private CommandRequest BuildRequest(string asid, string resourceId, string nhsNumber, string custodianOrgCode, string typeCode, string jwtOrgCode, HttpMethod method, Resource resource)
{
var command = new CommandRequest
{
BaseUrl = $"{(_spineSettings.NrlsUseSecure ? _spineSettings.NrlsSecureServerUrl : _spineSettings.NrlsServerUrl)}",
ResourceId = resourceId,
ResourceType = ResourceType.DocumentReference,
Resource = resource,
SearchParams = GetParams(nhsNumber, custodianOrgCode, resourceId, typeCode),
Method = method,
//Content = content,
UseSecure = _spineSettings.NrlsUseSecure,
ClientThumbprint = _sdsService.GetFor(asid)?.Thumbprint,
ServerThumbprint = _spineSettings.SpineThumbprint
};
var jwt = JwtFactory.Generate(method == HttpMethod.Get ? JwtScopes.Read : JwtScopes.Write, jwtOrgCode, "fakeRoleId", asid, command.FullUrl.AbsoluteUri, SystemUrlBase, "DocumentReference");
command.Headers.Add(HeaderNames.Accept, ContentType.JSON_CONTENT_HEADER);
command.Headers.Add(HeaderNames.Authorization, $"Bearer {jwt}");
command.Headers.Add(FhirConstants.HeaderFromAsid, asid);
command.Headers.Add(FhirConstants.HeaderToAsid, _spineSettings.SpineAsid);
return(command);
}
public void JwtFactory_Valid_JWT()
{
//Token generated using:
//
// scope = JwtScopes.Write
// orgCode = ORG1
// roleProfileId = fakeRoleId
// asid = 20000000017
// endpoint = https://nrls.com/fhir/documentreference
// tokenOrigin = https://demonstrator.com
// tokenStart = 2018-04-01T10:00:30+00:00
var expectedToken = "eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJpc3MiOiJodHRwczovL2RlbW9uc3RyYXRvci5jb20iLCJzdWIiOiJodHRwczovL2ZoaXIubmhzLnVrL0lkL3Nkcy1yb2xlLXByb2ZpbGUtaWR8ZmFrZVJvbGVJZCIsImF1ZCI6Imh0dHBzOi8vbnJscy5jb20vZmhpci9kb2N1bWVudHJlZmVyZW5jZSIsImV4cCI6MTUyMjU3NzEzMCwiaWF0IjoxNTIyNTc2ODMwLCJyZWFzb25fZm9yX3JlcXVlc3QiOiJkaXJlY3RjYXJlIiwic2NvcGUiOiJwYXRpZW50L0RvY3VtZW50UmVmZXJlbmNlLndyaXRlIiwicmVxdWVzdGluZ19zeXN0ZW0iOiJodHRwczovL2ZoaXIubmhzLnVrL0lkL2FjY3JlZGl0ZWQtc3lzdGVtfDIwMDAwMDAwMDE3IiwicmVxdWVzdGluZ19vcmdhbml6YXRpb24iOiJodHRwczovL2ZoaXIubmhzLnVrL0lkL29kcy1vcmdhbml6YXRpb24tY29kZXxPUkcxIiwicmVxdWVzdGluZ191c2VyIjoiaHR0cHM6Ly9maGlyLm5ocy51ay9JZC9zZHMtcm9sZS1wcm9maWxlLWlkfGZha2VSb2xlSWQifQ.";
var tokenStart = new DateTime(2018, 4, 1, 10, 00, 30, DateTimeKind.Utc);
var actualToken = JwtFactory.Generate(JwtScopes.Write, "ORG1", "fakeRoleId", "20000000017", "https://nrls.com/fhir/documentreference", "https://demonstrator.com", tokenStart);
Assert.Equal(expectedToken, actualToken);
}
private CommandRequest BuildRequest(string asid, string jwtOrgCode, string providerOds)
{
var consumer = _sdsService.GetFor(asid);
var provider = _sdsService.GetFor(providerOds, FhirConstants.ReadBinaryInteractionId);
if (consumer == null)
{
throw new HttpFhirException("Local system not registered with SDS.", OperationOutcomeFactory.CreateGenericError($"Unknown ASID {asid}"), HttpStatusCode.BadRequest);
}
if (provider == null)
{
throw new HttpFhirException("External system not registered with SDS.", OperationOutcomeFactory.CreateGenericError($"Unknown ODS code {providerOds}"), HttpStatusCode.BadRequest);
}
var command = new CommandRequest
{
BaseUrl = $"{(_spineSettings.SspUseSecure ? _spineSettings.SspSecureServerUrl : _spineSettings.SspServerUrl)}",
ResourceType = ResourceType.Binary,
Method = HttpMethod.Get,
UseSecure = _spineSettings.SspUseSecure,
ClientThumbprint = consumer?.Thumbprint,
ServerThumbprint = _spineSettings.SspSslThumbprint,
RegenerateUrl = false
};
var jwt = JwtFactory.Generate(JwtScopes.Read, jwtOrgCode, "fakeRoleId", asid, command.FullUrl.AbsoluteUri, SystemUrlBase, "*");
command.Headers.Add(HeaderNames.Authorization, $"Bearer {jwt}");
command.Headers.Add(FhirConstants.HeaderSspFrom, consumer?.Asid); // GET consumer ASID
command.Headers.Add(FhirConstants.HeaderSspTo, provider?.Asid); // GET provider asid
command.Headers.Add(FhirConstants.HeaderSspInterationId, FhirConstants.ReadBinaryInteractionId);
command.Headers.Add(FhirConstants.HeaderSspTraceId, Guid.NewGuid().ToString());
return(command);
}