Merge remote-tracking branch 'origin/release/1.0.2.0'

* origin/release/1.0.2.0:
  release 1.0.2.0
  update dependencies
  improve env description to use dsf proxy env if not set specificaly
  improve documentation of proxy envs
  increase version to 1.0.2.0
  add recommendation to use default dsf proxy
  replyce dic with dms
  add oauth2 and defualt dsf-proxy support
  publish artefact on release
  start development cycle 1.0.1.1

.github/workflows/maven-publish.yml

@@ -10,8 +10,9 @@ on:
 jobs:
   publish:
 
-    # Only run if pull requests are merged, omit running if pull requests are closed without merging
-    if: github.event.pull_request.merged
+    # Only run if releases are published or pull requests are merged,
+    # omit running if pull requests are closed without merging
+    if: github.event.pull_request.merged || github.event.action == 'published'
 
     runs-on: ubuntu-latest
 

pom.xml

@@ -6,14 +6,14 @@
 
 	<groupId>de.medizininformatik-initiative</groupId>
 	<artifactId>mii-process-data-transfer</artifactId>
-	<version>1.0.1.0</version>
+	<version>1.0.2.0</version>
 
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<compileSource>17</compileSource>
 		<compileTarget>17</compileTarget>
 
-		<dsf.version>1.5.1</dsf.version>
+		<dsf.version>1.5.2</dsf.version>
 		<testSetup.location>../mii-processes-test-setup</testSetup.location>
 	</properties>
 
@@ -45,7 +45,7 @@
 		<dependency>
 			<groupId>de.medizininformatik-initiative</groupId>
 			<artifactId>mii-processes-common</artifactId>
-			<version>1.0.1.0</version>
+			<version>1.0.2.0</version>
 		</dependency>
 
 		<dependency>
@@ -91,12 +91,12 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-surefire-plugin</artifactId>
-				<version>3.2.5</version>
+				<version>3.3.1</version>
 			</plugin>
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-jar-plugin</artifactId>
-				<version>3.4.1</version>
+				<version>3.4.2</version>
 				<configuration>
 					<archive>
 						<manifest>
@@ -113,7 +113,7 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-shade-plugin</artifactId>
-				<version>3.5.3</version>
+				<version>3.6.0</version>
 				<executions>
 					<execution>
 						<phase>package</phase>
@@ -141,12 +141,12 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-dependency-plugin</artifactId>
-				<version>3.6.1</version>
+				<version>3.7.1</version>
 			</plugin>
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-clean-plugin</artifactId>
-				<version>3.3.2</version>
+				<version>3.4.0</version>
 			</plugin>
 			<plugin>
 				<groupId>org.codehaus.mojo</groupId>
@@ -169,15 +169,15 @@
 			<plugin>
 				<groupId>net.revelc.code.formatter</groupId>
 				<artifactId>formatter-maven-plugin</artifactId>
-				<version>2.23.0</version>
+				<version>2.24.1</version>
 				<configuration>
 					<configFile>eclipse-formatter-config.xml</configFile>
 				</configuration>
 			</plugin>
 			<plugin>
 				<groupId>net.revelc.code</groupId>
 				<artifactId>impsort-maven-plugin</artifactId>
-				<version>1.9.0</version>
+				<version>1.11.0</version>
 				<configuration>
 					<compliance>17</compliance>
 					<groups>java.,javax.,org.,com.</groups>
@@ -209,17 +209,17 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-project-info-reports-plugin</artifactId>
-				<version>3.5.0</version>
+				<version>3.6.2</version>
 			</plugin>
 			<plugin>
 				<groupId>com.github.spotbugs</groupId>
 				<artifactId>spotbugs-maven-plugin</artifactId>
-				<version>4.8.5.0</version>
+				<version>4.8.6.2</version>
 			</plugin>
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-pmd-plugin</artifactId>
-				<version>3.22.0</version>
+				<version>3.24.0</version>
 			</plugin>
 		</plugins>
 	</build>

src/main/java/de/medizininformatik_initiative/process/data_transfer/DataTransferProcessPluginDefinition.java

@@ -11,8 +11,8 @@
 
 public class DataTransferProcessPluginDefinition implements ProcessPluginDefinition
 {
-	public static final String VERSION = "1.0.1.0";
-	public static final LocalDate RELEASE_DATE = LocalDate.of(2024, 6, 11);
+	public static final String VERSION = "1.0.2.0";
+	public static final LocalDate RELEASE_DATE = LocalDate.of(2024, 8, 1);
 
 	@Override
 	public String getName()

src/main/java/de/medizininformatik_initiative/process/data_transfer/spring/config/DicFhirClientConfig.java

@@ -11,15 +11,22 @@
 import ca.uhn.fhir.context.FhirContext;
 import de.medizininformatik_initiative.processes.common.fhir.client.FhirClientFactory;
 import de.medizininformatik_initiative.processes.common.fhir.client.logging.DataLogger;
+import de.medizininformatik_initiative.processes.common.fhir.client.token.OAuth2TokenClient;
+import de.medizininformatik_initiative.processes.common.fhir.client.token.OAuth2TokenProvider;
+import de.medizininformatik_initiative.processes.common.fhir.client.token.TokenClient;
+import de.medizininformatik_initiative.processes.common.fhir.client.token.TokenProvider;
+import dev.dsf.bpe.v1.ProcessPluginApi;
 import dev.dsf.bpe.v1.documentation.ProcessDocumentation;
 
 @Configuration
 public class DicFhirClientConfig
 {
-	// TODO: use default proxy config from DSF
 	@Autowired
 	private FhirContext fhirContext;
 
+	@Autowired
+	private ProcessPluginApi api;
+
 	@ProcessDocumentation(required = true, processNames = {
 			"medizininformatik-initiativede_dataSend" }, description = "The base address of the DIC FHIR server to read/store FHIR resources", example = "http://foo.bar/fhir")
 	@Value("${de.medizininformatik.initiative.data.transfer.dic.fhir.server.base.url:#{null}}")
@@ -81,20 +88,65 @@ public class DicFhirClientConfig
 	private boolean fhirStoreHapiClientVerbose;
 
 	@ProcessDocumentation(processNames = {
-			"medizininformatik-initiativede_dataSend" }, description = "Proxy location, set if the server containing the FHIR data can only be reached through a proxy", example = "http://proxy.foo:8080")
+			"medizininformatik-initiativede_dataSend" }, description = "Proxy location, set if the server containing the FHIR data can only be reached through a proxy, uses value from DEV_DSF_PROXY_URL if not set", example = "http://proxy.foo:8080")
 	@Value("${de.medizininformatik.initiative.data.transfer.dic.fhir.server.proxy.url:#{null}}")
 	private String fhirStoreProxyUrl;
 
 	@ProcessDocumentation(processNames = {
-			"medizininformatik-initiativede_dataSend" }, description = "Proxy username, set if the server containing the FHIR data can only be reached through a proxy which requests authentication")
+			"medizininformatik-initiativede_dataSend" }, description = "Proxy username, set if the server containing the FHIR data can only be reached through a proxy which requests authentication, uses value from DEV_DSF_PROXY_USERNAME if not set")
 	@Value("${de.medizininformatik.initiative.data.transfer.dic.fhir.server.proxy.username:#{null}}")
 	private String fhirStoreProxyUsername;
 
 	@ProcessDocumentation(processNames = {
-			"medizininformatik-initiativede_dataSend" }, description = "Proxy password, set if the server containing the FHIR data can only be reached through a proxy which requests authentication", recommendation = "Use docker secret file to configure by using *${env_variable}_FILE*")
+			"medizininformatik-initiativede_dataSend" }, description = "Proxy password, set if the server containing the FHIR data can only be reached through a proxy which requests authentication, uses value from DEV_DSF_PROXY_PASSWORD if not set", recommendation = "Use docker secret file to configure by using *${env_variable}_FILE*")
 	@Value("${de.medizininformatik.initiative.data.transfer.dic.fhir.server.proxy.password:#{null}}")
 	private String fhirStoreProxyPassword;
 
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_dataSend" }, description = "The url of the oidc provider to request access tokens (token endpoint)", example = "http://foo.baz/realms/fhir-realm/protocol/openid-connect/token")
+	@Value("${de.medizininformatik.initiative.data.transfer.dic.fhir.server.oauth2.issuer.url:#{null}}")
+	private String fhirStoreOAuth2IssuerUrl;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_dataSend" }, description = "Identifier of the client (username) used for authentication when accessing the oidc provider token endpoint")
+	@Value("${de.medizininformatik.initiative.data.transfer.dic.fhir.server.oauth2.client.id:#{null}}")
+	private String fhirStoreOAuth2ClientId;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_dataSend" }, description = "Secret of the client (password) used for authentication when accessing the oidc provider token endpoint", recommendation = "Use docker secret file to configure by using *${env_variable}_FILE*")
+	@Value("${de.medizininformatik.initiative.data.transfer.dic.fhir.server.oauth2.client.password:#{null}}")
+	private String fhirStoreOAuth2ClientSecret;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_dataSend" }, description = "The timeout in milliseconds until a connection is established between the client and the oidc provider", recommendation = "Change default value only if timeout exceptions occur")
+	@Value("${de.medizininformatik.initiative.data.transfer.dic.fhir.server.oauth2.timeout.connect:20000}")
+	private int fhirStoreOAuth2ConnectTimeout;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_dataSend" }, description = "Maximum period of inactivity in milliseconds between two consecutive data packets of the client and the oidc provider", recommendation = "Change default value only if timeout exceptions occur")
+	@Value("${de.medizininformatik.initiative.data.transfer.dic.fhir.server.oauth2.timeout.socket:60000}")
+	private int fhirStoreOAuth2SocketTimeout;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_dataSend" }, description = "PEM encoded file with one or more trusted root certificate to validate the oidc provider server certificate when connecting via https", recommendation = "Use docker secret file to configure", example = "/run/secrets/hospital_ca.pem")
+	@Value("${de.medizininformatik.initiative.data.transfer.dic.fhir.server.oauth2.trust.certificates:#{null}}")
+	private String fhirStoreOAuth2TrustStore;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_dataSend" }, description = "Proxy location, set if the oidc provider can only be reached through a proxy, uses value from DEV_DSF_PROXY_URL if not set", example = "http://proxy.foo:8080")
+	@Value("${de.medizininformatik.initiative.data.transfer.dic.fhir.server.oauth2.proxy.url:#{null}}")
+	private String fhirStoreOAuth2ProxyUrl;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_dataSend" }, description = "Proxy username, set if the oidc provider can only be reached through a proxy which requests authentication, uses value from DEV_DSF_PROXY_USERNAME if not set")
+	@Value("${de.medizininformatik.initiative.data.transfer.dic.fhir.server.oauth2.proxy.username:#{null}}")
+	private String fhirStoreOAuth2ProxyUsername;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_dataSend" }, description = "Proxy password, set if the oidc provider can only be reached through a proxy which requests authentication, uses value from DEV_DSF_PROXY_PASSWORD if not set", recommendation = "Use docker secret file to configure by using *${env_variable}_FILE*")
+	@Value("${de.medizininformatik.initiative.data.transfer.dic.fhir.server.oauth2.proxy.password:#{null}}")
+	private String fhirStoreOAuth2ProxyPassword;
+
 	@ProcessDocumentation(processNames = {
 			"medizininformatik-initiativede_dataSend" }, description = "To enable debug logging of FHIR resources set to `true`")
 	@Value("${de.medizininformatik.initiative.data.transfer.dic.fhir.dataLoggingEnabled:false}")
@@ -109,10 +161,46 @@ public FhirClientFactory fhirClientFactory()
 		Path certificatePath = checkExists(fhirStoreCertificate);
 		Path privateKeyPath = checkExists(fhirStorePrivateKey);
 
+		String proxyUrl = fhirStoreProxyUrl, proxyUsername = fhirStoreProxyUsername,
+				proxyPassword = fhirStoreProxyPassword;
+		if (proxyUrl == null && api.getProxyConfig().isEnabled()
+				&& !api.getProxyConfig().isNoProxyUrl(fhirStoreBaseUrl))
+		{
+			proxyUrl = api.getProxyConfig().getUrl();
+			proxyUsername = api.getProxyConfig().getUsername();
+			proxyPassword = api.getProxyConfig().getPassword() == null ? null
+					: new String(api.getProxyConfig().getPassword());
+		}
+
 		return new FhirClientFactory(trustStorePath, certificatePath, privateKeyPath, fhirStorePrivateKeyPassword,
 				fhirStoreConnectTimeout, fhirStoreSocketTimeout, fhirStoreConnectionRequestTimeout, fhirStoreBaseUrl,
-				fhirStoreUsername, fhirStorePassword, fhirStoreBearerToken, fhirStoreProxyUrl, fhirStoreProxyUsername,
-				fhirStoreProxyPassword, fhirStoreHapiClientVerbose, fhirContext, localIdentifierValue, dataLogger());
+				fhirStoreUsername, fhirStorePassword, fhirStoreBearerToken, tokenProvider(), proxyUrl, proxyUsername,
+				proxyPassword, fhirStoreHapiClientVerbose, fhirContext, localIdentifierValue, dataLogger());
+	}
+
+	public TokenProvider tokenProvider()
+	{
+		return new OAuth2TokenProvider(tokenClient());
+	}
+
+	public TokenClient tokenClient()
+	{
+		Path trustStoreOAuth2Path = checkExists(fhirStoreOAuth2TrustStore);
+
+		String proxyUrl = fhirStoreOAuth2ProxyUrl, proxyUsername = fhirStoreOAuth2ProxyUsername,
+				proxyPassword = fhirStoreOAuth2ProxyPassword;
+		if (proxyUrl == null && api.getProxyConfig().isEnabled()
+				&& !api.getProxyConfig().isNoProxyUrl(fhirStoreOAuth2IssuerUrl))
+		{
+			proxyUrl = api.getProxyConfig().getUrl();
+			proxyUsername = api.getProxyConfig().getUsername();
+			proxyPassword = api.getProxyConfig().getPassword() == null ? null
+					: new String(api.getProxyConfig().getPassword());
+		}
+
+		return new OAuth2TokenClient(fhirStoreOAuth2IssuerUrl, fhirStoreOAuth2ClientId, fhirStoreOAuth2ClientSecret,
+				fhirStoreOAuth2ConnectTimeout, fhirStoreOAuth2SocketTimeout, trustStoreOAuth2Path, proxyUrl,
+				proxyUsername, proxyPassword);
 	}
 
 	public DataLogger dataLogger()