Skip to content

Update: [AEA-4652] - signature validation on prescription creation#4426

Merged
bencegadanyi1-nhs merged 43 commits intomasterfrom
AEA-4652-add-prescription-order-endpoint-signature-validation
Apr 2, 2026
Merged

Update: [AEA-4652] - signature validation on prescription creation#4426
bencegadanyi1-nhs merged 43 commits intomasterfrom
AEA-4652-add-prescription-order-endpoint-signature-validation

Conversation

@bencegadanyi1-nhs
Copy link
Copy Markdown
Contributor

@bencegadanyi1-nhs bencegadanyi1-nhs commented Mar 11, 2026

Summary

  • ✨ New Feature

Details

  • added ENABLE_PRESCRIBING_SIGNATURE_VALIDATION flag -> lets us turn on signature checks at creation without blowing anything up
  • hooked signature verification into $process-message for prescription-order creation
  • introduced verifyAndFormatPrescriptionSignature() -> single place for logging + OperationOutcome mapping (no more scattered logic)
  • aligned error handling + mapping with release flow (and updated translation/tests to match)
  • refactored $process-message to avoid double translation -> convertPrescriptionBundleToSpineRequest now returns both SpineRequest + ParentPrescription, so signature verification reuses it instead of calling convertParentPrescription again
  • wired the flag through CDK, ECS env, and CI/release workflows
  • updated e2e expectations + trivy ignore list accordingly

@github-actions
Copy link
Copy Markdown
Contributor

This PR is linked to a ticket in an NHS Digital JIRA Project. Here's a handy link to the ticket:

AEA-4652

Copilot AI review requested due to automatic review settings March 18, 2026 09:43
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds signature validation for prescription creation (behind a feature flag) and aligns signature-verification error handling/mapping across creation + release flows, with supporting infra/workflow wiring.

Changes:

  • Introduces ENABLE_PRESCRIBING_SIGNATURE_VALIDATION feature flag and performs signature verification in the $process-message route for prescription-order creation.
  • Adds verifyAndFormatPrescriptionSignature() to centralize logging + OperationOutcome issue mapping; updates release-response translation/tests accordingly.
  • Wires the flag through CDK contexts/ECS env and CI/release workflows; updates e2e expectations and security ignore list.

Reviewed changes

Copilot reviewed 20 out of 20 changed files in this pull request and generated 7 comments.

Show a summary per file
File Description
packages/e2e-tests/specs/live/process.failures.spec.ts Updates failure test setup + expected OperationOutcome for signature validation.
packages/coordinator/tests/utils/feature-flags.spec.ts Adds unit tests for the new feature flag helper.
packages/coordinator/tests/services/translation/response/release/release-response.spec.ts Updates tests to mock/expect the new signature verification function and diagnostics.
packages/coordinator/tests/services/translation/request/index.spec.ts Adds tests for creation-time signature verification mapping.
packages/coordinator/src/utils/feature-flags.ts Adds isSignatureValidationEnabled().
packages/coordinator/src/services/verification/signature-verification.ts Adds verifyAndFormatPrescriptionSignature() mapping errors to FHIR issues + logging.
packages/coordinator/src/services/translation/response/release/release-response.ts Uses formatted signature issues when building invalid-signature outcomes.
packages/coordinator/src/services/translation/request/index.ts Exposes verifySignatureForPrescriptionCreation() used by the route.
packages/coordinator/src/routes/process.ts Performs signature validation on prescription creation when the flag is enabled.
packages/cdk/stacks/PrescribeDispenseStack.ts Adds context plumbing + CFN output for the flag.
packages/cdk/resources/ECSTasks.ts Injects ENABLE_PRESCRIBING_SIGNATURE_VALIDATION into ECS task env.
cdk.json Adds enablePrescribingSignatureValidation context default.
.trivyignore.yaml Adds a time-bounded ignore entry for CVE-2026-33036.
.github/workflows/run_regression_tests.yml Changes regression test tags to a feature-branch tag.
.github/workflows/release_ref.yml Adds ENABLE_PRESCRIBING_SIGNATURE_VALIDATION to ref release env.
.github/workflows/release.yml Adds ENABLE_PRESCRIBING_SIGNATURE_VALIDATION to multiple environments.
.github/workflows/pull_request.yml Enables ENABLE_PRESCRIBING_SIGNATURE_VALIDATION for PR deploys (with TODO).
.github/workflows/ci.yml Adds ENABLE_PRESCRIBING_SIGNATURE_VALIDATION to CI deploy jobs.
.github/workflows/cdk_release_code.yml Adds required boolean input for ENABLE_PRESCRIBING_SIGNATURE_VALIDATION.
.github/scripts/fix_cdk_json.sh Ensures CDK context is populated from ENABLE_PRESCRIBING_SIGNATURE_VALIDATION.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/workflows/run_regression_tests.yml
Comment thread .github/workflows/pull_request.yml Outdated
Comment thread .github/workflows/pull_request.yml Outdated
Comment thread packages/e2e-tests/specs/live/process.failures.spec.ts Outdated
Comment thread packages/e2e-tests/specs/live/process.failures.spec.ts Outdated
Comment thread packages/coordinator/tests/utils/feature-flags.spec.ts Outdated
bencegadanyi1-nhs and others added 3 commits March 18, 2026 10:02
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
"Allow traffic to Claims Service from FHIR Facade load balancer"
)

new CfnOutput(this, "EnablePrescribingSignatureValidation", {
Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm wondering why this is output when others aren't? I can't see it being used, sorry if I've missed it.

Comment thread packages/coordinator/src/routes/process.ts Outdated
Comment thread packages/coordinator/src/services/translation/request/index.ts Outdated
Comment thread packages/coordinator/src/services/verification/signature-verification.ts Outdated
handleResponse
} from "./util"
import {createHash} from "./create-hash"
import {fhir} from "@models"
Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

import {fhir,spine} from @models

import {isSignatureValidationEnabled} from "../utils/feature-flags"
import {identifyMessageType} from "../services/translation/common"
import {verifyAndFormatPrescriptionSignature} from "../services/verification/signature-verification"
import {spine} from "@models"
Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove second from @models

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 2, 2026

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants