Skip to content

Commit

Permalink
Added immunization recommendation
Browse files Browse the repository at this point in the history
  • Loading branch information
davidnjau committed Oct 30, 2024
1 parent 30333ea commit e3e184a
Show file tree
Hide file tree
Showing 4 changed files with 88 additions and 60 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -50,60 +50,60 @@
@WebServlet("/myPatients")
public class CustomFhirEndpointExample extends HttpServlet {

private static final Logger logger = LoggerFactory.getLogger(CustomFhirEndpointExample.class);
private final TokenVerifier tokenVerifier;

private final HttpFhirClient fhirClient;

public CustomFhirEndpointExample() throws IOException {
this.tokenVerifier = TokenVerifier.createFromEnvVars();
this.fhirClient = FhirClientFactory.createFhirClientFromEnvVars();
}

@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// Check the Bearer token to be a valid JWT with required claims.
String authHeader = request.getHeader("Authorization");
if (authHeader == null) {
throw new ServletException("No Authorization header provided!");
}
List<String> patientIds = new ArrayList<>();
// Note for a more meaningful HTTP status code, we can catch AuthenticationException in:
DecodedJWT jwt = tokenVerifier.decodeAndVerifyBearerToken(authHeader);
Claim claim = jwt.getClaim("patient_list");
if (claim.asString() != null) {
logger.info("Found a 'patient_list' claim: {}", claim);
String listUri = "List/" + claim.asString();
HttpResponse fhirResponse = fhirClient.getResource(listUri);
HttpUtil.validateResponseOrFail(fhirResponse, listUri);
if (fhirResponse.getStatusLine().getStatusCode() != HttpStatus.SC_OK) {
logger.error("Error while fetching {}", listUri);
response.setStatus(HttpStatus.SC_INTERNAL_SERVER_ERROR);
return;
}
FhirContext fhirContext = FhirContext.forCached(FhirVersionEnum.R4);
IParser jsonParser = fhirContext.newJsonParser();
IBaseResource resource = jsonParser.parseResource(fhirResponse.getEntity().getContent());
ListResource listResource = (ListResource) resource;
for (ListEntryComponent entry : listResource.getEntry()) {
patientIds.add(entry.getItem().getReference());
}
} else {
claim = jwt.getClaim("patient_id");
if (claim.asString() != null) {
logger.info("Found a 'patient_id' claim: {}", claim);
patientIds.add(claim.asString());
}
}
if (claim.asString() == null) {
String error = "Found no patient claim in the token!";
logger.error(error);
response.getOutputStream().print(error);
response.setStatus(HttpStatus.SC_INTERNAL_SERVER_ERROR);
return;
}
response.getOutputStream().print("Your patient are: " + String.join(" ", patientIds));
response.setStatus(HttpStatus.SC_OK);
}
// private static final Logger logger = LoggerFactory.getLogger(CustomFhirEndpointExample.class);
// private final TokenVerifier tokenVerifier;
//
// private final HttpFhirClient fhirClient;
//
// public CustomFhirEndpointExample() throws IOException {
// this.tokenVerifier = TokenVerifier.createFromEnvVars();
// this.fhirClient = FhirClientFactory.createFhirClientFromEnvVars();
// }
//
// @Override
// protected void doGet(HttpServletRequest request, HttpServletResponse response)
// throws ServletException, IOException {
// // Check the Bearer token to be a valid JWT with required claims.
// String authHeader = request.getHeader("Authorization");
// if (authHeader == null) {
// throw new ServletException("No Authorization header provided!");
// }
// List<String> patientIds = new ArrayList<>();
// // Note for a more meaningful HTTP status code, we can catch AuthenticationException in:
// DecodedJWT jwt = tokenVerifier.decodeAndVerifyBearerToken(authHeader);
// Claim claim = jwt.getClaim("patient_list");
// if (claim.asString() != null) {
// logger.info("Found a 'patient_list' claim: {}", claim);
// String listUri = "List/" + claim.asString();
// HttpResponse fhirResponse = fhirClient.getResource(listUri);
// HttpUtil.validateResponseOrFail(fhirResponse, listUri);
// if (fhirResponse.getStatusLine().getStatusCode() != HttpStatus.SC_OK) {
// logger.error("Error while fetching {}", listUri);
// response.setStatus(HttpStatus.SC_INTERNAL_SERVER_ERROR);
// return;
// }
// FhirContext fhirContext = FhirContext.forCached(FhirVersionEnum.R4);
// IParser jsonParser = fhirContext.newJsonParser();
// IBaseResource resource = jsonParser.parseResource(fhirResponse.getEntity().getContent());
// ListResource listResource = (ListResource) resource;
// for (ListEntryComponent entry : listResource.getEntry()) {
// patientIds.add(entry.getItem().getReference());
// }
// } else {
// claim = jwt.getClaim("patient_id");
// if (claim.asString() != null) {
// logger.info("Found a 'patient_id' claim: {}", claim);
// patientIds.add(claim.asString());
// }
// }
// if (claim.asString() == null) {
// String error = "Found no patient claim in the token!";
// logger.error(error);
// response.getOutputStream().print(error);
// response.setStatus(HttpStatus.SC_INTERNAL_SERVER_ERROR);
// return;
// }
// response.getOutputStream().print("Your patient are: " + String.join(" ", patientIds));
// response.setStatus(HttpStatus.SC_OK);
// }
}
Original file line number Diff line number Diff line change
Expand Up @@ -2,18 +2,32 @@

import com.google.fhir.gateway.ApiServiceImpl;
import com.google.fhir.gateway.FormatterClass;
import com.google.fhir.gateway.interfaces.AccessChecker;
import com.google.fhir.gateway.interfaces.AccessDecision;
import com.google.fhir.gateway.interfaces.RequestDetailsReader;
import com.google.fhir.gateway.interfaces.ResourceValidator;
import com.google.fhir.gateway.interfaces.*;
import com.google.fhir.gateway.validators.ResourceRoleValidator;
import jakarta.servlet.http.HttpServletRequest;
import retrofit2.Call;

import java.util.Set;

public class ImmunizationResourceValidator implements AccessChecker, ResourceValidator {

private final ApiServiceImpl apiService = new ApiServiceImpl();
private final FormatterClass formatter = new FormatterClass();

// Define allowed roles for different operations
private final Set<String> createAllowedRoles = Set.of("NURSE", "DOCTOR");
private final Set<String> updateAllowedRoles = Set.of("NURSE", "DOCTOR");
private final Set<String> deleteAllowedRoles = Set.of("NURSE", "DOCTOR");
private final Set<String> testAllowedRoles = Set.of("FACILITY_SYSTEM_ADMINISTRATOR");

// Instantiate role validators dynamically
private final RoleValidator createResourceRoleValidator = new ResourceRoleValidator(createAllowedRoles);
private final RoleValidator updateResourceRoleValidator = new ResourceRoleValidator(updateAllowedRoles);
private final RoleValidator deleteResourceRoleValidator = new ResourceRoleValidator(deleteAllowedRoles);
private final RoleValidator testResourceRoleValidator = new ResourceRoleValidator(testAllowedRoles);



@Override
public AccessDecision checkAccess(RequestDetailsReader requestDetails) {
return null;
Expand All @@ -26,16 +40,25 @@ public Call<Object> getResource(String role, String targetUrl) {

@Override
public Call<Object> createResource(String role, String targetUrl, HttpServletRequest requestBody) {
if (!createResourceRoleValidator.hasAccess(role)) {
return null; // Return null if access is denied
}
return apiService.createResource(targetUrl, formatter.readRequestBody(requestBody));
}

@Override
public Call<Object> updateResource(String role, String targetUrl, HttpServletRequest requestBody) {
if (!updateResourceRoleValidator.hasAccess(role)) {
return null; // Return null if access is denied
}
return apiService.updateResource(targetUrl, formatter.readRequestBody(requestBody));
}

@Override
public Call<Object> deleteResource(String role, String targetUrl) {
if (!deleteResourceRoleValidator.hasAccess(role)) {
return null; // Return null if access is denied
}
return apiService.deleteResource(targetUrl);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ public ResourceValidator getValidator(String resourceType) {
resourceTypeData = FHIRResourceTypesData.PATIENT.name();
} else if (Objects.equals(resourceType, "Immunization")) {
resourceTypeData = FHIRResourceTypesData.IMMUNIZATION.name();
} else if (Objects.equals(resourceType, "ImmunizationRecommendation")) {
resourceTypeData = FHIRResourceTypesData.IMMUNIZATION_RECOMMENDATION.name();
}else {
resourceTypeData = resourceType;
}
Expand All @@ -25,6 +27,8 @@ public ResourceValidator getValidator(String resourceType) {
return new PatientResourceValidator();
}else if (Objects.equals(resourceTypeData, FHIRResourceTypesData.IMMUNIZATION.name())){
return new ImmunizationResourceValidator();
}else if (Objects.equals(resourceTypeData, FHIRResourceTypesData.IMMUNIZATION_RECOMMENDATION.name())){
return new ImmunizationResourceValidator();
}else {
return null; // or throw an exception here depending on your needs.
}
Expand Down
1 change: 1 addition & 0 deletions exec/src/main/kotlin/com/google/fhir/gateway/Dataclass.kt
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ data class DbUser(
enum class FHIRResourceTypesData {
PATIENT,
IMMUNIZATION,
IMMUNIZATION_RECOMMENDATION,
MEDICATION,
ORDER
}

0 comments on commit e3e184a

Please sign in to comment.