FHIR Chat · C25 -- Testing with smart.argo.run · smart

Stream: smart

Topic: C25 -- Testing with smart.argo.run

view this post on Zulip Josh Mandel (Sep 10 2020 at 20:08):

@Pascal Pfiffner Can you share the authz request you're making that's resulting in a missing patient?

view this post on Zulip Gino Canessa (Sep 10 2020 at 20:08):

Also, the room is open right now if you want to debug in real-time. Whova (and/or zoom) will let you screen share

view this post on Zulip Pascal Pfiffner (Sep 10 2020 at 20:09):

"the room"? I'm a Whova noob.

view this post on Zulip Pascal Pfiffner (Sep 10 2020 at 20:09):

Happy to do it real-time

view this post on Zulip Gino Canessa (Sep 10 2020 at 20:10):

In Whova: Agenda -> Connectathon Tracks -> View Session -> Argonaut Granular Controls -> View Details. Will open the meeting

view this post on Zulip Pascal Pfiffner (Sep 10 2020 at 20:16):

URL: https://smart.argo.run/v/r4/sim/eyJrIjoiMSIsImkiOiIxIiwiaiI6IjEiLCJiIjoiMzdlOTdlYTUtZTJkYy00NzcwLWJiN2QtOTNkMDJjZmViYjBjIn0/fhir

view this post on Zulip Pascal Pfiffner (Sep 10 2020 at 20:18):

https://smart.argo.run/v/r4/auth/authorize?client_id=client_id&scope=launch/patient+patient/Immunization.r&response_type=code&redirect_uri=fhirtester://auth/callback&aud=https://smart.argo.run/v/r4/sim/eyJrIjoiMSIsImkiOiIxIiwiaiI6IjEiLCJiIjoiMzdlOTdlYTUtZTJkYy00NzcwLWJiN2QtOTNkMDJjZmViYjBjIn0/fhir&state=AEEDB7A9431C

view this post on Zulip Pascal Pfiffner (Sep 10 2020 at 20:27):

access token for launch/patient and patient/Observation.r:

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuZWVkX3BhdGllbnRfYmFubmVyIjp0cnVlLCJzbWFydF9zdHlsZV91cmwiOiJodHRwczovL3NtYXJ0LmFyZ28ucnVuLy9zbWFydC1zdHlsZS5qc29uIiwicGF0aWVudCI6IjM3ZTk3ZWE1LWUyZGMtNDc3MC1iYjdkLTkzZDAyY2ZlYmIwYyIsInRva2VuX3R5cGUiOiJiZWFyZXIiLCJzY29wZSI6ImxhdW5jaC9wYXRpZW50IHBhdGllbnQvT2JzZXJ2YXRpb24uciIsImNsaWVudF9pZCI6ImNsaWVudF9pZCIsImV4cGlyZXNfaW4iOjM2MDAsImlhdCI6MTU5OTc2OTU0NSwiZXhwIjoxNTk5NzczMTQ1fQ.-bLL73b7oZNcJaRJ4lywzzy1shrpLKMyGB12flzm0z0

view this post on Zulip Pascal Pfiffner (Sep 10 2020 at 20:28):

https://smart.argo.run/v/r4/sim/eyJrIjoiMSIsImkiOiIxIiwiaiI6IjEiLCJiIjoiMzdlOTdlYTUtZTJkYy00NzcwLWJiN2QtOTNkMDJjZmViYjBjIn0/fhir/Observation

view this post on Zulip Josh Mandel (Sep 10 2020 at 20:29):

curl -H 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuZWVkX3BhdGllbnRfYmFubmVyIjp0cnVlLCJzbWFydF9zdHlsZV91cmwiOiJodHRwczovL3NtYXJ0LmFyZ28ucnVuLy9zbWFydC1zdHlsZS5qc29uIiwicGF0aWVudCI6IjM3ZTk3ZWE1LWUyZGMtNDc3MC1iYjdkLTkzZDAyY2ZlYmIwYyIsInRva2VuX3R5cGUiOiJiZWFyZXIiLCJzY29wZSI6ImxhdW5jaC9wYXRpZW50IHBhdGllbnQvT2JzZXJ2YXRpb24uciIsImNsaWVudF9pZCI6ImNsaWVudF9pZCIsImV4cGlyZXNfaW4iOjM2MDAsImlhdCI6MTU5OTc2OTU0NSwiZXhwIjoxNTk5NzczMTQ1fQ.-bLL73b7oZNcJaRJ4lywzzy1shrpLKMyGB12flzm0z0'  \
'https://smart.argo.run/v/r4/sim/eyJrIjoiMSIsImkiOiIxIiwiaiI6IjEiLCJiIjoiMzdlOTdlYTUtZTJkYy00NzcwLWJiN2QtOTNkMDJjZmViYjBjIn0/fhir/Observation'

This gives me the expected error:

{"Error": "Request too wide for granted scopes"}

view this post on Zulip Pascal Pfiffner (Sep 10 2020 at 21:02):

GET https://smart.argo.run/v/r4/sim/eyJrIjoiMSIsImkiOiIxIiwiaiI6IjEiLCJiIjoiMzdlOTdlYTUtZTJkYy00NzcwLWJiN2QtOTNkMDJjZmViYjBjIn0/
fhir/Observation?patient=37e97ea5-e2dc-4770-bb7d-93d02cfebb0c&category=vital-signs
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuZWVkX3BhdGllbnRfYmFubmVyIjp0cnVlLCJzbWFydF9zdHlsZV91cmwiOiJodHRwczovL3NtYXJ0LmFyZ28ucnVuLy9zbWFydC1zdHlsZS5qc29uIiwicGF0aWVudCI6IjM3ZTk3ZWE1LWUyZGMtNDc3MC1iYjdkLTkzZDAyY2ZlYmIwYyIsInRva2VuX3R5cGUiOiJiZWFyZXIiLCJzY29wZSI6ImxhdW5jaC9wYXRpZW50IHBhdGllbnQvT2JzZXJ2YXRpb24ucnM_Y2F0ZWdvcnk9dml0YWwtc2lnbnMiLCJjbGllbnRfaWQiOiJjbGllbnRfaWQiLCJleHBpcmVzX2luIjozNjAwLCJpYXQiOjE1OTk3NzE0NjEsImV4cCI6MTU5OTc3NTA2MX0.EvEEoB2GC-R_E86WNgHYIOANMrLOZt7S72SpWrQDxcA
Accept: application/fhir+json

{"Error": "Request too wide for granted scopes"}

:sad:

view this post on Zulip Pascal Pfiffner (Sep 10 2020 at 21:02):

I do have the patient/Observation.rs?category=vital-signs in that token, so this request should succeed I assume?

view this post on Zulip Josh Mandel (Sep 10 2020 at 21:14):

At a glance I agree @Pascal Pfiffner, this looks wrong.

view this post on Zulip Josh Mandel (Sep 10 2020 at 21:15):

I'll also note @Gino Canessa with the testing app at https://smart.argo.run/granular/index.html?aud=https%3A%2F%2Fsmart.argo.run%2Fv%2Fr4%2Fsim%2FeyJrIjoiMSIsImoiOiIxIiwiYiI6IjE1NWQzZDgwLWYzZjAtNGIzOS05MjA3LTBkMTIyY2Y5NGExMSJ9%2Ffhir when I ask only for vital signs, it works... but I can't get it to even issue a query for "all observation" (in order to demonstrate a 403). Unchecking all the boxes is still creating a query with ?category=vital-signs.

image.png

view this post on Zulip Josh Mandel (Sep 10 2020 at 21:16):

(Ah, this is specifically an issue if I ask for Observation.crs?category=vital-signs; if I drop the c and request a scope of Observation.rs?category=vital-signs, the behavior is fine.)

view this post on Zulip Gino Canessa (Sep 10 2020 at 21:46):

re: Josh: Ahh, filter duplication checking was leaving a non-element checked. Fixed shortly.
re: Pascal: looking at that next

view this post on Zulip Gino Canessa (Sep 10 2020 at 21:58):

@Pascal Pfiffner , found the issue - you have just the id for the patient instead of Patient/{id} that I was using in testing. I'll have a new version up shortly that handles both.

view this post on Zulip Pascal Pfiffner (Sep 10 2020 at 22:01):

Oh as search param? Got it.

view this post on Zulip Gino Canessa (Sep 10 2020 at 22:03):

Pushed - should be up in ~5 minutes

view this post on Zulip Gino Canessa (Sep 10 2020 at 22:08):

As a note - I removed the check forcing the auth header that we turned on earlier.. it ended up disabling the patient selector, etc.

view this post on Zulip Brian Postlethwaite (Sep 11 2020 at 17:15):

I'm doing an update to the @Kenneth Myhra starter EMR simulator (for windows based apps)
https://github.com/brianpos/smart-on-fhir

view this post on Zulip Josh Mandel (Sep 11 2020 at 17:15):

Cool!

view this post on Zulip Ryan Harrison (Sep 15 2020 at 17:30):

The access_token.payload includes context inside the token.

{
  "need_patient_banner": true,
  "smart_style_url": "https://smart.argo.run//smart-style.json",
  "patient": "37e97ea5-e2dc-4770-bb7d-93d02cfebb0c",
  "token_type": "bearer",
  "scope": "launch/patient patient/Observation.r",
  "client_id": "client_id",
  "expires_in": 3600,
  "iat": 1599769545,
  "exp": 1599773145
}

I thought the launch context was supposed to be included in the /token response body, not in the access_token proper.

Thread: https://chat.fhir.org/#narrow/stream/179170-smart/topic/Smart.20Framework.20Supported.20by.20Patient.20Apps/near/207424774
Docs: http://hl7.org/fhir/smart-app-launch/scopes-and-launch-context/index.html#launch-context-arrives-with-your-access_token

Launch context parameters come **alongside** the access token. They will appear as JSON parameters:
{
  access_token: "secret-xyz",
  patient: "123",
  ...
}

Pascal Pfiffner said:

access token for launch/patient and patient/Observation.r:

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuZWVkX3BhdGllbnRfYmFubmVyIjp0cnVlLCJzbWFydF9zdHlsZV91cmwiOiJodHRwczovL3NtYXJ0LmFyZ28ucnVuLy9zbWFydC1zdHlsZS5qc29uIiwicGF0aWVudCI6IjM3ZTk3ZWE1LWUyZGMtNDc3MC1iYjdkLTkzZDAyY2ZlYmIwYyIsInRva2VuX3R5cGUiOiJiZWFyZXIiLCJzY29wZSI6ImxhdW5jaC9wYXRpZW50IHBhdGllbnQvT2JzZXJ2YXRpb24uciIsImNsaWVudF9pZCI6ImNsaWVudF9pZCIsImV4cGlyZXNfaW4iOjM2MDAsImlhdCI6MTU5OTc2OTU0NSwiZXhwIjoxNTk5NzczMTQ1fQ.-bLL73b7oZNcJaRJ4lywzzy1shrpLKMyGB12flzm0z0

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -