use of org.hl7.fhir.r4.model.Endpoint in project dpc-app by CMSgov.
the class EndpointResourceTest method testCreateEndpoint.
@Test
void testCreateEndpoint() {
Organization organization = OrganizationHelpers.createOrganization(ctx, client, "1111111112", false);
Endpoint endpoint = OrganizationFactory.createValidFakeEndpoint(organization.getId());
MethodOutcome outcome = client.create().resource(endpoint).encodedJson().execute();
assertTrue(outcome.getCreated());
}
use of org.hl7.fhir.r4.model.Endpoint in project dpc-app by CMSgov.
the class OrganizationHelpers method createOrganization.
/**
* Create an organization by calling the $submit operation on the {@link Organization} endpoint
*
* @param ctx - {@link FhirContext} to use for deserializing JSON resources
* @param client - {@link IGenericClient} for actually making the API call
* @param organizationNPI - {@link String} specific NPI to use for test
* @param skipExists - {@code true} don't check to see if Org exists before creating. {@code false} check for existence
* @return - newly minted {@link Organization}
*/
public static Organization createOrganization(FhirContext ctx, IGenericClient client, String organizationNPI, boolean skipExists) {
// Check to see if the organization already exists, otherwise, create it
if (!skipExists) {
final Bundle searchBundle = client.search().forResource(Organization.class).where(Organization.IDENTIFIER.exactly().systemAndCode("http://hl7.org/fhir/sid/us-npi", "1111111211")).returnBundle(Bundle.class).encodedJson().execute();
if (searchBundle.getTotal() > 0) {
return (Organization) searchBundle.getEntryFirstRep().getResource();
}
}
// Read in the test file
final InputStream inputStream = OrganizationHelpers.class.getClassLoader().getResourceAsStream("organization.tmpl.json");
final Bundle resource = (Bundle) ctx.newJsonParser().parseResource(inputStream);
// Manually update the NPI
((Organization) resource.getEntryFirstRep().getResource()).getIdentifierFirstRep().setValue(organizationNPI);
final Parameters parameters = new Parameters();
parameters.addParameter().setResource(resource).setName("resource");
return client.operation().onType(Organization.class).named("submit").withParameters(parameters).returnResourceType(Organization.class).encodedJson().execute();
}
use of org.hl7.fhir.r4.model.Endpoint in project dpc-app by CMSgov.
the class DefinitionResource method getStructureDefinition.
@Override
@GET
@Path("/{definitionID}")
@Public
@FHIR
@Timed
@ExceptionMetered
@ApiOperation(value = "Fetch specific structure definition", notes = "FHIR endpoint to fetch a specific structure definition from the server.", response = StructureDefinition.class)
@ApiResponses(@ApiResponse(code = 404, message = "Unable to find Structure Definition"))
public StructureDefinition getStructureDefinition(@ApiParam(value = "Structure Definition Resource ID", required = true) @PathParam("definitionID") @NoHtml String definitionID) {
// The canonicalURL comes from the profile itself, which is always set to the production endpoint
final String canonicalURL = String.format("https://dpc.cms.gov/api/v1/StructureDefinition/%s", definitionID);
final StructureDefinition definition = this.profileSupport.fetchStructureDefinition(ctx, canonicalURL);
if (definition == null) {
throw new WebApplicationException(String.format("Cannot find Structure Definition with ID: %s", definitionID), Response.Status.NOT_FOUND);
}
return definition;
}
use of org.hl7.fhir.r4.model.Endpoint in project dpc-app by CMSgov.
the class EndpointResource method updateEndpoint.
@PUT
@Path("/{endpointID}")
@PathAuthorizer(type = DPCResourceType.Endpoint, pathParam = "endpointID")
@FHIR
@Timed
@ExceptionMetered
@ApiOperation(value = "Update an Organization's FHIR Server Endpoint", notes = "Update an Endpoint resource")
@ApiResponses(value = { @ApiResponse(code = 200, message = "Endpoint updated"), @ApiResponse(code = 404, message = "Endpoint not found"), @ApiResponse(code = 422, message = "Endpoint not valid") })
@Override
public Endpoint updateEndpoint(@ApiParam(value = "Your Organization's FHIR Endpoint ID") @NotNull @PathParam("endpointID") UUID endpointID, @Valid @Profiled(profile = EndpointProfile.PROFILE_URI) Endpoint endpoint) {
Endpoint currEndpoint = fetchEndpoint(endpointID);
if (!endpoint.getManagingOrganization().getReference().equals(currEndpoint.getManagingOrganization().getReference())) {
throw new WebApplicationException("An Endpoint's Organization cannot be changed", HttpStatus.UNPROCESSABLE_ENTITY_422);
}
MethodOutcome outcome = this.client.update().resource(endpoint).withId(endpointID.toString()).encodedJson().execute();
return (Endpoint) outcome.getResource();
}
use of org.hl7.fhir.r4.model.Endpoint in project dpc-app by CMSgov.
the class AdminAuthFilter method filter.
@Override
public void filter(ContainerRequestContext requestContext) {
final String macaroon = MacaroonHelpers.extractMacaroonFromRequest(requestContext, unauthorizedHandler.buildResponse(BEARER_PREFIX, realm));
// Validate Macaroon
final List<Macaroon> m1;
try {
m1 = MacaroonBakery.deserializeMacaroon(macaroon);
} catch (BakeryException e) {
logger.error("Cannot deserialize Macaroon", e);
throw new WebApplicationException(unauthorizedHandler.buildResponse(BEARER_PREFIX, realm));
}
try {
this.bakery.verifyMacaroon(m1);
} catch (BakeryException e) {
logger.error("Macaroon verification failed", e);
throw new WebApplicationException(unauthorizedHandler.buildResponse(BEARER_PREFIX, realm));
}
// At this point, we should have exactly one Macaroon, anything else is a failure
assert m1.size() == 1 : "Should only have a single Macaroon";
// Ensure that we don't have any organization IDs
// Since we ALWAYS generate organization_id caveats for tokens, its absence indicates that its a Golden Macaroon
final boolean isGoldenMacaroon = MacaroonBakery.getCaveats(m1.get(0)).stream().map(MacaroonCaveat::getCondition).anyMatch(cond -> cond.getKey().equals("organization_id"));
if (isGoldenMacaroon) {
logger.error("Attempted to call Admin endpoint with Organization token");
throw new WebApplicationException(unauthorizedHandler.buildResponse(BEARER_PREFIX, realm));
}
this.authenticate(requestContext, new DPCAuthCredentials(macaroon, new Organization(), null, null), null);
}
Aggregations