From 17127eb9b46f1245c09d784788714a5f144183d0 Mon Sep 17 00:00:00 2001 From: dogukan10 Date: Fri, 1 Sep 2023 15:18:40 +0300 Subject: [PATCH] :sparkles: feat(SecuritySettings): Implement fixed basic token authentication --- .../scala/io/tofhir/engine/model/FhirSinkSettings.scala | 7 +++++++ .../main/scala/io/tofhir/engine/util/FhirClientUtil.scala | 3 ++- .../io/tofhir/engine/util/FhirMappingJobFormatter.scala | 3 ++- tofhir-server/src/main/resources/application.conf | 5 ++++- .../io/tofhir/server/fhir/FhirDefinitionsConfig.scala | 2 +- .../tofhir/server/fhir/FhirEndpointResourceReader.scala | 8 +++++++- .../src/main/scala/io/tofhir/server/fhir/package.scala | 1 + tofhir-server/src/test/resources/application.conf | 5 ++++- 8 files changed, 28 insertions(+), 6 deletions(-) diff --git a/tofhir-engine/src/main/scala/io/tofhir/engine/model/FhirSinkSettings.scala b/tofhir-engine/src/main/scala/io/tofhir/engine/model/FhirSinkSettings.scala index 1bf3f9325..8c6b56a74 100644 --- a/tofhir-engine/src/main/scala/io/tofhir/engine/model/FhirSinkSettings.scala +++ b/tofhir-engine/src/main/scala/io/tofhir/engine/model/FhirSinkSettings.scala @@ -76,3 +76,10 @@ case class BearerTokenAuthorizationSettings(clientId: String, * @param password Password for basic authentication */ case class BasicAuthenticationSettings(username: String, password: String) extends IFhirRepositorySecuritySettings + +/** + * Security settings for FHIR API access via fixed token + * + * @param token The fixed token + */ +case class FixedTokenAuthenticationSettings(token: String) extends IFhirRepositorySecuritySettings \ No newline at end of file diff --git a/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirClientUtil.scala b/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirClientUtil.scala index a66e36e65..49a410f6b 100644 --- a/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirClientUtil.scala +++ b/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirClientUtil.scala @@ -2,7 +2,7 @@ package io.tofhir.engine.util import akka.actor.ActorSystem import io.onfhir.client.OnFhirNetworkClient -import io.tofhir.engine.model.{BasicAuthenticationSettings, BearerTokenAuthorizationSettings, IFhirRepositorySecuritySettings} +import io.tofhir.engine.model.{BasicAuthenticationSettings, BearerTokenAuthorizationSettings, FixedTokenAuthenticationSettings, IFhirRepositorySecuritySettings} object FhirClientUtil { /** @@ -18,6 +18,7 @@ object FhirClientUtil { case BearerTokenAuthorizationSettings(clientId, clientSecret, requiredScopes, authzServerTokenEndpoint, clientAuthenticationMethod) => client.withOpenIdBearerTokenAuthentication(clientId, clientSecret, requiredScopes, authzServerTokenEndpoint, clientAuthenticationMethod) case BasicAuthenticationSettings(username, password) => client.withBasicAuthentication(username, password) + case FixedTokenAuthenticationSettings(token) => client.withFixedBasicTokenAuthentication(token) } .getOrElse(client) } diff --git a/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirMappingJobFormatter.scala b/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirMappingJobFormatter.scala index 2559917d7..482f02d87 100644 --- a/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirMappingJobFormatter.scala +++ b/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirMappingJobFormatter.scala @@ -1,7 +1,7 @@ package io.tofhir.engine.util import io.tofhir.engine.config.ErrorHandlingType -import io.tofhir.engine.model.{BasicAuthenticationSettings, BearerTokenAuthorizationSettings, FhirMappingJob, FhirRepositorySinkSettings, FileSystemSinkSettings, FileSystemSource, FileSystemSourceSettings, KafkaSource, KafkaSourceSettings, LocalFhirTerminologyServiceSettings, SqlSource, SqlSourceSettings} +import io.tofhir.engine.model.{BasicAuthenticationSettings, BearerTokenAuthorizationSettings, FhirMappingJob, FhirRepositorySinkSettings, FileSystemSinkSettings, FileSystemSource, FileSystemSourceSettings, FixedTokenAuthenticationSettings, KafkaSource, KafkaSourceSettings, LocalFhirTerminologyServiceSettings, SqlSource, SqlSourceSettings} import org.json4s.{Formats, ShortTypeHints} import org.json4s.ext.EnumNameSerializer import org.json4s.jackson.Serialization @@ -33,6 +33,7 @@ object FhirMappingJobFormatter { // Authorization types classOf[BearerTokenAuthorizationSettings], classOf[BasicAuthenticationSettings], + classOf[FixedTokenAuthenticationSettings], //Terminology setvices classOf[LocalFhirTerminologyServiceSettings] ))) + diff --git a/tofhir-server/src/main/resources/application.conf b/tofhir-server/src/main/resources/application.conf index 2dbc34321..ee98af228 100644 --- a/tofhir-server/src/main/resources/application.conf +++ b/tofhir-server/src/main/resources/application.conf @@ -66,7 +66,7 @@ fhir = { # For now, toFHIR can read definitions from a single FHIR endpoint. definitions-fhir-endpoint = "http://localhost:8081/fhir" fhir-endpoint-auth = { - # basic | token + # basic | token | fixed-token # If one of the auth methods is selected, its configurations must be provided as shown below. method = null @@ -83,6 +83,9 @@ fhir = { # scopes = [] # token-endpoint = "https://onauth.srdc.com.tr" # } + +# # fixed token configurations are used if the auth method is fixed-token +# fixed-token = "XXX" } # Path to the zip file or folder that includes the FHIR resource and data type profile definitions (FHIR StructureDefinition) to be served by toFHIR webserver so that mappings can be performed accordingly. diff --git a/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirDefinitionsConfig.scala b/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirDefinitionsConfig.scala index d4501a5a7..7a07f608f 100644 --- a/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirDefinitionsConfig.scala +++ b/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirDefinitionsConfig.scala @@ -24,7 +24,7 @@ class FhirDefinitionsConfig(fhirDefinitionsConfig: Config) { lazy val authTokenClientSecret: Option[String] = Try(fhirDefinitionsConfig.getString("fhir-endpoint-auth.token.client-secret")).toOption lazy val authTokenScopeList: Option[Seq[String]] = Try(fhirDefinitionsConfig.getStringList("fhir-endpoint-auth.token.scopes").asScala.toSeq).toOption lazy val authTokenEndpoint: Option[String] = Try(fhirDefinitionsConfig.getString("fhir-endpoint-auth.token.token-endpoint")).toOption - + lazy val authFixedToken: Option[String] = Try(fhirDefinitionsConfig.getString("fhir-endpoint-auth.fixed-token")).toOption /** Path to the zip file or folder that includes the FHIR resource and data type profile definitions (FHIR StructureDefinition) to be served by toFHIR webserver so that mappings can be performed accordingly. */ lazy val profilesPath: Option[String] = Try(fhirDefinitionsConfig.getString("profiles-path")).toOption diff --git a/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirEndpointResourceReader.scala b/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirEndpointResourceReader.scala index bd33e5878..6f0277023 100644 --- a/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirEndpointResourceReader.scala +++ b/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirEndpointResourceReader.scala @@ -3,7 +3,7 @@ package io.tofhir.server.fhir import io.onfhir.api.{FHIR_FOUNDATION_RESOURCES, Resource} import io.onfhir.client.OnFhirNetworkClient import io.onfhir.config.{FSConfigReader, IFhirConfigReader} -import io.tofhir.engine.model.{BasicAuthenticationSettings, BearerTokenAuthorizationSettings} +import io.tofhir.engine.model.{BasicAuthenticationSettings, BearerTokenAuthorizationSettings, FixedTokenAuthenticationSettings} import io.tofhir.engine.util.FhirClientUtil import io.tofhir.engine.Execution.actorSystem import actorSystem.dispatcher @@ -43,6 +43,12 @@ class FhirEndpointResourceReader(fhirDefinitionsConfig: FhirDefinitionsConfig) e } FhirClientUtil.createOnFhirClient(fhirDefinitionsConfig.definitionsFHIREndpoint.get, Some(BearerTokenAuthorizationSettings(fhirDefinitionsConfig.authTokenClientId.get, fhirDefinitionsConfig.authTokenClientSecret.get, fhirDefinitionsConfig.authTokenScopeList.get, fhirDefinitionsConfig.authTokenEndpoint.get))) + case FhirAuthMethod.FIXED_TOKEN => + if (fhirDefinitionsConfig.authFixedToken.isEmpty) { + throw new IllegalArgumentException("For fixed token authentication, a token must be provided!") + } + FhirClientUtil.createOnFhirClient(fhirDefinitionsConfig.definitionsFHIREndpoint.get, + Some(FixedTokenAuthenticationSettings(fhirDefinitionsConfig.authFixedToken.get))) } } } diff --git a/tofhir-server/src/main/scala/io/tofhir/server/fhir/package.scala b/tofhir-server/src/main/scala/io/tofhir/server/fhir/package.scala index e94ffdf7d..572fe6136 100644 --- a/tofhir-server/src/main/scala/io/tofhir/server/fhir/package.scala +++ b/tofhir-server/src/main/scala/io/tofhir/server/fhir/package.scala @@ -5,5 +5,6 @@ package object fhir { type FhirAuthMethod = Value final val BASIC = Value("basic") final val BEARER_TOKEN = Value("token") + final val FIXED_TOKEN = Value("fixed-token") } } diff --git a/tofhir-server/src/test/resources/application.conf b/tofhir-server/src/test/resources/application.conf index bc54391f8..7968c3ab5 100644 --- a/tofhir-server/src/test/resources/application.conf +++ b/tofhir-server/src/test/resources/application.conf @@ -62,7 +62,7 @@ fhir = { # For now, toFHIR can read definitions from a single FHIR endpoint. definitions-fhir-endpoint = null fhir-endpoint-auth = { - # basic | token + # basic | token | fixed-token # If one of the auth methods is selected, its configurations must be provided as shown below. method = null @@ -79,6 +79,9 @@ fhir = { # scopes = [] # token-endpoint = "https://onauth.srdc.com.tr" # } + +# # fixed token configurations are used if the auth method is fixed-token +# fixed-token = "XXX" } # Path to the zip file or folder that includes the FHIR resource and data type profile definitions (FHIR StructureDefinition) to be served by toFHIR webserver so that mappings can be performed accordingly.