Release/1.1.1.0

pom.xml

@@ -6,14 +6,14 @@
 
 	<groupId>de.medizininformatik-initiative</groupId>
 	<artifactId>mii-process-report</artifactId>
-	<version>1.1.0.1</version>
+	<version>1.1.1.0</version>
 
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<compileSource>17</compileSource>
 		<compileTarget>17</compileTarget>
 
-		<dsf.version>1.5.1</dsf.version>
+		<dsf.version>1.5.2</dsf.version>
 		<testSetup.location>../mii-processes-test-setup</testSetup.location>
 	</properties>
 
@@ -45,12 +45,12 @@
 		<dependency>
 			<groupId>de.medizininformatik-initiative</groupId>
 			<artifactId>mii-processes-common</artifactId>
-			<version>1.0.1.0</version>
+			<version>1.0.2.0</version>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework</groupId>
 			<artifactId>spring-web</artifactId>
-			<version>6.1.6</version>
+			<version>6.1.10</version>
 			<scope>provided</scope>
 		</dependency>
 
@@ -103,12 +103,12 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-surefire-plugin</artifactId>
-				<version>3.2.5</version>
+				<version>3.3.1</version>
 			</plugin>
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-jar-plugin</artifactId>
-				<version>3.4.1</version>
+				<version>3.4.2</version>
 				<configuration>
 					<archive>
 						<manifest>
@@ -125,7 +125,7 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-shade-plugin</artifactId>
-				<version>3.5.3</version>
+				<version>3.6.0</version>
 				<executions>
 					<execution>
 						<phase>package</phase>
@@ -153,12 +153,12 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-dependency-plugin</artifactId>
-				<version>3.6.1</version>
+				<version>3.7.1</version>
 			</plugin>
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-clean-plugin</artifactId>
-				<version>3.3.2</version>
+				<version>3.4.0</version>
 			</plugin>
 			<plugin>
 				<groupId>org.codehaus.mojo</groupId>
@@ -181,15 +181,15 @@
 			<plugin>
 				<groupId>net.revelc.code.formatter</groupId>
 				<artifactId>formatter-maven-plugin</artifactId>
-				<version>2.23.0</version>
+				<version>2.24.1</version>
 				<configuration>
 					<configFile>eclipse-formatter-config.xml</configFile>
 				</configuration>
 			</plugin>
 			<plugin>
 				<groupId>net.revelc.code</groupId>
 				<artifactId>impsort-maven-plugin</artifactId>
-				<version>1.9.0</version>
+				<version>1.11.0</version>
 				<configuration>
 					<compliance>17</compliance>
 					<groups>java.,javax.,org.,com.</groups>
@@ -221,17 +221,17 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-project-info-reports-plugin</artifactId>
-				<version>3.5.0</version>
+				<version>3.6.2</version>
 			</plugin>
 			<plugin>
 				<groupId>com.github.spotbugs</groupId>
 				<artifactId>spotbugs-maven-plugin</artifactId>
-				<version>4.8.5.0</version>
+				<version>4.8.6.2</version>
 			</plugin>
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-pmd-plugin</artifactId>
-				<version>3.22.0</version>
+				<version>3.24.0</version>
 			</plugin>
 		</plugins>
 	</build>

src/main/java/de/medizininformatik_initiative/process/report/ReportProcessPluginDefinition.java

@@ -10,8 +10,8 @@
 
 public class ReportProcessPluginDefinition implements ProcessPluginDefinition
 {
-	public static final String VERSION = "1.1.0.1";
-	public static final LocalDate RELEASE_DATE = LocalDate.of(2024, 7, 9);
+	public static final String VERSION = "1.1.1.0";
+	public static final LocalDate RELEASE_DATE = LocalDate.of(2024, 8, 1);
 
 	@Override
 	public String getName()

src/main/java/de/medizininformatik_initiative/process/report/spring/config/FhirClientConfig.java

@@ -11,15 +11,22 @@
 import ca.uhn.fhir.context.FhirContext;
 import de.medizininformatik_initiative.processes.common.fhir.client.FhirClientFactory;
 import de.medizininformatik_initiative.processes.common.fhir.client.logging.DataLogger;
+import de.medizininformatik_initiative.processes.common.fhir.client.token.OAuth2TokenClient;
+import de.medizininformatik_initiative.processes.common.fhir.client.token.OAuth2TokenProvider;
+import de.medizininformatik_initiative.processes.common.fhir.client.token.TokenClient;
+import de.medizininformatik_initiative.processes.common.fhir.client.token.TokenProvider;
+import dev.dsf.bpe.v1.ProcessPluginApi;
 import dev.dsf.bpe.v1.documentation.ProcessDocumentation;
 
 @Configuration
 public class FhirClientConfig
 {
-	// TODO: use default proxy config from DSF
 	@Autowired
 	private FhirContext fhirContext;
 
+	@Autowired
+	private ProcessPluginApi api;
+
 	@ProcessDocumentation(required = true, processNames = {
 			"medizininformatik-initiativede_reportSend" }, description = "The base address of the FHIR server to read/store FHIR resources", example = "http://foo.bar/fhir")
 	@Value("${de.medizininformatik.initiative.report.dic.fhir.server.base.url:#{null}}")
@@ -81,20 +88,65 @@ public class FhirClientConfig
 	private boolean fhirStoreHapiClientVerbose;
 
 	@ProcessDocumentation(processNames = {
-			"medizininformatik-initiativede_reportSend" }, description = "Proxy location, set if the server containing the FHIR data can only be reached through a proxy", example = "http://proxy.foo:8080")
+			"medizininformatik-initiativede_reportSend" }, description = "Proxy location, set if the server containing the FHIR data can only be reached through a proxy, uses value from DEV_DSF_PROXY_URL if not set", example = "http://proxy.foo:8080")
 	@Value("${de.medizininformatik.initiative.report.dic.fhir.server.proxy.url:#{null}}")
 	private String fhirStoreProxyUrl;
 
 	@ProcessDocumentation(processNames = {
-			"medizininformatik-initiativede_reportSend" }, description = "Proxy username, set if the server containing the FHIR data can only be reached through a proxy which requests authentication")
+			"medizininformatik-initiativede_reportSend" }, description = "Proxy username, set if the server containing the FHIR data can only be reached through a proxy which requests authentication, uses value from DEV_DSF_PROXY_USERNAME if not set")
 	@Value("${de.medizininformatik.initiative.report.dic.fhir.server.proxy.username:#{null}}")
 	private String fhirStoreProxyUsername;
 
 	@ProcessDocumentation(processNames = {
-			"medizininformatik-initiativede_reportSend" }, description = "Proxy password, set if the server containing the FHIR data can only be reached through a proxy which requests authentication", recommendation = "Use docker secret file to configure by using *${env_variable}_FILE*")
+			"medizininformatik-initiativede_reportSend" }, description = "Proxy password, set if the server containing the FHIR data can only be reached through a proxy which requests authentication, uses value from DEV_DSF_PROXY_PASSWORD if not set", recommendation = "Use docker secret file to configure by using *${env_variable}_FILE*")
 	@Value("${de.medizininformatik.initiative.report.dic.fhir.server.proxy.password:#{null}}")
 	private String fhirStoreProxyPassword;
 
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_reportSend" }, description = "The url of the oidc provider to request access tokens (token endpoint)", example = "http://foo.baz/realms/fhir-realm/protocol/openid-connect/token")
+	@Value("${de.medizininformatik.initiative.report.dic.fhir.server.oauth2.issuer.url:#{null}}")
+	private String fhirStoreOAuth2IssuerUrl;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_reportSend" }, description = "Identifier of the client (username) used for authentication when accessing the oidc provider token endpoint")
+	@Value("${de.medizininformatik.initiative.report.dic.fhir.server.oauth2.client.id:#{null}}")
+	private String fhirStoreOAuth2ClientId;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_reportSend" }, description = "Secret of the client (password) used for authentication when accessing the oidc provider token endpoint", recommendation = "Use docker secret file to configure by using *${env_variable}_FILE*")
+	@Value("${de.medizininformatik.initiative.report.dic.fhir.server.oauth2.client.password:#{null}}")
+	private String fhirStoreOAuth2ClientSecret;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_reportSend" }, description = "The timeout in milliseconds until a connection is established between the client and the oidc provider", recommendation = "Change default value only if timeout exceptions occur")
+	@Value("${de.medizininformatik.initiative.report.dic.fhir.server.oauth2.timeout.connect:20000}")
+	private int fhirStoreOAuth2ConnectTimeout;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_reportSend" }, description = "Maximum period of inactivity in milliseconds between two consecutive data packets of the client and the oidc provider", recommendation = "Change default value only if timeout exceptions occur")
+	@Value("${de.medizininformatik.initiative.report.dic.fhir.server.oauth2.timeout.socket:60000}")
+	private int fhirStoreOAuth2SocketTimeout;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_reportSend" }, description = "PEM encoded file with one or more trusted root certificate to validate the oidc provider server certificate when connecting via https", recommendation = "Use docker secret file to configure", example = "/run/secrets/hospital_ca.pem")
+	@Value("${de.medizininformatik.initiative.report.dic.fhir.server.oauth2.trust.certificates:#{null}}")
+	private String fhirStoreOAuth2TrustStore;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_reportSend" }, description = "Proxy location, set if the oidc provider can only be reached through a proxy, uses value from DEV_DSF_PROXY_URL if not set", example = "http://proxy.foo:8080")
+	@Value("${de.medizininformatik.initiative.report.dic.fhir.server.oauth2.proxy.url:#{null}}")
+	private String fhirStoreOAuth2ProxyUrl;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_reportSend" }, description = "Proxy username, set if the oidc provider can only be reached through a proxy which requests authentication, uses value from DEV_DSF_PROXY_USERNAME if not set")
+	@Value("${de.medizininformatik.initiative.report.dic.fhir.server.oauth2.proxy.username:#{null}}")
+	private String fhirStoreOAuth2ProxyUsername;
+
+	@ProcessDocumentation(processNames = {
+			"medizininformatik-initiativede_reportSend" }, description = "Proxy password, set if the oidc provider can only be reached through a proxy which requests authentication, uses value from DEV_DSF_PROXY_PASSWORD if not set", recommendation = "Use docker secret file to configure by using *${env_variable}_FILE*")
+	@Value("${de.medizininformatik.initiative.report.dic.fhir.server.oauth2.proxy.password:#{null}}")
+	private String fhirStoreOAuth2ProxyPassword;
+
 	@ProcessDocumentation(processNames = {
 			"medizininformatik-initiativede_reportSend" }, description = "To enable debug logging of FHIR resources set to `true`")
 	@Value("${de.medizininformatik.initiative.report.dic.fhir.dataLoggingEnabled:false}")
@@ -109,10 +161,46 @@ public FhirClientFactory fhirClientFactory()
 		Path certificatePath = checkExists(fhirStoreCertificate);
 		Path privateKeyPath = checkExists(fhirStorePrivateKey);
 
+		String proxyUrl = fhirStoreProxyUrl, proxyUsername = fhirStoreProxyUsername,
+				proxyPassword = fhirStoreProxyPassword;
+		if (proxyUrl == null && api.getProxyConfig().isEnabled()
+				&& !api.getProxyConfig().isNoProxyUrl(fhirStoreBaseUrl))
+		{
+			proxyUrl = api.getProxyConfig().getUrl();
+			proxyUsername = api.getProxyConfig().getUsername();
+			proxyPassword = api.getProxyConfig().getPassword() == null ? null
+					: new String(api.getProxyConfig().getPassword());
+		}
+
 		return new FhirClientFactory(trustStorePath, certificatePath, privateKeyPath, fhirStorePrivateKeyPassword,
 				fhirStoreConnectTimeout, fhirStoreSocketTimeout, fhirStoreConnectionRequestTimeout, fhirStoreBaseUrl,
-				fhirStoreUsername, fhirStorePassword, fhirStoreBearerToken, fhirStoreProxyUrl, fhirStoreProxyUsername,
-				fhirStoreProxyPassword, fhirStoreHapiClientVerbose, fhirContext, localIdentifierValue, dataLogger());
+				fhirStoreUsername, fhirStorePassword, fhirStoreBearerToken, tokenProvider(), proxyUrl, proxyUsername,
+				proxyPassword, fhirStoreHapiClientVerbose, fhirContext, localIdentifierValue, dataLogger());
+	}
+
+	public TokenProvider tokenProvider()
+	{
+		return new OAuth2TokenProvider(tokenClient());
+	}
+
+	public TokenClient tokenClient()
+	{
+		Path trustStoreOAuth2Path = checkExists(fhirStoreOAuth2TrustStore);
+
+		String proxyUrl = fhirStoreOAuth2ProxyUrl, proxyUsername = fhirStoreOAuth2ProxyUsername,
+				proxyPassword = fhirStoreOAuth2ProxyPassword;
+		if (proxyUrl == null && api.getProxyConfig().isEnabled()
+				&& !api.getProxyConfig().isNoProxyUrl(fhirStoreOAuth2IssuerUrl))
+		{
+			proxyUrl = api.getProxyConfig().getUrl();
+			proxyUsername = api.getProxyConfig().getUsername();
+			proxyPassword = api.getProxyConfig().getPassword() == null ? null
+					: new String(api.getProxyConfig().getPassword());
+		}
+
+		return new OAuth2TokenClient(fhirStoreOAuth2IssuerUrl, fhirStoreOAuth2ClientId, fhirStoreOAuth2ClientSecret,
+				fhirStoreOAuth2ConnectTimeout, fhirStoreOAuth2SocketTimeout, trustStoreOAuth2Path, proxyUrl,
+				proxyUsername, proxyPassword);
 	}
 
 	public DataLogger dataLogger()