Search in sources :

Example 56 with Endpoint

use of org.hl7.fhir.r4.model.Endpoint in project dpc-app by CMSgov.

the class EndpointResourceTest method testCreateEndpoint.

@Test
void testCreateEndpoint() {
    Organization organization = OrganizationHelpers.createOrganization(ctx, client, "1111111112", false);
    Endpoint endpoint = OrganizationFactory.createValidFakeEndpoint(organization.getId());
    MethodOutcome outcome = client.create().resource(endpoint).encodedJson().execute();
    assertTrue(outcome.getCreated());
}
Also used : Organization(org.hl7.fhir.dstu3.model.Organization) Endpoint(org.hl7.fhir.dstu3.model.Endpoint) MethodOutcome(ca.uhn.fhir.rest.api.MethodOutcome) AbstractAttributionTest(gov.cms.dpc.attribution.AbstractAttributionTest) Test(org.junit.jupiter.api.Test) IntegrationTest(gov.cms.dpc.testing.IntegrationTest)

Example 57 with Endpoint

use of org.hl7.fhir.r4.model.Endpoint in project dpc-app by CMSgov.

the class OrganizationHelpers method createOrganization.

/**
 * Create an organization by calling the $submit operation on the {@link Organization} endpoint
 *
 * @param ctx             - {@link FhirContext} to use for deserializing JSON resources
 * @param client          - {@link IGenericClient} for actually making the API call
 * @param organizationNPI - {@link String} specific NPI to use for test
 * @param skipExists      - {@code true} don't check to see if Org exists before creating. {@code false} check for existence
 * @return - newly minted {@link Organization}
 */
public static Organization createOrganization(FhirContext ctx, IGenericClient client, String organizationNPI, boolean skipExists) {
    // Check to see if the organization already exists, otherwise, create it
    if (!skipExists) {
        final Bundle searchBundle = client.search().forResource(Organization.class).where(Organization.IDENTIFIER.exactly().systemAndCode("http://hl7.org/fhir/sid/us-npi", "1111111211")).returnBundle(Bundle.class).encodedJson().execute();
        if (searchBundle.getTotal() > 0) {
            return (Organization) searchBundle.getEntryFirstRep().getResource();
        }
    }
    // Read in the test file
    final InputStream inputStream = OrganizationHelpers.class.getClassLoader().getResourceAsStream("organization.tmpl.json");
    final Bundle resource = (Bundle) ctx.newJsonParser().parseResource(inputStream);
    // Manually update the NPI
    ((Organization) resource.getEntryFirstRep().getResource()).getIdentifierFirstRep().setValue(organizationNPI);
    final Parameters parameters = new Parameters();
    parameters.addParameter().setResource(resource).setName("resource");
    return client.operation().onType(Organization.class).named("submit").withParameters(parameters).returnResourceType(Organization.class).encodedJson().execute();
}
Also used : Organization(org.hl7.fhir.dstu3.model.Organization) Parameters(org.hl7.fhir.dstu3.model.Parameters) Bundle(org.hl7.fhir.dstu3.model.Bundle) InputStream(java.io.InputStream)

Example 58 with Endpoint

use of org.hl7.fhir.r4.model.Endpoint in project dpc-app by CMSgov.

the class DefinitionResource method getStructureDefinition.

@Override
@GET
@Path("/{definitionID}")
@Public
@FHIR
@Timed
@ExceptionMetered
@ApiOperation(value = "Fetch specific structure definition", notes = "FHIR endpoint to fetch a specific structure definition from the server.", response = StructureDefinition.class)
@ApiResponses(@ApiResponse(code = 404, message = "Unable to find Structure Definition"))
public StructureDefinition getStructureDefinition(@ApiParam(value = "Structure Definition Resource ID", required = true) @PathParam("definitionID") @NoHtml String definitionID) {
    // The canonicalURL comes from the profile itself, which is always set to the production endpoint
    final String canonicalURL = String.format("https://dpc.cms.gov/api/v1/StructureDefinition/%s", definitionID);
    final StructureDefinition definition = this.profileSupport.fetchStructureDefinition(ctx, canonicalURL);
    if (definition == null) {
        throw new WebApplicationException(String.format("Cannot find Structure Definition with ID: %s", definitionID), Response.Status.NOT_FOUND);
    }
    return definition;
}
Also used : StructureDefinition(org.hl7.fhir.dstu3.model.StructureDefinition) WebApplicationException(javax.ws.rs.WebApplicationException) Path(javax.ws.rs.Path) Timed(com.codahale.metrics.annotation.Timed) GET(javax.ws.rs.GET) Public(gov.cms.dpc.api.auth.annotations.Public) FHIR(gov.cms.dpc.fhir.annotations.FHIR) ExceptionMetered(com.codahale.metrics.annotation.ExceptionMetered)

Example 59 with Endpoint

use of org.hl7.fhir.r4.model.Endpoint in project dpc-app by CMSgov.

the class EndpointResource method updateEndpoint.

@PUT
@Path("/{endpointID}")
@PathAuthorizer(type = DPCResourceType.Endpoint, pathParam = "endpointID")
@FHIR
@Timed
@ExceptionMetered
@ApiOperation(value = "Update an Organization's FHIR Server Endpoint", notes = "Update an Endpoint resource")
@ApiResponses(value = { @ApiResponse(code = 200, message = "Endpoint updated"), @ApiResponse(code = 404, message = "Endpoint not found"), @ApiResponse(code = 422, message = "Endpoint not valid") })
@Override
public Endpoint updateEndpoint(@ApiParam(value = "Your Organization's FHIR Endpoint ID") @NotNull @PathParam("endpointID") UUID endpointID, @Valid @Profiled(profile = EndpointProfile.PROFILE_URI) Endpoint endpoint) {
    Endpoint currEndpoint = fetchEndpoint(endpointID);
    if (!endpoint.getManagingOrganization().getReference().equals(currEndpoint.getManagingOrganization().getReference())) {
        throw new WebApplicationException("An Endpoint's Organization cannot be changed", HttpStatus.UNPROCESSABLE_ENTITY_422);
    }
    MethodOutcome outcome = this.client.update().resource(endpoint).withId(endpointID.toString()).encodedJson().execute();
    return (Endpoint) outcome.getResource();
}
Also used : Endpoint(org.hl7.fhir.dstu3.model.Endpoint) MethodOutcome(ca.uhn.fhir.rest.api.MethodOutcome) PathAuthorizer(gov.cms.dpc.api.auth.annotations.PathAuthorizer) Timed(com.codahale.metrics.annotation.Timed) FHIR(gov.cms.dpc.fhir.annotations.FHIR) ExceptionMetered(com.codahale.metrics.annotation.ExceptionMetered)

Example 60 with Endpoint

use of org.hl7.fhir.r4.model.Endpoint in project dpc-app by CMSgov.

the class AdminAuthFilter method filter.

@Override
public void filter(ContainerRequestContext requestContext) {
    final String macaroon = MacaroonHelpers.extractMacaroonFromRequest(requestContext, unauthorizedHandler.buildResponse(BEARER_PREFIX, realm));
    // Validate Macaroon
    final List<Macaroon> m1;
    try {
        m1 = MacaroonBakery.deserializeMacaroon(macaroon);
    } catch (BakeryException e) {
        logger.error("Cannot deserialize Macaroon", e);
        throw new WebApplicationException(unauthorizedHandler.buildResponse(BEARER_PREFIX, realm));
    }
    try {
        this.bakery.verifyMacaroon(m1);
    } catch (BakeryException e) {
        logger.error("Macaroon verification failed", e);
        throw new WebApplicationException(unauthorizedHandler.buildResponse(BEARER_PREFIX, realm));
    }
    // At this point, we should have exactly one Macaroon, anything else is a failure
    assert m1.size() == 1 : "Should only have a single Macaroon";
    // Ensure that we don't have any organization IDs
    // Since we ALWAYS generate organization_id caveats for tokens, its absence indicates that its a Golden Macaroon
    final boolean isGoldenMacaroon = MacaroonBakery.getCaveats(m1.get(0)).stream().map(MacaroonCaveat::getCondition).anyMatch(cond -> cond.getKey().equals("organization_id"));
    if (isGoldenMacaroon) {
        logger.error("Attempted to call Admin endpoint with Organization token");
        throw new WebApplicationException(unauthorizedHandler.buildResponse(BEARER_PREFIX, realm));
    }
    this.authenticate(requestContext, new DPCAuthCredentials(macaroon, new Organization(), null, null), null);
}
Also used : Organization(org.hl7.fhir.dstu3.model.Organization) WebApplicationException(javax.ws.rs.WebApplicationException) BakeryException(gov.cms.dpc.macaroons.exceptions.BakeryException) Macaroon(com.github.nitram509.jmacaroons.Macaroon) DPCAuthCredentials(gov.cms.dpc.api.auth.DPCAuthCredentials)

Aggregations

Test (org.junit.jupiter.api.Test)36 Endpoint (org.hl7.fhir.dstu3.model.Endpoint)21 RequestDetails (ca.uhn.fhir.rest.api.server.RequestDetails)18 StringAndListParam (ca.uhn.fhir.rest.param.StringAndListParam)16 RestIntegrationTest (org.opencds.cqf.ruler.test.RestIntegrationTest)16 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)16 IGenericClient (ca.uhn.fhir.rest.client.api.IGenericClient)15 Endpoint (org.hl7.fhir.r4.model.Endpoint)15 Complex (org.hl7.fhir.dstu3.utils.formats.Turtle.Complex)14 Complex (org.hl7.fhir.r4.utils.formats.Turtle.Complex)14 Bundle (org.hl7.fhir.r4.model.Bundle)12 Organization (org.hl7.fhir.dstu3.model.Organization)11 Resource (org.hl7.fhir.r4.model.Resource)10 Resource (org.hl7.fhir.dstu3.model.Resource)9 Operation (ca.uhn.fhir.rest.annotation.Operation)7 List (java.util.List)7 Bundle (org.hl7.fhir.dstu3.model.Bundle)7 Description (ca.uhn.fhir.model.api.annotation.Description)6 MethodOutcome (ca.uhn.fhir.rest.api.MethodOutcome)6 ArrayList (java.util.ArrayList)6