Search in sources :

Example 1 with AuthenticationException

use of ca.uhn.fhir.rest.server.exceptions.AuthenticationException in project quality-measure-and-cohort-service by Alvearie.

the class CohortServiceExceptionMapper method toServiceErrorList.

public ServiceErrorList toServiceErrorList(Throwable ex) {
    List<ServiceError> errorsList = new ArrayList<>();
    // The IBM Cloud API Handbook mandates that REST errors be returned using
    // an error container model class (ServiceErrorList) which in turn contains
    // a list of error objects (ServiceError) which contains specific error fields
    // serviceErrorList contains the status request (ie 400, 500 etc.) for our service
    // and the status code for underlying services is captured in the serviceError objects
    // within the list
    ServiceErrorList serviceErrorList = new ServiceErrorList().errors(errorsList);
    ServiceError se;
    String description = "";
    String reason = "";
    int serviceErrorCode = 500;
    int serviceErrorListCode = 500;
    ErrorSource errorSource;
    try {
        if (ex instanceof FhirClientConnectionException) {
            FhirClientConnectionException fcce = (FhirClientConnectionException) ex;
            serviceErrorCode = fcce.getStatusCode();
            // if something more specific is not returned
            if (serviceErrorCode == 0) {
                serviceErrorCode = Status.BAD_REQUEST.getStatusCode();
            }
            serviceErrorListCode = serviceErrorCode;
            Status status = Status.fromStatusCode(serviceErrorCode);
            reason = fcce.getLocalizedMessage();
            if (reason == null || reason.trim().isEmpty()) {
                reason = status.getReasonPhrase();
            }
            description = "Reason: FhirClientConnectionException";
            errorSource = ErrorSource.COHORT_SERVICE;
        } else // The 401 error code information is captured in the ServiceError object
        if (ex instanceof AuthenticationException) {
            AuthenticationException ae = (AuthenticationException) ex;
            serviceErrorListCode = Status.BAD_REQUEST.getStatusCode();
            serviceErrorCode = ae.getStatusCode();
            description = "Could not authenticate with FHIR server.";
            errorSource = ErrorSource.FHIR_SERVER;
        } else if (ex instanceof ResourceNotFoundException) {
            ResourceNotFoundException rnfe = (ResourceNotFoundException) ex;
            serviceErrorListCode = Status.BAD_REQUEST.getStatusCode();
            serviceErrorCode = rnfe.getStatusCode();
            reason = "FHIR Resource Not Found: " + rnfe.getLocalizedMessage();
            description = rnfe.getResponseBody();
            errorSource = ErrorSource.FHIR_SERVER;
        } else // library ids don't resolve properly
        if (ex instanceof IllegalArgumentException || ex instanceof UnsupportedOperationException) {
            serviceErrorCode = Status.BAD_REQUEST.getStatusCode();
            serviceErrorListCode = serviceErrorCode;
            errorSource = ErrorSource.COHORT_SERVICE;
        } else // will get thrown by the CQL engine generally due to language-related issues
        if (ex instanceof CqlException) {
            serviceErrorCode = Status.BAD_REQUEST.getStatusCode();
            serviceErrorListCode = serviceErrorCode;
            errorSource = ErrorSource.COHORT_SERVICE;
        } else // parsing errors.
        if (ex instanceof MismatchedInputException) {
            serviceErrorCode = Status.BAD_REQUEST.getStatusCode();
            serviceErrorListCode = serviceErrorCode;
            errorSource = ErrorSource.COHORT_SERVICE;
        } else if (ex instanceof JsonParseException) {
            serviceErrorCode = Status.BAD_REQUEST.getStatusCode();
            serviceErrorListCode = serviceErrorCode;
            description = "Invalid JSON input";
            errorSource = ErrorSource.COHORT_SERVICE;
        } else // will get thrown by HAPI FHIR when a requested resource is not found in the target FHIR server
        if (ex instanceof BaseServerResponseException) {
            serviceErrorCode = ((BaseServerResponseException) ex).getStatusCode();
            serviceErrorListCode = serviceErrorCode;
            BaseServerResponseException sre = (BaseServerResponseException) ex;
            reason = "Exception while communicating with FHIR";
            errorSource = ErrorSource.FHIR_SERVER;
            if (sre.getResponseBody() != null) {
                description = sre.getResponseBody();
            } else {
                // Some errors do not have a response body
                description = sre.getLocalizedMessage();
            }
        } else // catch everything else and return a 500
        {
            serviceErrorCode = Status.INTERNAL_SERVER_ERROR.getStatusCode();
            serviceErrorListCode = serviceErrorCode;
            description = ex.getMessage();
            errorSource = ErrorSource.COHORT_SERVICE;
        }
        if (reason.isEmpty()) {
            reason = ex.getLocalizedMessage();
        }
        se = new ServiceError(serviceErrorCode, reason);
        se.setDescription(description);
        errorsList.add(se);
        // loop through the exception chain logging the cause of each one
        // since these can contain valuable information about the root problems
        createServiceErrorsForExceptions(ex, serviceErrorCode, errorsList);
        serviceErrorList = serviceErrorList.statusCode(serviceErrorListCode).errorSource(errorSource);
        logger.error("HTTP Status: " + serviceErrorList.getStatusCode(), ex);
    } catch (Throwable nestedEx) {
        // This should not really occur unless there is a bug in this code.
        // Build a 500 ServiceError with some detail
        se = new ServiceError(Status.INTERNAL_SERVER_ERROR.getStatusCode(), nestedEx.getLocalizedMessage());
        se.setDescription("Reason: Uncaught nested exception");
        logger.error("HTTP Status: " + se.getCode() + ", Nested Exception", nestedEx);
        logger.error("Original Exception", ex);
        serviceErrorList = serviceErrorList.statusCode(se.getCode()).errorSource(ErrorSource.COHORT_SERVICE);
        errorsList.add(se);
    }
    return serviceErrorList;
}
Also used : Status(javax.ws.rs.core.Response.Status) ServiceError(com.ibm.watson.service.base.model.ServiceError) AuthenticationException(ca.uhn.fhir.rest.server.exceptions.AuthenticationException) ArrayList(java.util.ArrayList) JsonParseException(com.fasterxml.jackson.core.JsonParseException) BaseServerResponseException(ca.uhn.fhir.rest.server.exceptions.BaseServerResponseException) ServiceErrorList(com.ibm.cohort.engine.api.service.model.ServiceErrorList) ErrorSource(com.ibm.cohort.engine.api.service.model.ServiceErrorList.ErrorSource) FhirClientConnectionException(ca.uhn.fhir.rest.client.exceptions.FhirClientConnectionException) MismatchedInputException(com.fasterxml.jackson.databind.exc.MismatchedInputException) ResourceNotFoundException(ca.uhn.fhir.rest.server.exceptions.ResourceNotFoundException) CqlException(org.opencds.cqf.cql.engine.exception.CqlException)

Example 2 with AuthenticationException

use of ca.uhn.fhir.rest.server.exceptions.AuthenticationException in project drug-formulary-ri by HL7-DaVinci.

the class PatientAuthorizationInterceptor method buildRuleList.

@Override
public List<IAuthRule> buildRuleList(RequestDetails theRequestDetails) {
    String authHeader = theRequestDetails.getHeader("Authorization");
    if (authHeader != null) {
        // Retrieve the JWT token from the Authorization header
        Pattern pattern = Pattern.compile("Bearer (.*)");
        Matcher matcher = pattern.matcher(authHeader);
        if (matcher.find() && matcher.groupCount() == 1) {
            String token = matcher.group(1);
            logger.fine("AuthorizationInterceptor::Token retrieved is " + token);
            String adminToken = HapiProperties.getAdminToken();
            if (adminToken != null && token.equals(adminToken)) {
                logger.info("AuthorizationInterceptor::JWT token is admin token");
                return adminAuthorizedRule();
            }
            try {
                IIdType patientId = verify(token, theRequestDetails.getFhirServerBase());
                if (patientId != null)
                    return authorizedRule(patientId);
            } catch (SignatureVerificationException e) {
                String msg = "Authorization failed: invalid signature";
                throw new AuthenticationException(msg, e.getCause());
            } catch (TokenExpiredException e) {
                String msg = "Authorization failed: access token expired";
                throw new AuthenticationException(msg, e.getCause());
            } catch (Exception e) {
                throw new AuthenticationException(e.getMessage(), e.getCause());
            }
        } else {
            throw new AuthenticationException("Authorization header is not in the form 'Bearer <token>'");
        }
    }
    return unauthorizedRule();
}
Also used : Pattern(java.util.regex.Pattern) TokenExpiredException(com.auth0.jwt.exceptions.TokenExpiredException) Matcher(java.util.regex.Matcher) AuthenticationException(ca.uhn.fhir.rest.server.exceptions.AuthenticationException) SignatureVerificationException(com.auth0.jwt.exceptions.SignatureVerificationException) AuthenticationException(ca.uhn.fhir.rest.server.exceptions.AuthenticationException) TokenExpiredException(com.auth0.jwt.exceptions.TokenExpiredException) SignatureVerificationException(com.auth0.jwt.exceptions.SignatureVerificationException) JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException) IIdType(org.hl7.fhir.instance.model.api.IIdType)

Example 3 with AuthenticationException

use of ca.uhn.fhir.rest.server.exceptions.AuthenticationException in project quality-measure-and-cohort-service by Alvearie.

the class CohortServiceExceptionMapperTest method testToResponseAuthenticationException.

@Test
public void testToResponseAuthenticationException() throws Exception {
    Response response = exMapper.toResponse(new AuthenticationException());
    ServiceErrorList actual = (ServiceErrorList) response.getEntity();
    ServiceErrorList expected = new ServiceErrorList();
    expected.setStatusCode(400);
    expected.getErrors().add(newServiceError(401, "Client unauthorized", "Could not authenticate with FHIR server."));
    expected.setErrorSource(ErrorSource.FHIR_SERVER);
    testErrorListEquality(expected, actual);
}
Also used : Response(javax.ws.rs.core.Response) AuthenticationException(ca.uhn.fhir.rest.server.exceptions.AuthenticationException) ServiceErrorList(com.ibm.cohort.engine.api.service.model.ServiceErrorList) Test(org.junit.Test)

Aggregations

AuthenticationException (ca.uhn.fhir.rest.server.exceptions.AuthenticationException)3 ServiceErrorList (com.ibm.cohort.engine.api.service.model.ServiceErrorList)2 FhirClientConnectionException (ca.uhn.fhir.rest.client.exceptions.FhirClientConnectionException)1 BaseServerResponseException (ca.uhn.fhir.rest.server.exceptions.BaseServerResponseException)1 ResourceNotFoundException (ca.uhn.fhir.rest.server.exceptions.ResourceNotFoundException)1 JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)1 SignatureVerificationException (com.auth0.jwt.exceptions.SignatureVerificationException)1 TokenExpiredException (com.auth0.jwt.exceptions.TokenExpiredException)1 JsonParseException (com.fasterxml.jackson.core.JsonParseException)1 MismatchedInputException (com.fasterxml.jackson.databind.exc.MismatchedInputException)1 ErrorSource (com.ibm.cohort.engine.api.service.model.ServiceErrorList.ErrorSource)1 ServiceError (com.ibm.watson.service.base.model.ServiceError)1 ArrayList (java.util.ArrayList)1 Matcher (java.util.regex.Matcher)1 Pattern (java.util.regex.Pattern)1 Response (javax.ws.rs.core.Response)1 Status (javax.ws.rs.core.Response.Status)1 IIdType (org.hl7.fhir.instance.model.api.IIdType)1 Test (org.junit.Test)1 CqlException (org.opencds.cqf.cql.engine.exception.CqlException)1