From 5117b573051da5a56b23ecb734d2c0088f9d6458 Mon Sep 17 00:00:00 2001 From: Grahame Grieve Date: Fri, 18 Oct 2024 15:22:09 +0800 Subject: [PATCH] draft work for tx server authentication --- .../http/HTTPAuthenticationMode.java | 3 +- .../fhir/utilities/http/ManagedWebAccess.java | 4 +- .../http/ManagedWebAccessBuilder.java | 47 +++++++++++++++++-- .../fhir/utilities/http/SimpleHTTPClient.java | 5 ++ .../hl7/fhir/utilities/npm/PackageServer.java | 6 +-- .../fhir/utilities/settings/FhirSettings.java | 4 +- .../utilities/settings/FhirSettingsPOJO.java | 2 + .../settings/PackageManagementPOJO.java | 2 +- ...ServerPOJO.java => ServerDetailsPOJO.java} | 8 +++- .../settings/TerminologyServersPOJO.java | 22 +++++++++ .../utilities/settings/FhirSettingsTests.java | 2 +- 11 files changed, 89 insertions(+), 16 deletions(-) rename org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/{PackageServerPOJO.java => ServerDetailsPOJO.java} (69%) create mode 100644 org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/TerminologyServersPOJO.java diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/HTTPAuthenticationMode.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/HTTPAuthenticationMode.java index 401c1cd15..780994088 100644 --- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/HTTPAuthenticationMode.java +++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/HTTPAuthenticationMode.java @@ -3,5 +3,6 @@ package org.hl7.fhir.utilities.http; public enum HTTPAuthenticationMode { NONE, BASIC, - TOKEN + TOKEN, + APIKEY } \ No newline at end of file diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedWebAccess.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedWebAccess.java index 6dfaf7a35..f1afac25d 100644 --- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedWebAccess.java +++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedWebAccess.java @@ -43,6 +43,7 @@ import java.util.List; import java.util.Map; import org.hl7.fhir.utilities.Utilities; +import org.hl7.fhir.utilities.settings.ServerDetailsPOJO; /** * see security.md - manages access to the local file system by the FHIR HAPI Core library @@ -73,6 +74,7 @@ public class ManagedWebAccess { private static List allowedDomains = new ArrayList<>(); private static IWebAccessor accessor; private static String userAgent; + private static List serverAuthDetails; public static WebAccessPolicy getAccessPolicy() { @@ -108,7 +110,7 @@ public class ManagedWebAccess { } public static ManagedWebAccessBuilder builder() { - return new ManagedWebAccessBuilder(userAgent); + return new ManagedWebAccessBuilder(userAgent, serverAuthDetails); } public static HTTPResult get(String url) throws IOException { diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedWebAccessBuilder.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedWebAccessBuilder.java index 5eac395c6..b7e4309b3 100644 --- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedWebAccessBuilder.java +++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedWebAccessBuilder.java @@ -4,8 +4,11 @@ import java.io.IOException; import java.nio.charset.StandardCharsets; import java.util.Base64; import java.util.HashMap; +import java.util.List; import java.util.Map; +import org.hl7.fhir.utilities.settings.ServerDetailsPOJO; + public class ManagedWebAccessBuilder { @@ -15,10 +18,12 @@ public class ManagedWebAccessBuilder { private String password; private String token; private String accept; + private List serverAuthDetails; private Map headers = new HashMap(); - - public ManagedWebAccessBuilder(String userAgent) { + + public ManagedWebAccessBuilder(String userAgent, List serverAuthDetails) { this.userAgent = userAgent; + this.serverAuthDetails = serverAuthDetails; } public ManagedWebAccessBuilder withAccept(String accept) { @@ -70,10 +75,42 @@ public class ManagedWebAccessBuilder { if (userAgent != null) { client.addHeader("User-Agent", userAgent); } + if (authenticationMode != null && authenticationMode != HTTPAuthenticationMode.NONE) { + client.setAuthenticationMode(authenticationMode); + switch (authenticationMode) { + case BASIC : + client.setUsername(username); + client.setPassword(password); + break; + case TOKEN : + client.setToken(token); + break; + case APIKEY : + client.setApiKey(token); + break; + } + } else { + ServerDetailsPOJO settings = getServer(url); + if (settings != null) { + switch (settings.getAuthenticationType()) { + case "basic" : + client.setUsername(settings.getUsername()); + client.setPassword(settings.getPassword()); + client.setAuthenticationMode(HTTPAuthenticationMode.BASIC); + break; + case "token" : + client.setToken(settings.getToken()); + client.setAuthenticationMode(HTTPAuthenticationMode.TOKEN); + break; + case "apikey" : + client.setApiKey(settings.getApikey()); + client.setAuthenticationMode(HTTPAuthenticationMode.APIKEY); + break; + } + } + } if (username != null || token != null) { - client.setUsername(username); - client.setPassword(password); - client.setToken(token); + client.setAuthenticationMode(authenticationMode); } return client; diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/SimpleHTTPClient.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/SimpleHTTPClient.java index 52ce02bd6..0e448293b 100644 --- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/SimpleHTTPClient.java +++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/SimpleHTTPClient.java @@ -54,6 +54,9 @@ public class SimpleHTTPClient { @Getter @Setter private String token; + @Getter @Setter + private String apiKey; + public void addHeader(String name, String value) { headers.add(new Header(name, value)); } @@ -128,6 +131,8 @@ public class SimpleHTTPClient { String auth = username+":"+password; byte[] encodedAuth = Base64.getEncoder().encode(auth.getBytes(StandardCharsets.UTF_8)); authHeaderValue = "Basic " + new String(encodedAuth); + } else if (authenticationMode == HTTPAuthenticationMode.APIKEY) { + c.setRequestProperty("Api-Key", apiKey); } if (authHeaderValue != null) { diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/npm/PackageServer.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/npm/PackageServer.java index 3a343eed1..7ad221a1f 100644 --- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/npm/PackageServer.java +++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/npm/PackageServer.java @@ -9,7 +9,7 @@ import javax.annotation.Nullable; import org.hl7.fhir.utilities.http.HTTPAuthenticationMode; import org.hl7.fhir.utilities.http.SimpleHTTPClient; import org.hl7.fhir.utilities.settings.FhirSettings; -import org.hl7.fhir.utilities.settings.PackageServerPOJO; +import org.hl7.fhir.utilities.settings.ServerDetailsPOJO; import lombok.Getter; @@ -65,7 +65,7 @@ public class PackageServer { return servers; } - public static PackageServer getPackageServerFromPOJO(PackageServerPOJO pojo) { + public static PackageServer getPackageServerFromPOJO(ServerDetailsPOJO pojo) { return new PackageServer(pojo.getUrl()) .withAuthenticationMode(getModeFromPOJO(pojo)) .withServerType( @@ -77,7 +77,7 @@ public class PackageServer { } @Nullable - private static HTTPAuthenticationMode getModeFromPOJO(PackageServerPOJO pojo) { + private static HTTPAuthenticationMode getModeFromPOJO(ServerDetailsPOJO pojo) { if (pojo.getAuthenticationType().equalsIgnoreCase("basic")) return HTTPAuthenticationMode.BASIC; if (pojo.getAuthenticationType().equalsIgnoreCase("token")) return HTTPAuthenticationMode.TOKEN; return null; diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/FhirSettings.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/FhirSettings.java index ac1bc04f4..dc69f3fd0 100644 --- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/FhirSettings.java +++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/FhirSettings.java @@ -227,11 +227,11 @@ public class FhirSettings { return instance.fhirSettings.getPackageManagement().getIgnoreDefaultServers(); } - public static List getPackageServers() { + public static List getPackageServers() { getInstance(); if (instance.fhirSettings.getPackageManagement() == null) { return Collections.emptyList(); } - return List.of(instance.fhirSettings.getPackageManagement().getServers().toArray(new PackageServerPOJO[]{})); + return List.of(instance.fhirSettings.getPackageManagement().getServers().toArray(new ServerDetailsPOJO[]{})); } } diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/FhirSettingsPOJO.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/FhirSettingsPOJO.java index 429ab4e63..a88638e91 100644 --- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/FhirSettingsPOJO.java +++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/FhirSettingsPOJO.java @@ -40,6 +40,7 @@ public class FhirSettingsPOJO { private String txFhirLocal; private PackageManagementPOJO packageManagement; + private TerminologyServersPOJO terminologyServers; protected FhirSettingsPOJO() { apiKeys = null; @@ -54,5 +55,6 @@ public class FhirSettingsPOJO { txFhirLocal = TX_SERVER_LOCAL; packageManagement = null; + terminologyServers = null; } } diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/PackageManagementPOJO.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/PackageManagementPOJO.java index 8d449b097..1275b710c 100644 --- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/PackageManagementPOJO.java +++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/PackageManagementPOJO.java @@ -16,7 +16,7 @@ public class PackageManagementPOJO { private Boolean ignoreDefaultServers; - private List servers; + private List servers; protected PackageManagementPOJO() { ignoreDefaultServers = false; diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/PackageServerPOJO.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/ServerDetailsPOJO.java similarity index 69% rename from org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/PackageServerPOJO.java rename to org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/ServerDetailsPOJO.java index d4ec98178..c20d739db 100644 --- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/PackageServerPOJO.java +++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/ServerDetailsPOJO.java @@ -9,13 +9,15 @@ import lombok.extern.jackson.Jacksonized; @Builder @Jacksonized @AllArgsConstructor -public class PackageServerPOJO { +public class ServerDetailsPOJO { String url; + // possible values: none, basic, token, apikey String authenticationType; - String serverType; + @Deprecated + String serverType; String username; @@ -23,4 +25,6 @@ public class PackageServerPOJO { String token; + String apikey; + } diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/TerminologyServersPOJO.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/TerminologyServersPOJO.java new file mode 100644 index 000000000..33cf0822b --- /dev/null +++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/TerminologyServersPOJO.java @@ -0,0 +1,22 @@ +package org.hl7.fhir.utilities.settings; + +import java.util.ArrayList; +import java.util.List; + +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.extern.jackson.Jacksonized; + +@Data +@Builder +@Jacksonized +@AllArgsConstructor +public class TerminologyServersPOJO { + + private List servers; + + protected TerminologyServersPOJO() { + servers = new ArrayList<>(); + } +} diff --git a/org.hl7.fhir.utilities/src/test/java/org/hl7/fhir/utilities/settings/FhirSettingsTests.java b/org.hl7.fhir.utilities/src/test/java/org/hl7/fhir/utilities/settings/FhirSettingsTests.java index 1eefc9971..141ea3433 100644 --- a/org.hl7.fhir.utilities/src/test/java/org/hl7/fhir/utilities/settings/FhirSettingsTests.java +++ b/org.hl7.fhir.utilities/src/test/java/org/hl7/fhir/utilities/settings/FhirSettingsTests.java @@ -87,7 +87,7 @@ public class FhirSettingsTests implements ResourceLoaderTests { assertTrue(fhirSettings.getPackageManagement().getIgnoreDefaultServers()); - List packageServers = fhirSettings.getPackageManagement().getServers(); + List packageServers = fhirSettings.getPackageManagement().getServers(); assertEquals(2, packageServers.size());