Module: Common::Client::Concerns::MHVJwtSessionClient

Extended by:
ActiveSupport::Concern
Includes:
MhvLockedSessionClient
Included in:
MhvFhirSessionClient
Defined in:
lib/common/client/concerns/mhv_jwt_session_client.rb

Overview

Module mixin for overriding session logic when making MHV JWT-based client connections

See Also:

Constant Summary

Constants included from MhvLockedSessionClient

Common::Client::Concerns::MhvLockedSessionClient::LOCK_RETRY_DELAY, Common::Client::Concerns::MhvLockedSessionClient::RETRY_ATTEMPTS

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from MhvLockedSessionClient

#authenticate, #initialize, #invalid?, #refresh_session

Methods included from SentryLogging

#log_exception_to_sentry, #log_message_to_sentry, #non_nil_hash?, #normalize_level, #rails_logger

Instance Attribute Details

#sessionHash (readonly)

Returns a hash containing session information.

Returns:

  • (Hash)

    a hash containing session information



16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
 
# File 'lib/common/client/concerns/mhv_jwt_session_client.rb', line 16

module MHVJwtSessionClient
  extend ActiveSupport::Concern
  include MhvLockedSessionClient

  protected

  def user_key
    session.icn
  end

  def session_config_key
    :mhv_mr_fhir_session_lock
  end

  ##
  # Creates a session
  #
  # @return [MedicalRecords::ClientSession] if a MR (Medical Records) client session
  #
  def get_session
    # Call the security endpoint to create an MHV session and get a JWT token.
    validate_session_params
    env = get_session_tagged
    jwt = get_jwt_from_headers(env.response_headers)
    decoded_token = decode_jwt_token(jwt)
    session.expires_at = extract_token_expiration(decoded_token)
    @session.class.new(user_id: session.user_id.to_s,
                       icn: session.icn,
                       expires_at: session.expires_at,
                       token: jwt)
  end

  private

  def get_jwt_from_headers(res_headers)
    # Get the JWT token from the headers
    auth_header = res_headers['authorization']
    if auth_header.nil? || !auth_header.start_with?('Bearer ')
      raise Common::Exceptions::Unauthorized, detail: 'Invalid or missing authorization header'
    end

    auth_header.sub('Bearer ', '')
  end

  def decode_jwt_token(jwt_token)
    JWT.decode jwt_token, nil, false
  rescue JWT::DecodeError
    raise Common::Exceptions::Unauthorized, detail: 'Invalid JWT token'
  end

  def extract_token_expiration(decoded_token)
    if decoded_token[0]['exp']
      Time.zone.at(decoded_token[0]['exp']).to_datetime.rfc2822
    else
      1.hour.from_now.rfc2822
    end
  end

  def validate_session_params
    raise Common::Exceptions::ParameterMissing, 'ICN' if session.icn.blank?
    raise Common::Exceptions::ParameterMissing, 'MHV MR App Token' if config.app_token.blank?
  end

  def get_session_tagged
    Raven.tags_context(error: 'mhv_session')
    env = perform(:post, '/mhvapi/security/v1/login', auth_body, auth_headers)
    Raven.context.tags.delete(:error)
    env
  end

  def jwt_bearer_token
    session.token
  end

  def patient_fhir_id
    session.patient_fhir_id
  end

  def auth_headers
    config.base_request_headers.merge('Content-Type' => 'application/json')
  end

  def auth_body
    {
      'appId' => '103',
      'appToken' => config.app_token,
      'subject' => session.icn,
      'userType' => 'PATIENT',
      'authParams' => {
        'PATIENT_SUBJECT_ID_TYPE' => 'ICN'
      }
    }
  end
end

Instance Method Details

#get_sessionMedicalRecords::ClientSession (protected)

Creates a session

Returns:



35
36
37
38
39
40
41
42
43
44
45
46
 
# File 'lib/common/client/concerns/mhv_jwt_session_client.rb', line 35

def get_session
  # Call the security endpoint to create an MHV session and get a JWT token.
  validate_session_params
  env = get_session_tagged
  jwt = get_jwt_from_headers(env.response_headers)
  decoded_token = decode_jwt_token(jwt)
  session.expires_at = extract_token_expiration(decoded_token)
  @session.class.new(user_id: session.user_id.to_s,
                     icn: session.icn,
                     expires_at: session.expires_at,
                     token: jwt)
end

#session_config_keyObject (protected) 



26
27
28
 
# File 'lib/common/client/concerns/mhv_jwt_session_client.rb', line 26

def session_config_key
  :mhv_mr_fhir_session_lock
end

#user_keyObject (protected) 



22
23
24
 
# File 'lib/common/client/concerns/mhv_jwt_session_client.rb', line 22

def user_key
  session.icn
end