Stream: dotnet
Topic: Smart on Fhir oidc
Lars Ewert (Jan 19 2022 at 11:19):
Hey guys im trying to set up an oidc login for a standalone launch to a SMART on Fhir Server. As far as i can see there are no Nuget Packages for a "simple implementation", so i have to implement it from scratch, to find the auth and token routes needed.
Im using a Fhir Server URL from smarthealtit.org to achieve first steps, so there shouldnt be a problem with client_id and client_secret.
Does someone had to deal with this step already and can share some advices?
Muhammad Abubakar Ikram (Jan 19 2022 at 12:45):
Kindly check the following links they might help you. Vonk (dotnet based FHIR server) has shared their code for smart-on-fhir implementation for dotnet based FHIR servers.
Documentation: https://docs.fire.ly/projects/Firely-Server/en/latest/security/accesscontrol.html#
GitHub code: https://github.com/FirelyTeam/Vonk.IdentityServer.Test
the GitHub code is the example of Authorization server (IdentityServer based => OAuth2.0 implementation in dotnet) to work with a dotnet based FHIR server, that supports smart-on-fhir login funcionality for the clients of its FHIR server. The authorization server provides the endpoints for authorization code and token.
Lars Ewert (Jan 19 2022 at 14:25):
Thanks for the information, but am i right, that this is a guide to implement Smart On Fhir for a Fhir server?
I am a third party developer with a standalone Web-Application and want to achieve a authorization against a Smart on Fhir Server.
i hope its mroe clear what my issue is
Brian Postlethwaite (Jan 19 2022 at 14:46):
So you're a regular web app wanting to handle the launch from a smart on fhir host and do the auth routines with the fhir server connected to it?
Brian Postlethwaite (Jan 19 2022 at 14:47):
If that's what you're up to, it's really just 2 static HTML pages with some javascript in it is all you actually need.
There are a few samples out there for this.
Muhammad Abubakar Ikram (Jan 19 2022 at 17:43):
@Lars Ewert yes that is the right guide to get start. HL7 FHIR website also has a page dedicated to this topic. For web app see the FHIR JavaScript library, with that you can have your client side developed.
Gino Canessa (Jan 19 2022 at 17:48):
If you want an overview of SMART app launch, I do have a video that walks through the spec. There are additional videos in that series using C#, so not exactly your scenario, that may be helpful as well.
Lars Ewert (Jan 20 2022 at 19:17):
Thanks a lot guys !
@Gino Canessa i have already watched your videos about this ;-) im using an Identity Server with an App Login and a separate SMART-on-FHIR OIDC Login. It was a bit tricky to set up, but its working as expected now.
Only have to deal now in the frontend with the authorization but that is standard oidc stuff now ;-)
Have a great one everyone!
Gino Canessa (Jan 20 2022 at 19:18):
Glad it helped! If there are any gaps that would be helpful to cover, please let me know.
Lars Ewert (Jan 20 2022 at 19:31):
Hey Gino,
The main problem for me was, that Microsoft decided to wrap a lot of stuff in a library which is not visible to the developer, except you scaffold the identity server and have a look at the controllers and views. That helped me a lot to understand whats going on and how the different Login Options are achieved. ;-)
In your videos you search manualy for the Auth and Token URLs and go through the steps, but the identity server 4 does a lot on its own without knowing exactly what.
Gino Canessa (Jan 20 2022 at 19:35):
Makes sense, I have on my list to do a series with common auth providers, so I will add your comments for when I get to it. Thanks!
Last updated: Apr 12 2022 at 19:14 UTC
