| commit | 63c7cae63903d06af1072ad3caa1e5e3f0b5a4ab | |
| author | Stephen Nielson <stephen@nielson.org> | |
| Thu, 12 Aug 2021 12:40:11 +0000 (12 08:40 -0400) | ||
| committer | GitHub <noreply@github.com> | |
| Thu, 12 Aug 2021 12:40:11 +0000 (12 08:40 -0400) | ||
| tree | ae94ee7f2bc1156050bb6c0b90c876b8db14cd69 | treesnapshot (tar.gz zip) |
| parent | f1961e3ecb6aa57e1c7ebac41bbfbb0122a0d60b | commitdiff |
Fix #4573 Openemr fhir token revocation (#4574)
* Client App access revoking
Implemented the ability to revoke a trusted user for a given registered
app.
Changed up the app interface to show more details about the registered
clients as well as all of the registered trusted users and any active
access tokens they may have at this point in time.
Put in the initial work to revoke an api authorization token.
* Implement Access/Refresh token revocation.
FHIR Inferno requires you to provide an access token and a refresh token
that will be revoked in order to pass the test cases. The developer has
to visually demonstrate revoking the token and then run the automated
test case. This doesn't work with the trusted user mechanism we
originally had for token revokation as there isn't a way to tie the
token back to the trusted user given just the JWT.
I implemented the access token and refresh token revocation by adding a
revoked column and implementing the methods in the repositories to
handle token revocation. I had to implement a separate isTokenRevoked
method for the access token due to the way League and OpenEMR interact
on the token revocation. Because we store the site id inside the token
we have to allow League to validate a token and ignore the token
revocation validation check because we don't have access to the database
at that point the in execution (no site id, no database connection).
So we add the revocation check further down in the dispatch.php file in
order to handle the revocation check.
I added a lot of user interface to the Client Admin Controller to
display the list of trusted users and allow you to revoke the trusted
user right from the interface. You can also revoke individual access
tokens. My next commit will allow you to revoke individual refresh
tokens.
My next piece of work will be to add a Token Utilities button to the
client list screen. That Token Utilities page will let you put in a
token and get back data about the token and allow you to revoke the
token from the system.
* Added Refresh Tokens to interface.
Verified refresh and access token revocation is working properly
* Fix api token database columns, fix query.
Made the api changes show up on a new install.
Fixed the database columns to be unique for token, default null to
match refresh and api token.
Fixed a bad query that was using the id instead of the actual api token.
* Access/Refresh Token revocation
Pulled oauth2 key config and JWT parsing into their own separate classes so we can use them in the admin tools.
Added JWT parsing into the admin class so we can revoke tokens quickly given the fully encoded token.
* Made revoke token actions return to tools list
* Fix styles
* Fix sql column issues, Remove redundant method.
Removed a redundant method in the refresh repo. Fixed column formats in
sql database.
* Fix admin escaping, security bugs.
Fixed a security bug where we were logging security keys. Also fixed
the exception case where we were not exiting the class properly.
Fixed text escaping on the client admin controllers.
* Client App access revoking
Implemented the ability to revoke a trusted user for a given registered
app.
Changed up the app interface to show more details about the registered
clients as well as all of the registered trusted users and any active
access tokens they may have at this point in time.
Put in the initial work to revoke an api authorization token.
* Implement Access/Refresh token revocation.
FHIR Inferno requires you to provide an access token and a refresh token
that will be revoked in order to pass the test cases. The developer has
to visually demonstrate revoking the token and then run the automated
test case. This doesn't work with the trusted user mechanism we
originally had for token revokation as there isn't a way to tie the
token back to the trusted user given just the JWT.
I implemented the access token and refresh token revocation by adding a
revoked column and implementing the methods in the repositories to
handle token revocation. I had to implement a separate isTokenRevoked
method for the access token due to the way League and OpenEMR interact
on the token revocation. Because we store the site id inside the token
we have to allow League to validate a token and ignore the token
revocation validation check because we don't have access to the database
at that point the in execution (no site id, no database connection).
So we add the revocation check further down in the dispatch.php file in
order to handle the revocation check.
I added a lot of user interface to the Client Admin Controller to
display the list of trusted users and allow you to revoke the trusted
user right from the interface. You can also revoke individual access
tokens. My next commit will allow you to revoke individual refresh
tokens.
My next piece of work will be to add a Token Utilities button to the
client list screen. That Token Utilities page will let you put in a
token and get back data about the token and allow you to revoke the
token from the system.
* Added Refresh Tokens to interface.
Verified refresh and access token revocation is working properly
* Fix api token database columns, fix query.
Made the api changes show up on a new install.
Fixed the database columns to be unique for token, default null to
match refresh and api token.
Fixed a bad query that was using the id instead of the actual api token.
* Access/Refresh Token revocation
Pulled oauth2 key config and JWT parsing into their own separate classes so we can use them in the admin tools.
Added JWT parsing into the admin class so we can revoke tokens quickly given the fully encoded token.
* Made revoke token actions return to tools list
* Fix styles
* Fix sql column issues, Remove redundant method.
Removed a redundant method in the refresh repo. Fixed column formats in
sql database.
* Fix admin escaping, security bugs.
Fixed a security bug where we were logging security keys. Also fixed
the exception case where we were not exiting the class properly.
Fixed text escaping on the client admin controllers.
16 files changed: