Stream: fhircast-github
Topic: docs / Issue #36 Add capability for client to query curre...
Github Notifications (FHIRcast) (Oct 03 2018 at 03:28):
isaacvetter commented on Issue #36
Thanks, @jeremysrichardson, I think so too, but how do we _know_ it's a good idea? :octopus:
Github Notifications (FHIRcast) (Oct 16 2018 at 14:52):
NiklasSvenzen commented on Issue #36
I think it would makes sense to also include encounter and study data in the response if it exists.
Github Notifications (FHIRcast) (Dec 11 2018 at 16:55):
isaacvetter commented on Issue #36
maybe add the mac signature in the header to be consistent with the notification process?
Hey @mbellehumeur ,
That's a really interesting point. I had to spend some time thinking through it. In WebSub (and FHIRcast!), the intent of the HMAC signature is to allow the Hub to authenticate to the subscriber.
In this case, the subscriber is accessing an API on the Hub, so it's the subscriber that must authenticate. We've already got the OAuth/SMART access_token for this purpose.
I can understand your goal of consistency, but I'm not sure that this is needed. What secret would we use to calculate the digest if the subscriber was supplying it to the hub?
Are you okay with me merging this PR as is ?
Isaac
Martin Bellehumeur (Visage Imaging) (Dec 12 2018 at 11:18):
Hi,
I'm OK with merging the PR as is.
Best,
Martin
Last updated: Apr 12 2022 at 19:14 UTC
