From 88dd618b99bf666fe213551477476943767310bc Mon Sep 17 00:00:00 2001
From: Dilum Aluthge <dilum@aluthge.com>
Date: Tue, 21 Feb 2023 05:59:48 -0500
Subject: [PATCH] Allow the user to require that FHIR Base URLs use HTTPS
 (#120)

---
 Project.toml       |  2 +-
 src/types.jl       | 20 ++++++++++++++++++++
 test/unit.jl       |  1 +
 test/unit/types.jl |  3 +++
 4 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 test/unit/types.jl

diff --git a/Project.toml b/Project.toml
index 0e3ae74..1cb450f 100644
--- a/Project.toml
+++ b/Project.toml
@@ -1,7 +1,7 @@
 name = "FHIRClient"
 uuid = "b44d2ca2-8176-4fa9-8684-826e17b2a2da"
 authors = ["Dilum Aluthge", "Rhode Island Quality Institute", "contributors"]
-version = "1.1.0"
+version = "1.2.0"
 
 [deps]
 Base64 = "2a0f44e3-6c83-55bd-87e4-b1978d98bd5f"
diff --git a/src/types.jl b/src/types.jl
index fe14aa5..0924941 100644
--- a/src/types.jl
+++ b/src/types.jl
@@ -17,6 +17,13 @@ abstract type FHIRVersion <: Any
 abstract type FHIRVersion
 end
 
+function _uses_https(url_str::AbstractString)
+    return startswith(lowercase(strip(url_str)), "https://")
+end
+
+function _uses_https(uri::HTTP.URI)
+    return _uses_https(Base.string(uri))
+end
 
 """
 The base URL for a FHIR server.
@@ -31,6 +38,19 @@ struct BaseURL <: Any
 """
 struct BaseURL
     uri::HTTP.URI
+    function BaseURL(uri::HTTP.URI; require_https::Bool = false) # TODO: change the default to `true`
+        this_uri_uses_https = _uses_https(uri)
+        if !this_uri_uses_https
+            msg = "The following FHIR Base URL does not use HTTPS: $(uri)"
+            if require_https
+                throw(ArgumentError(msg))
+            else
+                @warn "`require_https` is set to `false` - we strongly recommend setting it to `true`"
+                @warn msg
+            end
+        end
+        return new(uri)
+    end
 end
 _get_http_uri(base_url::BaseURL) = base_url.uri
 function _get_http_uri_string(uri::HTTP.URI)::String
diff --git a/test/unit.jl b/test/unit.jl
index 8e2a9fc..fc34fbf 100644
--- a/test/unit.jl
+++ b/test/unit.jl
@@ -3,4 +3,5 @@
     include("unit/fhir-to-julia.jl")
     include("unit/other-fhir-versions.jl")
     include("unit/requests.jl")
+    include("unit/types.jl")
 end
diff --git a/test/unit/types.jl b/test/unit/types.jl
new file mode 100644
index 0000000..bce1c15
--- /dev/null
+++ b/test/unit/types.jl
@@ -0,0 +1,3 @@
+@test_throws Exception FHIRClient.BaseURL(HTTP.URI("http://example.com"); require_https = true)
+@test FHIRClient.BaseURL(HTTP.URI("http://example.com"); require_https = false) isa FHIRClient.BaseURL
+@test_logs (:warn,) match_mode=:any FHIRClient.BaseURL(HTTP.URI("http://example.com"); require_https = false)