def _update_api_settings(self): preset = AUTH_PRESETS[self.cleaned_data['auth_preset']] self.instance.token_url = get_endpoint_url(self.instance.url, preset.token_endpoint) self.instance.refresh_url = get_endpoint_url(self.instance.url, preset.refresh_endpoint) self.instance.pass_credentials_in_header = preset.pass_credentials_in_header
def put(self, endpoint, data=None, json=None, *args, **kwargs): kwargs.setdefault('headers', { 'Content-type': 'application/json', 'Accept': 'application/json' }) url = get_endpoint_url(self.base_url, endpoint) return self.send_request('PUT', url, *args, data=data, json=json, **kwargs)
def get_search_result(): bundle_id = str(uuid4()) return { "resourceType": "Bundle", "id": bundle_id, "meta": { "lastUpdated": "2021-01-14T07:54:36.100+00:00" }, "type": "searchset", "total": 2, "link": [ { "relation": "self", "url": get_endpoint_url(BASE_URL, '/Patient?birthdate=1990-01-01'), }, # Keeping this here for reference. This is how pagination # works by default in HAPI FHIR. We can use any GET params # way we want, as long as the URL we provide here will # return a Bundle with the next page of search results. # { # "relation": "next", # "url": f'{BASE_URL}?' # f"_getpages={bundle_id}" # "&_getpagesoffset=20" # "&_count=20" # "&_bundletype=searchset" # } ], "entry": [ { "fullUrl": get_endpoint_url(BASE_URL, f'/Patient/{FOO_CASE_ID}'), "resource": FOO_PATIENT, "search": { "mode": "match" } }, { "fullUrl": get_endpoint_url(BASE_URL, f'/Patient/{BAR_CASE_ID}'), "resource": BAR_PATIENT, "search": { "mode": "match" } } ] }
def get_session(self): def set_last_token(token): # Used by OAuth2Session self.last_token = token if not self.last_token: client = LegacyApplicationClient(client_id=self.client_id) session = OAuth2Session(client=client) token_url = get_endpoint_url( self.base_url, self.api_settings.token_endpoint, ) if self.api_settings.pass_credentials_in_header: auth = HTTPBasicAuth(self.client_id, self.client_secret) self.last_token = session.fetch_token( token_url=token_url, username=self.username, password=self.password, auth=auth, ) else: self.last_token = session.fetch_token( token_url=token_url, username=self.username, password=self.password, client_id=self.client_id, client_secret=self.client_secret, ) # Return session that refreshes token automatically refresh_url = get_endpoint_url( self.base_url, self.api_settings.refresh_endpoint, ) refresh_kwargs = { 'client_id': self.client_id, 'client_secret': self.client_secret, } return OAuth2Session(self.client_id, token=self.last_token, auto_refresh_url=refresh_url, auto_refresh_kwargs=refresh_kwargs, token_updater=set_last_token)
def test_search(self): # Tests filtering by a non-indexed case property url = get_endpoint_url(BASE_URL, '/Patient?birthdate=1990-01-01') response = requests.get(url, auth=(API_USERNAME, API_PASSWORD)) # Some things will be different between the expected search # result and the actual response. Use `json_diff()` to confirm # expected differences, and that everything else is the same. diffs = sorted([diff.path for diff in json_diff(response.json(), get_search_result())]) self.assertEqual(diffs, [ 'id', # a different UUID 'meta.lastUpdated', # a different timestamp ])
def test_search(self): url = reverse("fhir_search", args=[DOMAIN, FHIR_VERSION, "Observation"]) + f"?patient_id={PERSON_CASE_ID}" response = self.client.get(url) self.assertEqual( response.json(), { "resourceType": "Bundle", "type": "searchset", "entry": [ { "fullUrl": get_endpoint_url(BASE_URL, f'/Observation/{TEST_CASE_ID}/'), "search": { "mode": "match" } } ] } )
def get(self, endpoint, *args, **kwargs): kwargs.setdefault('headers', {'Accept': 'application/json'}) kwargs.setdefault('allow_redirects', True) url = get_endpoint_url(self.base_url, endpoint) return self.send_request('GET', url, *args, **kwargs)
def delete(self, endpoint, **kwargs): kwargs.setdefault('headers', {'Accept': 'application/json'}) url = get_endpoint_url(self.base_url, endpoint) return self.send_request('DELETE', url, **kwargs)
def test_auth_bad_resource(self): url = get_endpoint_url(BASE_URL, f'/Patient/{BAZ_CASE_ID}') with self.assertRaisesRegex(requests.HTTPError, '[Nn]ot found'): requests.get(url, auth=(API_USERNAME, API_PASSWORD))
def test_auth_bad_username(self): url = get_endpoint_url(BASE_URL, f'/Patient/{FOO_CASE_ID}') with self.assertRaisesRegex(requests.HTTPError, '[Ff]orbidden'): # Error should be the same as for bad password: It should # not reveal that the user does not exist. requests.get(url, auth=('*****@*****.**', API_PASSWORD))
def test_auth_bad_password(self): # Authentication should use the same code as existing API url = get_endpoint_url(BASE_URL, f'/Patient/{FOO_CASE_ID}') with self.assertRaisesRegex(requests.HTTPError, '[Ff]orbidden'): requests.get(url, auth=(API_USERNAME, 'bad_password'))
def test_get(self): url = get_endpoint_url(BASE_URL, f'/Patient/{FOO_CASE_ID}') response = requests.get(url, auth=(API_USERNAME, API_PASSWORD)) self.assertEqual(response.json(), FOO_PATIENT)
def test_no_urls_given(self): with self.assertRaises(ValueError): get_endpoint_url(None, None)
def test_trailing_slash(self): url = get_endpoint_url('https://example.com/foo', '') self.assertEqual(url, 'https://example.com/foo/')
def test_base_url_none(self): url = get_endpoint_url(None, 'https://example.com/foo') self.assertEqual(url, 'https://example.com/foo')