diff --git a/org.hl7.fhir.dstu2/src/main/java/org/hl7/fhir/dstu2/utils/client/ClientUtils.java b/org.hl7.fhir.dstu2/src/main/java/org/hl7/fhir/dstu2/utils/client/ClientUtils.java index 32cdcf79d..52059fd74 100644 --- a/org.hl7.fhir.dstu2/src/main/java/org/hl7/fhir/dstu2/utils/client/ClientUtils.java +++ b/org.hl7.fhir.dstu2/src/main/java/org/hl7/fhir/dstu2/utils/client/ClientUtils.java @@ -119,7 +119,7 @@ public class ClientUtils { private final TimeUnit timeoutUnit = TimeUnit.MILLISECONDS; protected ManagedFhirWebAccessBuilder getManagedWebAccessBuilder() { - return new ManagedFhirWebAccessBuilder("hapi-fhir-tooling-client", null).withRetries(retryCount).withTimeout(timeout, timeoutUnit).withLogger(logger); + return ManagedWebAccess.fhirBuilder().withRetries(retryCount).withTimeout(timeout, timeoutUnit).withLogger(logger); } public ResourceRequest issueOptionsRequest(URI optionsUri, String resourceFormat, diff --git a/org.hl7.fhir.dstu3/src/main/java/org/hl7/fhir/dstu3/utils/client/network/FhirRequestBuilder.java b/org.hl7.fhir.dstu3/src/main/java/org/hl7/fhir/dstu3/utils/client/network/FhirRequestBuilder.java index 86f5b9806..d63267949 100644 --- a/org.hl7.fhir.dstu3/src/main/java/org/hl7/fhir/dstu3/utils/client/network/FhirRequestBuilder.java +++ b/org.hl7.fhir.dstu3/src/main/java/org/hl7/fhir/dstu3/utils/client/network/FhirRequestBuilder.java @@ -115,7 +115,7 @@ public class FhirRequestBuilder { } protected ManagedFhirWebAccessBuilder getManagedWebAccessBuilder() { - return new ManagedFhirWebAccessBuilder("hapi-fhir-tooling-client", null).withRetries(retryCount).withTimeout(timeout, timeoutUnit).withLogger(logger); + return ManagedWebAccess.fhirBuilder().withRetries(retryCount).withTimeout(timeout, timeoutUnit).withLogger(logger); } public FhirRequestBuilder withResourceFormat(String resourceFormat) { diff --git a/org.hl7.fhir.r4/src/main/java/org/hl7/fhir/r4/utils/client/network/FhirRequestBuilder.java b/org.hl7.fhir.r4/src/main/java/org/hl7/fhir/r4/utils/client/network/FhirRequestBuilder.java index e849e15f2..29d2a6d4c 100644 --- a/org.hl7.fhir.r4/src/main/java/org/hl7/fhir/r4/utils/client/network/FhirRequestBuilder.java +++ b/org.hl7.fhir.r4/src/main/java/org/hl7/fhir/r4/utils/client/network/FhirRequestBuilder.java @@ -125,7 +125,7 @@ public class FhirRequestBuilder { } protected ManagedFhirWebAccessBuilder getManagedWebAccessBuilder() { - return new ManagedFhirWebAccessBuilder("hapi-fhir-tooling-client", null).withRetries(retryCount).withTimeout(timeout, timeoutUnit).withLogger(logger); + return ManagedWebAccess.fhirBuilder().withRetries(retryCount).withTimeout(timeout, timeoutUnit).withLogger(logger); } public FhirRequestBuilder withResourceFormat(String resourceFormat) { diff --git a/org.hl7.fhir.r4b/src/main/java/org/hl7/fhir/r4b/utils/client/network/FhirRequestBuilder.java b/org.hl7.fhir.r4b/src/main/java/org/hl7/fhir/r4b/utils/client/network/FhirRequestBuilder.java index b0b2e94bb..47a45c691 100644 --- a/org.hl7.fhir.r4b/src/main/java/org/hl7/fhir/r4b/utils/client/network/FhirRequestBuilder.java +++ b/org.hl7.fhir.r4b/src/main/java/org/hl7/fhir/r4b/utils/client/network/FhirRequestBuilder.java @@ -127,7 +127,7 @@ public class FhirRequestBuilder { } protected ManagedFhirWebAccessBuilder getManagedWebAccessBuilder() { - return new ManagedFhirWebAccessBuilder("hapi-fhir-tooling-client", null).withRetries(retryCount).withTimeout(timeout, timeoutUnit).withLogger(logger); + return ManagedWebAccess.fhirBuilder().withRetries(retryCount).withTimeout(timeout, timeoutUnit).withLogger(logger); } public FhirRequestBuilder withResourceFormat(String resourceFormat) { diff --git a/org.hl7.fhir.r5/src/main/java/org/hl7/fhir/r5/utils/client/network/FhirRequestBuilder.java b/org.hl7.fhir.r5/src/main/java/org/hl7/fhir/r5/utils/client/network/FhirRequestBuilder.java index e42b85793..eeb28b1be 100644 --- a/org.hl7.fhir.r5/src/main/java/org/hl7/fhir/r5/utils/client/network/FhirRequestBuilder.java +++ b/org.hl7.fhir.r5/src/main/java/org/hl7/fhir/r5/utils/client/network/FhirRequestBuilder.java @@ -113,59 +113,10 @@ public class FhirRequestBuilder { || issue.getSeverity() == OperationOutcome.IssueSeverity.FATAL)); } - - protected ManagedFhirWebAccessBuilder getManagedWebAccessBuilder() { - return new ManagedFhirWebAccessBuilder("hapi-fhir-tooling-client", null).withRetries(retryCount).withTimeout(timeout, timeoutUnit).withLogger(logger); + return ManagedWebAccess.fhirBuilder().withRetries(retryCount).withTimeout(timeout, timeoutUnit).withLogger(logger); } - /** - * We only ever want to have one copy of the HttpClient kicking around at any given time. If we need to make changes - * to any configuration, such as proxy settings, timeout, caches, etc, we can do a per-call configuration through - * the {@link OkHttpClient#newBuilder()} method. That will return a builder that shares the same connection pool, - * dispatcher, and configuration with the original client. - *

- * The {@link OkHttpClient} uses the proxy auth properties set in the current system properties. The reason we don't - * set the proxy address and authentication explicitly, is due to the fact that this class is often used in conjunction - * with other http client tools which rely on the system.properties settings to determine proxy settings. It's easier - * to keep the method consistent across the board. ...for now. - * - * @return {@link OkHttpClient} instance - */ - /*FIXME delete after refactor - protected OkHttpClient getHttpClient() { - if (okHttpClient == null) { - okHttpClient = new OkHttpClient(); - } - - Authenticator proxyAuthenticator = getAuthenticator(); - - OkHttpClient.Builder builder = okHttpClient.newBuilder(); - if (logger != null) builder.addInterceptor(logger); - builder.addInterceptor(new RetryInterceptor(retryCount)); - return builder.connectTimeout(timeout, timeoutUnit) - .writeTimeout(timeout, timeoutUnit) - .readTimeout(timeout, timeoutUnit) - .proxyAuthenticator(proxyAuthenticator) - .build(); - } -*/ - /*FIXME delete after refactor - @Nonnull - private static Authenticator getAuthenticator() { - return (route, response) -> { - final String httpProxyUser = System.getProperty(HTTP_PROXY_USER); - final String httpProxyPass = System.getProperty(HTTP_PROXY_PASS); - if (httpProxyUser != null && httpProxyPass != null) { - String credential = Credentials.basic(httpProxyUser, httpProxyPass); - return response.request().newBuilder() - .header(HEADER_PROXY_AUTH, credential) - .build(); - } - return response.request().newBuilder().build(); - }; - } -*/ public FhirRequestBuilder withResourceFormat(String resourceFormat) { this.resourceFormat = resourceFormat; return this; @@ -197,8 +148,6 @@ public class FhirRequestBuilder { return this; } - - public ResourceRequest execute() throws IOException { HTTPRequest requestWithHeaders = formatHeaders(httpRequest, resourceFormat, headers); HTTPResult response = getManagedWebAccessBuilder().httpCall(requestWithHeaders);//getHttpClient().newCall(httpRequest.build()).execute(); diff --git a/org.hl7.fhir.r5/src/test/java/org/hl7/fhir/r5/utils/client/ManagedWebAccessAuthTests.java b/org.hl7.fhir.r5/src/test/java/org/hl7/fhir/r5/utils/client/ManagedWebAccessAuthTests.java new file mode 100644 index 000000000..8198a614c --- /dev/null +++ b/org.hl7.fhir.r5/src/test/java/org/hl7/fhir/r5/utils/client/ManagedWebAccessAuthTests.java @@ -0,0 +1,11 @@ +package org.hl7.fhir.r5.utils.client; + +import org.hl7.fhir.utilities.http.ManagedWebAccess; +import org.junit.BeforeClass; + +public class ManagedWebAccessAuthTests { + @BeforeClass + public static void setUp() { + ManagedWebAccess.setUserAgent("hapi-fhir-testing-client"); + } +} diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedFhirWebAccessBuilder.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedFhirWebAccessBuilder.java index b5ca2ecd4..5b3ff01d0 100644 --- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedFhirWebAccessBuilder.java +++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedFhirWebAccessBuilder.java @@ -50,7 +50,8 @@ public class ManagedFhirWebAccessBuilder extends ManagedWebAccessBuilderBase headers = new ArrayList<>(); - if (HTTPHeaderUtil.getSingleHeader(request.getHeaders(), HTTPHeaderUtil.USER_AGENT) == null) { + if (HTTPHeaderUtil.getSingleHeader(request.getHeaders(), HTTPHeaderUtil.USER_AGENT) == null + && getUserAgent() != null) { headers.add(new HTTPHeader(HTTPHeaderUtil.USER_AGENT, getUserAgent())); } request.getHeaders().forEach(headers::add); diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedWebAccess.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedWebAccess.java index b9d818f5c..91776bf27 100644 --- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedWebAccess.java +++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/http/ManagedWebAccess.java @@ -32,16 +32,15 @@ package org.hl7.fhir.utilities.http; import java.io.IOException; -import java.util.ArrayList; -import java.util.List; -import java.util.Map; +import java.util.*; import lombok.Getter; import okhttp3.Response; +import org.hl7.fhir.utilities.settings.FhirSettings; import org.hl7.fhir.utilities.settings.ServerDetailsPOJO; /** - * see security.md - manages access to the local file system by the FHIR HAPI Core library + * see security.md - manages web access by the FHIR HAPI Core library *

* By using accessPolicy, allowedDomains and accessor, a host java application can control * whether this library has direct access to the web (and which domains it is allowed to access), @@ -77,6 +76,8 @@ public class ManagedWebAccess { @Getter private static IFhirWebAccessor fhirWebAccessor; + + @Getter private static String userAgent; private static List serverAuthDetails; @@ -133,4 +134,19 @@ public class ManagedWebAccess { return fhirBuilder().httpCall(httpRequest); } + public static void loadFromFHIRSettings() { + setAccessPolicy(FhirSettings.isProhibitNetworkAccess() ? WebAccessPolicy.PROHIBITED : WebAccessPolicy.DIRECT); + setUserAgent("hapi-fhir-tooling-client"); + serverAuthDetails = new ArrayList<>(); + serverAuthDetails.addAll(FhirSettings.getPackageServers()); + serverAuthDetails.addAll(FhirSettings.getTerminologyServers()); + } + + public static void loadFromFHIRSettings(FhirSettings settings) { + setAccessPolicy(settings.isProhibitNetworkAccess() ? WebAccessPolicy.PROHIBITED : WebAccessPolicy.DIRECT); + setUserAgent("hapi-fhir-tooling-client"); + serverAuthDetails = new ArrayList<>(); + serverAuthDetails.addAll(settings.getPackageServers()); + serverAuthDetails.addAll(settings.getTerminologyServers()); + } } \ No newline at end of file diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/FhirSettings.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/FhirSettings.java index dc69f3fd0..060ce2195 100644 --- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/FhirSettings.java +++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/settings/FhirSettings.java @@ -4,6 +4,7 @@ import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; +import java.util.Arrays; import java.util.Collections; import java.util.List; @@ -232,6 +233,14 @@ public class FhirSettings { if (instance.fhirSettings.getPackageManagement() == null) { return Collections.emptyList(); } - return List.of(instance.fhirSettings.getPackageManagement().getServers().toArray(new ServerDetailsPOJO[]{})); + return Arrays.asList(instance.fhirSettings.getPackageManagement().getServers().toArray(new ServerDetailsPOJO[]{})); + } + + public static List getTerminologyServers() { + getInstance(); + if (instance.fhirSettings.getTerminologyServers() == null) { + return Collections.emptyList(); + } + return Arrays.asList(instance.fhirSettings.getTerminologyServers().getServers().toArray(new ServerDetailsPOJO[]{})); } } diff --git a/org.hl7.fhir.validation/src/main/java/org/hl7/fhir/validation/ValidatorCli.java b/org.hl7.fhir.validation/src/main/java/org/hl7/fhir/validation/ValidatorCli.java index 3684923b3..ff1d9d4de 100644 --- a/org.hl7.fhir.validation/src/main/java/org/hl7/fhir/validation/ValidatorCli.java +++ b/org.hl7.fhir.validation/src/main/java/org/hl7/fhir/validation/ValidatorCli.java @@ -71,6 +71,7 @@ import org.hl7.fhir.utilities.SystemExitManager; import org.hl7.fhir.utilities.TimeTracker; import org.hl7.fhir.utilities.Utilities; import org.hl7.fhir.utilities.VersionUtilities; +import org.hl7.fhir.utilities.http.ManagedWebAccess; import org.hl7.fhir.utilities.settings.FhirSettings; import org.hl7.fhir.validation.cli.model.CliContext; import org.hl7.fhir.validation.cli.services.ValidationService; @@ -151,6 +152,7 @@ public class ValidatorCli { if (cliContext.getFhirSettingsFile() != null) { FhirSettings.setExplicitFilePath(cliContext.getFhirSettingsFile()); } + ManagedWebAccess.loadFromFHIRSettings(); FileFormat.checkCharsetAndWarnIfNotUTF8(System.out); diff --git a/org.hl7.fhir.validation/src/test/java/ManagedWebAccessAuthTests.java b/org.hl7.fhir.validation/src/test/java/ManagedWebAccessAuthTests.java new file mode 100644 index 000000000..ce57a67bc --- /dev/null +++ b/org.hl7.fhir.validation/src/test/java/ManagedWebAccessAuthTests.java @@ -0,0 +1,9 @@ +import org.hl7.fhir.utilities.http.ManagedWebAccess; +import org.junit.BeforeClass; + +public class ManagedWebAccessAuthTests { + @BeforeClass + public static void setUp() { + ManagedWebAccess.setUserAgent("hapi-fhir-testing-client"); + } +}