forked from awslabs/fhir-works-on-aws-deployment
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconfig.ts
148 lines (138 loc) · 5.92 KB
/
config.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0
*/
import {
FhirConfig,
FhirVersion,
stubs,
BASE_R4_RESOURCES,
BASE_STU3_RESOURCES,
Validator,
} from 'fhir-works-on-aws-interface';
import { ElasticSearchService } from 'fhir-works-on-aws-search-es';
import { RBACHandler } from 'fhir-works-on-aws-authz-rbac';
import {
DynamoDb,
DynamoDbDataService,
DynamoDbBundleService,
S3DataService,
DynamoDbUtil,
} from 'fhir-works-on-aws-persistence-ddb';
import JsonSchemaValidator from 'fhir-works-on-aws-routing/lib/router/validation/jsonSchemaValidator';
import HapiFhirLambdaValidator from 'fhir-works-on-aws-routing/lib/router/validation/hapiFhirLambdaValidator';
import SubscriptionValidator from 'fhir-works-on-aws-routing/lib/router/validation/subscriptionValidator';
import getAllowListedSubscriptionEndpoints from './subscriptions/allowList';
import RBACRules from './RBACRules';
import { loadImplementationGuides } from './implementationGuides/loadCompiledIGs';
const { IS_OFFLINE, ENABLE_MULTI_TENANCY, ENABLE_SUBSCRIPTIONS } = process.env;
const enableMultiTenancy = ENABLE_MULTI_TENANCY === 'true';
const enableSubscriptions = ENABLE_SUBSCRIPTIONS === 'true';
export const fhirVersion: FhirVersion = '4.0.1';
const baseResources = fhirVersion === '4.0.1' ? BASE_R4_RESOURCES : BASE_STU3_RESOURCES;
const authService = IS_OFFLINE ? stubs.passThroughAuthz : new RBACHandler(RBACRules(baseResources), fhirVersion);
const dynamoDbDataService = new DynamoDbDataService(DynamoDb, false, { enableMultiTenancy });
const dynamoDbBundleService = new DynamoDbBundleService(DynamoDb, undefined, undefined, {
enableMultiTenancy,
});
// Configure the input validators. Validators run in the order that they appear on the array. Use an empty array to disable input validation.
const validators: Validator[] = [];
if (process.env.VALIDATOR_LAMBDA_ALIAS && process.env.VALIDATOR_LAMBDA_ALIAS !== '[object Object]') {
// The HAPI FHIR Validator must be deployed separately. It is the recommended choice when using implementation guides.
validators.push(new HapiFhirLambdaValidator(process.env.VALIDATOR_LAMBDA_ALIAS));
} else if (process.env.OFFLINE_VALIDATOR_LAMBDA_ALIAS) {
// Allows user to run sls offline with custom provided HAPI Lambda
validators.push(new HapiFhirLambdaValidator(process.env.OFFLINE_VALIDATOR_LAMBDA_ALIAS));
} else {
// The JSON Schema Validator is simpler and is a good choice for testing the FHIR server with minimal configuration.
validators.push(new JsonSchemaValidator(fhirVersion));
}
const esSearch = new ElasticSearchService(
[
{
key: 'documentStatus',
value: ['AVAILABLE'],
comparisonOperator: '==',
logicalOperator: 'AND',
},
],
DynamoDbUtil.cleanItem,
fhirVersion,
loadImplementationGuides('fhir-works-on-aws-search-es'),
undefined,
{ enableMultiTenancy },
);
const s3DataService = new S3DataService(dynamoDbDataService, fhirVersion, { enableMultiTenancy });
const OAuthUrl =
process.env.OAUTH2_DOMAIN_ENDPOINT === '[object Object]' || process.env.OAUTH2_DOMAIN_ENDPOINT === undefined
? 'https://OAUTH2.com'
: process.env.OAUTH2_DOMAIN_ENDPOINT;
export const getFhirConfig = async (): Promise<FhirConfig> => {
if (enableSubscriptions) {
const subscriptionAllowList = await getAllowListedSubscriptionEndpoints();
validators.push(
new SubscriptionValidator(esSearch, dynamoDbDataService, subscriptionAllowList, { enableMultiTenancy }),
);
}
return {
configVersion: 1.0,
productInfo: {
orgName: 'Organization Name',
},
auth: {
authorization: authService,
// Used in Capability Statement Generation only
strategy: {
service: 'OAuth',
oauthPolicy: {
authorizationEndpoint: `${OAuthUrl}/authorize`,
tokenEndpoint: `${OAuthUrl}/token`,
},
},
},
server: {
// When running serverless offline, env vars are expressed as '[object Object]'
// https://github.com/serverless/serverless/issues/7087
// As of May 14, 2020, this bug has not been fixed and merged in
// https://github.com/serverless/serverless/pull/7147
url:
process.env.API_URL === '[object Object]' || process.env.API_URL === undefined
? 'https://API_URL.com'
: process.env.API_URL,
},
validators,
profile: {
systemOperations: ['transaction'],
bundle: dynamoDbBundleService,
compiledImplementationGuides: loadImplementationGuides('fhir-works-on-aws-routing'),
systemHistory: stubs.history,
systemSearch: stubs.search,
bulkDataAccess: dynamoDbDataService,
fhirVersion,
genericResource: {
operations: ['create', 'read', 'update', 'delete', 'vread', 'search-type'],
fhirVersions: [fhirVersion],
persistence: dynamoDbDataService,
typeSearch: esSearch,
typeHistory: stubs.history,
},
resources: {
Binary: {
operations: ['create', 'read', 'update', 'delete', 'vread'],
fhirVersions: [fhirVersion],
persistence: s3DataService,
typeSearch: stubs.search,
typeHistory: stubs.history,
},
},
},
multiTenancyConfig: enableMultiTenancy
? {
enableMultiTenancy: true,
useTenantSpecificUrl: true,
tenantIdClaimPath: 'custom:tenantId',
}
: undefined,
};
};
export const genericResources = baseResources;