...
When authentication is set to HTTP basic auth then connect middleware is setup to intercept the request as soon as it enters the HIM as shown above. This middleware will read user details out of the MongoDB store to determine if the user can be authenticated. If the user is rejected an error is returned else the request is considered authenticated and is then passed onto the authorization step.
TODO - should we use passport node module?To help perform the authentication the passport.js module will be use. This provides us with middleware for a number of different authentication schemes. Passport.js
Authorization
The OpenHIM only performs simple authorization based on the path that is being requested. It should be able to restrict access to certain paths to users with particular roles. The channel description shown in the router section below shows that each path has one or more allowed roles or user associated with it. The authorization component will check if the authenticated user has the authority to access the current path. It authorized the request will be passed on, else, the request will be denied and a HTTP 401 message will be returned.
...
In addition the ability to store orchestration steps exists in the structure. We anticipate exposing a web service to enable mediators to report requests and responses that they make to/receive from external services and have these stored alongside the actual transaction.
TODO - Should we use mongoose or plain mongodb node.js module?We will use the plain mogodb node library rather than using an ORM such as Mongoose. Mongoose helps with schema validation, casting and write object business logic. We don't require these features as the documents that we are storing are relatively simple. Also, Mongoose want you to define data types for everything in the schema. It does not easily allow you to add dynamic elements to your documents. Thus, following the KISS principle we will not make use of any ORM until the need and reason for its use is evident.
| Code Block | ||
|---|---|---|
| ||
{
"transactionId": "123",
"status": "Processing|Failed|Completed",
"userId": "Musha_OpenMRS",
"request": {
"path": "/api/test",
"headers": [
{ "header1": "value1" },
{ "header2": "value2" }
],
"requestParams": [
{ "param1": "value1" },
{ "param2": "value2" }
],
"body": "<HTTP body>",
"method": "POST",
"timestamp": "<ISO 8601>"
},
"response": {
"status": 201,
"body": "<HTTP body>",
"headers": [
{ "header1": "value1" },
{ "header2": "value2" }
],
"timestamp": "<ISO 8601>"
},
"routes": [
{
"name": "<route name>"
// Same structure as above
"request": { ... },
"response": { ... }
}
]
"orchestrations": [
{
"name": "<orchestration name>"
// Same structure as above
"request": { ... },
"response": { ... }
}
]
"properties": [ // optional meta data about a transaction
{ "prop1": "value1" },
{ "prop2": "value2" }
]
} |
...