Module: Common::Client::Concerns::MHVJwtSessionClient
- Extended by:
- ActiveSupport::Concern
- Includes:
- MhvLockedSessionClient
- Included in:
- MhvFhirSessionClient
- Defined in:
- lib/common/client/concerns/mhv_jwt_session_client.rb
Overview
Module mixin for overriding session logic when making MHV JWT-based client connections
Constant Summary
Constants included from MhvLockedSessionClient
Common::Client::Concerns::MhvLockedSessionClient::LOCK_RETRY_DELAY, Common::Client::Concerns::MhvLockedSessionClient::RETRY_ATTEMPTS
Instance Attribute Summary collapse
-
#session ⇒ Hash
readonly
A hash containing session information.
Instance Method Summary collapse
-
#get_session ⇒ MedicalRecords::ClientSession
protected
Creates a session.
- #session_config_key ⇒ Object protected
- #user_key ⇒ Object protected
Methods included from MhvLockedSessionClient
#authenticate, #initialize, #invalid?, #refresh_session
Methods included from SentryLogging
#log_exception_to_sentry, #log_message_to_sentry, #non_nil_hash?, #normalize_level, #rails_logger
Instance Attribute Details
#session ⇒ Hash (readonly)
Returns a hash containing session information.
16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 |
# File 'lib/common/client/concerns/mhv_jwt_session_client.rb', line 16 module MHVJwtSessionClient extend ActiveSupport::Concern include MhvLockedSessionClient protected def user_key session.icn end def session_config_key :mhv_mr_fhir_session_lock end ## # Creates a session # # @return [MedicalRecords::ClientSession] if a MR (Medical Records) client session # def get_session # Call the security endpoint to create an MHV session and get a JWT token. validate_session_params env = get_session_tagged jwt = get_jwt_from_headers(env.response_headers) decoded_token = decode_jwt_token(jwt) session.expires_at = extract_token_expiration(decoded_token) @session.class.new(user_id: session.user_id.to_s, icn: session.icn, expires_at: session.expires_at, token: jwt) end private def get_jwt_from_headers(res_headers) # Get the JWT token from the headers auth_header = res_headers['authorization'] if auth_header.nil? || !auth_header.start_with?('Bearer ') raise Common::Exceptions::Unauthorized, detail: 'Invalid or missing authorization header' end auth_header.sub('Bearer ', '') end def decode_jwt_token(jwt_token) JWT.decode jwt_token, nil, false rescue JWT::DecodeError raise Common::Exceptions::Unauthorized, detail: 'Invalid JWT token' end def extract_token_expiration(decoded_token) if decoded_token[0]['exp'] Time.zone.at(decoded_token[0]['exp']).to_datetime.rfc2822 else 1.hour.from_now.rfc2822 end end def validate_session_params raise Common::Exceptions::ParameterMissing, 'ICN' if session.icn.blank? raise Common::Exceptions::ParameterMissing, 'MHV MR App Token' if config.app_token.blank? end def get_session_tagged Raven.(error: 'mhv_session') env = perform(:post, '/mhvapi/security/v1/login', auth_body, auth_headers) Raven.context..delete(:error) env end def jwt_bearer_token session.token end def patient_fhir_id session.patient_fhir_id end def auth_headers config.base_request_headers.merge('Content-Type' => 'application/json') end def auth_body { 'appId' => '103', 'appToken' => config.app_token, 'subject' => session.icn, 'userType' => 'PATIENT', 'authParams' => { 'PATIENT_SUBJECT_ID_TYPE' => 'ICN' } } end end |
Instance Method Details
#get_session ⇒ MedicalRecords::ClientSession (protected)
Creates a session
35 36 37 38 39 40 41 42 43 44 45 46 |
# File 'lib/common/client/concerns/mhv_jwt_session_client.rb', line 35 def get_session # Call the security endpoint to create an MHV session and get a JWT token. validate_session_params env = get_session_tagged jwt = get_jwt_from_headers(env.response_headers) decoded_token = decode_jwt_token(jwt) session.expires_at = extract_token_expiration(decoded_token) @session.class.new(user_id: session.user_id.to_s, icn: session.icn, expires_at: session.expires_at, token: jwt) end |
#session_config_key ⇒ Object (protected)
26 27 28 |
# File 'lib/common/client/concerns/mhv_jwt_session_client.rb', line 26 def session_config_key :mhv_mr_fhir_session_lock end |
#user_key ⇒ Object (protected)
22 23 24 |
# File 'lib/common/client/concerns/mhv_jwt_session_client.rb', line 22 def user_key session.icn end |