From 48261335c1619f14f9e9a27af5e3a5c864ccc757 Mon Sep 17 00:00:00 2001 From: Matt Storer Date: Tue, 9 Jul 2024 12:12:20 -0700 Subject: [PATCH] added introspect-proxy to facilitate SDS development operations in a context wherein an introspect endpoint isn't available --- introspect-proxy/Dockerfile | 12 +++++++++++ introspect-proxy/README.md | 29 ++++++++++++++++++++++++++ introspect-proxy/docker-compose.yml | 6 ++++++ introspect-proxy/introspect-proxy.py | 22 +++++++++++++++++++ introspect-proxy/my_response_file.json | 6 ++++++ 5 files changed, 75 insertions(+) create mode 100644 introspect-proxy/Dockerfile create mode 100644 introspect-proxy/README.md create mode 100644 introspect-proxy/docker-compose.yml create mode 100644 introspect-proxy/introspect-proxy.py create mode 100644 introspect-proxy/my_response_file.json diff --git a/introspect-proxy/Dockerfile b/introspect-proxy/Dockerfile new file mode 100644 index 0000000..d5324f0 --- /dev/null +++ b/introspect-proxy/Dockerfile @@ -0,0 +1,12 @@ + +FROM alpine:latest + +EXPOSE 8181 +WORKDIR /serve + +RUN apk add --no-cache python3 + +COPY introspect-proxy.py /serve/introspect-proxy.py +COPY my_response_file.json /serve/response_file.json + +ENTRYPOINT [ "/serve/introspect-proxy.py", "8181", "/serve/response_file.json" ] diff --git a/introspect-proxy/README.md b/introspect-proxy/README.md new file mode 100644 index 0000000..8b86dea --- /dev/null +++ b/introspect-proxy/README.md @@ -0,0 +1,29 @@ +# introspect-proxy + +### *** FOR DEVELOPMENT PURPOSES ONLY *** + +_introspect-proxy_ is a stub system that facilitates running the SDS in a development context in which an OAuth2 +introspect endpoint isn't available. + +### To run: + +Install Docker and run the following commands: + +``` +docker build -t introspect . +docker compose up +``` + +Then configure the following property in _application.yaml_: + +``` + security: + oauth2: + resourceserver: + opaque-token: + introspection-uri: http://localhost:8181/introspect +``` + +This will instantiate a dummy _introspect_ endpoint that will always return the contents of the file +_my_response_file.json_, the `sub` element of which should contain the fully-qualified FHIR Patient ID +of a test _Patient_ resource that one is working with in a development context. diff --git a/introspect-proxy/docker-compose.yml b/introspect-proxy/docker-compose.yml new file mode 100644 index 0000000..ab46323 --- /dev/null +++ b/introspect-proxy/docker-compose.yml @@ -0,0 +1,6 @@ +version: "3.9" +services: + web: + image: introspect + ports: + - "8181:8181" diff --git a/introspect-proxy/introspect-proxy.py b/introspect-proxy/introspect-proxy.py new file mode 100644 index 0000000..34d62af --- /dev/null +++ b/introspect-proxy/introspect-proxy.py @@ -0,0 +1,22 @@ +#!/usr/bin/env python3 + +from http.server import BaseHTTPRequestHandler, HTTPServer +import os +import logging +import sys + + +listen_port = int( sys.argv[1] ) +response_filename = sys.argv[2] + +class IntrospectHTTPRequestHandler(BaseHTTPRequestHandler): + def do_POST( self ): + self.send_response( 200 ) + self.send_header('Content-type','application/json') + self.end_headers() + with open( response_filename, 'rb' ) as response_file: + contents = response_file.read() + self.wfile.write( contents ) + +with HTTPServer( ('', listen_port), IntrospectHTTPRequestHandler ) as server: + server.serve_forever() diff --git a/introspect-proxy/my_response_file.json b/introspect-proxy/my_response_file.json new file mode 100644 index 0000000..a2e0bdc --- /dev/null +++ b/introspect-proxy/my_response_file.json @@ -0,0 +1,6 @@ +{ + "active": true, + "client_id": "5fa54c47-ed80-405b-a0b7-611eee5d0159", + "scope": "patient/* openid fhirUser", + "sub": "https://gw.interop.community/MCCStaging/data/Patient/5806e210-771a-4986-ae48-e88ae3e82997" +}