diff --git a/exec/src/main/java/com/google/fhir/gateway/CustomGenericEndpointExample.java b/exec/src/main/java/com/google/fhir/gateway/CustomGenericEndpointExample.java index 457faa0..54030a3 100644 --- a/exec/src/main/java/com/google/fhir/gateway/CustomGenericEndpointExample.java +++ b/exec/src/main/java/com/google/fhir/gateway/CustomGenericEndpointExample.java @@ -25,12 +25,15 @@ import com.auth0.jwt.interfaces.DecodedJWT; import com.fasterxml.jackson.databind.ObjectMapper; +import com.google.fhir.gateway.interfaces.ResourceValidator; +import com.google.fhir.gateway.validators.PatientResourceValidator; import jakarta.servlet.ServletException; import jakarta.servlet.annotation.WebServlet; import jakarta.servlet.http.HttpServlet; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import org.apache.http.HttpStatus; +import org.springframework.beans.factory.annotation.Autowired; import retrofit2.Call; import retrofit2.Response; @@ -49,6 +52,8 @@ public class CustomGenericEndpointExample extends HttpServlet { private String BASE_URL_FHIR = "chanjo-hapi/fhir/"; private String BASE_URL_AUTH = "auth/"; + private final ResourceValidatorFactory validatorFactory = new ResourceValidatorFactory(); + public CustomGenericEndpointExample() throws IOException { this.tokenVerifier = TokenVerifier.createFromEnvVars(); @@ -116,61 +121,69 @@ private void forwardRequest(HttpServletRequest req, HttpServletResponse resp, St String fhirPractitionerId = dbUser.getFhirPractitionerId(); String facility = dbUser.getFacility(); - System.out.println("Practitioner Role: " + practitionerRole); - System.out.println("Practitioner FHIR ID: " + fhirPractitionerId); - System.out.println("Facility: " + facility); - try{ String path = req.getRequestURI().substring(req.getContextPath().length() + "/chanjo-gateway/".length()); String queryString = req.getQueryString() != null ? "?" + req.getQueryString() : ""; String targetUrl = BASE_URL_FHIR + path + queryString; - Call call = null; - switch (method) { - case "GET": - call = apiService.getResource(targetUrl); - break; - case "POST": - call = apiService.createResource(targetUrl, readRequestBody(req)); - break; - case "PUT": - call = apiService.updateResource(targetUrl, readRequestBody(req)); - break; - case "DELETE": - call = apiService.deleteResource(targetUrl); - break; - default: - } + String resourceType = path.split("/")[0]; + + ResourceValidator resourceValidator = validatorFactory.getValidator(resourceType); + + if (resourceValidator != null){ + + Call call = null; + switch (method) { + case "GET": + call = resourceValidator.getResource(practitionerRole, targetUrl); + break; + case "POST": + call = resourceValidator.createResource(practitionerRole, targetUrl, req); + break; + case "PUT": + call = resourceValidator.updateResource(practitionerRole, targetUrl, req); + break; + case "DELETE": + call = resourceValidator.deleteResource(practitionerRole, targetUrl); + break; + default: + } + + if (call == null) { + statusCode = HttpServletResponse.SC_UNAUTHORIZED; + String responseString = "The resource does not exist or you do not have access to it."; + dbResults = new DbResults(responseString); + }else { + Response response = call.execute(); + int statusCodeRes = response.code(); - if (call != null) { - Response response = call.execute(); - int statusCodeRes = response.code(); + if (response.isSuccessful()) { + statusCode = HttpServletResponse.SC_OK; + dbResults = new DbResults(response.body()); - if (response.isSuccessful()) { - statusCode = HttpServletResponse.SC_OK; - dbResults = new DbResults(response.body()); + } else { - } else { + if (statusCodeRes == 404){ - if (statusCodeRes == 404){ + statusCode = HttpServletResponse.SC_NOT_FOUND; + String responseString = "Resource not found"; + dbResults = new DbResults(responseString); - statusCode = HttpServletResponse.SC_NOT_FOUND; - String responseString = "Resource not found"; - dbResults = new DbResults(responseString); + }else { - }else { + String responseString = "Check the request and try again"; + dbResults = new DbResults(responseString); - String responseString = "Check the request and try again"; - dbResults = new DbResults(responseString); + } } } }else { - String responseString = "Error while forwarding request"; + String responseString = "Check the request and try again"; dbResults = new DbResults(responseString); } diff --git a/exec/src/main/java/com/google/fhir/gateway/ResourceValidatorFactory.java b/exec/src/main/java/com/google/fhir/gateway/ResourceValidatorFactory.java new file mode 100644 index 0000000..3d387b0 --- /dev/null +++ b/exec/src/main/java/com/google/fhir/gateway/ResourceValidatorFactory.java @@ -0,0 +1,32 @@ +package com.google.fhir.gateway; + +import com.google.fhir.gateway.interfaces.ResourceValidator; +import com.google.fhir.gateway.validators.ImmunizationResourceValidator; +import com.google.fhir.gateway.validators.PatientResourceValidator; +import org.springframework.stereotype.Component; + +import java.util.Objects; + +@Component +public class ResourceValidatorFactory { + public ResourceValidator getValidator(String resourceType) { + + String resourceTypeData = ""; + if (Objects.equals(resourceType, "Patient")) { + resourceTypeData = FHIRResourceTypesData.PATIENT.name(); + } else if (Objects.equals(resourceType, "Immunization")) { + resourceTypeData = FHIRResourceTypesData.IMMUNIZATION.name(); + }else { + resourceTypeData = resourceType; + } + + if (Objects.equals(resourceTypeData, FHIRResourceTypesData.PATIENT.name())){ + return new PatientResourceValidator(); + }else if (Objects.equals(resourceTypeData, FHIRResourceTypesData.IMMUNIZATION.name())){ + return new ImmunizationResourceValidator(); + }else { + return null; // or throw an exception here depending on your needs. + } + + } +} diff --git a/exec/src/main/java/com/google/fhir/gateway/interfaces/ResourceValidator.java b/exec/src/main/java/com/google/fhir/gateway/interfaces/ResourceValidator.java new file mode 100644 index 0000000..41694a7 --- /dev/null +++ b/exec/src/main/java/com/google/fhir/gateway/interfaces/ResourceValidator.java @@ -0,0 +1,12 @@ +package com.google.fhir.gateway.interfaces; + +import jakarta.servlet.http.HttpServletRequest; +import retrofit2.Call; + +public interface ResourceValidator { + Call getResource(String role, String targetUrl); + Call createResource(String role, String targetUrl, HttpServletRequest requestBody); + Call updateResource(String role, String targetUrl , HttpServletRequest requestBody); + Call deleteResource(String role, String targetUrl); +} + diff --git a/exec/src/main/java/com/google/fhir/gateway/validators/ImmunizationResourceValidator.java b/exec/src/main/java/com/google/fhir/gateway/validators/ImmunizationResourceValidator.java new file mode 100644 index 0000000..bdd0222 --- /dev/null +++ b/exec/src/main/java/com/google/fhir/gateway/validators/ImmunizationResourceValidator.java @@ -0,0 +1,62 @@ +package com.google.fhir.gateway.validators; + +import com.google.fhir.gateway.ApiServiceImpl; +import com.google.fhir.gateway.interfaces.AccessChecker; +import com.google.fhir.gateway.interfaces.AccessDecision; +import com.google.fhir.gateway.interfaces.RequestDetailsReader; +import com.google.fhir.gateway.interfaces.ResourceValidator; +import jakarta.servlet.http.HttpServletRequest; +import retrofit2.Call; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStreamReader; + +public class ImmunizationResourceValidator implements AccessChecker, ResourceValidator { + + private final ApiServiceImpl apiService = new ApiServiceImpl(); + + @Override + public AccessDecision checkAccess(RequestDetailsReader requestDetails) { + return null; + } + + @Override + public Call getResource(String role, String targetUrl) { + return apiService.getResource(targetUrl); + } + + @Override + public Call createResource(String role, String targetUrl, HttpServletRequest requestBody) { + return apiService.createResource(targetUrl, readRequestBody(requestBody)); + } + + @Override + public Call updateResource(String role, String targetUrl, HttpServletRequest requestBody) { + return apiService.updateResource(targetUrl, readRequestBody(requestBody)); + } + + @Override + public Call deleteResource(String role, String targetUrl) { + return apiService.deleteResource(targetUrl); + } + + private String readRequestBody(HttpServletRequest request) { + + try{ + + StringBuilder stringBuilder = new StringBuilder(); + try (BufferedReader reader = new BufferedReader(new InputStreamReader(request.getInputStream(), "utf-8"))) { + String line; + while ((line = reader.readLine()) != null) { + stringBuilder.append(line); + } + } + return stringBuilder.toString(); + + }catch (IOException e) { + e.printStackTrace(); + return null; // or throw an exception here depending on your needs. + } + } +} diff --git a/exec/src/main/java/com/google/fhir/gateway/validators/PatientResourceValidator.java b/exec/src/main/java/com/google/fhir/gateway/validators/PatientResourceValidator.java new file mode 100644 index 0000000..f720554 --- /dev/null +++ b/exec/src/main/java/com/google/fhir/gateway/validators/PatientResourceValidator.java @@ -0,0 +1,63 @@ +package com.google.fhir.gateway.validators; + +import com.google.fhir.gateway.ApiServiceImpl; +import com.google.fhir.gateway.interfaces.AccessChecker; +import com.google.fhir.gateway.interfaces.AccessDecision; +import com.google.fhir.gateway.interfaces.RequestDetailsReader; +import com.google.fhir.gateway.interfaces.ResourceValidator; +import jakarta.servlet.http.HttpServletRequest; +import retrofit2.Call; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStreamReader; + +public class PatientResourceValidator implements AccessChecker, ResourceValidator { + + private final ApiServiceImpl apiService = new ApiServiceImpl(); + + @Override + public AccessDecision checkAccess(RequestDetailsReader requestDetails) { + return null; + } + + + @Override + public Call getResource(String role, String targetUrl) { + return apiService.getResource(targetUrl); + } + + @Override + public Call createResource(String role, String targetUrl, HttpServletRequest requestBody) { + return apiService.createResource(targetUrl, readRequestBody(requestBody)); + } + + @Override + public Call updateResource(String role, String targetUrl, HttpServletRequest requestBody) { + return apiService.updateResource(targetUrl, readRequestBody(requestBody)); + } + + @Override + public Call deleteResource(String role, String targetUrl) { + return apiService.deleteResource(targetUrl); + } + + private String readRequestBody(HttpServletRequest request) { + + try{ + + StringBuilder stringBuilder = new StringBuilder(); + try (BufferedReader reader = new BufferedReader(new InputStreamReader(request.getInputStream(), "utf-8"))) { + String line; + while ((line = reader.readLine()) != null) { + stringBuilder.append(line); + } + } + return stringBuilder.toString(); + + }catch (IOException e) { + e.printStackTrace(); + return null; // or throw an exception here depending on your needs. + } + } +} diff --git a/exec/src/main/kotlin/com/google/fhir/gateway/Dataclass.kt b/exec/src/main/kotlin/com/google/fhir/gateway/Dataclass.kt index ba7c899..aa673f5 100644 --- a/exec/src/main/kotlin/com/google/fhir/gateway/Dataclass.kt +++ b/exec/src/main/kotlin/com/google/fhir/gateway/Dataclass.kt @@ -33,3 +33,10 @@ data class DbUser( val country: String, val countryName: String ) + +enum class FHIRResourceTypesData { + PATIENT, + IMMUNIZATION, + MEDICATION, + ORDER +}