#449: trace context ID in FHIR based transactions

oehf · Aug 1, 2024 · c19797f · c19797f
1 parent 8bcc76d
commit c19797f
Show file tree

Hide file tree

Showing 17 changed files with 181 additions and 10 deletions.
diff --git a/...ng-boot-starter/src/main/java/org/openehealth/ipf/boot/atna/IpfAtnaAutoConfiguration.java b/...ng-boot-starter/src/main/java/org/openehealth/ipf/boot/atna/IpfAtnaAutoConfiguration.java
@@ -52,15 +52,17 @@ public AuditContext auditContext(IpfAtnaConfigurationProperties config,
                                      AuditExceptionHandler auditExceptionHandler,
                                      AuditMessagePostProcessor auditMessagePostProcessor,
                                      WsAuditDatasetEnricher wsAuditDatasetEnricher,
+                                     FhirAuditDatasetEnricher fhirAuditDatasetEnricher,
                                      @Value("${spring.application.name}") String appName) {
         if (config.getBalp() != null) {
             return balpConfiguration(defaultContextConfiguration(new DefaultBalpAuditContext(), config,
                 auditTransmissionProtocol, auditMessageQueue, tlsParameters, auditMetadataProvider,
-                auditExceptionHandler, auditMessagePostProcessor, wsAuditDatasetEnricher, appName), config);
+                auditExceptionHandler, auditMessagePostProcessor, wsAuditDatasetEnricher,
+                fhirAuditDatasetEnricher, appName), config);
         } else {
             return defaultContextConfiguration(new DefaultAuditContext(), config, auditTransmissionProtocol,
                 auditMessageQueue, tlsParameters, auditMetadataProvider, auditExceptionHandler,
-                auditMessagePostProcessor, wsAuditDatasetEnricher, appName);
+                auditMessagePostProcessor, wsAuditDatasetEnricher, fhirAuditDatasetEnricher, appName);
         }
     }
 
@@ -73,6 +75,7 @@ private <T extends DefaultAuditContext> T defaultContextConfiguration(T auditCon
                                              AuditExceptionHandler auditExceptionHandler,
                                              AuditMessagePostProcessor auditMessagePostProcessor,
                                              WsAuditDatasetEnricher wsAuditDatasetEnricher,
+                                             FhirAuditDatasetEnricher fhirAuditDatasetEnricher,
                                              @Value("${spring.application.name}") String appName) {
 
         auditContext.setAuditEnabled(config.isAuditEnabled());
@@ -97,6 +100,9 @@ private <T extends DefaultAuditContext> T defaultContextConfiguration(T auditCon
         if (wsAuditDatasetEnricher != WsAuditDatasetEnricher.NONE) {
             auditContext.setWsAuditDatasetEnricher(wsAuditDatasetEnricher);
         }
+        if (fhirAuditDatasetEnricher != FhirAuditDatasetEnricher.NONE) {
+            auditContext.setFhirAuditDatasetEnricher(fhirAuditDatasetEnricher);
+        }
 
         return auditContext;
     }
@@ -223,6 +229,15 @@ public WsAuditDatasetEnricher wsAuditDatasetEnricher(IpfAtnaConfigurationPropert
         return WsAuditDatasetEnricher.NONE;
     }
 
+    @Bean
+    @ConditionalOnMissingBean
+    public FhirAuditDatasetEnricher fhirAuditDatasetEnricher(IpfAtnaConfigurationProperties config) throws Exception {
+        if (config.getFhirAuditDatasetEnricherClass() != null) {
+            return config.getFhirAuditDatasetEnricherClass().getConstructor().newInstance();
+        }
+        return FhirAuditDatasetEnricher.NONE;
+    }
+
     // Some audit event listeners
 
     @Bean

diff --git a/...t-starter/src/main/java/org/openehealth/ipf/boot/atna/IpfAtnaConfigurationProperties.java b/...t-starter/src/main/java/org/openehealth/ipf/boot/atna/IpfAtnaConfigurationProperties.java
@@ -19,6 +19,7 @@
 import lombok.Getter;
 import lombok.Setter;
 import org.openehealth.ipf.commons.audit.AuditMessagePostProcessor;
+import org.openehealth.ipf.commons.audit.FhirAuditDatasetEnricher;
 import org.openehealth.ipf.commons.audit.WsAuditDatasetEnricher;
 import org.openehealth.ipf.commons.audit.codes.AuditSourceType;
 import org.openehealth.ipf.commons.audit.handler.AuditExceptionHandler;
@@ -108,6 +109,12 @@ public class IpfAtnaConfigurationProperties {
     @Getter @Setter
     private Class<? extends WsAuditDatasetEnricher> wsAuditDatasetEnricherClass;
 
+    /**
+     * Class of the optional audit dataset enricher for FHIR based transactions.
+     */
+    @Getter @Setter
+    private Class<? extends FhirAuditDatasetEnricher> fhirAuditDatasetEnricherClass;
+
     @Getter @Setter
     private Balp balp;
 

diff --git a/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/AuditContext.java b/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/AuditContext.java
@@ -94,6 +94,11 @@ public interface AuditContext {
      */
     <T extends WsAuditDatasetEnricher> T getWsAuditDatasetEnricher();
 
+    /**
+     * @return Audit dataset enricher for FHIR based transactions.
+     */
+    <T extends FhirAuditDatasetEnricher> T getFhirAuditDatasetEnricher();
+
     /**
      * @return a post-processor for audit messages (defaults to a NO-OP implementation
      */

diff --git a/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/DefaultAuditContext.java b/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/DefaultAuditContext.java
@@ -104,6 +104,9 @@ public class DefaultAuditContext implements AuditContext {
     @Setter
     private WsAuditDatasetEnricher wsAuditDatasetEnricher;
 
+    @Setter
+    private FhirAuditDatasetEnricher fhirAuditDatasetEnricher;
+
     public String getAuditRepositoryTransport() {
         return auditTransmissionProtocol.getTransportName();
     }
@@ -146,4 +149,10 @@ public <T extends WsAuditDatasetEnricher> T getWsAuditDatasetEnricher() {
         return (T) wsAuditDatasetEnricher;
     }
 
+    @SuppressWarnings("unchecked")
+    @Override
+    public <T extends FhirAuditDatasetEnricher> T getFhirAuditDatasetEnricher() {
+        return (T) fhirAuditDatasetEnricher;
+    }
+
 }
diff --git a/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/FhirAuditDatasetEnricher.java b/commons/audit/src/main/java/org/openehealth/ipf/commons/audit/FhirAuditDatasetEnricher.java
@@ -0,0 +1,25 @@
+/*
+ * Copyright 2024 the original author or authors.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *         http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.openehealth.ipf.commons.audit;
+
+/**
+ * Marker interface for FHIR audit dataset enrichers.
+ */
+public interface FhirAuditDatasetEnricher {
+
+    FhirAuditDatasetEnricher NONE = new FhirAuditDatasetEnricher() {};
+
+}
diff --git a/...re/src/main/java/org/openehealth/ipf/commons/ihe/fhir/audit/FhirAuditDatasetEnricher.java b/...re/src/main/java/org/openehealth/ipf/commons/ihe/fhir/audit/FhirAuditDatasetEnricher.java
@@ -0,0 +1,32 @@
+/*
+ * Copyright 2024 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.openehealth.ipf.commons.ihe.fhir.audit;
+
+import org.openehealth.ipf.commons.ihe.core.atna.AuditDataset;
+
+import java.util.Map;
+
+/**
+ * Interface for FHIR ATNA audit dataset enrichers.
+ * Each implementing class shall have a default constructor and be thread-safe.
+ *
+ * @author Dmytro Rud
+ */
+public interface FhirAuditDatasetEnricher extends org.openehealth.ipf.commons.audit.FhirAuditDatasetEnricher {
+
+    void enrichAuditDataset(AuditDataset auditDataset, Object request, Map<String, Object> parameters);
+
+}
diff --git a/...ain/java/org/openehealth/ipf/commons/ihe/fhir/audit/SwissEprFhirAuditDatasetEnricher.java b/...ain/java/org/openehealth/ipf/commons/ihe/fhir/audit/SwissEprFhirAuditDatasetEnricher.java
@@ -0,0 +1,54 @@
+/*
+ * Copyright 2024 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.openehealth.ipf.commons.ihe.fhir.audit;
+
+import org.openehealth.ipf.commons.ihe.core.atna.AuditDataset;
+
+import java.util.List;
+import java.util.Map;
+
+import static org.openehealth.ipf.commons.ihe.fhir.Constants.HTTP_INCOMING_HEADERS;
+import static org.openehealth.ipf.commons.ihe.fhir.Constants.HTTP_OUTGOING_HEADERS;
+
+/**
+ * Audit dataset enricher for FHIR based transactions which implements requirements
+ * of the Swiss Electronic Patient Record.
+ *
+ * @author Dmytro Rud
+ */
+public class SwissEprFhirAuditDatasetEnricher implements FhirAuditDatasetEnricher {
+
+    @Override
+    public void enrichAuditDataset(AuditDataset auditDataset, Object request, Map<String, Object> parameters) {
+        // the outbound value, whenever present, shall override the incoming one
+        extractW3cTraceContextId(parameters, HTTP_INCOMING_HEADERS, auditDataset);
+        extractW3cTraceContextId(parameters, HTTP_OUTGOING_HEADERS, auditDataset);
+    }
+
+    private static void extractW3cTraceContextId(Map<String, Object> parameters, String key, AuditDataset auditDataset) {
+        Object value = parameters.get(key);
+        if (value != null) {
+            Map<String, List<String>> headers = (Map<String, List<String>>) value;
+            for (String name : headers.keySet()) {
+                if ("traceparent".equalsIgnoreCase(name)) {
+                    auditDataset.setW3cTraceContextId(headers.get(name).get(0));
+                    return;
+                }
+            }
+        }
+    }
+
+}
diff --git a/...src/main/java/org/openehealth/ipf/commons/ihe/fhir/chppqm/chppq3/ChPpq3AuditStrategy.java b/...src/main/java/org/openehealth/ipf/commons/ihe/fhir/chppqm/chppq3/ChPpq3AuditStrategy.java
@@ -56,7 +56,6 @@ public ChPpqmAuditDataset enrichAuditDatasetFromRequest(ChPpqmAuditDataset audit
             case "DELETE":
                 auditDataset.setAction(EventActionCode.Delete);
                 auditDataset.getPolicyAndPolicySetIds().add((String) request);
-                // TODO: take patient ID from XUA/IUA token
                 break;
             default:
                 log.error("Unsupported HTTP method '{}'", method);

diff --git a/...groovy/org/openehealth/ipf/commons/ihe/ws/cxf/audit/SwissEprWsAuditDatasetEnricher.groovy b/...groovy/org/openehealth/ipf/commons/ihe/ws/cxf/audit/SwissEprWsAuditDatasetEnricher.groovy
@@ -38,9 +38,11 @@ class SwissEprWsAuditDatasetEnricher extends XuaWsAuditDatasetEnricher {
         GPathResult xuaToken = extractXuaToken(message, headerDirection)
         if (xuaToken != null) {
             extractXuaTokenElements(xuaToken, auditDataset)
-            def iheUser = auditDataset.humanUsers[0]
-            conditionallyAddHumanUser(createMainEprUser(xuaToken, iheUser), auditDataset)
-            conditionallyAddHumanUser(createAdditionalEprUser(xuaToken, iheUser, auditDataset.purposesOfUse), auditDataset)
+            if (!auditDataset.humanUsers.empty) {
+                def iheUser = auditDataset.humanUsers[0]
+                conditionallyAddHumanUser(createMainEprUser(xuaToken, iheUser), auditDataset)
+                conditionallyAddHumanUser(createAdditionalEprUser(xuaToken, iheUser, auditDataset.purposesOfUse), auditDataset)
+            }
         }
 
         extractW3cTraceContextId(message, auditDataset)

diff --git a/...penehealth/ipf/platform/camel/ihe/fhir/core/intercept/consumer/AuditInterceptorUtils.java b/...penehealth/ipf/platform/camel/ihe/fhir/core/intercept/consumer/AuditInterceptorUtils.java
@@ -17,8 +17,10 @@
 package org.openehealth.ipf.platform.camel.ihe.fhir.core.intercept.consumer;
 
 import org.apache.camel.Exchange;
+import org.openehealth.ipf.commons.audit.AuditContext;
 import org.openehealth.ipf.commons.ihe.core.atna.AuditDataset;
 import org.openehealth.ipf.commons.ihe.fhir.Constants;
+import org.openehealth.ipf.commons.ihe.fhir.audit.FhirAuditDatasetEnricher;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -75,4 +77,12 @@ public static Optional<String> extractAuthorizationHeader(Exchange exchange) {
         }
         return Optional.empty();
     }
+
+    public static void enrichAuditDataset(AuditDataset auditDataset, AuditContext auditContext, Exchange exchange) {
+        if (auditContext.getFhirAuditDatasetEnricher() != null) {
+            FhirAuditDatasetEnricher enricher = auditContext.getFhirAuditDatasetEnricher();
+            enricher.enrichAuditDataset(auditDataset, exchange.getIn().getBody(), exchange.getIn().getHeaders());
+        }
+    }
+
 }
diff --git a/...ehealth/ipf/platform/camel/ihe/fhir/core/intercept/consumer/ConsumerAuditInterceptor.java b/...ehealth/ipf/platform/camel/ihe/fhir/core/intercept/consumer/ConsumerAuditInterceptor.java
@@ -28,10 +28,6 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-
 import static java.util.Objects.requireNonNull;
 
 
@@ -118,6 +114,7 @@ private AuditDatasetType createAndEnrichAuditDatasetFromRequest(AuditStrategy<Au
             // TODO Also extract basic auth user?
             AuditInterceptorUtils.extractClientCertificateCommonName(exchange, auditDataset);
             AuditInterceptorUtils.extractAuthorizationHeader(exchange).ifPresent(auditDataset::setAuthorization);
+            AuditInterceptorUtils.enrichAuditDataset(auditDataset, auditContext, exchange);
             return strategy.enrichAuditDatasetFromRequest(auditDataset, msg, exchange.getIn().getHeaders());
         } catch (Exception e) {
             LOG.error("Exception when enriching audit dataset from request", e);

diff --git a/...ehealth/ipf/platform/camel/ihe/fhir/core/intercept/producer/ProducerAuditInterceptor.java b/...ehealth/ipf/platform/camel/ihe/fhir/core/intercept/producer/ProducerAuditInterceptor.java
@@ -25,6 +25,7 @@
 import org.openehealth.ipf.platform.camel.ihe.atna.interceptor.AuditInterceptor;
 import org.openehealth.ipf.platform.camel.ihe.core.InterceptorSupport;
 import org.openehealth.ipf.platform.camel.ihe.fhir.core.FhirEndpoint;
+import org.openehealth.ipf.platform.camel.ihe.fhir.core.intercept.consumer.AuditInterceptorUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -109,6 +110,7 @@ private AuditDatasetType createAndEnrichAuditDatasetFromRequest(AuditStrategy<Au
         try {
             var auditDataset = strategy.createAuditDataset();
             auditDataset.setSourceUserId(auditContext.getAuditValueIfMissing());
+            AuditInterceptorUtils.enrichAuditDataset(auditDataset, auditContext, exchange);
             return strategy.enrichAuditDatasetFromRequest(auditDataset, msg, exchange.getIn().getHeaders());
         } catch (Exception e) {
             LOG.error("Exception when enriching audit dataset from request", e);

diff --git a/...m/src/test/java/org/openehealth/ipf/platform/camel/ihe/fhir/chppqm/chppq3/ChPpq3Test.java b/...m/src/test/java/org/openehealth/ipf/platform/camel/ihe/fhir/chppqm/chppq3/ChPpq3Test.java
@@ -112,6 +112,8 @@ public void testUpdate1() throws Exception {
 
     @Test
     public void testUpdate2() throws Exception {
+        String traceContextId = "00-0af7651916cd43dd8448eb211c80319c-b7ad6b7169203331-01";
+
         Consent consent = create201Consent(createUuid(), "123456789012345678");
         consent.setId(createUuid());
 
@@ -122,11 +124,17 @@ public void testUpdate2() throws Exception {
                 .withAdditionalHeader("Header2", "Value2")
                 .withAdditionalHeader("Authorization", "Bearer d2h5IGFyZSB5b3UgcmVhZGluZyB0aGlzPw==")
                 .withAdditionalHeader("Header2", "Value3")
+                .withAdditionalHeader("TraceParent", traceContextId)
                 .withAdditionalHeader("Header2", "Value1")
                 .execute();
 
         List<AuditMessage> auditMessages = auditSender.getMessages();
         assertEquals(1, auditMessages.size());
+
+        AuditMessage auditMessage = auditMessages.get(0);
+        assertEquals(3, auditMessage.getParticipantObjectIdentifications().size());
+        assertEquals(traceContextId, auditMessage.getParticipantObjectIdentifications().get(0).getParticipantObjectID());
+
         log.info("");
     }
 

diff --git a/platform-camel/ihe/fhir/r4/chppqm/src/test/resources/common-fhir-beans.xml b/platform-camel/ihe/fhir/r4/chppqm/src/test/resources/common-fhir-beans.xml
@@ -41,6 +41,9 @@ http://openehealth.org/schema/ipf-commons-core.xsd">
         <property name="auditMessageQueue" ref="mockedSender"/>
         <property name="auditSourceId" value="IPF"/>
         <property name="auditEnterpriseSiteId" value="IPF"/>
+        <property name="fhirAuditDatasetEnricher">
+            <bean class="org.openehealth.ipf.commons.ihe.fhir.audit.SwissEprFhirAuditDatasetEnricher"/>
+        </property>
     </bean>
 
     <bean id="mockedSender" class="org.openehealth.ipf.commons.audit.queue.RecordingAuditMessageQueue"/>

diff --git a/...java/org/openehealth/ipf/platform/camel/ihe/fhir/iti68/Iti68ConsumerAuditInterceptor.java b/...java/org/openehealth/ipf/platform/camel/ihe/fhir/iti68/Iti68ConsumerAuditInterceptor.java
@@ -106,6 +106,7 @@ private Iti68AuditDataset createAndEnrichAuditDatasetFromRequest(AuditStrategy<I
 
             // TODO Also extract basic auth user?
             AuditInterceptorUtils.extractClientCertificateCommonName(exchange, auditDataset);
+            AuditInterceptorUtils.enrichAuditDataset(auditDataset, auditContext, exchange);
 
             return strategy.enrichAuditDatasetFromRequest(auditDataset, msg, exchange.getIn().getHeaders());
         } catch (Exception e) {

diff --git a/...openehealth/ipf/platform/camel/ihe/fhir/iti68bin/Iti68BinaryConsumerAuditInterceptor.java b/...openehealth/ipf/platform/camel/ihe/fhir/iti68bin/Iti68BinaryConsumerAuditInterceptor.java
@@ -105,6 +105,7 @@ private FhirAuditDataset createAndEnrichAuditDatasetFromRequest(AuditStrategy<Fh
 
             // TODO Also extract basic auth user?
             AuditInterceptorUtils.extractClientCertificateCommonName(exchange, auditDataset);
+            AuditInterceptorUtils.enrichAuditDataset(auditDataset, auditContext, exchange);
 
             return strategy.enrichAuditDatasetFromRequest(auditDataset, msg, exchange.getIn().getHeaders());
         } catch (Exception e) {

diff --git a/...java/org/openehealth/ipf/platform/camel/ihe/fhir/iti68/Iti68ConsumerAuditInterceptor.java b/...java/org/openehealth/ipf/platform/camel/ihe/fhir/iti68/Iti68ConsumerAuditInterceptor.java
@@ -106,6 +106,7 @@ private Iti68AuditDataset createAndEnrichAuditDatasetFromRequest(AuditStrategy<I
 
             // TODO Also extract basic auth user?
             AuditInterceptorUtils.extractClientCertificateCommonName(exchange, auditDataset);
+            AuditInterceptorUtils.enrichAuditDataset(auditDataset, auditContext, exchange);
 
             return strategy.enrichAuditDatasetFromRequest(auditDataset, msg, exchange.getIn().getHeaders());
         } catch (Exception e) {