Stream: hapi
Topic: Trusted Client Mode acts anonymously
Troy Bergstrand (Sep 09 2019 at 22:43):
In our workflow, a user will log into a mobile app receiving a JWT with which it will issue requests on a backend. The backend, in turn, will make queries on the FHIR server.
I turned on Trusted Client Mode so that audit and consent work against the authenticated end-user vs. the service account. I ran a test query using Postman, everything worked as expected.
Thus far, I had been using Basic authentication. But our app is JWT driven. Figuring that it might take awhile to configure the FHIR server to validate the JWTs, I decided to run an experience to prove that JWT validation wasn't yet configured. I generated a token, passed it via Postman as a bearer token, and lo and behold the request worked. I reverted to Basic authentication passing bogus credentials and it still worked.
It appears that once you turn on Trusted Client Mode, any client is trusted, i.e., any anonymous/unknown client is trusted. Is this expected?
I was expecting that the Authorization header would still be validated before accepting the CDR-TrustedClient-Username and CDR-TrustedClient-Permission headers so that only my known client (via the service account) would be permitted to use these headers.
Last updated: Apr 12 2022 at 19:14 UTC
