Merged in apikey (pull request #18)

CC-3384 - PT: Use API Key authentication with VSAC in CQL Testing Approved-by: Dylan Mahalingam Approved-by: Chris Moesel
AHRQ-CDS · Oct 28, 2020 · 59f21ed · 59f21ed
2 parents 17c7224 + d7a3a00
commit 59f21ed
Show file tree

Hide file tree

Showing 5 changed files with 69 additions and 38 deletions.
diff --git a/README.md b/README.md
@@ -230,7 +230,11 @@ This only needs to be done once.  After this, your `node_modules` folder will be
 
 #### Downloading Value Sets
 
-If your CQL uses value sets from the Value Set Authority Center (VSAC), then the first time you run the tests, they will need to download the value set definitions from VSAC.  Downloading value sets from VSAC requires a VSAC account.  You can configure your VSAC account by setting the `options->vsac->user` and `options-vsac-password` properties in your `cqlt.yaml` file.  If you prefer not to modify the config file, you may set `UMLS_USER_NAME` and `UMLS_PASSWORD` environment variables instead.
+If your CQL uses value sets from the Value Set Authority Center (VSAC), then the first time you run the tests, they will need to download the value set definitions from VSAC.  Downloading value sets from VSAC requires a VSAC account and an API key.  You can find your API key in your [UMLS profile](https://uts.nlm.nih.gov//uts.html#profile) and can configure your VSAC account by setting the `options->vsac->apikey` property in your `cqlt.yaml` file.  If you prefer not to modify the config file, you may set the `UMLS_API_KEY` environment variable instead.
+
+Alternatively, existing username/password authentication is supported until January 1, 2021.  You may set the `options->vsac->user` and `options->vsac->password` properties in your `cqlt.yaml` file.  If you prefer not to modify the config file, you may set the`UMLS_USER_NAME` and `UMLS_PASSWORD` environment variables.
+
+**NOTE**: Username and password based authentication is deprecated by VSAC, and only supported until January 1, 2021.  API key based authentication is highly encouraged.
 
 Once you've run the tests the first time and downloaded the value sets, they'll be stored in a VSAC cache folder (defaulted to `/.vscache` in the same folder as the `cqlt.yaml` file).  After that, you do not need your VSAC credentials anymore since the CQL Testing Framework will just use the cache.
 

diff --git a/package.json b/package.json
@@ -16,7 +16,7 @@
     "chai": "^4.2.0",
     "convict": "^4.4.0",
     "cql-exec-fhir": "^1.3.1",
-    "cql-exec-vsac": "^1.1.1",
+    "cql-exec-vsac": "^1.2.0",
     "eslint": "^6.0.1",
     "fs-extra": "^7.0.1",
     "js-yaml": "^3.13.1",

diff --git a/src/buildTestSuite.js b/src/buildTestSuite.js
@@ -46,23 +46,37 @@ function buildTestSuite(testCases, library, codeService, fhirVersion, config) {
 
     before('Download value set definitions from VSAC if necessary', function(done) {
       this.timeout(30000);
-      let user, pass;
-      if (options.vsac && options.vsac.user && options.vsac.user !== '') {
-        user = options.vsac.user;
-        pass = options.vsac.password;
+      let user, pass, key;
+      let ensureValueSets; //we're going to use a different function based on the existence of the API Key option
+      //NOTE: As of Jan 1 2021 VSAC will no longer accept accept username and password. Please use
+      //    ensureValueSetsInLibraryWithAPIKey() instead.
+      if (options.vsac && options.vsac.user && options.vsac.password) {
+        user = options.vsac.user ? options.vsac.user : null;
+        pass = options.vsac.password ? options.vsac.password : null;
+        ensureValueSets = codeService.ensureValueSetsInLibrary(library,true,user,pass);
+      } else {
+        key = options.vsac.apikey ? options.vsac.apikey : null;
+        ensureValueSets = codeService.ensureValueSetsInLibraryWithAPIKey(library,true,key);
       }
-      codeService.ensureValueSetsInLibrary(library, true, user, pass)
-        .then(() => done())
+
+      ensureValueSets.then(() => done())
         .catch((err) => {
           if (err instanceof Error) {
             done(err);
-          } else if (err && err.indexOf('UMLS_USER_NAME') != null) {
+          } else if (err && err.indexOf('UMLS_USER_NAME') != -1) {
             const message = 'Failed to download value sets. Please ensure VSAC user and password '
               + 'is specified via one of the appropriate mechanisms, either:\n'
               + '- configuration: options.vsac.user & options.vsac.password\n'
               + '- environment variables: UMLS_USER_NAME & UMLS_PASSWORD\n'
               + '- arguments (commandline only): --vsac-user & --vsac-password';
             done(new Error(message));
+          } else if(err && err.indexOf('UMLS_API_KEY') != -1) {
+            const message = 'Failed to download value sets. Please ensure VSAC API Key '
+              + 'is specified via one of the appropriate mechanisms, either:\n'
+              + '- configuration: options.vsac.apikey\n'
+              + '- environment variables: UMLS_API_KEY\n'
+              + '- arguments (commandline only): --vsac-apikey\n';
+            done(new Error(message));
           } else {
             done(new Error(err));
           }

diff --git a/src/loadConfig.js b/src/loadConfig.js
@@ -74,15 +74,23 @@ function newConfig() {
         arg: 'date'
       },
       vsac: {
+        apikey: {
+          doc: 'The UMLS API Key to use when connecting to the VSAC',
+          format: 'String',
+          default: '',
+          sensitive: true,
+          env: 'UMLS_API_KEY', // NOTE: Inconsistent name to match existing ENV name used by cql-exec-vsac
+          arg: 'vsac-apikey'
+        },
         user: {
-          doc: 'The UMLS user name to use when connecting to the VSAC',
+          doc: '*DEPRECATED* The UMLS user name to use when connecting to the VSAC. As of Jan 1 2021 VSAC will no longer accept accept username and password, API Key MUST be used after this date',
           format: 'String',
           default: '',
           env: 'UMLS_USER_NAME', // NOTE: Inconsistent name to match existing ENV name used by cql-exec-vsac
           arg: 'vsac-user'
         },
         password: {
-          doc: 'The UMLS password to use when connecting to the VSAC',
+          doc: '*DEPRECATED* The UMLS password to use when connecting to the VSAC. As of Jan 1 2021 VSAC will no longer accept accept username and password, API Key MUST be used after this date',
           format: 'String',
           default: '',
           sensitive: true,

diff --git a/yarn.lock b/yarn.lock
@@ -269,15 +269,15 @@ cql-exec-fhir@^1.3.1:
   dependencies:
     xml2js "~0.4.19"
 
-cql-exec-vsac@^1.1.1:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/cql-exec-vsac/-/cql-exec-vsac-1.1.1.tgz#2ba2e9cae923f896292c86148fe6668ecc0afef4"
-  integrity sha512-yggzgTqYW5uAfvfhlB16lHgfQFLOqm8rL80hCZ6whmllgBCeRoXBpg6paHCCo91RC4JK29leu5OVdcqv9dTU3w==
+cql-exec-vsac@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/cql-exec-vsac/-/cql-exec-vsac-1.2.0.tgz#1243d639b8185d94ed2d323527e0b0a99482cf5f"
+  integrity sha512-98CMTxZOa4pcQEK8tL8p6iBHjCphItWj2/vHqd99vksOkWanbS/5JGdYJTg//i0nJa2Ck7Gk8dDbm7qzlaMHGw==
   dependencies:
-    debug "^4.1.1"
-    mkdirp "^1.0.3"
+    debug "^4.2.0"
+    mkdirp "^1.0.4"
     request "^2.88.2"
-    request-promise-native "^1.0.8"
+    request-promise-native "^1.0.9"
     xml2js "^0.4.23"
 
 cql-execution@^1.3.7:
@@ -320,12 +320,12 @@ debug@^4.0.1:
   dependencies:
     ms "^2.1.1"
 
-debug@^4.1.1:
-  version "4.1.1"
-  resolved "https://registry.yarnpkg.com/debug/-/debug-4.1.1.tgz#3b72260255109c6b589cee050f1d516139664791"
-  integrity sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==
+debug@^4.2.0:
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/debug/-/debug-4.2.0.tgz#7f150f93920e94c58f5574c2fd01a3110effe7f1"
+  integrity sha512-IX2ncY78vDTjZMFUdmsvIRFY2Cf4FnD0wRs+nQwJU8Lu99/tPFdb0VybiiMTPe3I6rQmwsqQqRBvxU+bZ/I8sg==
   dependencies:
-    ms "^2.1.1"
+    ms "2.1.2"
 
 deep-eql@^3.0.1:
   version "3.0.1"
@@ -844,7 +844,7 @@ [email protected]:
   resolved "https://registry.yarnpkg.com/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz#e23f3f9c4f8fbdde872529c1071857a086e5ccef"
   integrity sha1-4j8/nE+Pvd6HJSnBBxhXoIblzO8=
 
-lodash@^4.17.11, lodash@^4.17.15:
+lodash@^4.17.11, lodash@^4.17.15, lodash@^4.17.19:
   version "4.17.15"
   resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.15.tgz#b447f6670a0455bbfeedd11392eff330ea097548"
   integrity sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==
@@ -890,10 +890,10 @@ [email protected], mkdirp@^0.5.1:
   dependencies:
     minimist "0.0.8"
 
-mkdirp@^1.0.3:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-1.0.3.tgz#4cf2e30ad45959dddea53ad97d518b6c8205e1ea"
-  integrity sha512-6uCP4Qc0sWsgMLy1EOqqS/3rjDHOEnsStVr/4vtAIK2Y5i2kA7lFFejYrpIyiN9w0pYf4ckeCYT9f1r1P9KX5g==
+mkdirp@^1.0.4:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-1.0.4.tgz#3eb5ed62622756d79a5f0e2a221dfebad75c2f7e"
+  integrity sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==
 
 mocha@^5.2.0:
   version "5.2.0"
@@ -927,6 +927,11 @@ [email protected]:
   resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8"
   integrity sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=
 
+[email protected]:
+  version "2.1.2"
+  resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.2.tgz#d09d1f357b443f493382a8eb3ccd183872ae6009"
+  integrity sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==
+
 ms@^2.1.1:
   version "2.1.1"
   resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.1.tgz#30a5864eb3ebb0a66f2ebe6d727af06a09d86e0a"
@@ -1045,19 +1050,19 @@ regexpp@^2.0.1:
   resolved "https://registry.yarnpkg.com/regexpp/-/regexpp-2.0.1.tgz#8d19d31cf632482b589049f8281f93dbcba4d07f"
   integrity sha512-lv0M6+TkDVniA3aD1Eg0DVpfU/booSu7Eev3TDO/mZKHBfVjgCGTV4t4buppESEYDtkArYFOxTJWv6S5C+iaNw==
 
-[email protected].3:
-  version "1.1.3"
-  resolved "https://registry.yarnpkg.com/request-promise-core/-/request-promise-core-1.1.3.tgz#e9a3c081b51380dfea677336061fea879a829ee9"
-  integrity sha512-QIs2+ArIGQVp5ZYbWD5ZLCY29D5CfWizP8eWnm8FoGD1TX61veauETVQbrV60662V0oFBkrDOuaBI8XgtuyYAQ==
+[email protected].4:
+  version "1.1.4"
+  resolved "https://registry.yarnpkg.com/request-promise-core/-/request-promise-core-1.1.4.tgz#3eedd4223208d419867b78ce815167d10593a22f"
+  integrity sha512-TTbAfBBRdWD7aNNOoVOBH4pN/KigV6LyapYNNlAPA8JwbovRti1E88m3sYAwsLi5ryhPKsE9APwnjFTgdUjTpw==
   dependencies:
-    lodash "^4.17.15"
+    lodash "^4.17.19"
 
-request-promise-native@^1.0.8:
-  version "1.0.8"
-  resolved "https://registry.yarnpkg.com/request-promise-native/-/request-promise-native-1.0.8.tgz#a455b960b826e44e2bf8999af64dff2bfe58cb36"
-  integrity sha512-dapwLGqkHtwL5AEbfenuzjTYg35Jd6KPytsC2/TLkVMz8rm+tNt72MGUWT1RP/aYawMpN6HqbNGBQaRcBtjQMQ==
+request-promise-native@^1.0.9:
+  version "1.0.9"
+  resolved "https://registry.yarnpkg.com/request-promise-native/-/request-promise-native-1.0.9.tgz#e407120526a5efdc9a39b28a5679bf47b9d9dc28"
+  integrity sha512-wcW+sIUiWnKgNY0dqCpOZkUbF/I+YPi+f09JZIDa39Ec+q82CpSYniDp+ISgTTbKmnpJWASeJBPZmoxH84wt3g==
   dependencies:
-    request-promise-core "1.1.3"
+    request-promise-core "1.1.4"
     stealthy-require "^1.1.1"
     tough-cookie "^2.3.3"