Release v2.1.6 branch

.classpath

@@ -11,6 +11,7 @@
 		<attributes>
 			<attribute name="test" value="true"/>
 			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="optional" value="true"/>
 		</attributes>
 	</classpathentry>
 	<classpathentry kind="src" output="target/classes" path="src/main/java">
@@ -22,6 +23,7 @@
 	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
 		<attributes>
 			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="optional" value="true"/>
 		</attributes>
 	</classpathentry>
 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-17">

pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-parent</artifactId>
-    <version>3.3.4</version>
+    <version>3.3.5</version>
     <relativePath/>
     <!-- lookup parent from repository -->
   </parent>
@@ -16,9 +16,9 @@
        release branch is labeled <major>.<minor>.<patch>-izgw-core-SNAPSHOT 
        main branch is labeled <major>.<minor>.<patch>-izgw-core-RELEASE 
   -->
-  <version>2.1.3-izgw-core-SNAPSHOT</version>
+  <version>2.1.6-izgw-core-SNAPSHOT</version>
   <packaging>jar</packaging>
-  <name>IZ Gateway Core 2.0</name>
+  <name>IZ Gateway Core 2.1.6</name>
   <description>IZ Gateway Core contains the core code for the IZ Gateway Hub and Transformation services</description>
   <distributionManagement>
     <repository>
@@ -35,9 +35,10 @@
     <project.build.finalName>${project.artifactId}-${project.version}-${timestamp}</project.build.finalName>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <project.java.package>${project.groupId}</project.java.package>
-    <!-- 17 needs a certified encryption module -->
-    <timestamp>${maven.build.timestamp}</timestamp>
-    <skipDependencyCheck>false</skipDependencyCheck>
+	<spring-security.version>6.3.4</spring-security.version>
+	<spring.version>6.2.0</spring.version>
+	<spring-framework.version>6.2.0</spring-framework.version>
+	<netty.version>4.1.115.Final</netty.version>
   </properties>
   <dependencies>
     <dependency>
@@ -147,17 +148,17 @@
       <groupId>org.bouncycastle</groupId>
       <!-- add -debug to get debug jars -->
       <artifactId>bc-fips</artifactId>
-      <version>1.0.2.5</version>
+      <version>2.0.0</version>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcpkix-fips</artifactId>
-      <version>1.0.7</version>
+      <version>2.0.7</version>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bctls-fips</artifactId>
-      <version>1.0.19</version>
+      <version>2.0.19</version>
     </dependency>
     <dependency>
       <groupId>org.codehaus.janino</groupId>
@@ -175,12 +176,12 @@
     <dependency>
       <groupId>org.springdoc</groupId>
       <artifactId>springdoc-openapi-starter-webflux-ui</artifactId>
-      <version>[2.2.0,)</version>
+      <version>2.6.0</version>
     </dependency>
     <dependency>
       <groupId>org.springdoc</groupId>
       <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
-      <version>[2.2.0,)</version>
+      <version>2.6.0</version>
     </dependency>
     <dependency>
       <groupId>org.springframework</groupId>

src/main/java/gov/cdc/izgateway/common/HealthService.java

@@ -37,4 +37,12 @@ public static void setServerName(String serverName) {
 	public static void setBuildName(String build) {
 		health.setBuildName(build);
 	}
+
+	public static void setDatabase(String url) {
+		if (health.getDatabase() == null) {
+			health.setDatabase(url);
+		} else {
+			health.setDatabase(health.getDatabase() + ", " + url);
+		}
+	}
 }

src/main/java/gov/cdc/izgateway/configuration/AppProperties.java

@@ -21,6 +21,11 @@ public class AppProperties {
 	@Getter
 	@Value("${server.mode:prod}")
 	private String serverMode;
+
+	@Getter
+	@Value("${spring.database:jpa}")
+	private String databaseType;
+
 	@Getter
 	private final ScheduledExecutorService scheduler = 
 		Executors.newSingleThreadScheduledExecutor(r -> new Thread(r, "Background-Scheduler"));

src/main/java/gov/cdc/izgateway/logging/event/Health.java

@@ -85,7 +85,11 @@ public class Health {
 	@JsonProperty 
 	@Schema(description="Host name as known by the operating system")
 	private String hostname;
-
+
+	@JsonProperty
+	@Schema(description="The database in use")
+	private String database;
+
     public Health() {
         started = new Date(ManagementFactory.getRuntimeMXBean().getStartTime());
         environment = SystemUtils.getDestTypeAsString();
@@ -113,6 +117,7 @@ private Health(Health that) {
         this.requestVolume = that.requestVolume;
         this.successVolume = that.successVolume;
         this.hostname = that.hostname;
+        this.database = that.database;
     }
 
     public Health copy() {

src/main/java/gov/cdc/izgateway/logging/event/TransactionData.java

@@ -30,7 +30,6 @@
 import lombok.extern.slf4j.Slf4j;
 
 import org.apache.commons.lang3.StringUtils;
-
 import java.util.Date;
 import java.util.Map;
 import java.util.TreeMap;
@@ -653,12 +652,13 @@ private String getFirstFieldComponent(String[] parts, int index) {
     }
 
     public void setProcessError(String summary, String detail) {
-        processErrorSummary = summary;
-        processErrorDetail = detail;
+        processErrorSummary = HL7Utils.maskSegments(summary);
+        processErrorDetail = HL7Utils.maskSegments(detail);
         hasProcessError = !StringUtils.isAllEmpty(summary, detail);
     }
 
-    public void setProcessError(Exception fault) {
+
+	public void setProcessError(Exception fault) {
         FaultSupport s = null;
 		if (fault instanceof UnsupportedOperationFault f) {
 			setMessageType(MessageType.INVALID_REQUEST);

src/main/java/gov/cdc/izgateway/model/ICertificateStatus.java

@@ -5,6 +5,7 @@
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.X509Certificate;
 import java.sql.Timestamp;
+import java.util.Date;
 import java.util.ServiceConfigurationError;
 
 import jakarta.xml.bind.DatatypeConverter;
@@ -23,13 +24,13 @@ public interface ICertificateStatus {
 
 	void setCertSerialNumber(String certificateSerialNumber);
 
-	Timestamp getLastCheckedTimeStamp();
+	Date getLastCheckedTimeStamp();
 
-	void setLastCheckedTimeStamp(Timestamp lastCheckedTimeStamp);
+	void setLastCheckedTimeStamp(Date lastCheckedTimeStamp);
 
-	Timestamp getNextCheckTimeStamp();
+	Date getNextCheckTimeStamp();
 
-	void setNextCheckTimeStamp(Timestamp nextCheckTimeStamp);
+	void setNextCheckTimeStamp(Date nextCheckTimeStamp);
 
 	String getLastCheckStatus();
 

src/main/java/gov/cdc/izgateway/model/IEndpointStatus.java

@@ -25,6 +25,8 @@ public interface IEndpointStatus extends IEndpoint {
 	int getStatusId();
 
 	void setDestId(String destId);
+
+	int getDestTypeId();
 
 	void setDestUri(String destUri);
 

src/main/java/gov/cdc/izgateway/model/RetryStrategy.java

@@ -24,7 +24,7 @@ public enum RetryStrategy {
      * The IIS is not responsive for some reason. This may be due to networking infrastructure (Internet)
      * failures between the IZ Gateway and the IIS, or it may be related to routine or emergency IIS
      * maintenance.  Check the IIS Status before attempting a retry.  Some errors (e.g. DNS not found,
-     * expired certificates) will not disappear without human intervention.
+     * expired certificates, or invalid response data) will not disappear without human intervention.
      */
     CHECK_IIS_STATUS("Check IIS Status before Retry", HttpStatus.BAD_GATEWAY),
 

src/main/java/gov/cdc/izgateway/repository/EndpointStatusRepository.java

@@ -12,13 +12,14 @@
 public interface EndpointStatusRepository {
 	public static final String[] INCLUDE_ALL = new String[0];
 
-	List<IEndpointStatus> findAll();
+	List<? extends IEndpointStatus> findAll();
 	IEndpointStatus findById(String id);
 	IEndpointStatus saveAndFlush(IEndpointStatus status);
 	boolean removeById(String id);
 
-	List<IEndpointStatus> find(int maxQuarterHours, String[] include);
+	List<? extends IEndpointStatus> find(int maxQuarterHours, String[] include);
 	boolean refresh();
+	void resetCircuitBreakers();
 	IEndpointStatus newEndpointStatus();
 	IEndpointStatus newEndpointStatus(IDestination dest);
 }

src/main/java/gov/cdc/izgateway/security/AccessControlValve.java

@@ -122,7 +122,7 @@ public boolean accessAllowed(HttpServletRequest req, HttpServletResponse resp) {
         if (Boolean.FALSE.equals(check)) {  // NOSONAR Null is still possible here, SONAR flags it as always true
 	        log.error("Access denied to protected URL {} address by {} at {}", path, user, host);
 	        resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
-	        return true;
+	        return false;
         } 
 
         if (isSwagger(path, user)) {

src/main/java/gov/cdc/izgateway/security/AccessController.java

@@ -91,15 +91,13 @@ public Set<String> getUsersInGroup(@PathVariable String group) {
 
 	@Operation(summary="Add a user to blacklist", description="Add the specified user to the blacklist")
 	@PostMapping("/access/blacklist")
-	public IAccessControl addUserToBlackList(@RequestParam String user
-	) {
+	public IAccessControl addUserToBlackList(@RequestParam String user) {
 		return service.addUserToBlacklist(user);
 	}
 
 	@Operation(summary="Delete a user from the blacklist", description="Delete the specified user from the blacklist")
 	@DeleteMapping("/access/blacklist")
-	public IAccessControl removeUserFromBlackList(@RequestParam String user
-	) {
+	public IAccessControl removeUserFromBlackList(@RequestParam String user) {
 		return service.removeUserFromBlacklist(user);
 	}
 

src/main/java/gov/cdc/izgateway/service/impl/EndpointStatusService.java

@@ -29,10 +29,10 @@ public List<String> getHosts() {
     	return l;
     }
 
-    public List<IEndpointStatus> findAll() {
+    public List<? extends IEndpointStatus> findAll() {
         return endpointStatusRepository.find(1, EndpointStatusRepository.INCLUDE_ALL);
     }
-	public List<IEndpointStatus> find(int count, String[] include) {
+	public List<? extends IEndpointStatus> find(int count, String[] include) {
 		return endpointStatusRepository.find(count, include);
 	}
 
@@ -62,4 +62,8 @@ public boolean refresh() {
 	public boolean removeById(String id) {
 		return endpointStatusRepository.removeById(id);
 	}
+
+	public void resetCircuitBreakers() {
+		endpointStatusRepository.resetCircuitBreakers();
+	}
 }

src/main/java/gov/cdc/izgateway/soap/MockMessage.java

@@ -153,9 +153,14 @@ public enum MockMessage {
 			HttpStatus.BAD_REQUEST),
 
 	TC_24H(MediaType.APPLICATION_XML, MockMessageText.TC_24H_TEXT,
-			HttpStatus.BAD_REQUEST), TC_UNKF(MockMessage::simulateFault,
+			HttpStatus.BAD_REQUEST), 
+
+	TC_24I(MockMessageText.TC_24I_TEXT),
+
+	TC_UNKF(MockMessage::simulateFault,
 					MockMessageText.TC_UNKF_TEXT);
 
+
 	public static final MockMessage TC_FORCE_TIMEOUT = TC_13C;
 	private static int retryableRequestCount = 0;
 	/**
@@ -596,19 +601,21 @@ private MockMessageText() {
 			+ "<soap:Fault><soap:Code><soap:Value>soap:Receiver</soap:Value></soap:Code>"
 			+ "<soap:Reason><soap:Text>Invalid Username, Password or FacilityID</soap:Text></soap:Reason><soap:Detail>"
 			+ "<ns3:SecurityFault xmlns:ns3='urn:cdc:iisb:2014'>"
-			+ "<ns3:Code>401</ns3:Code>" + "<ns3:Reason>Security</ns3:Reason>" // Change
-																				// from
-																				// required
-																				// "Security"
-																				// to
-																				// "Security
-																				// Fault"
+			+ "<ns3:Code>401</ns3:Code><ns3:Reason>Security</ns3:Reason>" 
 			+ "<ns3:Detail>Invalid Username, Password or FacilityID</ns3:Detail>"
 			+ "</ns3:SecurityFault>"
 			+ "</soap:Detail></soap:Fault></soap:Envelope>";
 
 	static final String TC_24H_TEXT = "This is not a SOAP Fault nor is it XML";
 
+	static final String TC_24I_TEXT = "MSH|^~\\&|IRIS IIS|IRIS||IZG|20220205||RSP^K11^RSP_K11|20210330093013AZQ231|P|2.5.1|||||||||Z32^CDCPHINVS\r"
+			+ "MSA|AA|20210330093013AZQ231||0||0^Message Accepted^HL70357" + Character.valueOf((char)0x13)
+			+ "QAK|20210330093013AZQ231|NF|Z34^Request Complete Immunization history^CDCPHINVS\r"
+			+ "QPD|Z34^Request Immunization History^CDCPHINVS|20210330093013IA231|112258-9^^^IA^MR|"
+			+ "JohnsonIZG^JamesIZG^AndrewIZG^^^^L|LeungIZG^SarahIZG^^^^^M|20160414|M|"
+			+ "Main Street&&123^^Adel^IA^50003^^L|^PRN^PH^^^555^5551111|Y|1\r";
+
+
 	static final String TC_UNKF_TEXT = "Unknown Exception";
 
 	static final String TC_22B_TEXT = ENVELOPE + "" + "<soap:Fault>"

src/main/java/gov/cdc/izgateway/soap/SoapControllerBase.java

@@ -580,6 +580,7 @@ protected ResponseEntity<FaultMessage> handleFault(Fault fault) {
 		logFault(fault);
 		FaultMessage faultMessage = new FaultMessage(fault, messageNamespace);
 		faultMessage.updateAction(isHub());
+		logResponseMessage(faultMessage);
 		return new ResponseEntity<>(faultMessage, HttpStatus.INTERNAL_SERVER_ERROR);
 	}