>(HttpStatus.NOT_IMPLEMENTED);
+        return new ResponseEntity<Response<JWTToken>>(HttpStatus.NOT_IMPLEMENTED);
     }
 
     @Operation(summary = "Api to update user",
@@ -174,6 +176,7 @@ public interface UserApi {
             @Parameter(description = "status", required = true)@RequestParam(value = "status", required = true) UserStatusEnum status) {
         return new ResponseEntity<>(HttpStatus.NOT_IMPLEMENTED);
     }
+    
     @Operation(summary = "Api to get valid user from token",
             responses = {
                     @ApiResponse(responseCode = "200", description = "OK"),
@@ -187,5 +190,37 @@ public interface UserApi {
             produces = { "application/json" })
     ResponseEntity<Response<UserResponseBean>> getValidUser(HttpServletRequest request);
     
+    @Operation(summary = "Api to validate existing user from saml token",
+            responses = {
+                    @ApiResponse(responseCode = "200", description = "OK"),
+                    @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+                            @ExampleObject(value = ErrorConstants.NOTFOUND_ERROR_EXAMPLE) })),
+                    @ApiResponse(responseCode = "401", description = "Unauthorized", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+                            @ExampleObject(value = ErrorConstants.UNAUTHORIZED_ERROR_EXAMPLE) })),
+                    @ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+                            @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
+    @GetMapping(value = "/sso/validate/existing-user/{token}",
+            produces = { "application/json" })
+    ResponseEntity<Response<JWTToken>> validateExistingUserToken(HttpServletRequest request,
+    		@Parameter(description = "The spid token", required = true) @PathVariable("token") String token);
+    
+    
+    @Operation(summary = "Api to validate new user from saml token",
+            responses = {
+                    @ApiResponse(responseCode = "200", description = "OK"),
+                    @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+                            @ExampleObject(value = ErrorConstants.NOTFOUND_ERROR_EXAMPLE) })),
+                    @ApiResponse(responseCode = "401", description = "Unauthorized", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+                            @ExampleObject(value = ErrorConstants.UNAUTHORIZED_ERROR_EXAMPLE) })),
+                    @ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = {
+                            @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) })
+    @GetMapping(value = "/sso/validate/new-user/{token}",
+            produces = { "application/json" })
+    ResponseEntity<Response<UserSamlResponse>> validateNewUserToken(HttpServletRequest request,
+    		@Parameter(description = "The spid token", required = true) @PathVariable("token") String token);
+    
+    
+    
+
 }
 

src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/FeignClientForbiddenException.java

@@ -0,0 +1,22 @@
+package net.gepafin.tendermanagement.web.rest.api.errors;
+
+import org.springframework.http.HttpStatus;
+
+import feign.FeignException;
+
+public class FeignClientForbiddenException  extends FeignException{
+
+	private static final long serialVersionUID = 1L;
+			
+	private final HttpStatus status;
+    
+    public FeignClientForbiddenException(HttpStatus status,String message) {
+		super(403,message);
+		this.status = status;
+	}
+
+	public HttpStatus getStatus() {
+		return status;
+	}
+	
+}

src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/FeignClientNotFoundException.java

@@ -0,0 +1,22 @@
+package net.gepafin.tendermanagement.web.rest.api.errors;
+
+import org.springframework.http.HttpStatus;
+
+import feign.FeignException;
+
+public class FeignClientNotFoundException  extends FeignException{
+
+	private static final long serialVersionUID = 1L;
+			
+	private final HttpStatus status;
+    
+    public FeignClientNotFoundException(HttpStatus status,String message) {
+		super(404,message);
+		this.status = status;
+	}
+
+	public HttpStatus getStatus() {
+		return status;
+	}
+	
+}

src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/FeignClientUnauthorizedException.java

@@ -0,0 +1,22 @@
+package net.gepafin.tendermanagement.web.rest.api.errors;
+
+import org.springframework.http.HttpStatus;
+
+import feign.FeignException;
+
+public class FeignClientUnauthorizedException  extends FeignException{
+
+	private static final long serialVersionUID = 1L;
+			
+	private final HttpStatus status;
+    
+    public FeignClientUnauthorizedException(HttpStatus status,String message) {
+		super(401,message);
+		this.status = status;
+	}
+
+	public HttpStatus getStatus() {
+		return status;
+	}
+	
+}

src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/FeignClientValidationException.java

@@ -0,0 +1,22 @@
+package net.gepafin.tendermanagement.web.rest.api.errors;
+
+import org.springframework.http.HttpStatus;
+
+import feign.FeignException;
+
+public class FeignClientValidationException  extends FeignException{
+
+	private static final long serialVersionUID = 1L;
+			
+	private final HttpStatus status;
+    
+    public FeignClientValidationException(HttpStatus status,String message) {
+		super(400,message);
+		this.status = status;
+	}
+
+	public HttpStatus getStatus() {
+		return status;
+	}
+	
+}

src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/GlobalExceptionHandler.java

@@ -2,9 +2,11 @@ package net.gepafin.tendermanagement.web.rest.api.errors;
 
 import net.gepafin.tendermanagement.config.Translator;
 import net.gepafin.tendermanagement.model.util.Response;
+import net.gepafin.tendermanagement.util.Utils;
 
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Map;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -14,6 +16,9 @@ import org.springframework.web.bind.annotation.ControllerAdvice;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.bind.annotation.ResponseStatus;
+
+import feign.FeignException;
+
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authorization.AuthorizationDeniedException;
@@ -122,4 +127,54 @@ public class GlobalExceptionHandler {
     }
 
     
+    @ResponseStatus(value = HttpStatus.BAD_REQUEST)
+    @ExceptionHandler(FeignClientValidationException.class)
+    @ResponseBody
+    public Map<String, Object> handleFeignClientBadRequestException(final Throwable ex) {
+        log.error(ex.getMessage());
+        log.error(ex.getLocalizedMessage(), ex);
+        String exceptionString = ex.getMessage().substring(ex.getMessage().indexOf("]: [") + 4, ex.getMessage().length() - 1);
+        return Utils.convertIntoJson(exceptionString);
+    }
+
+    @ResponseStatus(value = HttpStatus.FORBIDDEN)
+    @ExceptionHandler(FeignClientForbiddenException.class)
+    @ResponseBody
+    public Map<String, Object> handleFeignClientForbiddenException(final Throwable ex) {
+        log.error(ex.getMessage());
+        log.error(ex.getLocalizedMessage(), ex);
+        String exceptionString = ex.getMessage().substring(ex.getMessage().indexOf("]: [") + 4, ex.getMessage().length() - 1);
+        return Utils.convertIntoJson(exceptionString);
+    }
+
+    @ResponseStatus(value = HttpStatus.UNAUTHORIZED)
+    @ExceptionHandler(FeignClientUnauthorizedException.class)
+    @ResponseBody
+    public Map<String, Object> handleFeignClientUnauthorizedException(final Throwable ex) {
+        log.error(ex.getMessage());
+        log.error(ex.getLocalizedMessage(), ex);
+        String exceptionString = ex.getMessage().substring(ex.getMessage().indexOf("]: [") + 4, ex.getMessage().length() - 1);
+        return Utils.convertIntoJson(exceptionString);
+    }
+
+    @ResponseStatus(value = HttpStatus.NOT_FOUND)
+    @ExceptionHandler(FeignClientNotFoundException.class)
+    @ResponseBody
+    public Map<String, Object> handleFeignClientNotFoundException(final Throwable ex) {
+        log.error(ex.getMessage());
+        log.error(ex.getLocalizedMessage(), ex);
+        String exceptionString = ex.getMessage().substring(ex.getMessage().indexOf("]: [") + 4, ex.getMessage().length() - 1);
+        return Utils.convertIntoJson(exceptionString);
+    }
+
+    @ResponseStatus(value = HttpStatus.INTERNAL_SERVER_ERROR)
+    @ExceptionHandler(FeignException.class)
+    @ResponseBody
+    public Map<String, Object> handleFeignException(final Throwable ex) {
+        log.error(ex.getMessage());
+        log.error(ex.getLocalizedMessage(), ex);
+        String exceptionString = ex.getMessage().substring(ex.getMessage().indexOf("]: [") + 4, ex.getMessage().length() - 1);
+        return Utils.convertIntoJson(exceptionString);
+    }
+    
 }

src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/ApplicationApiController.java

@@ -60,14 +60,14 @@ public class ApplicationApiController implements ApplicationApi {
     }
 
     @Override
-    public ResponseEntity<Response<ApplicationResponse>> createApplicationByCallId(HttpServletRequest request, ApplicationRequest applicationRequest, Long callId) {
+    public ResponseEntity<Response<ApplicationResponse>> createApplicationByCallId(HttpServletRequest request, Long companyId, ApplicationRequest applicationRequest, Long callId) {
-            ApplicationResponse applicationResponseBean=applicationService.createApplication(request,applicationRequest,callId);
+            ApplicationResponse applicationResponseBean=applicationService.createApplication(request, companyId, applicationRequest, callId);
         return ResponseEntity.status(HttpStatus.CREATED)
                 .body(new Response<>(applicationResponseBean, Status.SUCCESS, Translator.toLocale(GepafinConstant.APPLICATION_CREATED_SUCCESS_MSG)));
     }
     @Override
-    public ResponseEntity<Response<List<ApplicationResponse>>> getAllApplications(HttpServletRequest request,Long callId) {
+    public ResponseEntity<Response<List<ApplicationResponse>>> getAllApplications(HttpServletRequest request,Long callId,Long companyId) {
-        List<ApplicationResponse> applications = applicationService.getAllApplications(request,callId);
+        List<ApplicationResponse> applications = applicationService.getAllApplications(request,callId,companyId);
         log.info("Get All Applications");
         return ResponseEntity.status(HttpStatus.OK)
                 .body(new Response<>(applications, Status.SUCCESS, Translator.toLocale(GepafinConstant.GET_APPLICATION_SUCCESS_MSG)));

src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/CompanyApiController.java

@@ -0,0 +1,89 @@
+package net.gepafin.tendermanagement.web.rest.api.impl;
+
+import java.util.List;
+import java.util.Map;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import jakarta.servlet.http.HttpServletRequest;
+import net.gepafin.tendermanagement.config.Translator;
+import net.gepafin.tendermanagement.constants.GepafinConstant;
+import net.gepafin.tendermanagement.model.request.CompanyRequest;
+import net.gepafin.tendermanagement.model.response.CompanyResponse;
+import net.gepafin.tendermanagement.model.util.Response;
+import net.gepafin.tendermanagement.service.CompanyService;
+import net.gepafin.tendermanagement.web.rest.api.CompanyApi;
+import net.gepafin.tendermanagement.web.rest.api.errors.Status;
+
+@RestController
+@RequestMapping("${openapi.gepafin.base-path:/v1/company}")
+public class CompanyApiController implements CompanyApi{
+	
+    private final Logger log = LoggerFactory.getLogger(CompanyApiController.class);
+    
+    @Autowired
+    private CompanyService companyService;
+
+	@Override
+	public ResponseEntity<Response<CompanyResponse>> createCompany(HttpServletRequest request,
+			CompanyRequest companyRequest) {
+		log.info("Create company with - Request Body: {}", companyRequest);
+		CompanyResponse data = companyService.createCompany(request, companyRequest);
+        return ResponseEntity.status(HttpStatus.CREATED)
+                .body(new Response<>(data, Status.SUCCESS, Translator.toLocale(GepafinConstant.COMPANY_CREATED_SUCCESS_MSG)));
+	}
+	
+	@Override
+	public ResponseEntity<Response<CompanyResponse>> updateCompany(HttpServletRequest request, Long companyId,
+			CompanyRequest companyRequest) {
+		log.info("Update company with - Request Body: {}", companyRequest);
+		CompanyResponse data = companyService.updateCompany(request, companyId, companyRequest);
+		
+        return ResponseEntity.status(HttpStatus.OK)
+                .body(new Response<>(data, Status.SUCCESS, Translator.toLocale(GepafinConstant.COMPANY_UPDATED_SUCCESS_MSG)));
+	}
+	
+	@Override
+	public ResponseEntity<Response<CompanyResponse>> getCompany(HttpServletRequest request, Long companyId) {
+		
+		log.info("Get company with id: {}", companyId);
+		CompanyResponse data = companyService.getCompany(request, companyId);
+		
+        return ResponseEntity.status(HttpStatus.OK)
+                .body(new Response<>(data, Status.SUCCESS, Translator.toLocale(GepafinConstant.COMPANY_GET_SUCCESS_MSG)));
+	}
+	
+	@Override
+	public ResponseEntity<Response<Void>> deleteCompany(HttpServletRequest request, Long companyId) {
+		log.info("Delete company with id: {}", companyId);
+		companyService.deleteCompany(request, companyId);
+		
+        return ResponseEntity.status(HttpStatus.OK)
+                .body(new Response<>(null, Status.SUCCESS, Translator.toLocale(GepafinConstant.COMPANY_DELETE_SUCCESS_MSG)));
+	}
+	
+	@Override
+	public ResponseEntity<Response<List<CompanyResponse>>> getCompanyByUserId(HttpServletRequest request, Long userId) {
+
+		log.info("Get company with userId: {}", userId);
+		List<CompanyResponse> data = companyService.getCompanyByUserId(request, userId);
+		
+        return ResponseEntity.status(HttpStatus.OK)
+                .body(new Response<>(data, Status.SUCCESS, Translator.toLocale(GepafinConstant.COMPANY_GET_SUCCESS_MSG)));
+	}
+	
+	@Override
+	public ResponseEntity<Response<Map<String,Object>>> checkVatNumber(HttpServletRequest request, String vatNumber) {
+		log.info("check VatNumber with: {}", vatNumber);
+		Map<String,Object> data = companyService.checkVatNumber(request, vatNumber);
+		return ResponseEntity.status(HttpStatus.OK)
+                .body(new Response<>(data, Status.SUCCESS, Translator.toLocale(GepafinConstant.CHECK_VATNUMBER_SUCCESS_MSG)));
+	}
+	
+}

src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/FaqApiController.java

@@ -22,8 +22,8 @@ public class FaqApiController implements FaqApi {
     private FaqService faqService;
 
     @Override
-    public ResponseEntity<Response<FaqResponseBean>> createFaq(HttpServletRequest request, Long callId,FaqReq faqRequest) {
+    public ResponseEntity<Response<FaqResponseBean>> createFaq(HttpServletRequest request, Long callId, Long companyId, FaqReq faqRequest) {
-        FaqResponseBean response = faqService.createFaq(request,callId, faqRequest);
+        FaqResponseBean response = faqService.createFaq(request,callId, companyId, faqRequest);
         return ResponseEntity.status(HttpStatus.CREATED)
                 .body(new Response<>(response, Status.SUCCESS, Translator.toLocale(GepafinConstant.FAQ_CREATED_SUCCESSFULLY)));
     }

src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/FlowApiController.java

@@ -12,11 +12,9 @@ import net.gepafin.tendermanagement.web.rest.api.errors.Status;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.transaction.annotation.Transactional;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
-import java.util.List;
 
 @RestController
 @RequestMapping("${openapi.gepafin.base-path:/v1/flow}")

src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/SamlApiController.java

@@ -0,0 +1,39 @@
+package net.gepafin.tendermanagement.web.rest.api.impl;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.saml2.provider.service.metadata.OpenSamlMetadataResolver;
+import org.springframework.security.saml2.provider.service.metadata.Saml2MetadataResolver;
+import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
+import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import jakarta.servlet.http.HttpServletRequest;
+import net.gepafin.tendermanagement.config.SecurityConfig;
+import net.gepafin.tendermanagement.web.rest.api.SamlApi;
+
+@RestController
+@RequestMapping("${openapi.gepafin.base-path:/v1/saml}")
+public class SamlApiController implements SamlApi{
+	
+	private final Logger logger = LoggerFactory.getLogger(SecurityConfig.class);
+	
+	@Autowired
+	private RelyingPartyRegistrationRepository relyingPartyRegistrationRepository;
+	
+	@Override
+	public ResponseEntity<String> getMetadata(HttpServletRequest request) {
+		logger.info("get SP metadata");
+		Saml2MetadataResolver metadataResolver = new OpenSamlMetadataResolver();
+		RelyingPartyRegistration registration = relyingPartyRegistrationRepository.findByRegistrationId("loginumbria");
+        return ResponseEntity.status(HttpStatus.OK).header("Content-Type", MediaType.APPLICATION_XML_VALUE)
+                .body(metadataResolver.resolve(registration));
+
+	}
+
+}

src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/UserApiController.java

@@ -7,6 +7,7 @@ import net.gepafin.tendermanagement.config.Translator;
 import net.gepafin.tendermanagement.constants.GepafinConstant;
 import net.gepafin.tendermanagement.enums.UserStatusEnum;
 import net.gepafin.tendermanagement.model.request.*;
+import net.gepafin.tendermanagement.model.response.UserSamlResponse;
 import net.gepafin.tendermanagement.model.response.UserResponseBean;
 import net.gepafin.tendermanagement.model.util.JWTToken;
 import net.gepafin.tendermanagement.model.util.Response;
@@ -33,9 +34,9 @@ public class UserApiController implements UserApi {
     private UserService userService;
 
     @Override
-    public ResponseEntity<Response<UserResponseBean>> createUser(@RequestBody UserReq userReq) {
+    public ResponseEntity<Response<JWTToken>> createUser(HttpServletRequest request, String tempToken, @RequestBody UserReq userReq) {
         log.info("Create User with - Request Body: {}", userReq);
-        UserResponseBean createdUser = userService.createUser(userReq);
+        JWTToken createdUser = userService.createUser(request, tempToken, userReq);
         return ResponseEntity.status(HttpStatus.CREATED)
                 .body(new Response<>(createdUser, Status.SUCCESS, Translator.toLocale(GepafinConstant.USER_CREATED_SUCCESS_MSG)));
     }
@@ -124,4 +125,19 @@ public class UserApiController implements UserApi {
                 .body(new Response<>(user, Status.SUCCESS, Translator.toLocale(GepafinConstant.GET_USER_SUCCESS_MSG)));
 
     }
+    
+    @Override
+    public ResponseEntity<Response<JWTToken>> validateExistingUserToken(HttpServletRequest request, String token) {
+    	log.info("User login attempt via spid token");
+    	JWTToken data = userService.validateExistingUserToken(request, token);
+        return ResponseEntity.ok(new Response<>(data, Status.SUCCESS, Translator.toLocale(GepafinConstant.TOKEN_VALIDATE_SUCCESS_MSE)));
+    }
+    
+    @Override
+    public ResponseEntity<Response<UserSamlResponse>> validateNewUserToken(HttpServletRequest request, String token) {
+    	log.info("User validating spid token");
+    	UserSamlResponse data = userService.validateNewUserToken(request,token);
+    	return ResponseEntity.ok(new Response<>(data, Status.SUCCESS, Translator.toLocale(GepafinConstant.TOKEN_VALIDATE_SUCCESS_MSE)));
+    }
+    
 }

src/main/resources/application-dev.properties

@@ -6,5 +6,6 @@ spring.datasource.driver-class-name=org.postgresql.Driver
 
 # JPA Configuration
 spring.h2.console.enabled=true
+base-url=https://api-dev-gepafin.memento.credit
 
 isVatCheckGloballyDisabled = false

src/main/resources/application-local.properties

@@ -6,3 +6,4 @@ spring.datasource.driver-class-name=org.postgresql.Driver
 
 # JPA Configuration
 spring.jpa.show-sql=true
+base-url=http://localhost:8080

src/main/resources/application-production.properties

@@ -0,0 +1,16 @@
+# DataSource Configuration
+spring.datasource.url=jdbc:postgresql://bandidb.gepafin.it:21543/gepaDb
+spring.datasource.username=usergepa
+spring.datasource.password=nRHMi7esdgHJiIm3L5ctrSJ0
+spring.datasource.driver-class-name=org.postgresql.Driver
+
+# JPA Configuration
+spring.h2.console.enabled=true
+base-url=http://bandi-api.gepafin.it
+
+isVatCheckGloballyDisabled = false
+fe.base.url=http://gepafin-production-fe.s3-website.eu-central-1.amazonaws.com
+
+#SPID configuration
+spid.ipd.base.url=https://login.regione.umbria.it
+active.profile.folder=production

src/main/resources/application-testing.properties

@@ -5,3 +5,4 @@ spring.datasource.password=sa
 
 # JPA Configuration
 spring.h2.console.enabled=true
+base-url=http://localhost:8080

src/main/resources/application.properties

@@ -35,10 +35,16 @@ aws.s3.url.folder=gepafin
 # Ensure these values match your expectations
 security.authentication.jwt.secret=my-secret-token-to-change-in-prod-environment-your-super-secure-randomly-generated-key
 security.authentication.jwt.token-validity-in-seconds=86400
+base-url=https://api-dev-gepafin.memento.credit
 
 
 spring.main.allow-circular-references=true
 
 isVatCheckGloballyDisabled = true
 vatCheckNewToken: 66026bd891a51044e90e08c4
+fe.base.url=http://gepafin-staging-fe.s3-website.eu-central-1.amazonaws.com
+
+#SPID configuration
+spid.ipd.base.url=https://federatest.umbriadigitale.it
+active.profile.folder=dev
 

src/main/resources/db/changelog/db.changelog-1.0.0.xml

@@ -739,4 +739,136 @@
             $$;
         </createProcedure>
     </changeSet>
+    
+	<changeSet id="23-09-2024_1" author="Rajesh Khore">
+	    <createTable tableName="saml_response">
+	        <column name="id" type="INTEGER" autoIncrement="true"></column>
+	        <column name="authentication_object" type="TEXT"> </column>
+	        <column name="created_date" type="TIMESTAMP WITHOUT TIME ZONE"></column>
+	        <column name="token" type="varchar(255)"></column>
+	        <column name="updated_date" type="TIMESTAMP WITHOUT TIME ZONE"></column>
+	    </createTable>
+	</changeSet>
+
+    <changeSet id="25-09-2024_2" author="Nisha kashyap">
+        <update tableName="form_field">
+            <column name="name" value="textinput" />
+            <where>id = 13</where>
+        </update>
+    </changeSet>
+	
+	<changeSet id="25-09-2024_1" author="Rajesh Khore">
+		<addColumn tableName="gepafin_user">
+	        <column name="codice_fiscale" type="varchar(255)">
+	            <constraints nullable="true" unique="true"/>
+	        </column>
+	        <column name="date_of_birth" type="TIMESTAMP WITHOUT TIME ZONE"></column>
+	    </addColumn>
+	    <dropNotNullConstraint tableName="gepafin_user" columnName="password"/>
+	</changeSet>
+
+	<changeSet id="27-09-2024_1" author="Rajesh Khore">
+		<createTable tableName="beneficiary">
+			<column name="id" type="INTEGER" autoIncrement="true">
+				<constraints nullable="false" primaryKey="true"
+					primaryKeyName="beneficiary_pkey" />
+			</column>
+			<column name="EMAIL" type="VARCHAR(255)" />
+			<column name="FIRST_NAME" type="VARCHAR(255)" />
+			<column name="LAST_NAME" type="VARCHAR(255)" />
+			<column name="PHONE_NUMBER" type="VARCHAR(255)" />
+			<column name="ORGANIZATION" type="TEXT" />
+			<column name="ADDRESS" type="TEXT" />
+			<column name="CITY" type="TEXT" />
+			<column name="COUNTRY" type="TEXT" />
+			<column name="CODICE_FISCALE" type="varchar(255)">
+	            <constraints nullable="true" unique="true"/>
+	        </column>
+			<column name="DATE_OF_BIRTH" type="TIMESTAMP" />
+			<column name="created_date" type="TIMESTAMP WITHOUT TIME ZONE"/>
+            <column name="updated_date" type="TIMESTAMP WITHOUT TIME ZONE"/>
+		</createTable>
+		<dropColumn tableName="gepafin_user" columnName="codice_fiscale"/>
+		<dropNotNullConstraint tableName="gepafin_user" columnName="first_name"/>
+		<dropNotNullConstraint tableName="gepafin_user" columnName="last_name"/>
+		<addColumn tableName="gepafin_user">
+            <column name="beneficiary_id" type="INTEGER">
+                <constraints nullable="true" foreignKeyName="fk_beneficiary_gepafin_user" references="beneficiary(id)"/>
+            </column>
+        </addColumn>
+        </changeSet>
+        
+		<changeSet id="27-09-2024_2" author="Rajesh Khore">
+        
+        <createTable tableName="COMPANY">
+            <column name="id" type="INTEGER" autoIncrement="true">
+				<constraints nullable="false" primaryKey="true"
+					primaryKeyName="company_pkey" />
+			</column>
+            <column name="COMPANY_NAME" type="VARCHAR(255)">
+                <constraints nullable="false"/>
+            </column> 
+            <column name="VAT_NUMBER" type="VARCHAR(255)">
+            	<constraints nullable="true" unique="true"/>
+            </column>
+            <column name="CODICE_FISCALE" type="VARCHAR(255)"/>
+            <column name="ADDRESS" type="VARCHAR(255)"/>
+            <column name="PHONE_NUMBER" type="VARCHAR(255)"/>
+            <column name="CITY" type="VARCHAR(255)"/>
+            <column name="PROVINCE" type="VARCHAR(255)"/>
+            <column name="CAP" type="VARCHAR(255)"/>
+            <column name="COUNTRY" type="VARCHAR(255)"/>
+            <column name="PEC" type="VARCHAR(255)"/>
+            <column name="EMAIL" type="VARCHAR(255)"/>
+            <column name="NUMBER_OF_EMPLOYEES" type="VARCHAR(255)"/>
+            <column name="ANNUAL_REVENUE" type="NUMERIC"/>
+            <column name="created_date" type="TIMESTAMP WITHOUT TIME ZONE"/>
+            <column name="updated_date" type="TIMESTAMP WITHOUT TIME ZONE"/>
+            
+        </createTable>
+        
+	</changeSet>
+	<changeSet id="27-09-2024_3" author="Rajesh Khore">
+        <createTable tableName="USER_WITH_COMPANY">
+        
+           <column name="id" type="INTEGER" autoIncrement="true">
+				<constraints nullable="false" primaryKey="true"
+					primaryKeyName="user_with_company_pkey" />
+			</column>
+            <column name="USER_ID" type="INTEGER"/>
+            <column name="BENEFICIARY_ID" type="INTEGER"/>
+            <column name="COMPANY_ID" type="INTEGER"/>
+			<column name="created_date" type="TIMESTAMP WITHOUT TIME ZONE"/>
+            <column name="updated_date" type="TIMESTAMP WITHOUT TIME ZONE"/>
+        </createTable>
+    </changeSet>
+    
+    <changeSet id="27-09-2024_4" author="Rajesh Khore">
+        <addColumn tableName="APPLICATION">
+            <column name="COMPANY_ID" type="INTEGER">
+                <constraints nullable="true" foreignKeyName="fk_COMPANY_APPLICATION" references="company(id)"/>
+            </column>
+        </addColumn>
+        <addColumn tableName="FAQ">
+            <column name="COMPANY_ID" type="INTEGER"/>
+        </addColumn>
+    </changeSet>
+    <changeSet id="01-10-2024_1" author="Nisha Kashyap">
+        <addColumn tableName="call">
+            <column name="amount_min" type="numeric"></column>
+            <column name="phone_number" type="VARCHAR(255)"></column>
+            <column name="email" type="VARCHAR(255)"></column>
+            <column name="end_time"  type="TIME"></column>
+            <column name="start_time"  type="TIME"></column>
+        </addColumn>
+    </changeSet>
+    <changeSet id="03-10-2024_1" author="Nisha Kashyap">
+        <sql>
+            TRUNCATE TABLE FORM_FIELD RESTART IDENTITY;
+        </sql>
+
+        <sqlFile dbms="postgresql"
+                 path="classpath:db/dump/updated_form_field_data_03-10-2024.sql" />
+    </changeSet>
+
 </databaseChangeLog>

src/main/resources/db/dump/updated_form_field_data_03-10-2024.sql

@@ -0,0 +1,99 @@
+INSERT INTO FORM_FIELD (SORT_ORDER, NAME, LABEL, DESCRIPTION, SETTINGS, VALIDATORS, CREATED_DATE, UPDATED_DATE)
+VALUES
+(1, 'textinput', 'Testo Breve', 'Per risposte concise (nomi, titoli, brevi descrizioni)',
+    '[{"name": "label", "value": "Testo Breve"}, {"name": "placeholder", "value": ""}]',
+    '{"isRequired": false, "custom": null}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(2, 'textarea', 'Testo Lungo', 'Campo di testo esteso per paragrafi, descrizioni, proposte',
+    '[{"name": "label", "value": "Testo Lungo"}, {"name": "placeholder", "value": ""}]',
+    '{"isRequired": false, "custom": null}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(3, 'wysiwyg', 'Campo di Testo Formattato', 'Editor avanzato per testo con formattazione',
+    '[{"name": "label", "value": "Testo Formattato"}, {"name": "placeholder", "value": ""}]',
+    '{"isRequired": false, "custom": null}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(4, 'numberinput', 'Campo Numerico', 'Per l''inserimento di valori numerici (quantità, importi, percentuali)',
+    '[{"name": "label", "value": "Numero"}, {"name": "placeholder", "value": "0"}, {"name": "step", "value": "0"}]',
+    '{"isRequired": false, "custom": null}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(5, 'radio', 'Scelta Singola', 'Gruppo di opzioni per selezione singola',
+    '[{"name": "label", "value": "Scelta Singola"}, {"name": "options", "value": "[]"}]',
+    '{"isRequired": false, "custom": null}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(6, 'select', 'Menu a Tendina', 'Selezione da opzioni predefinite',
+    '[{"name": "label", "value": "Menu a Tendina"}, {"name": "options", "value": "[]"}]',
+    '{"isRequired": false,"custom": null}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(7, 'checkboxes', 'Scelta Multipla', 'Gruppo di opzioni per selezione singola o multipla',
+    '[{"name": "label", "value": "Scelta Multipla"}, {"name": "options", "value": "[]"}]',
+    '{"isRequired": false,"custom": null}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(8, 'switch', 'Casella di Spunta', 'Per selezioni binarie, accettazioni, conferme',
+    '[{"name": "label", "value": "Casella di Spunta"}]',
+    '{"isRequired": false, "custom": null}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(9, 'datepicker', 'Data', 'Selezione di data',
+    '[{"name": "label", "value": "Data"}]',
+    '{"isRequired": false, "custom": null}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(10, 'fileupload', 'Caricamento File', 'Per l''upload di documenti o immagini',
+    '[{"name": "label", "value": "Caricamento File"}, {"name": "mime", "value": "[]"}]',
+    '{"isRequired": false, "maxSize": 100000, "custom": null}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(11, 'textinput', 'Campo Partita IVA', 'Specifico per l''inserimento del numero di Partita IVA',
+    '[{"name": "label", "value": "Partita IVA"}, {"name": "placeholder", "value": ""}]',
+    '{"isRequired": true,"custom": "isPIVA"}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(12, 'textinput', 'Campo Codice Fiscale', 'Specifico per l''inserimento del Codice Fiscale italiano per persone fisiche e giuridiche',
+    '[{"name": "label", "value": "Codice Fiscale"}, {"name": "placeholder", "value": ""}]',
+    '{"isRequired": true, "custom": "isCodiceFiscale"}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(13, 'numberinput', 'Campo CAP', 'Per l''inserimento del Codice di Avviamento Postale',
+    '[{"name": "label", "value": "CAP"}, {"name": "placeholder", "value": ""}]',
+    '{"isRequired": true,"custom": "isCAP"}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(14, 'textinput', 'Campo IBAN', 'Per l''inserimento del codice IBAN',
+    '[{"name": "label", "value": "IBAN"}, {"name": "placeholder", "value": ""}]',
+    '{"isRequired": true,"custom": "isIBAN"}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(15, 'textinput', 'Campo Email', 'Per l''inserimento di indirizzi email standard (non PEC)',
+    '[{"name": "label", "value": "Campo Email"}, {"name": "placeholder", "value": "nome@esempio.it"}]',
+    '{"isRequired": false, "custom": "isEmail"}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(16, 'textinput', 'Campo PEC', 'Specifico per l''inserimento di un indirizzo di Posta Elettronica Certificata',
+    '[{"name": "label", "value": "Campo PEC"}, {"name": "placeholder", "value": "nome@pec.it"}]',
+    '{"isRequired": false, "custom": "isEmailPEC"}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(17, 'textinput', 'Campo URL', 'Per l''inserimento di indirizzi web',
+    '[{"name": "label", "value": "Indirizzo URL"}, {"name": "placeholder", "value": ""}]',
+    '{"isRequired": false, "custom": "isUrl"}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(18, 'textinput', 'Marca da bollo', 'Per inserire codice di marca da bollo',
+    '[{"name": "label", "value": "Marca da bollo"}, {"name": "placeholder", "value": "Numero identificativo"}]',
+    '{"isRequired": false, "custom": "isMarcaDaBollo"}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(19, 'paragraph', 'Paragrafo', 'Semplice testo formattato',
+    '[{"name": "text", "value": ""}]', '{}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP),
+
+(20, 'table', 'Tabella', 'Tabella',
+    '[{"name": "label", "value": "Tabella"}, {"name": "table_columns", "value": {}}]', '{}',
+    CURRENT_TIMESTAMP, CURRENT_TIMESTAMP);

src/main/resources/dev/saml/idp-certificate.pem

@@ -0,0 +1,3 @@
+-----BEGIN CERTIFICATE-----
+MIIDJDCCAgygAwIBAgIVAIq/MUgxPKO0cuX/GtD7YUvk87GtMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNVBAMTDmlkcC5tYWNoaW5lLml0MB4XDTA5MDMyNTEwNTM1OFoXDTI5MDMyNTA5NTM1OFowGTEXMBUGA1UEAxMOaWRwLm1hY2hpbmUuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClXV18x0/yhZ+D3pHlmhrK4paA+xdJKAT7U7R9DeaTQygwtCjKmCrJbzdohckLz5pax7eaGeA53pPCY+JdiU0Uq4ES8nG2DCZgCtl4QGLUcTuUtJdPq+DbYD1cWBwEeeffsiClVyuhgLRPO1OQLl/TJp4slfoYTi0aONgQp03uG+ixL48myL7GrINHYXtDUDqo2BimyU0yrOe6ZmvxJchZ8nBuWKy0J8wsO/Mnasbvo79/c8gcn0HTst0QDlHXQlzwZ4Suq2os9qKjXAYOzA1VqmTyzJIge/ynHiJ0Fkw0HNxBaVFTJRNL8RvwJsMuBT7YZKRoNK7gjT5/6bGagYM/AgMBAAGjYzBhMEAGA1UdEQQ5MDeCDmlkcC5tYWNoaW5lLml0hiVodHRwczovL2lkcC5tYWNoaW5lLml0L2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBSBOsPZiWZRXFqNINIguHfv7jnidDANBgkqhkiG9w0BAQUFAAOCAQEAeVLN9jczRINuPUvpXbgibL2c99dUReMcl47nSVtYeYEBkPPZrSz0h3AyVZyar2Vo+/fC3fRNmaOJvfiVSm+bo1069iROI1+dGGq2gAwWuQI1q0F7PNPX4zooY+LbZI0oUhuoyH81xed0WtMlpJ1aRSBMpR6oV3rguAkH6pdr725yv6m5WxKcOM/LzdD5Xt9fQRL7ino4HfiPPJNDG3UOKhoAWkVn/Y/CuMLcBPWh/3LxIv4A1bQbnkpdty+Qtwfp4QUKkisv7gufQP91aLqUvvRE6Uz8r51VH13e4mEJjJGxLKXWzlP50gp7b27AXCTKSS6fW6iBpfA14PGcWvDiPQ==
+-----END CERTIFICATE-----

src/main/resources/dev/saml/private-key.pem

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCsCrXQyDN5nURj
+2LB1wJKRIOzO8tgIXxPHVL65dYv7cOql01b5LpmUGQaGfUKALlvEdPs0NwCSdiyz
+MGAMTD81KHLqa+Wdm5ySl82ONRGl15pmHQFJlUDFpOr5+r1AZvQdh9MfdcbWW57m
+4qaDEF3kvihIZg9PMbqlQjHOrcG1iUPzpHnzcnmevpP32MH2FSYZhy+b0Ie2Fsho
+3Aj7CvmJYlBWfCaFLQ/wi8FsDEhjsOlUUkcr7/giO3ygK57oPzcld74g4x79A/UH
+VbUe2+CUxzFqP9+VtDWGqJ7lp0bHA/lfGvmDvIJAY6UDyYfum1Vn/ag2NmvW5wLH
+Z8vdLP75AgMBAAECggEABJ5u/jF5zFCQFvwo1Kh8ZuAS64Vyjlr7HXVlf3Yr8W65
+JgWUBrGdFvBLEA5J3EYiWZZobiDx53y7u33Xfk0Hv2YcG7YU3pPgcsEXmDNNi33L
+2+T4dWDH8eZ5FogIT7PT5v0QCn6vfW7NR9aa8NbeJneCflsbGx2zLJ+n1awtkLGY
+6vFSwl/xzRCClWCccT64+8/b2btLEDFa4IK5KdMoiP/t1fM51vu3DmPBgWt2ZWH1
+cPcd2GSXPaEyHECUAYV7/HpY5I+2xD8W3YJLaGmSeavsuW726ygUaYDsX3L3EPP8
+/AIPwhI0uLRLT2zRfH9BzPqJL+A1gnFR/BysVWnKQQKBgQDm6myujHrpe1A92j8v
+E3nTmaigCAdIhJSkoOjcvHxcHacJtK/QN4zmQvOtHwn9NAOz0jvMgJUM2Pd6t4MV
+1vWSFZam9P6EkNkmhg94V2FnQlas329XIfLWdVqfVsTxbyhIICRLBmBgn3Z22ugw
+FU5rYoZw7mjP/Gqhv3hYNH2dcQKBgQC+uw01Jh51JclSkT2lh5M2xwovnA74HuWT
+d/w9smXS3hi1TJn0ECVJKagZXhwAIgVntxzV93Vz3++VvX3LeM81eOD2vTpTR+MP
+mZ8lwsCxKDABZfoFV79lrO+8I61e4pSgcRSK0uqsvFmlN1agL+hn6esBrZe4IV37
+Hvk1OobWCQKBgFtJ8B9tcCYf1xAs2O/Ofko2JCDoK6DysSUIbCbf6TYtjtzabusd
+GvnpHBaj/7n3N0N+6J8nckV6/ROpuwwGSF0xZbapgnl8Hi0JsNH9kYdWBZggWQ8U
+X8GC8YmurvtX24/wDQkQA0gPorDISCTCN5digw3gYtVez/UUEgqk7cgxAoGADA3q
+YceM+T5wIOXJDaMp7LZbsHKeh5P8Unus14Fk6hTbXun+eOxkTuFxHFlUT7XWvZ1X
+FzbSl4Y5sC8PukJiZjDDlxSSkRzj/uJoqoxKfWfa0NvPF3NaR2TMqglfNbYASrua
+3sNBzbUBvW1n7ivY9mhUUADWq+5/8BUfDvwp9XECgYEAxfclKcPbns4Hm5N0/tGV
+aTCvlwXIWIYa5krewof1bfW/APS917MZEfIMvVUJOtLU+iD9OJnZOMtA3qFDcWN6
+gnkQui8RpmJKteLf2eemfP6owWhMG5AZZjcinLTjHbiWFnjs8HLsj8931pGxSSUD
+aR7D9CcLcEUqi8EaeNukmbA=
+-----END PRIVATE KEY-----

src/main/resources/dev/saml/public-cert.pem

@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID+zCCAuOgAwIBAgIUBKj5WxwQRn0Ro0lChsMb+NZOnTMwDQYJKoZIhvcNAQEL
+BQAwgYwxCzAJBgNVBAYTAklUMQ8wDQYDVQQIDAZVbWJyaWExEDAOBgNVBAcMB1Bl
+cnVnaWExEDAOBgNVBAoMB0dlcGFmaW4xCzAJBgNVBAsMAklUMRAwDgYDVQQDDAdH
+ZXBhZmluMSkwJwYJKoZIhvcNAQkBFhpyaW5hbGRvLmJvbmF6em9AYmZsb3dzLm5l
+dDAeFw0yNDA5MjMwODUxMTlaFw0yNTA5MjMwODUxMTlaMIGMMQswCQYDVQQGEwJJ
+VDEPMA0GA1UECAwGVW1icmlhMRAwDgYDVQQHDAdQZXJ1Z2lhMRAwDgYDVQQKDAdH
+ZXBhZmluMQswCQYDVQQLDAJJVDEQMA4GA1UEAwwHR2VwYWZpbjEpMCcGCSqGSIb3
+DQEJARYacmluYWxkby5ib25henpvQGJmbG93cy5uZXQwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCsCrXQyDN5nURj2LB1wJKRIOzO8tgIXxPHVL65dYv7
+cOql01b5LpmUGQaGfUKALlvEdPs0NwCSdiyzMGAMTD81KHLqa+Wdm5ySl82ONRGl
+15pmHQFJlUDFpOr5+r1AZvQdh9MfdcbWW57m4qaDEF3kvihIZg9PMbqlQjHOrcG1
+iUPzpHnzcnmevpP32MH2FSYZhy+b0Ie2Fsho3Aj7CvmJYlBWfCaFLQ/wi8FsDEhj
+sOlUUkcr7/giO3ygK57oPzcld74g4x79A/UHVbUe2+CUxzFqP9+VtDWGqJ7lp0bH
+A/lfGvmDvIJAY6UDyYfum1Vn/ag2NmvW5wLHZ8vdLP75AgMBAAGjUzBRMB0GA1Ud
+DgQWBBTSz8YB9ACNsuoGwrhtGt4ct+Bm3DAfBgNVHSMEGDAWgBTSz8YB9ACNsuoG
+wrhtGt4ct+Bm3DAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAB
+3xJ2OQBI4VgICN4ohZ+Bfq4pHkJgZUV202mC8XLiCx1oihpi1ew25zu5BdNUgDn8
+dlMzx8MeMa4aRCKg5Xdio956ea1iPx4n0UafbnU13p2oLGTSDKRuYOidDcFF/fl4
+77nVAa8THc9GKaIQ1jvOnZ5+Sq0dKA2ZjT4sXciuEgrdsPM5CSjHNSSN9dwceGVZ
+OWyta0NViqQh1DFfLv1Tqkt3vaEcKRGqWlXryHmRSlmTrAiTFF4LE4eYMiUrlIbq
+P4R1R0w7fVXRufJkpiTAzrmQa5xTr5/9w8zTDuFxVHAQ23vMn9uB+P4ZUDu6ZoDP
+khKe3VzuKIBSKiSfiuFY
+-----END CERTIFICATE-----

src/main/resources/message_en.properties

@@ -8,6 +8,9 @@ delete_user_error_msg=An error occurred while deleting the user.
 get_user_success_msg=User retrieved successfully.
 get_user_error_msg=An error occurred while retrieving the user.
 user.not.active=User is not active. Please contact support.
+user.already.exist.msg=User already exist for this codice fiscale.
+validate.email=The email is mandatory and must be in the correct format. Please verify and try again.
+validate.password=The password and confPassword are mandatory. Please verify and try again.
 # Role-related messages
 role.created.success=Role created successfully.
 role.updated.success=Role updated successfully.
@@ -17,6 +20,7 @@ create.role.error=Error occurred while creating the role.
 update.role.error=Error occurred while updating the role.
 role.fetch.success=Role fetched successfully.
 delete.role.error=Error occurred while deleting the role.
+role.id.mandatory=Role id is mandatory.
 
 # Region-related messages
 region.created.success=Region created successfully.
@@ -184,3 +188,21 @@ valid.vat.number=The VAT number is not valid for field  {0}.
 failed.retain.field=Failed to retain specific fields.
 
 application.is.incomplete = The application is incomplete.
+token.validate.success=Token validated successfully.
+invalid.request=Invalid Request.
+codice.fiscale.exists=This codice fiscale is already associated with another user.
+total.steps.not.zero=Total steps cannot be zero.
+completed.steps.not.valid=Completed steps should be between 0 and total steps.
+field.id.not.found=Field ID {0} does not exist in the form structure.
+company.created.success=Company created successfully.
+company.updated.success=Company updated successfully.
+company.delete.success=Company deleted successfully.
+company.get.success=Company retrieved successfully.
+company.not.found=Company not found.
+check.vatnumber.success=VAT number checked successfully.
+invalid.vatnumber=Invalid VAT number.
+vatnumber.mandatory=VatNumber is mandatory.
+vatnumber.already.exists=VatNumber already exists. 
+invalid.email=Invalid email.
+company.id.mandatory=Company id is mandatory.
+user.already.connected.to.company=The user is already connected to this company.