def build_real_sds_connection(sds_url: str,
tls: bool = True) -> ldap3.Connection:
"""Initialise the real SDS connection object
:param sds_url: The URL to communicate with SDS on.
:param tls: A flag to indicate whether TLS should be enabled for the SDS connection.
:return:
"""
logger.info('Configuring connection to SDS using {url} {tls}',
fparams={
"url": sds_url,
"tls": tls
})
if tls:
client_key = secrets.get_secret_config('CLIENT_KEY')
client_cert = secrets.get_secret_config('CLIENT_CERT')
ca_certs = secrets.get_secret_config('CA_CERTS')
sds_connection = build_sds_connection_tls(ldap_address=sds_url,
private_key=client_key,
local_cert=client_cert,
ca_certs=ca_certs)
else:
sds_connection = build_sds_connection(ldap_address=sds_url)
return sds_connection
def main():
config.setup_config("MHS")
secrets.setup_secret_config("MHS")
log.configure_logging()
if config.get_config('NO_TLS', default='False') == 'True':
certificates = certs.Certs()
else:
certificates = certs.Certs.create_certs_files(
definitions.ROOT_DIR,
private_key=secrets.get_secret_config('CLIENT_KEY'),
local_cert=secrets.get_secret_config('CLIENT_CERT'),
ca_certs=secrets.get_secret_config('CA_CERTS'))
party_key = secrets.get_secret_config('PARTY_KEY')
workflows = initialise_workflows()
store = dynamo_persistence_adaptor.DynamoPersistenceAdaptor(
table_name=config.get_config('STATE_TABLE_NAME'))
interactions_config_file = pathlib.Path(
definitions.ROOT_DIR) / 'data' / "interactions" / "interactions.json"
config_manager = configuration_manager.ConfigurationManager(
str(interactions_config_file))
start_inbound_server(certificates.local_cert_path,
certificates.ca_certs_path,
certificates.private_key_path, party_key, workflows,
store, config_manager)
def initialise_workflows() -> Dict[str, workflow.CommonWorkflow]:
"""Initialise the workflows
:return: The workflows that can be used to handle messages.
"""
queue_adaptor = proton_queue_adaptor.ProtonQueueAdaptor(
host=config.get_config('INBOUND_QUEUE_URL'),
username=secrets.get_secret_config('INBOUND_QUEUE_USERNAME'),
password=secrets.get_secret_config('INBOUND_QUEUE_PASSWORD'))
raw_queue_adaptor = proton_queue_adaptor.ProtonQueueAdaptor(
host=config.get_config('INBOUND_RAW_QUEUE_URL'),
username=secrets.get_secret_config('INBOUND_QUEUE_USERNAME'),
password=secrets.get_secret_config('INBOUND_QUEUE_PASSWORD'))
sync_async_store = dynamo_persistence_adaptor.DynamoPersistenceAdaptor(
table_name=config.get_config('SYNC_ASYNC_STATE_TABLE_NAME'))
inbound_queue_max_retries = int(
config.get_config('INBOUND_QUEUE_MAX_RETRIES', default='3'))
inbound_queue_retry_delay = int(
config.get_config('INBOUND_QUEUE_RETRY_DELAY', default='100'))
persistence_store_max_retries = int(
config.get_config('STATE_STORE_MAX_RETRIES', default='3'))
sync_async_delay = int(
config.get_config('SYNC_ASYNC_STORE_RETRY_DELAY', default='100'))
work_description_store = dynamo_persistence_adaptor.DynamoPersistenceAdaptor(
table_name=config.get_config('STATE_TABLE_NAME'))
return workflow.get_workflow_map(
raw_queue_adaptor=raw_queue_adaptor,
inbound_async_queue=queue_adaptor,
work_description_store=work_description_store,
sync_async_store=sync_async_store,
persistence_store_max_retries=persistence_store_max_retries,
sync_async_store_retry_delay=sync_async_delay,
inbound_queue_max_retries=inbound_queue_max_retries,
inbound_queue_retry_delay=inbound_queue_retry_delay)
def initialise_routing():
spine_route_lookup_url = config.get_config('SPINE_ROUTE_LOOKUP_URL')
spine_org_code = config.get_config('SPINE_ORG_CODE')
route_data_dir = pathlib.Path(definitions.ROOT_DIR) / "route"
certificates = certs.Certs.create_certs_files(
route_data_dir,
private_key=secrets.get_secret_config('SPINE_ROUTE_LOOKUP_CLIENT_KEY',
default=None),
local_cert=secrets.get_secret_config('SPINE_ROUTE_LOOKUP_CLIENT_CERT',
default=None),
ca_certs=secrets.get_secret_config('SPINE_ROUTE_LOOKUP_CA_CERTS',
default=None))
route_proxy_host = config.get_config('SPINE_ROUTE_LOOKUP_HTTP_PROXY',
default=None)
route_proxy_port = None
if route_proxy_host is not None:
route_proxy_port = int(
config.get_config('SPINE_ROUTE_LOOKUP_HTTP_PROXY_PORT',
default="3128"))
return routing_reliability.RoutingAndReliability(
spine_route_lookup_url,
spine_org_code,
client_cert=certificates.local_cert_path,
client_key=certificates.private_key_path,
ca_certs=certificates.ca_certs_path,
http_proxy_host=route_proxy_host,
http_proxy_port=route_proxy_port)
def test_get_secret_config_no_config_variable_found(self, mock_stdout, mock_environ):
self.setup_logger(mock_environ)
with self.assertRaises(KeyError):
secrets.get_secret_config("BLAH")
output = mock_stdout.getvalue()
self.assertIn('Failed to get secret config ConfigName="BLAH" ProcessKey=SECRET_CONFIG003', output)
self.assertIn("LogLevel=ERROR", output)
def test_get_secret_config_no_config_variable_found(
self, mock_stdout, mock_environ):
self.setup_logger(mock_environ)
with self.assertRaises(KeyError):
secrets.get_secret_config("BLAH")
output = mock_stdout.getvalue()
log_entry = LogEntry(output)
self.assertEqual('Failed to get secret config ConfigName="BLAH"',
log_entry.message)
self.assertEqual("ERROR", log_entry.level)
def test_get_secret_config_default(self, mock_environ):
mock_environ["PREFIX_SECRET_TEST"] = "123"
secrets.setup_secret_config("PREFIX")
self.assertEqual("111",
secrets.get_secret_config("LOG_LEVEL", default="111"))
def create_connection() -> ldap3.Connection:
ldap_url = config.get_config("LDAP_URL")
disable_tls_flag = config.get_config("LDAP_DISABLE_TLS", None)
use_tls = disable_tls_flag != "True"
logger.info('Configuring connection to LDAP using {url} {tls}', fparams={"url": ldap_url, "tls": use_tls})
if use_tls:
client_key = secrets.get_secret_config('CLIENT_KEY')
client_cert = secrets.get_secret_config('CLIENT_CERT')
ca_certs = secrets.get_secret_config('CA_CERTS')
sds_connection = _build_sds_connection_tls(ldap_address=ldap_url,
private_key=client_key,
local_cert=client_cert,
ca_certs=ca_certs)
else:
sds_connection = _build_sds_connection(ldap_address=ldap_url)
return sds_connection
def main():
config.setup_config("MHS")
secrets.setup_secret_config("MHS")
log.configure_logging()
data_dir = pathlib.Path(definitions.ROOT_DIR) / "data"
configure_http_client()
routing = initialise_routing()
certificates = certs.Certs.create_certs_files(
data_dir / '..',
private_key=secrets.get_secret_config('CLIENT_KEY'),
local_cert=secrets.get_secret_config('CLIENT_CERT'),
ca_certs=secrets.get_secret_config('CA_CERTS'))
max_retries = int(
config.get_config('OUTBOUND_TRANSMISSION_MAX_RETRIES', default="3"))
retry_delay = int(
config.get_config('OUTBOUND_TRANSMISSION_RETRY_DELAY', default="100"))
http_proxy_host = config.get_config('OUTBOUND_HTTP_PROXY', default=None)
http_proxy_port = None
if http_proxy_host is not None:
http_proxy_port = int(
config.get_config('OUTBOUND_HTTP_PROXY_PORT', default="3128"))
transmission = outbound_transmission.OutboundTransmission(
certificates.local_cert_path, certificates.private_key_path,
certificates.ca_certs_path, max_retries, retry_delay, http_proxy_host,
http_proxy_port)
party_key = secrets.get_secret_config('PARTY_KEY')
work_description_store = dynamo_persistence_adaptor.DynamoPersistenceAdaptor(
table_name=config.get_config('STATE_TABLE_NAME'))
sync_async_store = dynamo_persistence_adaptor.DynamoPersistenceAdaptor(
table_name=config.get_config('SYNC_ASYNC_STATE_TABLE_NAME'))
store_retries = int(
config.get_config('STATE_STORE_MAX_RETRIES', default='3'))
max_request_size = int(config.get_config('SPINE_REQUEST_MAX_SIZE'))
workflows = initialise_workflows(transmission, party_key,
work_description_store, sync_async_store,
max_request_size, store_retries, routing)
start_tornado_server(data_dir, workflows)
def test_get_secret_config_success(self, mock_stdout, mock_environ):
self.setup_logger(mock_environ)
secret_value = "123547"
mock_environ["PREFIX_SECRET_TEST"] = secret_value
secrets.setup_secret_config("PREFIX")
self.assertEqual(secret_value, secrets.get_secret_config("TEST"))
output = mock_stdout.getvalue()
self.assertIn('Obtained secret config', output)
self.assertNotIn(secret_value, output, msg="Secret value logged when it shouldn't be logged")
def build_app():
interactions = {
'SCR_GP_SUMMARY_UPLOAD': gp_summary_upload.GpSummaryUpload()
}
address = config.get_config('MHS_ADDRESS')
certificates = certs.Certs.create_certs_files(definitions.ROOT_DIR,
ca_certs=secrets.get_secret_config('MHS_CA_CERTS', default=None))
sender = message_sender.MessageSender(address, ca_certs=certificates.ca_certs_path)
forwarder = message_forwarder.MessageForwarder(interactions, sender)
app = tornado.web.Application([(r"/", summary_care_record.SummaryCareRecord, dict(forwarder=forwarder))])
return app
def test_get_secret_config_default_none(self, unused):
self.assertIsNone(secrets.get_secret_config("LOG_LEVEL", default=None))