Merge pull request #58 from Mandalka/fhirserver-http-basic-auth

Support http basic auth in FHIR server sink (#8)

README.md

@@ -23,7 +23,7 @@ curl -d @tests/e2e/data/bundle.json -H "Content-Type: application/json" -X POST
 To configure your deployment, you can change the following environment variables:
 
 | Variable                                              | Description                                                                                                                                                                                                                                                                                                                          | Default                                   |
-| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------- |
+|-------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------|
 | SPRING_DATASOURCE_URL                                 | JDBC URL of the Postgres DB to store the received FHIR resources, needs to be set to an empty variable if no PSQL db is to be connected to                                                                                                                                                                                           | jdbc:postgresql://fhir-db:5432/fhir       |
 | SPRING_DATASOURCE_USERNAME                            | Username of the Postgres DB                                                                                                                                                                                                                                                                                                          | postgres                                  |
 | SPRING_DATASOURCE_PASSWORD                            | Password for the Postgres DB                                                                                                                                                                                                                                                                                                         | postgres                                  |
@@ -32,6 +32,9 @@ To configure your deployment, you can change the following environment variables
 | SERVICES_LOINC_CONVERSIONS_URL                        | URL of the [LOINC conversion service](https://gitlab.miracum.org/miracum/etl/loinc-conversion)                                                                                                                                                                                                                                       | <http://loinc-converter:8080/conversions> |
 | SERVICES_FHIRSERVER_ENABLED                           | Whether to send received resources to a downstream FHIR server                                                                                                                                                                                                                                                                       | false                                     |
 | SERVICES_FHIRSERVER_URL                               | URL of the FHIR server to send data to                                                                                                                                                                                                                                                                                               | <http://fhir-server:8080/fhir>            |
+| SERVICES_FHIRSERVER_AUTH_BASIC_ENABLED                | Enable HTTP basic auth for sending data to FHIR server                                                                                                                                                                                                                                                                               | false                                     |
+| SERVICES_FHIRSERVER_AUTH_BASIC_USERNAME               | HTTP basic auth username of the FHIR server to send data to                                                                                                                                                                                                                                                                          | `""`                                      |
+| SERVICES_FHIRSERVER_AUTH_BASIC_PASSWORD               | HTTP basic auth password of the FHIR server to send data to                                                                                                                                                                                                                                                                          | `""`                                      |
 | SERVICES_KAFKA_ENABLED                                | Enable reading FHIR resources from, and writing them back to a Kafka cluster                                                                                                                                                                                                                                                         | false                                     |
 | SERVICES_KAFKA_GENERATE_OUTPUT_TOPIC_MATCH_EXPRESSION | Allows for dynamically generating the Kafka output topic's name based on the input topic. Used to set a regular expression which is applied to the input topic and the first match is replaced with the value of `SERVICES_KAFKA_GENERATE_OUTPUT_TOPIC_REPLACE_WITH`. You can set this to `"^"` to add a prefix to the output topic. | `""`                                      |
 

src/main/java/org/miracum/etl/fhirgateway/AppConfig.java

@@ -4,7 +4,9 @@
 
 import ca.uhn.fhir.context.FhirContext;
 import ca.uhn.fhir.okhttp.client.OkHttpRestfulClientFactory;
+import ca.uhn.fhir.rest.client.api.IGenericClient;
 import ca.uhn.fhir.rest.client.exceptions.FhirClientConnectionException;
+import ca.uhn.fhir.rest.client.interceptor.BasicAuthInterceptor;
 import ca.uhn.fhir.rest.server.exceptions.InternalErrorException;
 import ca.uhn.fhir.rest.server.exceptions.ResourceNotFoundException;
 import ca.uhn.fhir.rest.server.exceptions.ResourceVersionConflictException;
@@ -69,6 +71,22 @@ public FhirContext fhirContext(
     return fhirContext;
   }
 
+  @Bean
+  IGenericClient fhirClient(
+      FhirContext fhirContext,
+      @Value("${services.fhirServer.auth.basic.username}") String username,
+      @Value("${services.fhirServer.auth.basic.password}") String password,
+      @Value("${services.fhirServer.auth.basic.enabled}") boolean isBasicAuthEnabled,
+      @Value("${services.fhirServer.url}") String fhirServerUrl) {
+    var client = fhirContext.newRestfulGenericClient(fhirServerUrl);
+
+    if (isBasicAuthEnabled) {
+      client.registerInterceptor(new BasicAuthInterceptor(username, password));
+    }
+
+    return client;
+  }
+
   @Bean
   public RestTemplate restTemplate(RestTemplateBuilder builder) {
     return builder.build();

src/main/java/org/miracum/etl/fhirgateway/stores/FhirServerResourceRepository.java

@@ -9,7 +9,6 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.retry.RetryCallback;
 import org.springframework.retry.RetryContext;
 import org.springframework.retry.backoff.FixedBackOffPolicy;
@@ -32,19 +31,16 @@ public class FhirServerResourceRepository implements FhirResourceRepository {
   private final RetryTemplate retryTemplate;
 
   @Autowired
-  public FhirServerResourceRepository(
-      FhirContext fhirContext, @Value("${services.fhirServer.url}") String fhirServerUrl) {
+  public FhirServerResourceRepository(FhirContext fhirContext, IGenericClient client) {
+
     this.fhirParser = fhirContext.newJsonParser();
-    this.client = fhirContext.newRestfulGenericClient(fhirServerUrl);
+    this.client = client;
 
     this.retryTemplate = new RetryTemplate();
-
     var fixedBackOffPolicy = new FixedBackOffPolicy();
     fixedBackOffPolicy.setBackOffPeriod(5_000);
     retryTemplate.setBackOffPolicy(fixedBackOffPolicy);
-
     retryTemplate.setRetryPolicy(new SimpleRetryPolicy(5));
-
     this.retryTemplate.registerListener(
         new RetryListenerSupport() {
           @Override

src/main/resources/application-dev.yml

@@ -13,8 +13,13 @@ services:
     enabled: true
     url: "http://localhost:5000/fhir"
   fhirServer:
-    url: "http://localhost:8082/fhir"
     enabled: false
+    url: "http://localhost:8082/fhir"
+    auth:
+      basic:
+        enabled: false
+        username: ""
+        password: ""
   psql:
     enabled: true
   kafka:

src/main/resources/application.yml

@@ -88,8 +88,13 @@ services:
     enabled: true
     url: ""
   fhirServer:
-    url: ""
     enabled: false
+    url: ""
+    auth:
+      basic:
+        enabled: false
+        username: ""
+        password: ""
   psql:
     enabled: true
   kafka: