use of gov.cms.ab2d.eventlogger.events.ApiRequestEvent in project ab2d by CMSgov.
the class AuthenticationTests method testClientNoAuthorization.
@Test
public void testClientNoAuthorization() throws Exception {
PdpClient pdpClient = pdpClientRepository.findByClientId(TEST_PDP_CLIENT);
pdpClient.setRoles(Collections.emptySet());
pdpClientRepository.save(pdpClient);
this.mockMvc.perform(get(API_PREFIX_V1 + FHIR_PREFIX + "/Patient/$export").header("Authorization", "Bearer " + token).contentType(MediaType.APPLICATION_JSON)).andExpect(status().is(403));
List<LoggableEvent> apiRequestEvents = loggerEventRepository.load(ApiRequestEvent.class);
assertEquals(1, apiRequestEvents.size());
ApiRequestEvent requestEvent = (ApiRequestEvent) apiRequestEvents.get(0);
List<LoggableEvent> apiResponseEvents = loggerEventRepository.load(ApiResponseEvent.class);
assertEquals(1, apiResponseEvents.size());
ApiResponseEvent responseEvent = (ApiResponseEvent) apiResponseEvents.get(0);
assertEquals(HttpStatus.FORBIDDEN.value(), responseEvent.getResponseCode());
assertEquals(requestEvent.getRequestId(), responseEvent.getRequestId());
}
use of gov.cms.ab2d.eventlogger.events.ApiRequestEvent in project ab2d by CMSgov.
the class AuthenticationTests method testClientDoesNotExist.
@Test
public void testClientDoesNotExist() throws Exception {
PdpClient pdpClient = pdpClientRepository.findByClientId(TEST_PDP_CLIENT);
pdpClientRepository.delete(pdpClient);
this.mockMvc.perform(get(API_PREFIX_V1 + FHIR_PREFIX + "/Patient/$export").header("Authorization", "Bearer " + token).contentType(MediaType.APPLICATION_JSON)).andExpect(status().is(403));
List<LoggableEvent> apiRequestEvents = loggerEventRepository.load(ApiRequestEvent.class);
assertEquals(1, apiRequestEvents.size());
ApiRequestEvent requestEvent = (ApiRequestEvent) apiRequestEvents.get(0);
List<LoggableEvent> apiResponseEvents = loggerEventRepository.load(ApiResponseEvent.class);
assertEquals(1, apiResponseEvents.size());
ApiResponseEvent responseEvent = (ApiResponseEvent) apiResponseEvents.get(0);
assertEquals(HttpStatus.FORBIDDEN.value(), responseEvent.getResponseCode());
assertEquals(requestEvent.getRequestId(), responseEvent.getRequestId());
}
use of gov.cms.ab2d.eventlogger.events.ApiRequestEvent in project ab2d by CMSgov.
the class JwtTokenAuthenticationFilter method logApiRequestEvent.
private void logApiRequestEvent(HttpServletRequest request, String token, String organization, String jobId) {
String url = UtilMethods.getURL(request);
String uniqueId = UUID.randomUUID().toString();
ApiRequestEvent requestEvent = new ApiRequestEvent(organization, jobId, url, UtilMethods.getIpAddress(request), token, uniqueId);
eventLogger.log(requestEvent);
request.setAttribute(REQUEST_ID, uniqueId);
}
use of gov.cms.ab2d.eventlogger.events.ApiRequestEvent in project ab2d by CMSgov.
the class ApiRequestEventMapper method mapRow.
@Override
public ApiRequestEvent mapRow(ResultSet resultSet, int i) throws SQLException {
ApiRequestEvent event = new ApiRequestEvent();
extractSuperParams(resultSet, event);
event.setUrl(resultSet.getString("url"));
event.setIpAddress(resultSet.getString("ip_address"));
event.setTokenHash(resultSet.getString("token_hash"));
event.setRequestId(resultSet.getString("request_id"));
return event;
}
use of gov.cms.ab2d.eventlogger.events.ApiRequestEvent in project ab2d by CMSgov.
the class ApiRequestEventMapper method log.
@Override
public void log(LoggableEvent event) {
if (event.getClass() != ApiRequestEvent.class) {
throw new EventLoggingException("Used " + event.getClass().toString() + " instead of " + ApiRequestEvent.class.toString());
}
ApiRequestEvent be = (ApiRequestEvent) event;
KeyHolder keyHolder = new GeneratedKeyHolder();
String query = "insert into event_api_request " + " (time_of_event, organization, job_id, url, ip_address, token_hash, request_id, aws_id, environment) " + " values (:time, :organization, :job, :url, :ipAddress, :tokenHash, :requestId, :awsId, :environment)";
SqlParameterSource parameters = super.addSuperParams(event).addValue("url", be.getUrl()).addValue("ipAddress", be.getIpAddress()).addValue("tokenHash", be.getTokenHash()).addValue("requestId", be.getRequestId());
template.update(query, parameters, keyHolder);
event.setId(SqlEventMapper.getIdValue(keyHolder));
}
Aggregations