From 8bcc76dce2a9e753b528b6e5ac84e79583e9a6c7 Mon Sep 17 00:00:00 2001 From: Dmytro Rud Date: Sun, 28 Jul 2024 15:10:34 +0200 Subject: [PATCH] Refactored ATNA dataset enrichment --- .../boot/atna/IpfAtnaAutoConfiguration.java | 28 +++-- .../atna/IpfAtnaConfigurationProperties.java | 7 ++ .../ipf/commons/audit/AuditContext.java | 5 + .../commons/audit/DefaultAuditContext.java | 10 ++ .../commons/audit/WsAuditDatasetEnricher.java | 25 +++++ commons/ihe/pom.xml | 1 - commons/ihe/swissepr/pom.xml | 32 ------ ...ns.ihe.ws.cxf.audit.WsAuditDatasetEnricher | 1 - commons/ihe/ws/pom.xml | 4 + .../SwissEprWsAuditDatasetEnricher.groovy | 88 +++++++++++++++ .../audit/XuaWsAuditDatasetEnricher.groovy} | 100 ++++++------------ .../cxf/audit/AbstractAuditInterceptor.java | 19 ++-- .../ws/cxf/audit/WsAuditDatasetEnricher.java | 8 +- dependencies/pom.xml | 10 -- platform-camel/ihe/hpd/pom.xml | 6 -- platform-camel/ihe/xacml20/pom.xml | 6 -- .../src/test/resources/chppq1-context.xml | 3 + platform-camel/ihe/xds/pom.xml | 6 -- .../src/test/resources/common-xds-beans.xml | 3 + pom.xml | 1 - 20 files changed, 210 insertions(+), 153 deletions(-) create mode 100644 commons/audit/src/main/java/org/openehealth/ipf/commons/audit/WsAuditDatasetEnricher.java delete mode 100644 commons/ihe/swissepr/pom.xml delete mode 100644 commons/ihe/swissepr/src/main/resources/META-INF/services/org.openehealth.ipf.commons.ihe.ws.cxf.audit.WsAuditDatasetEnricher create mode 100644 commons/ihe/ws/src/main/groovy/org/openehealth/ipf/commons/ihe/ws/cxf/audit/SwissEprWsAuditDatasetEnricher.groovy rename commons/ihe/{swissepr/src/main/groovy/org/openehealth/ipf/commons/ihe/swissepr/SwissEprWsAuditDatasetEnricher.groovy => ws/src/main/groovy/org/openehealth/ipf/commons/ihe/ws/cxf/audit/XuaWsAuditDatasetEnricher.groovy} (59%) diff --git a/boot/ipf-atna-spring-boot-starter/src/main/java/org/openehealth/ipf/boot/atna/IpfAtnaAutoConfiguration.java b/boot/ipf-atna-spring-boot-starter/src/main/java/org/openehealth/ipf/boot/atna/IpfAtnaAutoConfiguration.java index 4ed7cacbfd..85a4de5b81 100644 --- a/boot/ipf-atna-spring-boot-starter/src/main/java/org/openehealth/ipf/boot/atna/IpfAtnaAutoConfiguration.java +++ b/boot/ipf-atna-spring-boot-starter/src/main/java/org/openehealth/ipf/boot/atna/IpfAtnaAutoConfiguration.java @@ -16,13 +16,7 @@ package org.openehealth.ipf.boot.atna; -import org.openehealth.ipf.commons.audit.AuditContext; -import org.openehealth.ipf.commons.audit.AuditMessagePostProcessor; -import org.openehealth.ipf.commons.audit.AuditMetadataProvider; -import org.openehealth.ipf.commons.audit.DefaultAuditContext; -import org.openehealth.ipf.commons.audit.DefaultAuditMetadataProvider; -import org.openehealth.ipf.commons.audit.DefaultBalpAuditContext; -import org.openehealth.ipf.commons.audit.TlsParameters; +import org.openehealth.ipf.commons.audit.*; import org.openehealth.ipf.commons.audit.handler.AuditExceptionHandler; import org.openehealth.ipf.commons.audit.handler.LoggingAuditExceptionHandler; import org.openehealth.ipf.commons.audit.protocol.AuditTransmissionChannel; @@ -57,15 +51,16 @@ public AuditContext auditContext(IpfAtnaConfigurationProperties config, AuditMetadataProvider auditMetadataProvider, AuditExceptionHandler auditExceptionHandler, AuditMessagePostProcessor auditMessagePostProcessor, + WsAuditDatasetEnricher wsAuditDatasetEnricher, @Value("${spring.application.name}") String appName) { if (config.getBalp() != null) { return balpConfiguration(defaultContextConfiguration(new DefaultBalpAuditContext(), config, auditTransmissionProtocol, auditMessageQueue, tlsParameters, auditMetadataProvider, - auditExceptionHandler, auditMessagePostProcessor, appName), config); + auditExceptionHandler, auditMessagePostProcessor, wsAuditDatasetEnricher, appName), config); } else { return defaultContextConfiguration(new DefaultAuditContext(), config, auditTransmissionProtocol, auditMessageQueue, tlsParameters, auditMetadataProvider, auditExceptionHandler, - auditMessagePostProcessor, appName); + auditMessagePostProcessor, wsAuditDatasetEnricher, appName); } } @@ -77,6 +72,7 @@ private T defaultContextConfiguration(T auditCon AuditMetadataProvider auditMetadataProvider, AuditExceptionHandler auditExceptionHandler, AuditMessagePostProcessor auditMessagePostProcessor, + WsAuditDatasetEnricher wsAuditDatasetEnricher, @Value("${spring.application.name}") String appName) { auditContext.setAuditEnabled(config.isAuditEnabled()); @@ -97,6 +93,11 @@ private T defaultContextConfiguration(T auditCon auditContext.setAuditMessageQueue(auditMessageQueue); auditContext.setAuditExceptionHandler(auditExceptionHandler); auditContext.setAuditMessagePostProcessor(auditMessagePostProcessor); + + if (wsAuditDatasetEnricher != WsAuditDatasetEnricher.NONE) { + auditContext.setWsAuditDatasetEnricher(wsAuditDatasetEnricher); + } + return auditContext; } @@ -213,6 +214,15 @@ public TlsParameters tlsParameters() { return TlsParameters.getDefault(); } + @Bean + @ConditionalOnMissingBean + public WsAuditDatasetEnricher wsAuditDatasetEnricher(IpfAtnaConfigurationProperties config) throws Exception { + if (config.getWsAuditDatasetEnricherClass() != null) { + return config.getWsAuditDatasetEnricherClass().getConstructor().newInstance(); + } + return WsAuditDatasetEnricher.NONE; + } + // Some audit event listeners @Bean diff --git a/boot/ipf-atna-spring-boot-starter/src/main/java/org/openehealth/ipf/boot/atna/IpfAtnaConfigurationProperties.java b/boot/ipf-atna-spring-boot-starter/src/main/java/org/openehealth/ipf/boot/atna/IpfAtnaConfigurationProperties.java index 13f485f1d2..043ad0e797 100644 --- a/boot/ipf-atna-spring-boot-starter/src/main/java/org/openehealth/ipf/boot/atna/IpfAtnaConfigurationProperties.java +++ b/boot/ipf-atna-spring-boot-starter/src/main/java/org/openehealth/ipf/boot/atna/IpfAtnaConfigurationProperties.java @@ -19,6 +19,7 @@ import lombok.Getter; import lombok.Setter; import org.openehealth.ipf.commons.audit.AuditMessagePostProcessor; +import org.openehealth.ipf.commons.audit.WsAuditDatasetEnricher; import org.openehealth.ipf.commons.audit.codes.AuditSourceType; import org.openehealth.ipf.commons.audit.handler.AuditExceptionHandler; import org.openehealth.ipf.commons.audit.handler.LoggingAuditExceptionHandler; @@ -101,6 +102,12 @@ public class IpfAtnaConfigurationProperties { @Getter @Setter private String auditValueIfMissing = "UNKNOWN"; + /** + * Class of the optional audit dataset enricher for Web Service based transactions. + */ + @Getter @Setter + private Class wsAuditDatasetEnricherClass; + @Getter @Setter private Balp balp; diff --git a/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/AuditContext.java b/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/AuditContext.java index f1df3629d8..44354cad99 100644 --- a/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/AuditContext.java +++ b/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/AuditContext.java @@ -89,6 +89,11 @@ public interface AuditContext { */ TlsParameters getTlsParameters(); + /** + * @return Audit dataset enricher for Web Service based transactions. + */ + T getWsAuditDatasetEnricher(); + /** * @return a post-processor for audit messages (defaults to a NO-OP implementation */ diff --git a/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/DefaultAuditContext.java b/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/DefaultAuditContext.java index f559e80f1a..ef5a455ecd 100644 --- a/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/DefaultAuditContext.java +++ b/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/DefaultAuditContext.java @@ -101,6 +101,9 @@ public class DefaultAuditContext implements AuditContext { @Setter private String auditValueIfMissing = "UNKNOWN"; + @Setter + private WsAuditDatasetEnricher wsAuditDatasetEnricher; + public String getAuditRepositoryTransport() { return auditTransmissionProtocol.getTransportName(); } @@ -136,4 +139,11 @@ public InetAddress getAuditRepositoryAddress() { throw new RuntimeException(e); } } + + @SuppressWarnings("unchecked") + @Override + public T getWsAuditDatasetEnricher() { + return (T) wsAuditDatasetEnricher; + } + } diff --git a/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/WsAuditDatasetEnricher.java b/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/WsAuditDatasetEnricher.java new file mode 100644 index 0000000000..e406469d2a --- /dev/null +++ b/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/WsAuditDatasetEnricher.java @@ -0,0 +1,25 @@ +/* + * Copyright 2024 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.openehealth.ipf.commons.audit; + +/** + * Marker interface for Web Service audit dataset enrichers. + */ +public interface WsAuditDatasetEnricher { + + WsAuditDatasetEnricher NONE = new WsAuditDatasetEnricher() {}; + +} diff --git a/commons/ihe/pom.xml b/commons/ihe/pom.xml index 5dbc2e6d17..87eac3e5a4 100644 --- a/commons/ihe/pom.xml +++ b/commons/ihe/pom.xml @@ -28,7 +28,6 @@ hl7v3 hl7v3model fhir - swissepr hpd xacml20 diff --git a/commons/ihe/swissepr/pom.xml b/commons/ihe/swissepr/pom.xml deleted file mode 100644 index 4009f16ebe..0000000000 --- a/commons/ihe/swissepr/pom.xml +++ /dev/null @@ -1,32 +0,0 @@ - - - 4.0.0 - ipf-commons-ihe-swissepr - ipf-commons-ihe-swissepr - Support for IHE Web Services specific for the Swiss EPR - - - - org.openehealth.ipf.commons - ipf-commons-ihe - 5.0-SNAPSHOT - - - - - - org.openehealth.ipf.commons - ipf-commons-ihe-ws - ${project.version} - - - org.apache.commons - commons-lang3 - - - org.apache.groovy - groovy-xml - - - - diff --git a/commons/ihe/swissepr/src/main/resources/META-INF/services/org.openehealth.ipf.commons.ihe.ws.cxf.audit.WsAuditDatasetEnricher b/commons/ihe/swissepr/src/main/resources/META-INF/services/org.openehealth.ipf.commons.ihe.ws.cxf.audit.WsAuditDatasetEnricher deleted file mode 100644 index 52f371bb94..0000000000 --- a/commons/ihe/swissepr/src/main/resources/META-INF/services/org.openehealth.ipf.commons.ihe.ws.cxf.audit.WsAuditDatasetEnricher +++ /dev/null @@ -1 +0,0 @@ -org.openehealth.ipf.commons.ihe.swissepr.SwissEprWsAuditDatasetEnricher \ No newline at end of file diff --git a/commons/ihe/ws/pom.xml b/commons/ihe/ws/pom.xml index 98caf0a33f..66132f2e16 100644 --- a/commons/ihe/ws/pom.xml +++ b/commons/ihe/ws/pom.xml @@ -67,6 +67,10 @@ jakarta.xml.ws jakarta.xml.ws-api + + org.apache.groovy + groovy-xml + diff --git a/commons/ihe/ws/src/main/groovy/org/openehealth/ipf/commons/ihe/ws/cxf/audit/SwissEprWsAuditDatasetEnricher.groovy b/commons/ihe/ws/src/main/groovy/org/openehealth/ipf/commons/ihe/ws/cxf/audit/SwissEprWsAuditDatasetEnricher.groovy new file mode 100644 index 0000000000..b739f9bcb3 --- /dev/null +++ b/commons/ihe/ws/src/main/groovy/org/openehealth/ipf/commons/ihe/ws/cxf/audit/SwissEprWsAuditDatasetEnricher.groovy @@ -0,0 +1,88 @@ +/* + * Copyright 2024 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.openehealth.ipf.commons.ihe.ws.cxf.audit + +import groovy.xml.slurpersupport.GPathResult +import org.apache.cxf.binding.soap.SoapMessage +import org.apache.cxf.headers.Header +import org.apache.cxf.message.Message +import org.openehealth.ipf.commons.audit.types.ActiveParticipantRoleId +import org.openehealth.ipf.commons.audit.types.PurposeOfUse +import org.openehealth.ipf.commons.ihe.core.atna.AuditDataset.HumanUser + +/** + * WS audit dataset enricher which fulfills both IHE and Swiss EPR requirements. + * + * @author Dmytro Rud + */ +class SwissEprWsAuditDatasetEnricher extends XuaWsAuditDatasetEnricher { + + static final String SWISS_USER_POU_OID = '2.16.756.5.30.1.127.3.10.5' + static final String SWISS_USER_ROLE_OID = '2.16.756.5.30.1.127.3.10.6' + + @Override + void enrichAuditDataset(SoapMessage message, Header.Direction headerDirection, WsAuditDataset auditDataset) { + GPathResult xuaToken = extractXuaToken(message, headerDirection) + if (xuaToken != null) { + extractXuaTokenElements(xuaToken, auditDataset) + def iheUser = auditDataset.humanUsers[0] + conditionallyAddHumanUser(createMainEprUser(xuaToken, iheUser), auditDataset) + conditionallyAddHumanUser(createAdditionalEprUser(xuaToken, iheUser, auditDataset.purposesOfUse), auditDataset) + } + + extractW3cTraceContextId(message, auditDataset) + } + + private static HumanUser createMainEprUser(GPathResult xuaToken, HumanUser iheUser) { + def user = new HumanUser() + user.id = xuaToken.Subject.NameID[0].text() + user.name = xuaToken.AttributeStatement.Attribute.find { it.@Name == SUBJECT_NAME_ATTRIBUTE_NAME }.AttributeValue[0].text() + user.roles.addAll(iheUser.roles) + return user + } + + private static HumanUser createAdditionalEprUser(GPathResult xuaToken, HumanUser iheUser, PurposeOfUse... purposesOfUse) { + def user = new HumanUser() + user.id = xuaToken.Subject.SubjectConfirmation.NameID[0].text() + user.name = xuaToken.Subject.SubjectConfirmation.SubjectConfirmationData.AttributeStatement.Attribute.find { it.@Name == SUBJECT_NAME_ATTRIBUTE_NAME }.AttributeValue[0].text() + switch (iheUser.roles.find { it.codeSystemName == SWISS_USER_ROLE_OID }?.code) { + case 'HCP': + if (purposesOfUse.find { (it.codeSystemName == SWISS_USER_POU_OID) && it.code.contains('AUTO') }) { + user.roles << ActiveParticipantRoleId.of('TCU', SWISS_USER_ROLE_OID, 'Technical User') + } else { + user.roles << ActiveParticipantRoleId.of('ASS', SWISS_USER_ROLE_OID, 'Assistant') + } + break + case 'PAT': + user.roles << ActiveParticipantRoleId.of('REP', SWISS_USER_ROLE_OID, 'Representative') + break + } + return user + } + + private static void extractW3cTraceContextId(SoapMessage message, WsAuditDataset auditDataset) { + def httpHeaders = message.get(Message.PROTOCOL_HEADERS) as Map> + if (httpHeaders != null) { + for (String headerName : httpHeaders.keySet()) { + if ('traceparent'.equalsIgnoreCase(headerName)) { + auditDataset.w3cTraceContextId = httpHeaders[headerName][0] + break + } + } + } + } + +} diff --git a/commons/ihe/swissepr/src/main/groovy/org/openehealth/ipf/commons/ihe/swissepr/SwissEprWsAuditDatasetEnricher.groovy b/commons/ihe/ws/src/main/groovy/org/openehealth/ipf/commons/ihe/ws/cxf/audit/XuaWsAuditDatasetEnricher.groovy similarity index 59% rename from commons/ihe/swissepr/src/main/groovy/org/openehealth/ipf/commons/ihe/swissepr/SwissEprWsAuditDatasetEnricher.groovy rename to commons/ihe/ws/src/main/groovy/org/openehealth/ipf/commons/ihe/ws/cxf/audit/XuaWsAuditDatasetEnricher.groovy index 189ac6a4ab..e89e41bbf8 100644 --- a/commons/ihe/swissepr/src/main/groovy/org/openehealth/ipf/commons/ihe/swissepr/SwissEprWsAuditDatasetEnricher.groovy +++ b/commons/ihe/ws/src/main/groovy/org/openehealth/ipf/commons/ihe/ws/cxf/audit/XuaWsAuditDatasetEnricher.groovy @@ -1,5 +1,5 @@ /* - * Copyright 2016 the original author or authors. + * Copyright 2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.openehealth.ipf.commons.ihe.swissepr +package org.openehealth.ipf.commons.ihe.ws.cxf.audit import groovy.xml.XmlSlurper import groovy.xml.slurpersupport.GPathResult @@ -21,14 +21,10 @@ import org.apache.cxf.binding.soap.Soap11 import org.apache.cxf.binding.soap.Soap12 import org.apache.cxf.binding.soap.SoapMessage import org.apache.cxf.headers.Header -import org.apache.cxf.message.Message import org.apache.cxf.staxutils.StaxUtils import org.openehealth.ipf.commons.audit.types.ActiveParticipantRoleId import org.openehealth.ipf.commons.audit.types.PurposeOfUse -import org.openehealth.ipf.commons.ihe.ws.cxf.audit.AbstractAuditInterceptor -import org.openehealth.ipf.commons.ihe.ws.cxf.audit.WsAuditDataset import org.openehealth.ipf.commons.ihe.core.atna.AuditDataset.HumanUser -import org.openehealth.ipf.commons.ihe.ws.cxf.audit.WsAuditDatasetEnricher import org.w3c.dom.Document import org.w3c.dom.Element import org.w3c.dom.Node @@ -37,9 +33,11 @@ import org.w3c.dom.NodeList import javax.xml.namespace.QName /** + * WS audit dataset enricher which fulfills IHE requirements on propagating XUA attributes to ATNA records. + * * @author Dmytro Rud */ -class SwissEprWsAuditDatasetEnricher implements WsAuditDatasetEnricher { +class XuaWsAuditDatasetEnricher implements WsAuditDatasetEnricher { /** * If a SAML assertion is stored under this key in the Web Service context, @@ -53,22 +51,20 @@ class SwissEprWsAuditDatasetEnricher implements WsAuditDatasetEnricher { static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" static final String SAML20_NS = "urn:oasis:names:tc:SAML:2.0:assertion" - static final String SWISS_USER_POU_OID = '2.16.756.5.30.1.127.3.10.5' - static final String SWISS_USER_ROLE_OID = '2.16.756.5.30.1.127.3.10.6' - static final String PURPOSE_OF_USE_ATTRIBUTE_NAME = 'urn:oasis:names:tc:xspa:1.0:subject:purposeofuse' static final String SUBJECT_NAME_ATTRIBUTE_NAME = 'urn:oasis:names:tc:xspa:1.0:subject:subject-id' static final String SUBJECT_ROLE_ATTRIBUTE_NAME = 'urn:oasis:names:tc:xacml:2.0:subject:role' static final String PATIENT_ID_ATTRIBUTE_NAME = 'urn:oasis:names:tc:xacml:2.0:resource:resource-id' - @Override void enrichAuditDataset(SoapMessage message, Header.Direction headerDirection, WsAuditDataset auditDataset) { - extractXuaTokenElements(message, headerDirection, auditDataset) - extractW3cTraceContextId(message, auditDataset) + GPathResult xuaToken = extractXuaToken(message, headerDirection) + if (xuaToken != null) { + extractXuaTokenElements(xuaToken, auditDataset) + } } - private static void extractXuaTokenElements(SoapMessage message, Header.Direction headerDirection, WsAuditDataset auditDataset) { + protected static GPathResult extractXuaToken(SoapMessage message, Header.Direction headerDirection) { Element assertion = null // check whether someone has already parsed the SAML2 assertion @@ -82,25 +78,11 @@ class SwissEprWsAuditDatasetEnricher implements WsAuditDatasetEnricher { assertion = extractAssertionFromCxfMessage(message, headerDirection) ?: extractAssertionFromDom(message) } if (assertion == null) { - return + return null } message.getExchange().put(XUA_SAML_ASSERTION, assertion) - def gpath = new XmlSlurper(false, true).parseText(StaxUtils.toString(assertion)) - - // extract purpose of use, patient id, etc. - def purposesOfUse = [] - for (pou in gpath.AttributeStatement.Attribute.findAll { it.@Name == PURPOSE_OF_USE_ATTRIBUTE_NAME }.AttributeValue.PurposeOfUse) { - purposesOfUse << PurposeOfUse.of(pou.@code.text(), pou.@codeSystem.text(), pou.@displayName.text()) - } - auditDataset.purposesOfUse = purposesOfUse as PurposeOfUse[] - auditDataset.xuaPatientId = gpath.AttributeStatement.Attribute.find { it.@Name == PATIENT_ID_ATTRIBUTE_NAME }.AttributeValue[0].text() - - // extract data related to human users - def iheUser = createIheUser(gpath) - def mainEpdUser = createMainEpdUser(gpath, iheUser) - def additionalEpdUser = createAdditionalEpdUser(gpath, iheUser, purposesOfUse) - auditDataset.humanUsers.addAll([iheUser, mainEpdUser, additionalEpdUser].findAll { !it.isEmpty() }) + return new XmlSlurper(false, true).parseText(StaxUtils.toString(assertion)) } private static Element extractAssertionFromCxfMessage(SoapMessage message, Header.Direction headerDirection) { @@ -132,6 +114,25 @@ class SwissEprWsAuditDatasetEnricher implements WsAuditDatasetEnricher { return (nodeList.getLength() > 0) ? (Element) nodeList.item(0) : null } + protected static void extractXuaTokenElements(GPathResult xuaToken, WsAuditDataset auditDataset) { + def purposesOfUse = [] + for (attr in xuaToken.AttributeStatement.Attribute) { + switch (attr.@Name) { + case PURPOSE_OF_USE_ATTRIBUTE_NAME: + for (pou in attr.AttributeValue.PurposeOfUse) { + purposesOfUse << PurposeOfUse.of(pou.@code.text(), pou.@codeSystem.text(), pou.@displayName.text()) + } + break + case PATIENT_ID_ATTRIBUTE_NAME: + auditDataset.xuaPatientId = attr.AttributeValue[0].text() + break + } + } + auditDataset.purposesOfUse = purposesOfUse + + conditionallyAddHumanUser(createIheUser(xuaToken), auditDataset) + } + private static HumanUser createIheUser(GPathResult gpath) { def user = new HumanUser() String userName = gpath.Subject.NameID[0].text() @@ -148,42 +149,9 @@ class SwissEprWsAuditDatasetEnricher implements WsAuditDatasetEnricher { return user } - private static HumanUser createMainEpdUser(GPathResult gpath, HumanUser iheUser) { - def user = new HumanUser() - user.id = gpath.Subject.NameID[0].text() - user.name = gpath.AttributeStatement.Attribute.find { it.@Name == SUBJECT_NAME_ATTRIBUTE_NAME }.AttributeValue[0].text() - user.roles.addAll(iheUser.roles) - return user - } - - private static HumanUser createAdditionalEpdUser(GPathResult gpath, HumanUser iheUser, List purposesOfUse) { - def user = new HumanUser() - user.id = gpath.Subject.SubjectConfirmation.NameID[0].text() - user.name = gpath.Subject.SubjectConfirmation.SubjectConfirmationData.AttributeStatement.Attribute.find { it.@Name == SUBJECT_NAME_ATTRIBUTE_NAME }.AttributeValue[0].text() - switch (iheUser.roles.find { it.codeSystemName == SWISS_USER_ROLE_OID }?.code) { - case 'HCP': - if (purposesOfUse.find { (it.codeSystemName == SWISS_USER_POU_OID) && it.code.contains('AUTO') }) { - user.roles << ActiveParticipantRoleId.of('TCU', SWISS_USER_ROLE_OID, 'Technical User') - } else { - user.roles << ActiveParticipantRoleId.of('ASS', SWISS_USER_ROLE_OID, 'Assistant') - } - break - case 'PAT': - user.roles << ActiveParticipantRoleId.of('REP', SWISS_USER_ROLE_OID, 'Representative') - break - } - return user - } - - private static void extractW3cTraceContextId(SoapMessage message, WsAuditDataset auditDataset) { - def httpHeaders = message.get(Message.PROTOCOL_HEADERS) as Map> - if (httpHeaders != null) { - for (String headerName : httpHeaders.keySet()) { - if (headerName.toLowerCase(Locale.ROOT) == 'traceparent') { - auditDataset.w3cTraceContextId = httpHeaders[headerName][0] - break - } - } + protected static void conditionallyAddHumanUser(HumanUser humanUser, WsAuditDataset auditDataset) { + if (!humanUser.empty) { + auditDataset.humanUsers << humanUser } } diff --git a/commons/ihe/ws/src/main/java/org/openehealth/ipf/commons/ihe/ws/cxf/audit/AbstractAuditInterceptor.java b/commons/ihe/ws/src/main/java/org/openehealth/ipf/commons/ihe/ws/cxf/audit/AbstractAuditInterceptor.java index c098954454..a947b36ce9 100644 --- a/commons/ihe/ws/src/main/java/org/openehealth/ipf/commons/ihe/ws/cxf/audit/AbstractAuditInterceptor.java +++ b/commons/ihe/ws/src/main/java/org/openehealth/ipf/commons/ihe/ws/cxf/audit/AbstractAuditInterceptor.java @@ -16,7 +16,6 @@ package org.openehealth.ipf.commons.ihe.ws.cxf.audit; import lombok.Getter; -import lombok.Setter; import org.apache.cxf.binding.soap.SoapMessage; import org.apache.cxf.headers.Header; import org.apache.cxf.message.Message; @@ -26,7 +25,6 @@ import org.apache.cxf.ws.addressing.AttributedURIType; import org.apache.cxf.ws.addressing.JAXWSAConstants; import org.openehealth.ipf.commons.audit.AuditContext; -import org.openehealth.ipf.commons.core.config.Lookup; import org.openehealth.ipf.commons.ihe.core.atna.AuditStrategy; import org.openehealth.ipf.commons.ihe.ws.InterceptorUtils; import org.openehealth.ipf.commons.ihe.ws.cxf.AbstractSafeInterceptor; @@ -55,13 +53,6 @@ abstract public class AbstractAuditInterceptor extends */ public static final String DATASET_CONTEXT_KEY = AbstractAuditInterceptor.class.getName() + ".DATASET"; - /** - * Additional (e.g. specific to a regulatory domain) enricher of audit datasets. - */ - @Getter - @Setter - private static WsAuditDatasetEnricher wsAuditDatasetEnricher = Lookup.lookup(WsAuditDatasetEnricher.class).orElse(WsAuditDatasetEnricher.NOOP); - /** * Audit strategy associated with this interceptor. */ @@ -170,11 +161,15 @@ protected static void extractUserIdFromWSAddressing( * @param headerDirection direction of SOAP headers. * @param auditDataset target ATNA audit dataset. */ - protected static void enrichAuditDataset( + protected void enrichAuditDataset( SoapMessage message, Header.Direction headerDirection, - WsAuditDataset auditDataset) { - wsAuditDatasetEnricher.enrichAuditDataset(message, headerDirection, auditDataset); + WsAuditDataset auditDataset) + { + WsAuditDatasetEnricher enricher = auditContext.getWsAuditDatasetEnricher(); + if (enricher != null) { + enricher.enrichAuditDataset(message, headerDirection, auditDataset); + } } diff --git a/commons/ihe/ws/src/main/java/org/openehealth/ipf/commons/ihe/ws/cxf/audit/WsAuditDatasetEnricher.java b/commons/ihe/ws/src/main/java/org/openehealth/ipf/commons/ihe/ws/cxf/audit/WsAuditDatasetEnricher.java index 597805865b..ef2914695b 100644 --- a/commons/ihe/ws/src/main/java/org/openehealth/ipf/commons/ihe/ws/cxf/audit/WsAuditDatasetEnricher.java +++ b/commons/ihe/ws/src/main/java/org/openehealth/ipf/commons/ihe/ws/cxf/audit/WsAuditDatasetEnricher.java @@ -1,5 +1,5 @@ /* - * Copyright 2016 the original author or authors. + * Copyright 2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,9 +19,12 @@ import org.apache.cxf.headers.Header; /** + * Interface for Web Service ATNA audit dataset enrichers. + * Each implementing class shall have a default constructor and be thread-safe. + * * @author Dmytro Rud */ -public interface WsAuditDatasetEnricher { +public interface WsAuditDatasetEnricher extends org.openehealth.ipf.commons.audit.WsAuditDatasetEnricher { /** * Enriches the given audit dataset with elements from the given CXF message. @@ -38,5 +41,4 @@ void enrichAuditDataset( Header.Direction headerDirection, WsAuditDataset auditDataset); - WsAuditDatasetEnricher NOOP = (message, headerDirection, auditDataset) -> {}; } diff --git a/dependencies/pom.xml b/dependencies/pom.xml index f6f4ab94f2..6f60ff41f0 100644 --- a/dependencies/pom.xml +++ b/dependencies/pom.xml @@ -597,16 +597,6 @@ ipf-commons-ihe-xds ${project.version} - - org.openehealth.ipf.commons - ipf-commons-ihe-xua - ${project.version} - - - org.openehealth.ipf.commons - ipf-commons-ihe-swissepr - ${project.version} - org.openehealth.ipf.commons ipf-commons-map diff --git a/platform-camel/ihe/hpd/pom.xml b/platform-camel/ihe/hpd/pom.xml index 5152b73f73..0155b2333b 100644 --- a/platform-camel/ihe/hpd/pom.xml +++ b/platform-camel/ihe/hpd/pom.xml @@ -65,12 +65,6 @@ test test-jar - - org.openehealth.ipf.commons - ipf-commons-ihe-swissepr - ${project.version} - test - org.openehealth.ipf.commons ipf-commons-spring diff --git a/platform-camel/ihe/xacml20/pom.xml b/platform-camel/ihe/xacml20/pom.xml index 9409e7a785..fdc44714e9 100644 --- a/platform-camel/ihe/xacml20/pom.xml +++ b/platform-camel/ihe/xacml20/pom.xml @@ -45,12 +45,6 @@ test test-jar - - org.openehealth.ipf.commons - ipf-commons-ihe-swissepr - ${project.version} - test - org.openehealth.ipf.commons ipf-commons-spring diff --git a/platform-camel/ihe/xacml20/src/test/resources/chppq1-context.xml b/platform-camel/ihe/xacml20/src/test/resources/chppq1-context.xml index 175bfe7224..f08ffe7b5e 100644 --- a/platform-camel/ihe/xacml20/src/test/resources/chppq1-context.xml +++ b/platform-camel/ihe/xacml20/src/test/resources/chppq1-context.xml @@ -40,6 +40,9 @@ http://openehealth.org/schema/ipf-commons-core.xsd"> + + + diff --git a/platform-camel/ihe/xds/pom.xml b/platform-camel/ihe/xds/pom.xml index f5da36af43..1410c37a4c 100644 --- a/platform-camel/ihe/xds/pom.xml +++ b/platform-camel/ihe/xds/pom.xml @@ -61,12 +61,6 @@ test test-jar - - org.openehealth.ipf.commons - ipf-commons-ihe-swissepr - ${project.version} - test - org.apache.tomcat tomcat-catalina diff --git a/platform-camel/ihe/xds/src/test/resources/common-xds-beans.xml b/platform-camel/ihe/xds/src/test/resources/common-xds-beans.xml index 6e280ce672..f7916a6854 100644 --- a/platform-camel/ihe/xds/src/test/resources/common-xds-beans.xml +++ b/platform-camel/ihe/xds/src/test/resources/common-xds-beans.xml @@ -37,6 +37,9 @@ http://openehealth.org/schema/ipf-commons-core.xsd"> + + + diff --git a/pom.xml b/pom.xml index 953ce132f5..2e4de745c8 100644 --- a/pom.xml +++ b/pom.xml @@ -384,7 +384,6 @@ commons/ihe/xacml20/impl/generated-stubs: commons/ihe/xacml20/model/generated-stubs: commons/ihe/xds/generated-stubs: - commons/ihe/xua/generated-stubs: commons/map/generated-stubs: commons/spring/generated-stubs: commons/xml/generated-stubs: