Add support for hosts to manage certificate resolution using ISignatureServices + fix issue matching type names when validating logical models

This commit is contained in:
Grahame Grieve 2023-10-09 17:45:38 +11:00
parent 33776523ae
commit af0f9bc765
5 changed files with 28 additions and 4 deletions

View File

@ -95,6 +95,9 @@ public class Manager {
return null; return null;
} }
public static FhirFormat readFromMimeType(String mt) { public static FhirFormat readFromMimeType(String mt) {
if (mt == null) {
return null;
}
if (mt.contains("/xml") || mt.contains("+xml")) { if (mt.contains("/xml") || mt.contains("+xml")) {
return FhirFormat.XML; return FhirFormat.XML;
} }

View File

@ -49,6 +49,7 @@ import org.hl7.fhir.r5.model.StructureDefinition.TypeDerivationRule;
import org.hl7.fhir.r5.utils.ToolingExtensions; import org.hl7.fhir.r5.utils.ToolingExtensions;
import org.hl7.fhir.utilities.Utilities; import org.hl7.fhir.utilities.Utilities;
import org.hl7.fhir.utilities.i18n.I18nConstants; import org.hl7.fhir.utilities.i18n.I18nConstants;
import org.hl7.fhir.utilities.validation.IDigitalSignatureServices;
import org.hl7.fhir.utilities.validation.ValidationMessage; import org.hl7.fhir.utilities.validation.ValidationMessage;
import org.hl7.fhir.utilities.validation.ValidationMessage.IssueSeverity; import org.hl7.fhir.utilities.validation.ValidationMessage.IssueSeverity;
import org.hl7.fhir.utilities.validation.ValidationMessage.IssueType; import org.hl7.fhir.utilities.validation.ValidationMessage.IssueType;
@ -86,6 +87,7 @@ public abstract class ParserBase {
protected boolean showDecorations; protected boolean showDecorations;
protected IdRenderingPolicy idPolicy = IdRenderingPolicy.All; protected IdRenderingPolicy idPolicy = IdRenderingPolicy.All;
protected StructureDefinition logical; protected StructureDefinition logical;
protected IDigitalSignatureServices signatureServices;
public ParserBase(IWorkerContext context) { public ParserBase(IWorkerContext context) {
super(); super();
@ -281,4 +283,12 @@ public abstract class ParserBase {
return this; return this;
} }
public IDigitalSignatureServices getSignatureServices() {
return signatureServices;
}
public void setSignatureServices(IDigitalSignatureServices signatureServices) {
this.signatureServices = signatureServices;
}
} }

View File

@ -329,7 +329,7 @@ public class SHCParser extends ParserBase {
String url = Utilities.pathURL(iss, "/.well-known/jwks.json"); String url = Utilities.pathURL(iss, "/.well-known/jwks.json");
JsonObject jwks = null; JsonObject jwks = null;
try { try {
jwks = org.hl7.fhir.utilities.json.parser.JsonParser.parseObjectFromUrl(url); jwks = signatureServices != null ? signatureServices.fetchJWKS(url) : org.hl7.fhir.utilities.json.parser.JsonParser.parseObjectFromUrl(url);
} catch (Exception e) { } catch (Exception e) {
logError(errors, "2023-09-08", 1, 1, name, IssueType.NOTFOUND, "Unable to verify the signature, because unable to retrieve JWKS from "+url+": "+ logError(errors, "2023-09-08", 1, 1, name, IssueType.NOTFOUND, "Unable to verify the signature, because unable to retrieve JWKS from "+url+": "+
e.getMessage().replace("Connection refused (Connection refused)", "Connection refused"), IssueSeverity.ERROR); e.getMessage().replace("Connection refused (Connection refused)", "Connection refused"), IssueSeverity.ERROR);

View File

@ -326,8 +326,7 @@ public class XmlParser extends ParserBase {
n.setPath(element.getPath()+"."+property.getName()); n.setPath(element.getPath()+"."+property.getName());
element.getChildren().add(n); element.getChildren().add(n);
} }
} } else {
else {
Node n = node.getFirstChild(); Node n = node.getFirstChild();
while (n != null) { while (n != null) {
if (n.getNodeType() == Node.TEXT_NODE && !Utilities.noString(n.getTextContent().trim())) { if (n.getNodeType() == Node.TEXT_NODE && !Utilities.noString(n.getTextContent().trim())) {

View File

@ -70,11 +70,13 @@ import org.hl7.fhir.utilities.SimpleHTTPClient.HTTPResult;
import org.hl7.fhir.utilities.TextFile; import org.hl7.fhir.utilities.TextFile;
import org.hl7.fhir.utilities.Utilities; import org.hl7.fhir.utilities.Utilities;
import org.hl7.fhir.utilities.VersionUtilities; import org.hl7.fhir.utilities.VersionUtilities;
import org.hl7.fhir.utilities.json.JsonException;
import org.hl7.fhir.utilities.json.JsonTrackingParser; import org.hl7.fhir.utilities.json.JsonTrackingParser;
import org.hl7.fhir.utilities.json.JsonUtilities; import org.hl7.fhir.utilities.json.JsonUtilities;
import org.hl7.fhir.utilities.npm.NpmPackage; import org.hl7.fhir.utilities.npm.NpmPackage;
import org.hl7.fhir.utilities.settings.FhirSettings; import org.hl7.fhir.utilities.settings.FhirSettings;
import org.hl7.fhir.utilities.tests.CacheVerificationLogger; import org.hl7.fhir.utilities.tests.CacheVerificationLogger;
import org.hl7.fhir.utilities.validation.IDigitalSignatureServices;
import org.hl7.fhir.utilities.validation.ValidationMessage; import org.hl7.fhir.utilities.validation.ValidationMessage;
import org.hl7.fhir.validation.IgLoader; import org.hl7.fhir.validation.IgLoader;
import org.hl7.fhir.validation.ValidationEngine; import org.hl7.fhir.validation.ValidationEngine;
@ -98,7 +100,7 @@ import com.google.gson.JsonObject;
@RunWith(Parameterized.class) @RunWith(Parameterized.class)
public class ValidationTests implements IEvaluationContext, IValidatorResourceFetcher, IValidationPolicyAdvisor { public class ValidationTests implements IEvaluationContext, IValidatorResourceFetcher, IValidationPolicyAdvisor, IDigitalSignatureServices {
public class TestSorter implements Comparator<Object> { public class TestSorter implements Comparator<Object> {
@ -319,6 +321,7 @@ public class ValidationTests implements IEvaluationContext, IValidatorResourceFe
if (content.has("noHtmlInMarkdown")) { if (content.has("noHtmlInMarkdown")) {
val.setHtmlInMarkdownCheck(HtmlInMarkdownCheck.ERROR); val.setHtmlInMarkdownCheck(HtmlInMarkdownCheck.ERROR);
} }
val.setSignatureServices(this);
if (content.has("logical")==false) { if (content.has("logical")==false) {
val.setAssumeValidRestReferences(content.has("assumeValidRestReferences") ? content.get("assumeValidRestReferences").getAsBoolean() : false); val.setAssumeValidRestReferences(content.has("assumeValidRestReferences") ? content.get("assumeValidRestReferences").getAsBoolean() : false);
logOutput(String.format("Start Validating (%d to set up)", (System.nanoTime() - setup) / 1000000)); logOutput(String.format("Start Validating (%d to set up)", (System.nanoTime() - setup) / 1000000));
@ -792,4 +795,13 @@ public class ValidationTests implements IEvaluationContext, IValidatorResourceFe
return false; return false;
} }
@Override
public org.hl7.fhir.utilities.json.model.JsonObject fetchJWKS(String address) throws JsonException, IOException {
if ("https://test.fhir.org/icao/.well-known/jwks.json".equals(address)) {
return org.hl7.fhir.utilities.json.parser.JsonParser.parseObject(TestingUtilities.loadTestResourceBytes("validator", "test.fhir.org-jwks.json"));
} else {
return org.hl7.fhir.utilities.json.parser.JsonParser.parseObjectFromUrl(address);
}
}
} }