Merge branch 'main' into feat/exclude-admin-directories

* main:
  fix: #241  mCSD update client caches admin directories in memory indefinitely (#242)

# Conflicts:
#	component/mcsd/component.go

Author: rolandgroen

component/mcsd/component.go

@@ -73,6 +73,7 @@ type administrationDirectory struct {
 	fhirBaseURL   string
 	resourceTypes []string
 	discover      bool
+	sourceURL     string // The fullUrl from the Bundle entry that created this Endpoint, used for unregistration on DELETE
 }
 
 type DirectoryUpdateReport struct {
@@ -95,7 +96,7 @@ func New(config Config) (*Component, error) {
 		updateMux:       &sync.RWMutex{},
 	}
 	for _, rootDirectory := range config.AdministrationDirectories {
-		if err := result.registerAdministrationDirectory(context.Background(), rootDirectory.FHIRBaseURL, rootDirectoryResourceTypes, true); err != nil {
+		if err := result.registerAdministrationDirectory(context.Background(), rootDirectory.FHIRBaseURL, rootDirectoryResourceTypes, true, ""); err != nil {
 			return nil, fmt.Errorf("register root administration directory (url=%s): %w", rootDirectory.FHIRBaseURL, err)
 		}
 	}
@@ -125,8 +126,7 @@ func (c *Component) RegisterHttpHandlers(publicMux, internalMux *http.ServeMux)
 	})
 }
 
-func (c *Component) registerAdministrationDirectory(ctx context.Context, fhirBaseURL string, resourceTypes []string, discover bool) error {
-
+func (c *Component) registerAdministrationDirectory(ctx context.Context, fhirBaseURL string, resourceTypes []string, discover bool, sourceURL string) error {
 	// Must be a valid http or https URL
 	parsedFHIRBaseURL, err := url.Parse(fhirBaseURL)
 	if err != nil {
@@ -156,11 +156,40 @@ func (c *Component) registerAdministrationDirectory(ctx context.Context, fhirBas
 		resourceTypes: resourceTypes,
 		fhirBaseURL:   fhirBaseURL,
 		discover:      discover,
+		sourceURL:     sourceURL,
 	})
 	log.Ctx(ctx).Info().Str("fhir_server", fhirBaseURL).Msgf("Registered mCSD Directory (discover=%v)", discover)
 	return nil
 }
 
+// unregisterAdministrationDirectory removes an administration directory from the list by its fullUrl.
+// This is called when an Endpoint is deleted to prevent it from being fetched in future updates.
+// The fullUrl parameter is the Bundle entry fullUrl that was used when the Endpoint was registered.
+func (c *Component) unregisterAdministrationDirectory(ctx context.Context, fullUrl string) {
+	initialCount := len(c.administrationDirectories)
+	c.administrationDirectories = slices.DeleteFunc(c.administrationDirectories, func(dir administrationDirectory) bool {
+		return dir.sourceURL == fullUrl
+	})
+	if len(c.administrationDirectories) < initialCount {
+		log.Ctx(ctx).Info().Str("full_url", fullUrl).Msg("Unregistered mCSD Directory after Endpoint deletion")
+	}
+}
+
+// processEndpointDeletes processes DELETE operations for Endpoints and unregisters them from administrationDirectories.
+// This prevents deleted Endpoints from being fetched in future updates, fixing issue #241.
+func (c *Component) processEndpointDeletes(ctx context.Context, entries []fhir.BundleEntry) {
+	for _, entry := range entries {
+		if entry.Request != nil && entry.Request.Method == fhir.HTTPVerbDELETE && entry.FullUrl != nil {
+			parts := strings.Split(entry.Request.Url, "/")
+			if len(parts) >= 2 && parts[0] == "Endpoint" {
+				// Unregister the administration directory using the fullUrl
+				// The fullUrl uniquely identifies the resource that was deleted
+				c.unregisterAdministrationDirectory(ctx, *entry.FullUrl)
+			}
+		}
+	}
+}
+
 func (c *Component) update(ctx context.Context) (UpdateReport, error) {
 	c.updateMux.Lock()
 	defer c.updateMux.Unlock()
@@ -232,6 +261,11 @@ func (c *Component) updateFromDirectory(ctx context.Context, fhirBaseURLRaw stri
 	// _history can return multiple versions of the same resource, but transaction bundles must have unique resources
 	deduplicatedEntries := deduplicateHistoryEntries(entries)
 
+	// Pre-process Endpoint DELETEs to unregister administration directories
+	if allowDiscovery {
+		c.processEndpointDeletes(ctx, deduplicatedEntries)
+	}
+
 	// Build transaction with deterministic conditional references
 	tx := fhir.Bundle{
 		Type:  fhir.BundleTypeTransaction,
@@ -251,6 +285,8 @@ func (c *Component) updateFromDirectory(ctx context.Context, fhirBaseURLRaw stri
 			report.Warnings = append(report.Warnings, fmt.Sprintf("entry #%d: %s", i, err.Error()))
 			continue
 		}
+
+		// Handle Endpoint discovery and registration
 		if allowDiscovery && resourceType == "Endpoint" && entry.Resource != nil {
 			var endpoint fhir.Endpoint
 			if err := json.Unmarshal(entry.Resource, &endpoint); err != nil {
@@ -264,8 +300,14 @@ func (c *Component) updateFromDirectory(ctx context.Context, fhirBaseURLRaw stri
 			}
 
 			if coding.CodablesIncludesCode(endpoint.PayloadType, payloadCoding) {
+				// Use the fullUrl from the Bundle entry to track this Endpoint
+				// The fullUrl uniquely identifies the resource and can be used for later unregistration
+				if entry.FullUrl == nil {
+					report.Warnings = append(report.Warnings, fmt.Sprintf("entry #%d: Endpoint missing fullUrl", i))
+					continue
+				}
 				log.Ctx(ctx).Debug().Msgf("Discovered mCSD Directory: %s", endpoint.Address)
-				err := c.registerAdministrationDirectory(ctx, endpoint.Address, directoryResourceTypes, false)
+				err := c.registerAdministrationDirectory(ctx, endpoint.Address, directoryResourceTypes, false, *entry.FullUrl)
 				if err != nil {
 					report.Warnings = append(report.Warnings, fmt.Sprintf("entry #%d: failed to register discovered mCSD Directory at %s: %s", i, endpoint.Address, err.Error()))
 				}

component/mcsd/component_test.go

@@ -78,8 +78,10 @@ func TestComponent_update_regression(t *testing.T) {
 
 	require.NoError(t, err)
 	require.NotNil(t, report)
-	assert.Empty(t, report[server.URL].Warnings)
-	assert.NotNil(t, report[server.URL].Warnings, "expected an empty slice")
+	// Expect warnings about Location resources (root directories only support Organization and Endpoint)
+	// The regression data contains Location resources which should produce warnings
+	assert.NotEmpty(t, report[server.URL].Warnings, "expected warnings about Location resources not being allowed")
+	assert.Contains(t, report[server.URL].Warnings[0], "Location not allowed", "expected warning about Location not being allowed in root directory")
 	assert.Empty(t, report[server.URL].Errors)
 	assert.NotNil(t, report[server.URL].Errors, "expected an empty slice")
 }
@@ -582,7 +584,11 @@ func TestComponent_updateFromDirectory(t *testing.T) {
 		defer server.Close()
 
 		capturingClient := &test.StubFHIRClient{}
-		component, err := New(Config{})
+		component, err := New(Config{
+			QueryDirectory: DirectoryConfig{
+				FHIRBaseURL: "http://example.com/local/fhir",
+			},
+		})
 		require.NoError(t, err)
 
 		component.fhirClientFn = func(baseURL *url.URL) fhirclient.Client {
@@ -604,6 +610,149 @@ func TestComponent_updateFromDirectory(t *testing.T) {
 		orgs := capturingClient.CreatedResources["Organization"]
 		require.Len(t, orgs, 0, "Should have 0 Organizations after deduplication (DELETE is most recent operation)")
 	})
+
+	t.Run("handles DELETE operations for Endpoints and unregisters from administrationDirectories", func(t *testing.T) {
+		// This test verifies that when an Endpoint is deleted (DELETE operation in _history),
+		// it is properly removed from the query directory and unregistered from administrationDirectories.
+		// This fixes issue #241 where deleted Endpoints were cached indefinitely.
+
+		ctx := context.Background()
+
+		// Create test data with an Endpoint that will be deleted
+		initialBundle := `{
+			"resourceType": "Bundle",
+			"type": "history",
+			"entry": [{
+				"fullUrl": "http://test.example.org/fhir/Endpoint/test-endpoint",
+				"resource": {
+					"resourceType": "Endpoint",
+					"id": "test-endpoint",
+					"status": "active",
+					"payloadType": [{
+						"coding": [{
+							"system": "http://nuts-foundation.github.io/nl-generic-functions-ig/CodeSystem/nl-gf-data-exchange-capabilities",
+							"code": "http://nuts-foundation.github.io/nl-generic-functions-ig/CapabilityStatement/nl-gf-admin-directory-update-client"
+						}]
+					}],
+					"address": "https://directory.example.org/fhir"
+				},
+				"request": {
+					"method": "POST",
+					"url": "Endpoint/test-endpoint"
+				}
+			}]
+		}`
+
+		// Create bundle with DELETE operation for the same Endpoint
+		deleteBundle := `{
+			"resourceType": "Bundle",
+			"type": "history",
+			"entry": [{
+				"fullUrl": "http://test.example.org/fhir/Endpoint/test-endpoint",
+				"request": {
+					"method": "DELETE",
+					"url": "Endpoint/test-endpoint"
+				}
+			}]
+		}`
+
+		// Create a mock server that returns the initial bundle first, then the delete bundle
+		callCount := 0
+		mux := http.NewServeMux()
+		server := httptest.NewServer(mux)
+		defer server.Close()
+
+		mux.HandleFunc("/fhir/Endpoint/_history", func(w http.ResponseWriter, r *http.Request) {
+			w.Header().Set("Content-Type", "application/json")
+			if callCount == 0 {
+				w.Write([]byte(initialBundle))
+			} else {
+				w.Write([]byte(deleteBundle))
+			}
+			callCount++
+		})
+		mux.HandleFunc("/fhir/Organization/_history", func(w http.ResponseWriter, r *http.Request) {
+			w.Header().Set("Content-Type", "application/json")
+			w.Write([]byte(`{"resourceType": "Bundle", "type": "history", "entry": []}`))
+		})
+		mux.HandleFunc("/fhir/Location/_history", func(w http.ResponseWriter, r *http.Request) {
+			w.Header().Set("Content-Type", "application/json")
+			w.Write([]byte(`{"resourceType": "Bundle", "type": "history", "entry": []}`))
+		})
+		mux.HandleFunc("/fhir/HealthcareService/_history", func(w http.ResponseWriter, r *http.Request) {
+			w.Header().Set("Content-Type", "application/json")
+			w.Write([]byte(`{"resourceType": "Bundle", "type": "history", "entry": []}`))
+		})
+
+		component, err := New(Config{
+			QueryDirectory: DirectoryConfig{
+				FHIRBaseURL: "http://example.com/local/fhir",
+			},
+			AdministrationDirectories: map[string]DirectoryConfig{
+				"test-dir": {
+					FHIRBaseURL: server.URL + "/fhir",
+				},
+			},
+		})
+		require.NoError(t, err)
+
+		// Mock FHIR client that tracks operations
+		capturingClient := &test.StubFHIRClient{}
+		component.fhirClientFn = func(baseURL *url.URL) fhirclient.Client {
+			if baseURL.String() == server.URL+"/fhir" {
+				return fhirclient.New(baseURL, http.DefaultClient, &fhirclient.Config{UsePostSearch: false})
+			}
+			if baseURL.String() == "http://example.com/local/fhir" {
+				return capturingClient
+			}
+			return &test.StubFHIRClient{Error: errors.New("unknown URL")}
+		}
+
+		// First update - should discover and register the Endpoint
+		report1, err := component.updateFromDirectory(ctx, server.URL+"/fhir", []string{"Endpoint"}, true)
+		require.NoError(t, err)
+		require.Empty(t, report1.Errors)
+		require.Equal(t, 1, report1.CountCreated, "Should have created 1 Endpoint")
+
+		// Verify Endpoint was created in query directory
+		require.NotNil(t, capturingClient.CreatedResources)
+		require.Len(t, capturingClient.CreatedResources["Endpoint"], 1, "Endpoint should be created in query directory")
+
+		// Verify Endpoint was discovered and registered with correct fullUrl
+		initialAdminDirCount := len(component.administrationDirectories)
+		foundEndpoint := false
+		var registeredFullUrl string
+		for _, dir := range component.administrationDirectories {
+			if dir.fhirBaseURL == "https://directory.example.org/fhir" {
+				foundEndpoint = true
+				registeredFullUrl = dir.sourceURL
+				break
+			}
+		}
+		assert.True(t, foundEndpoint, "Endpoint should be registered as administration directory")
+		assert.Equal(t, "http://test.example.org/fhir/Endpoint/test-endpoint", registeredFullUrl, "Registered Endpoint should have fullUrl from Bundle entry")
+
+		// Second update - should process DELETE and unregister the Endpoint
+		report2, err := component.updateFromDirectory(ctx, server.URL+"/fhir", []string{"Endpoint"}, true)
+		require.NoError(t, err)
+		require.Empty(t, report2.Errors)
+
+		// Verify DELETE was processed and Endpoint was unregistered
+		afterDeleteCount := len(component.administrationDirectories)
+		assert.Less(t, afterDeleteCount, initialAdminDirCount, "Deleted Endpoint should be unregistered")
+
+		deletedEndpointStillExists := false
+		for _, dir := range component.administrationDirectories {
+			if dir.fhirBaseURL == "https://directory.example.org/fhir" {
+				deletedEndpointStillExists = true
+				break
+			}
+		}
+		assert.False(t, deletedEndpointStillExists, "Deleted Endpoint should not remain in administrationDirectories")
+
+		// Verify DELETE was sent to query directory
+		assert.Equal(t, 1, report2.CountDeleted, "Should have 1 deleted resource")
+	})
 }
 
 func startMockServer(t *testing.T, filesToServe map[string]string) *httptest.Server {
@@ -639,7 +788,7 @@ func TestComponent_registerAdministrationDirectory(t *testing.T) {
 		})
 		require.NoError(t, err)
 
-		err = component.registerAdministrationDirectory(context.Background(), "http://example.com/fhir", []string{"Organization"}, false)
+		err = component.registerAdministrationDirectory(context.Background(), "http://example.com/fhir", []string{"Organization"}, false, "")
 
 		require.NoError(t, err, "Should not error when URL is excluded, just skip registration")
 		assert.Len(t, component.administrationDirectories, 0, "No directories should be registered")
@@ -654,7 +803,7 @@ func TestComponent_registerAdministrationDirectory(t *testing.T) {
 		require.NoError(t, err)
 
 		// Try to register with trailing slash - should still be excluded
-		err = component.registerAdministrationDirectory(context.Background(), "http://example.com/fhir/", []string{"Organization"}, false)
+		err = component.registerAdministrationDirectory(context.Background(), "http://example.com/fhir/", []string{"Organization"}, false, "")
 
 		require.NoError(t, err, "Should not error when URL is excluded, just skip registration")
 		assert.Len(t, component.administrationDirectories, 0, "No directories should be registered")
@@ -669,7 +818,7 @@ func TestComponent_registerAdministrationDirectory(t *testing.T) {
 		require.NoError(t, err)
 
 		// Try to register without trailing slash - should still be excluded due to trimming
-		err = component.registerAdministrationDirectory(context.Background(), "http://example.com/fhir", []string{"Organization"}, false)
+		err = component.registerAdministrationDirectory(context.Background(), "http://example.com/fhir", []string{"Organization"}, false, "")
 
 		require.NoError(t, err, "Should not error when URL is excluded, just skip registration")
 		assert.Len(t, component.administrationDirectories, 0, "No directories should be registered")
@@ -683,7 +832,7 @@ func TestComponent_registerAdministrationDirectory(t *testing.T) {
 		})
 		require.NoError(t, err)
 
-		err = component.registerAdministrationDirectory(context.Background(), "http://example.com/fhir/", []string{"Organization"}, false)
+		err = component.registerAdministrationDirectory(context.Background(), "http://example.com/fhir/", []string{"Organization"}, false, "")
 
 		require.NoError(t, err, "Should not error when URL is excluded, just skip registration")
 		assert.Len(t, component.administrationDirectories, 0, "No directories should be registered")
@@ -697,7 +846,7 @@ func TestComponent_registerAdministrationDirectory(t *testing.T) {
 		})
 		require.NoError(t, err)
 
-		err = component.registerAdministrationDirectory(context.Background(), "http://allowed.com/fhir", []string{"Organization"}, false)
+		err = component.registerAdministrationDirectory(context.Background(), "http://allowed.com/fhir", []string{"Organization"}, false, "")
 
 		require.NoError(t, err)
 		assert.Len(t, component.administrationDirectories, 1, "Directory should be registered")
@@ -717,7 +866,7 @@ func TestComponent_registerAdministrationDirectory(t *testing.T) {
 		require.NoError(t, err)
 
 		// Try to register the same URL as admin directory - should be excluded
-		err = component.registerAdministrationDirectory(context.Background(), ownFHIRBaseURL, []string{"Organization"}, true)
+		err = component.registerAdministrationDirectory(context.Background(), ownFHIRBaseURL, []string{"Organization"}, true, "")
 
 		require.NoError(t, err, "Should not error when URL is excluded, just skip registration")
 		assert.Len(t, component.administrationDirectories, 0, "Own directory should not be registered as admin directory")
@@ -734,12 +883,12 @@ func TestComponent_registerAdministrationDirectory(t *testing.T) {
 		require.NoError(t, err)
 
 		// Try to register excluded directories
-		err1 := component.registerAdministrationDirectory(context.Background(), "http://excluded1.com/fhir", []string{"Organization"}, false)
-		err2 := component.registerAdministrationDirectory(context.Background(), "http://excluded2.com/fhir", []string{"Organization"}, false)
-		err3 := component.registerAdministrationDirectory(context.Background(), "http://excluded3.com/fhir", []string{"Organization"}, false)
+		err1 := component.registerAdministrationDirectory(context.Background(), "http://excluded1.com/fhir", []string{"Organization"}, false, "")
+		err2 := component.registerAdministrationDirectory(context.Background(), "http://excluded2.com/fhir", []string{"Organization"}, false, "")
+		err3 := component.registerAdministrationDirectory(context.Background(), "http://excluded3.com/fhir", []string{"Organization"}, false, "")
 
 		// Register an allowed directory
-		err4 := component.registerAdministrationDirectory(context.Background(), "http://allowed.com/fhir", []string{"Organization"}, false)
+		err4 := component.registerAdministrationDirectory(context.Background(), "http://allowed.com/fhir", []string{"Organization"}, false, "")
 
 		require.NoError(t, err1, "Should not error when URL is excluded, just skip registration")
 		require.NoError(t, err2, "Should not error when URL is excluded, just skip registration")
@@ -754,7 +903,7 @@ func TestComponent_registerAdministrationDirectory(t *testing.T) {
 		})
 		require.NoError(t, err)
 
-		err = component.registerAdministrationDirectory(context.Background(), "http://example.com/fhir", []string{"Organization"}, false)
+		err = component.registerAdministrationDirectory(context.Background(), "http://example.com/fhir", []string{"Organization"}, false, "")
 
 		require.NoError(t, err)
 		assert.Len(t, component.administrationDirectories, 1, "Directory should be registered when exclusion list is empty")
@@ -769,7 +918,7 @@ func TestComponent_registerAdministrationDirectory(t *testing.T) {
 		require.NoError(t, err)
 
 		// Invalid URL should return error, not silently skip
-		err = component.registerAdministrationDirectory(context.Background(), "not-a-valid-url", []string{"Organization"}, false)
+		err = component.registerAdministrationDirectory(context.Background(), "not-a-valid-url", []string{"Organization"}, false, "")
 
 		require.Error(t, err)
 		assert.Contains(t, err.Error(), "invalid FHIR base URL")