Merge pull request #1908 from IBM/issue-1907

Signed-off-by: Lee Surprenant <[email protected]>

Author: lmsurpre

fhir-search/src/main/java/com/ibm/fhir/search/uri/UriBuilder.java

@@ -72,7 +72,10 @@ public UriBuilder requestUri(String requestUriString) {
      * @throws URISyntaxException
      */
     public String toSearchSelfUri() throws URISyntaxException {
-        URI requestUri = new URI(requestUriString);
+        String hostAndPath = requestUriString.contains("?") ?
+                requestUriString.substring(0, requestUriString.indexOf("?")) :
+                requestUriString;
+        URI requestUri = new URI(hostAndPath);
 
         // Always include page size at the beginning, even if it wasn't in the request
         queryString.append(SearchConstants.COUNT);

fhir-search/src/test/java/com/ibm/fhir/search/uri/test/UriTest.java

@@ -32,7 +32,7 @@
 public class UriTest {
 
     @Test
-    public void testUriBadSecurity() throws URISyntaxException {
+    public void testUriTrimmedUrl() throws URISyntaxException {
         String incoming =
                 "https://localhost:9443/fhir-server/api/v4/_search?_count=10&_security=http://ibm.com/fhir/security&_fudge=tag&_page=1";
         String requestUriString = incoming.split("\\?")[0];
@@ -62,6 +62,37 @@ public void testUriBadSecurity() throws URISyntaxException {
             incoming);
     }
 
+    @Test
+    public void testUriBadSecurity() throws URISyntaxException {
+        String incoming =
+                "https://localhost:9443/fhir-server/api/v4/_search?_count=10&_security=http://ibm.com/fhir/security&_fudge=tag&_page=1";
+        String requestUriString = incoming;
+
+        QueryParameterValue value = new QueryParameterValue();
+        value.setValueString("http://ibm.com/fhir/security");
+        List<QueryParameterValue> values = Arrays.asList(value);
+        QueryParameter parameter = new QueryParameter(Type.TOKEN, "_security", null, null, values);
+
+        List<QueryParameter> searchParameters = new ArrayList<>();
+
+        searchParameters.add(parameter);
+
+        QueryParameterValue value2 = new QueryParameterValue();
+        value2.setValueString("tag");
+        List<QueryParameterValue> values2 = Arrays.asList(value2);
+        QueryParameter parameter2 = new QueryParameter(Type.TOKEN, "_fudge", null, null, values2);
+        searchParameters.add(parameter2);
+
+
+        FHIRSearchContext ctx = FHIRSearchContextFactory.createSearchContext();
+        ctx.setPageNumber(1);
+        ctx.setPageSize(10);
+        ctx.setSearchParameters(searchParameters);
+
+        assertEquals(SearchUtil.buildSearchSelfUri(requestUriString, ctx),
+            incoming);
+    }
+
     @Test
     public void testUriWithOnlyCompartmentInclusionSearchParmeter() throws URISyntaxException {
         String expectedUri = "https://localhost:9443/fhir-server/api/v4/Patient/1234/Observation?_count=10&_page=1";
@@ -79,4 +110,20 @@ public void testUriWithOnlyCompartmentInclusionSearchParmeter() throws URISyntax
         assertEquals(SearchUtil.buildSearchSelfUri(requestUriString, ctx), expectedUri);
     }
 
+    @Test
+    public void testUriWithUnencodedPipe() throws URISyntaxException {
+        String expectedUri = "https://test?_count=10&param=system%7Cvalue&_page=1";
+        String requestUriString = "https://test?param=system|value";
+
+        FHIRSearchContext ctx = FHIRSearchContextFactory.createSearchContext();
+        ctx.setPageNumber(1);
+        ctx.setPageSize(10);
+        QueryParameterValue paramVal = new QueryParameterValue();
+        paramVal.setValueSystem("system");
+        paramVal.setValueCode("value");
+        QueryParameter queryParameter = new QueryParameter(Type.TOKEN, "param", null, null, Collections.singletonList(paramVal));
+        ctx.setSearchParameters(Collections.singletonList(queryParameter));
+
+        assertEquals(SearchUtil.buildSearchSelfUri(requestUriString, ctx), expectedUri);
+    }
 }