Release Notes for Oracle Health Insurance Authorizations Patch 4.25.1.0.3

This document contains the release notes for Oracle Health Insurance Authorizations Patch 4.25.1.0.3.

Version compatibility: Oracle Health Insurance Authorizations Release 4.25.1.x is only compatible with other Oracle Health Insurance applications release version 4.25.1.x unless explicitly stated otherwise.

As per the Service Description, you are obligated to request a service upgrade within 90 days of this release being generally available (GA). In line with the Oracle Cloud Services Pillar document, Section 4.2.2 End of Life, this release will be EOL in 12 months.

Enhancements

Summary

Patch

AUT-4605

Enrollment response via Dynamic Logic function

Oracle Health Insurance Authorizations now supports generating enrollment response data through Dynamic Logic, so enrollment retrieval no longer has to depend on synchronous enrollment callouts when not desired.

Documentation Links:

Developer Guide - Enrollment Mock Response Generation
Installation Guide - ohi.enrollment.dynamiclogic.code
Operations Guide - Dynamic Logic Based Enrollment Response

The enhancement AUT-4240: Enable Insurance Gateway to respond to enrollment requests, which was released in version 4.25.1.0.1, has been deprecated in this patch release and will not be included in future patches or releases.
The functionality it provided has been superseded by this enhancement.

4.26.1.0.0

Configuration Properties

Ref	Action	Description
AUT-4605	Added	ohi.enrollment.dynamiclogic.code Dynamic logic function code used to create enrollment response data

Ref

Action

Description

AUT-4605

Added

ohi.enrollment.dynamiclogic.code

Dynamic logic function code used to create enrollment response data

Web Services

This section intentionally left blank.

Data Conversion

This section intentionally left blank.

Dynamic Logic

Ref	Action	Description
AUT-4605	Added	Enrollment Mock Response Generation An enrollment response can be generated by a dynamic function. This feature is intended as an enrollment mock service to aid implementation and managed through the ohi.enrollment.dynamiclogic.code property. Only one function dynamic logic with this signature can be created (OHI-DYLO-028).

Ref

Action

Description

AUT-4605

Added

Enrollment Mock Response Generation

An enrollment response can be generated by a dynamic function. This feature is intended as an enrollment mock service to aid implementation and managed through the ohi.enrollment.dynamiclogic.code property.

Only one function dynamic logic with this signature can be created (OHI-DYLO-028).

UI Changes

This section intentionally left blank.

Breaking Changes

This section intentionally left blank.

Access Restrictions

This section intentionally left blank.

Bug Fixes

BugDB	SR	Internal	Summary
38856897		AUT-4557	Missing secrets for OAuth clients while ohistore is used as keystore
Description:	Sometime OAuth clients shows clientSecretRegistered as false even through secret is already set in the database.
Resolution:	OAuth client credential keys are now correctly fetched.
39026317	4-0002125064	AUT-4614	Resources cannot be searched when code starts with %255%
Description:	POST search API requests were failing with an IntrusionDetectionException when the query contained specific special patterns. These legitimate input param were incorrectly identified as potential intrusion attempts, resulting in search failures.
Resolution:	Enhanced the intrusion detection mechanism to correctly handle search query parameters, preventing legitimate requests from being incorrectly flagged
39114110		AUT-4677	Oauth restclientbuilder lookup fails due to duplicate enum keys across authentication feature enums
Description:	A key mismatch occured due to duplicate OAuth enum values defined in different authentication feature enums, resulting in a lookup failure and the error “No RestClientBuilder specified for OAuth”
Resolution:	The application now correctly resolves the restclientbuilder specified for OAuth
39144299		AUT-4692	Page is not refreshed after submitting the authorization.
Description:	After authorization submission, the page retains its previous status and fails to refresh.
Resolution:	After submitting the authorization, the page is refreshed and updated to the latest status.
39079690		AUT-4649	Flex Code Base Views are both removed and updated at the same time
Description:	During Base View Generation, the generation of Flex Code Base View is unstable: (1) Concurrent update/remove operations occasionally targeted the same view, raising the Oracle error “table or view does not exist”. This happened intermittently. (2) The generator skipped creating some Flex Code Base Views whenever the Flex Code System code contained lowercase characters.
Resolution:	The update/removal operations are serialized to prevent errors like “table or view does not exist”. Flex Code Base Views are generated for Flex Code Systems with a code containing lowercase characters.
38226981		AUT-4317	Tracking/Tracing of requests should not be sent to external systems
Description:	Tracing headers (such as B3 headers) are being sent to external systems. This leads to a 500 error response. However, when the spanId header is removed, the request goes through successfully with a 201 response
Resolution:	B3 Tracing headers will be added when the host of the request and the application are identical.
38461042		AUT-4394	Boilerplate code is seen for widgets
Description:	After adding the widget in Authorizations, boilerplate codes are seen in table
Resolution:	Boilerplate translations are applied and values are shown properly

BugDB

Internal

Summary

38856897

AUT-4557

Missing secrets for OAuth clients while ohistore is used as keystore

Description:

Sometime OAuth clients shows clientSecretRegistered as false even through secret is already set in the database.

Resolution:

OAuth client credential keys are now correctly fetched.

39026317

4-0002125064

AUT-4614

Resources cannot be searched when code starts with %255%

Description:

POST search API requests were failing with an IntrusionDetectionException when the query contained specific special patterns. These legitimate input param were incorrectly identified as potential intrusion attempts, resulting in search failures.

Resolution:

Enhanced the intrusion detection mechanism to correctly handle search query parameters, preventing legitimate requests from being incorrectly flagged

39114110

AUT-4677

Oauth restclientbuilder lookup fails due to duplicate enum keys across authentication feature enums

Description:

A key mismatch occured due to duplicate OAuth enum values defined in different authentication feature enums, resulting in a lookup failure and the error “No RestClientBuilder specified for OAuth”

Resolution:

The application now correctly resolves the restclientbuilder specified for OAuth

39144299

AUT-4692

Page is not refreshed after submitting the authorization.

Description:

After authorization submission, the page retains its previous status and fails to refresh.

Resolution:

After submitting the authorization, the page is refreshed and updated to the latest status.

39079690

AUT-4649

Flex Code Base Views are both removed and updated at the same time

Description:

During Base View Generation, the generation of Flex Code Base View is unstable: (1) Concurrent update/remove operations occasionally targeted the same view, raising the Oracle error “table or view does not exist”. This happened intermittently. (2) The generator skipped creating some Flex Code Base Views whenever the Flex Code System code contained lowercase characters.

Resolution:

The update/removal operations are serialized to prevent errors like “table or view does not exist”. Flex Code Base Views are generated for Flex Code Systems with a code containing lowercase characters.

38226981

AUT-4317

Tracking/Tracing of requests should not be sent to external systems

Description:

Tracing headers (such as B3 headers) are being sent to external systems. This leads to a 500 error response. However, when the spanId header is removed, the request goes through successfully with a 201 response

Resolution:

B3 Tracing headers will be added when the host of the request and the application are identical.

38461042

AUT-4394

Boilerplate code is seen for widgets

Description:

After adding the widget in Authorizations, boilerplate codes are seen in table

Resolution:

Boilerplate translations are applied and values are shown properly

Issues that were backported in previous Release / Patch

No backports.