From 17127eb9b46f1245c09d784788714a5f144183d0 Mon Sep 17 00:00:00 2001 From: dogukan10 Date: Fri, 1 Sep 2023 15:18:40 +0300 Subject: [PATCH] :sparkles: feat(SecuritySettings): Implement fixed basic token authentication --- .../scala/io/tofhir/engine/model/FhirSinkSettings.scala | 7 +++++++ .../main/scala/io/tofhir/engine/util/FhirClientUtil.scala | 3 ++- .../io/tofhir/engine/util/FhirMappingJobFormatter.scala | 3 ++- tofhir-server/src/main/resources/application.conf | 5 ++++- .../io/tofhir/server/fhir/FhirDefinitionsConfig.scala | 2 +- .../tofhir/server/fhir/FhirEndpointResourceReader.scala | 8 +++++++- .../src/main/scala/io/tofhir/server/fhir/package.scala | 1 + tofhir-server/src/test/resources/application.conf | 5 ++++- 8 files changed, 28 insertions(+), 6 deletions(-) diff --git a/tofhir-engine/src/main/scala/io/tofhir/engine/model/FhirSinkSettings.scala b/tofhir-engine/src/main/scala/io/tofhir/engine/model/FhirSinkSettings.scala index 1bf3f932..8c6b56a7 100644 --- a/tofhir-engine/src/main/scala/io/tofhir/engine/model/FhirSinkSettings.scala +++ b/tofhir-engine/src/main/scala/io/tofhir/engine/model/FhirSinkSettings.scala @@ -76,3 +76,10 @@ case class BearerTokenAuthorizationSettings(clientId: String, * @param password Password for basic authentication */ case class BasicAuthenticationSettings(username: String, password: String) extends IFhirRepositorySecuritySettings + +/** + * Security settings for FHIR API access via fixed token + * + * @param token The fixed token + */ +case class FixedTokenAuthenticationSettings(token: String) extends IFhirRepositorySecuritySettings \ No newline at end of file diff --git a/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirClientUtil.scala b/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirClientUtil.scala index a66e36e6..49a410f6 100644 --- a/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirClientUtil.scala +++ b/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirClientUtil.scala @@ -2,7 +2,7 @@ package io.tofhir.engine.util import akka.actor.ActorSystem import io.onfhir.client.OnFhirNetworkClient -import io.tofhir.engine.model.{BasicAuthenticationSettings, BearerTokenAuthorizationSettings, IFhirRepositorySecuritySettings} +import io.tofhir.engine.model.{BasicAuthenticationSettings, BearerTokenAuthorizationSettings, FixedTokenAuthenticationSettings, IFhirRepositorySecuritySettings} object FhirClientUtil { /** @@ -18,6 +18,7 @@ object FhirClientUtil { case BearerTokenAuthorizationSettings(clientId, clientSecret, requiredScopes, authzServerTokenEndpoint, clientAuthenticationMethod) => client.withOpenIdBearerTokenAuthentication(clientId, clientSecret, requiredScopes, authzServerTokenEndpoint, clientAuthenticationMethod) case BasicAuthenticationSettings(username, password) => client.withBasicAuthentication(username, password) + case FixedTokenAuthenticationSettings(token) => client.withFixedBasicTokenAuthentication(token) } .getOrElse(client) } diff --git a/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirMappingJobFormatter.scala b/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirMappingJobFormatter.scala index 2559917d..482f02d8 100644 --- a/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirMappingJobFormatter.scala +++ b/tofhir-engine/src/main/scala/io/tofhir/engine/util/FhirMappingJobFormatter.scala @@ -1,7 +1,7 @@ package io.tofhir.engine.util import io.tofhir.engine.config.ErrorHandlingType -import io.tofhir.engine.model.{BasicAuthenticationSettings, BearerTokenAuthorizationSettings, FhirMappingJob, FhirRepositorySinkSettings, FileSystemSinkSettings, FileSystemSource, FileSystemSourceSettings, KafkaSource, KafkaSourceSettings, LocalFhirTerminologyServiceSettings, SqlSource, SqlSourceSettings} +import io.tofhir.engine.model.{BasicAuthenticationSettings, BearerTokenAuthorizationSettings, FhirMappingJob, FhirRepositorySinkSettings, FileSystemSinkSettings, FileSystemSource, FileSystemSourceSettings, FixedTokenAuthenticationSettings, KafkaSource, KafkaSourceSettings, LocalFhirTerminologyServiceSettings, SqlSource, SqlSourceSettings} import org.json4s.{Formats, ShortTypeHints} import org.json4s.ext.EnumNameSerializer import org.json4s.jackson.Serialization @@ -33,6 +33,7 @@ object FhirMappingJobFormatter { // Authorization types classOf[BearerTokenAuthorizationSettings], classOf[BasicAuthenticationSettings], + classOf[FixedTokenAuthenticationSettings], //Terminology setvices classOf[LocalFhirTerminologyServiceSettings] ))) + diff --git a/tofhir-server/src/main/resources/application.conf b/tofhir-server/src/main/resources/application.conf index 2dbc3432..ee98af22 100644 --- a/tofhir-server/src/main/resources/application.conf +++ b/tofhir-server/src/main/resources/application.conf @@ -66,7 +66,7 @@ fhir = { # For now, toFHIR can read definitions from a single FHIR endpoint. definitions-fhir-endpoint = "http://localhost:8081/fhir" fhir-endpoint-auth = { - # basic | token + # basic | token | fixed-token # If one of the auth methods is selected, its configurations must be provided as shown below. method = null @@ -83,6 +83,9 @@ fhir = { # scopes = [] # token-endpoint = "https://onauth.srdc.com.tr" # } + +# # fixed token configurations are used if the auth method is fixed-token +# fixed-token = "XXX" } # Path to the zip file or folder that includes the FHIR resource and data type profile definitions (FHIR StructureDefinition) to be served by toFHIR webserver so that mappings can be performed accordingly. diff --git a/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirDefinitionsConfig.scala b/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirDefinitionsConfig.scala index d4501a5a..7a07f608 100644 --- a/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirDefinitionsConfig.scala +++ b/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirDefinitionsConfig.scala @@ -24,7 +24,7 @@ class FhirDefinitionsConfig(fhirDefinitionsConfig: Config) { lazy val authTokenClientSecret: Option[String] = Try(fhirDefinitionsConfig.getString("fhir-endpoint-auth.token.client-secret")).toOption lazy val authTokenScopeList: Option[Seq[String]] = Try(fhirDefinitionsConfig.getStringList("fhir-endpoint-auth.token.scopes").asScala.toSeq).toOption lazy val authTokenEndpoint: Option[String] = Try(fhirDefinitionsConfig.getString("fhir-endpoint-auth.token.token-endpoint")).toOption - + lazy val authFixedToken: Option[String] = Try(fhirDefinitionsConfig.getString("fhir-endpoint-auth.fixed-token")).toOption /** Path to the zip file or folder that includes the FHIR resource and data type profile definitions (FHIR StructureDefinition) to be served by toFHIR webserver so that mappings can be performed accordingly. */ lazy val profilesPath: Option[String] = Try(fhirDefinitionsConfig.getString("profiles-path")).toOption diff --git a/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirEndpointResourceReader.scala b/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirEndpointResourceReader.scala index bd33e587..6f027702 100644 --- a/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirEndpointResourceReader.scala +++ b/tofhir-server/src/main/scala/io/tofhir/server/fhir/FhirEndpointResourceReader.scala @@ -3,7 +3,7 @@ package io.tofhir.server.fhir import io.onfhir.api.{FHIR_FOUNDATION_RESOURCES, Resource} import io.onfhir.client.OnFhirNetworkClient import io.onfhir.config.{FSConfigReader, IFhirConfigReader} -import io.tofhir.engine.model.{BasicAuthenticationSettings, BearerTokenAuthorizationSettings} +import io.tofhir.engine.model.{BasicAuthenticationSettings, BearerTokenAuthorizationSettings, FixedTokenAuthenticationSettings} import io.tofhir.engine.util.FhirClientUtil import io.tofhir.engine.Execution.actorSystem import actorSystem.dispatcher @@ -43,6 +43,12 @@ class FhirEndpointResourceReader(fhirDefinitionsConfig: FhirDefinitionsConfig) e } FhirClientUtil.createOnFhirClient(fhirDefinitionsConfig.definitionsFHIREndpoint.get, Some(BearerTokenAuthorizationSettings(fhirDefinitionsConfig.authTokenClientId.get, fhirDefinitionsConfig.authTokenClientSecret.get, fhirDefinitionsConfig.authTokenScopeList.get, fhirDefinitionsConfig.authTokenEndpoint.get))) + case FhirAuthMethod.FIXED_TOKEN => + if (fhirDefinitionsConfig.authFixedToken.isEmpty) { + throw new IllegalArgumentException("For fixed token authentication, a token must be provided!") + } + FhirClientUtil.createOnFhirClient(fhirDefinitionsConfig.definitionsFHIREndpoint.get, + Some(FixedTokenAuthenticationSettings(fhirDefinitionsConfig.authFixedToken.get))) } } } diff --git a/tofhir-server/src/main/scala/io/tofhir/server/fhir/package.scala b/tofhir-server/src/main/scala/io/tofhir/server/fhir/package.scala index e94ffdf7..572fe613 100644 --- a/tofhir-server/src/main/scala/io/tofhir/server/fhir/package.scala +++ b/tofhir-server/src/main/scala/io/tofhir/server/fhir/package.scala @@ -5,5 +5,6 @@ package object fhir { type FhirAuthMethod = Value final val BASIC = Value("basic") final val BEARER_TOKEN = Value("token") + final val FIXED_TOKEN = Value("fixed-token") } } diff --git a/tofhir-server/src/test/resources/application.conf b/tofhir-server/src/test/resources/application.conf index bc54391f..7968c3ab 100644 --- a/tofhir-server/src/test/resources/application.conf +++ b/tofhir-server/src/test/resources/application.conf @@ -62,7 +62,7 @@ fhir = { # For now, toFHIR can read definitions from a single FHIR endpoint. definitions-fhir-endpoint = null fhir-endpoint-auth = { - # basic | token + # basic | token | fixed-token # If one of the auth methods is selected, its configurations must be provided as shown below. method = null @@ -79,6 +79,9 @@ fhir = { # scopes = [] # token-endpoint = "https://onauth.srdc.com.tr" # } + +# # fixed token configurations are used if the auth method is fixed-token +# fixed-token = "XXX" } # Path to the zip file or folder that includes the FHIR resource and data type profile definitions (FHIR StructureDefinition) to be served by toFHIR webserver so that mappings can be performed accordingly.