use of ca.uhn.fhir.parser.StrictErrorHandler in project gpconnect-demonstrator by nhsconnect.
the class WebTokenFactory method jwtParseResourcesValidation.
/**
* handles the second part of the JWT object - the payload of claims checks
* for presence of mandatory items, absence of forbidden itsms and
* validity of some json objects which will be converted to hapifhir
* resource objects
*
* @param claimsJsonString
*/
private void jwtParseResourcesValidation(String claimsJsonString) {
if (fhirJsonParser == null) {
fhirJsonParser = FhirContext.forDstu3().newJsonParser().setParserErrorHandler(new StrictErrorHandler());
}
String thisClaim = null;
try {
JsonNode jsonNode = new ObjectMapper().readTree(claimsJsonString);
// Check for json objects that are not allowed
for (String claim : new String[] { // #170 requested_record is not allowed
"requested_record" }) {
if (jsonNode.get(claim) != null) {
throwInvalidRequest400_BadRequestException(String.format("JWT claim %s should not be present", claim));
}
}
// we now see if they can be converted to valid fhir resources
for (String claim : new String[] { "requesting_practitioner", "requesting_device", "requesting_organization" }) {
thisClaim = claim;
if (jsonNode.get(claim) == null) {
throwInvalidRequest400_BadRequestException(String.format("JWT required claim %s is not present", thisClaim));
}
// are these valid json objects also valid fhir resources?
fhirJsonParser.parseResource(jsonNode.get(claim).toString());
}
} catch (DataFormatException e) {
// NB This is a fhir exception not a jackson json parsing exception
// TODO NB This is UnprocessableEntity is that correct?
throwUnprocessableEntity422_BadRequestException(String.format("Invalid Resource claim %s in JWT (Not a valid Fhir Resource - %s)", thisClaim, e.getMessage()));
} catch (IOException ex) {
throwInvalidRequest400_BadRequestException(String.format("Unparsable JSON retrieving JWT claim %s", thisClaim));
}
}
use of ca.uhn.fhir.parser.StrictErrorHandler in project gpconnect-demonstrator by nhsconnect.
the class FhirRestfulServlet method initialize.
@Override
protected void initialize() throws ServletException {
FhirContext ctx = FhirContext.forDstu3();
ctx.setParserErrorHandler(new StrictErrorHandler());
// version required on capability statement operation definition
// see https://hapifhir.io/doc_resource_references.html
ctx.getParserOptions().setStripVersionsFromReferences(false);
// This explicit call does not work
// /ctx.getParserOptions().setDontStripVersionsFromReferencesAtPaths("CapabilityStatement");
setFhirContext(ctx);
setETagSupport(ETagSupportEnum.ENABLED);
setServerAddressStrategy(new HardcodedServerAddressStrategy(serverBaseUrl));
setResourceProviders(Arrays.asList(applicationContext.getBean(PatientResourceProvider.class), applicationContext.getBean(OrganizationResourceProvider.class), applicationContext.getBean(PractitionerResourceProvider.class), // applicationContext.getBean(MedicationResourceProvider.class), // #183
applicationContext.getBean(LocationResourceProvider.class), applicationContext.getBean(AppointmentResourceProvider.class), // applicationContext.getBean(ScheduleResourceProvider.class), // #183
applicationContext.getBean(SlotResourceProvider.class)));
CorsConfiguration config = new CorsConfiguration();
config.setMaxAge(10L);
config.addAllowedOrigin("*");
config.setAllowCredentials(Boolean.TRUE);
config.setExposedHeaders(Arrays.asList(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS));
config.setAllowedMethods(Arrays.asList(HttpMethod.GET.name(), HttpMethod.POST.name(), HttpMethod.PUT.name(), HttpMethod.DELETE.name()));
config.setAllowedHeaders(Arrays.asList(HttpHeaders.ACCEPT, HttpHeaders.ACCEPT_ENCODING, HttpHeaders.ACCEPT_LANGUAGE, HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS, HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, HttpHeaders.AUTHORIZATION, HttpHeaders.CACHE_CONTROL, HttpHeaders.CONNECTION, HttpHeaders.CONTENT_LENGTH, SystemHeader.PREFER, HttpHeaders.CONTENT_TYPE, HttpHeaders.COOKIE, HttpHeaders.HOST, HttpHeaders.ORIGIN, HttpHeaders.PRAGMA, HttpHeaders.REFERER, SystemHeader.SSP_FROM, SystemHeader.SSP_INTERACTIONID, SystemHeader.SSP_TO, SystemHeader.SSP_TRACEID, HttpHeaders.USER_AGENT, SystemHeader.X_REQUESTED_WITH));
registerInterceptor(new CorsInterceptor(config));
registerInterceptor(applicationContext.getBean(FhirRequestAuthInterceptor.class));
registerInterceptor(applicationContext.getBean(FhirRequestGenericIntercepter.class));
registerInterceptor(applicationContext.getBean(PatientJwtValidator.class));
// #215 don't populate Bundle.entry.fullurl
registerInterceptor(new PostProcessor());
GpConnectServerCapabilityStatementProvider capStatementProvider = new GpConnectServerCapabilityStatementProvider(this);
super.setServerConformanceProvider(capStatementProvider);
}
Aggregations