Source code

001package ca.uhn.fhir.rest.server.interceptor;
002
003/*
004 * #%L
005 * HAPI FHIR - Core Library
006 * %%
007 * Copyright (C) 2014 - 2016 University Health Network
008 * %%
009 * Licensed under the Apache License, Version 2.0 (the "License");
010 * you may not use this file except in compliance with the License.
011 * You may obtain a copy of the License at
012 * 
013 *      http://www.apache.org/licenses/LICENSE-2.0
014 * 
015 * Unless required by applicable law or agreed to in writing, software
016 * distributed under the License is distributed on an "AS IS" BASIS,
017 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
018 * See the License for the specific language governing permissions and
019 * limitations under the License.
020 * #L%
021 */
022
023import java.nio.charset.Charset;
024
025import javax.servlet.http.HttpServletRequest;
026import javax.servlet.http.HttpServletResponse;
027
028import ca.uhn.fhir.rest.method.RequestDetails;
029import ca.uhn.fhir.rest.param.ResourceParameter;
030import ca.uhn.fhir.rest.server.EncodingEnum;
031import ca.uhn.fhir.rest.server.RestfulServerUtils;
032import ca.uhn.fhir.rest.server.exceptions.AuthenticationException;
033import ca.uhn.fhir.rest.server.exceptions.UnprocessableEntityException;
034import ca.uhn.fhir.validation.FhirValidator;
035import ca.uhn.fhir.validation.ResultSeverityEnum;
036import ca.uhn.fhir.validation.ValidationResult;
037
038/**
039 * This interceptor intercepts each incoming request and if it contains a FHIR resource, validates that resource. The
040 * interceptor may be configured to run any validator modules, and will then add headers to the response or fail the
041 * request with an {@link UnprocessableEntityException HTTP 422 Unprocessable Entity}.
042 */
043public class RequestValidatingInterceptor extends BaseValidatingInterceptor<String> {
044
045        /**
046         * X-HAPI-Request-Validation
047         */
048        public static final String DEFAULT_RESPONSE_HEADER_NAME = "X-FHIR-Request-Validation";
049
050        private static final org.slf4j.Logger ourLog = org.slf4j.LoggerFactory.getLogger(RequestValidatingInterceptor.class);
051
052        @Override
053        public boolean incomingRequestPostProcessed(RequestDetails theRequestDetails, HttpServletRequest theRequest, HttpServletResponse theResponse) throws AuthenticationException {
054                EncodingEnum encoding = RestfulServerUtils.determineRequestEncodingNoDefault(theRequestDetails);
055                if (encoding == null) {
056                        ourLog.trace("Incoming request does not appear to be FHIR, not going to validate");
057                        return true;
058                }
059
060                Charset charset = ResourceParameter.determineRequestCharset(theRequestDetails);
061                String requestText = new String(theRequestDetails.loadRequestContents(), charset);
062                validate(requestText, theRequestDetails);
063
064                return true;
065        }
066
067
068        /**
069         * Sets the name of the response header to add validation failures to
070         * 
071         * @see #DEFAULT_RESPONSE_HEADER_NAME
072         * @see #setAddResponseHeaderOnSeverity(ResultSeverityEnum)
073         */
074        @Override
075        public void setResponseHeaderName(String theResponseHeaderName) {
076                super.setResponseHeaderName(theResponseHeaderName);
077        }
078
079
080        @Override
081        String provideDefaultResponseHeaderName() {
082                return DEFAULT_RESPONSE_HEADER_NAME;
083        }
084
085
086        @Override
087        ValidationResult doValidate(FhirValidator theValidator, String theRequest) {
088                return theValidator.validateWithResult(theRequest);
089        }
090
091}