Stream: fhircast-github
Topic: fhircast-docs / Issue #127 May 2019 Ballot Comment: Expan...
Github Notifications (FHIRcast) (Apr 30 2019 at 19:52):
hl7-fhircast-bot opened Issue #127
## May 2019 Ballot Comment: Expand 'fhircast' OAuth scope to include event and read/write
Submitted by Ricardo Quintano Neira on behalf of @bvdh
Chapter/section: Subscribing and Unsubscribingt
Url: https://fhircast.hl7.org/specification/May2019Ballot/index.html
Type: NEG :exclamation: EnhancementSummary: Expand 'fhircast' OAuth scope to include event and read/write
Comment: Issue/comment imported from: https://github.com/HL7/fhircast-docs/issues/64
"We could re-use the SMART on FHIR OAuth2 scope format in FHIRcast to better enable and repesent granular context synchronization authorization."
_This issue was imported by @hl7-fhircast-bot from the consolidated FHIRcast May 2019 ballot spreadsheet._
Github Notifications (FHIRcast) (Apr 30 2019 at 19:52):
hl7-fhircast-bot labeled Issue #127
## May 2019 Ballot Comment: Expand 'fhircast' OAuth scope to include event and read/write
Submitted by Ricardo Quintano Neira on behalf of @bvdh
Chapter/section: Subscribing and Unsubscribingt
Url: https://fhircast.hl7.org/specification/May2019Ballot/index.html
Type: NEG :exclamation: EnhancementSummary: Expand 'fhircast' OAuth scope to include event and read/write
Comment: Issue/comment imported from: https://github.com/HL7/fhircast-docs/issues/64
"We could re-use the SMART on FHIR OAuth2 scope format in FHIRcast to better enable and repesent granular context synchronization authorization."
_This issue was imported by @hl7-fhircast-bot from the consolidated FHIRcast May 2019 ballot spreadsheet._
Github Notifications (FHIRcast) (Apr 30 2019 at 19:52):
hl7-fhircast-bot labeled Issue #127
## May 2019 Ballot Comment: Expand 'fhircast' OAuth scope to include event and read/write
Submitted by Ricardo Quintano Neira on behalf of @bvdh
Chapter/section: Subscribing and Unsubscribingt
Url: https://fhircast.hl7.org/specification/May2019Ballot/index.html
Type: NEG :exclamation: EnhancementSummary: Expand 'fhircast' OAuth scope to include event and read/write
Comment: Issue/comment imported from: https://github.com/HL7/fhircast-docs/issues/64
"We could re-use the SMART on FHIR OAuth2 scope format in FHIRcast to better enable and repesent granular context synchronization authorization."
_This issue was imported by @hl7-fhircast-bot from the consolidated FHIRcast May 2019 ballot spreadsheet._
Github Notifications (FHIRcast) (Apr 30 2019 at 19:52):
hl7-fhircast-bot edited Issue #127
## May 2019 Ballot Comment: Expand 'fhircast' OAuth scope to include event and read/write
Submitted by Ricardo Quintano Neira on behalf of @bvdh
Chapter/section: Subscribing and Unsubscribingt
Url: https://fhircast.hl7.org/specification/May2019Ballot/index.html
Type: NEG :exclamation: EnhancementSummary: Expand 'fhircast' OAuth scope to include event and read/write
Comment: Issue/comment imported from: https://github.com/HL7/fhircast-docs/issues/64
"We could re-use the SMART on FHIR OAuth2 scope format in FHIRcast to better enable and repesent granular context synchronization authorization."
_This issue was imported by @hl7-fhircast-bot from the consolidated FHIRcast May 2019 ballot spreadsheet._
Github Notifications (FHIRcast) (Apr 30 2019 at 21:02):
isaacvetter labeled Issue #127
## May 2019 Ballot Comment: Expand 'fhircast' OAuth scope to include event and read/write
Submitted by Ricardo Quintano Neira on behalf of @bvdh
Chapter/section: Subscribing and Unsubscribingt
Url: https://fhircast.hl7.org/specification/May2019Ballot/index.html
Type: NEG :exclamation: EnhancementSummary: Expand 'fhircast' OAuth scope to include event and read/write
Comment: Issue/comment imported from: https://github.com/HL7/fhircast-docs/issues/64
"We could re-use the SMART on FHIR OAuth2 scope format in FHIRcast to better enable and repesent granular context synchronization authorization."
_This issue was imported by @hl7-fhircast-bot from the consolidated FHIRcast May 2019 ballot spreadsheet._
Github Notifications (FHIRcast) (May 06 2019 at 22:05):
wmaethner commented on Issue #127
During conversation at the Montreal, May 2019 working group meeting, @RicardoQuintano, @wmaethner, @NiklasSvenzen and myself talked through this issue and would like to: include OAuth scopes in determining which events the subscribing app can subscribe to as well as the level of access they have (receiving notifications and/or requesting changes).
Outstanding Questions: If we add this feature in then we need to describe what happens when an app subscribes to events they aren't authorized for, or if they request changes, but aren't authorized for write privileges. We think this extends also to if a subscriber requests events not supported by the hub. Possible options:
1. Hub sends back the subscription verification with only the events supported or authorized.
2. Hub sends back an error (standard authorization error or we define how the error should look, and it describes the events not supported).
Github Notifications (FHIRcast) (May 21 2019 at 13:52):
wmaethner labeled Issue #127:
## May 2019 Ballot Comment: Expand 'fhircast' OAuth scope to include event and read/write
Submitted by Ricardo Quintano Neira on behalf of @bvdh
Chapter/section: Subscribing and Unsubscribingt
Url: https://fhircast.hl7.org/specification/May2019Ballot/index.html
Type: NEG :exclamation: EnhancementSummary: Expand 'fhircast' OAuth scope to include event and read/write
Comment: Issue/comment imported from: https://github.com/HL7/fhircast-docs/issues/64
"We could re-use the SMART on FHIR OAuth2 scope format in FHIRcast to better enable and repesent granular context synchronization authorization."
_This issue was imported by @hl7-fhircast-bot from the consolidated FHIRcast May 2019 ballot spreadsheet._
Github Notifications (FHIRcast) (Jul 16 2019 at 14:07):
isaacvetter commented on Issue #127:
Proposed resolution: Persuasive
Proposed resolution comment: Will add a new section to the specification, something like the below --
## Authorization and scopesFHIRcast defines OAuth2 access scopes that correspond directly to FHIR resource types. We define read and write permissions. Apps that need to receive workflow related events should ask for read scopes. Apps that request context changes should ask for write scopes. Hubs may decide what specific interactions and operations will be enabled by these scopes.
Expressed in EBNF notation, FHIRcast's scope syntax is:
scope ::= ( 'fhircast' ) '/' ( FHIRcast-event ) '.' ( 'read' | 'write' )
FHIRcast events composed of a FHIR resource:
OAuth scope and event
--
- relevant to #108
- railroad diagram - scope syntax%2C%0A%20%20Choice(0%2CTerminal('%2F'))%2C%0A%20%20Choice(0%2CNonTerminal('FHIRcast-event'))%2C%0A%20%20Choice(0%2CTerminal('.')%20%20)%2C%0A%20%20Choice(0%2CTerminal('read')%2CTerminal('write')%20%20)%2C%0A)%0A%0A)
- railroad diagram - event and scope syntax%2C%0A%20%20Choice(0%2CTerminal('%2F'))%2C%0A%20%20Choice(0%2CNonTerminal('fhir-resource'))%2C%0A%20%20Choice(0%2CTerminal('-'))%2C%0A%20%20Choice(0%2CTerminal('open')%2CTerminal('close')%20%20)%2C%0A%20%20Choice(0%2CTerminal('.')%20%20)%2C%0A%20%20Choice(0%2CTerminal('read')%2CTerminal('write')%20%20)%2C%0A)%0A%0A)
Github Notifications (FHIRcast) (Jul 16 2019 at 14:12):
isaacvetter edited a comment on Issue #127:
Proposed resolution: Persuasive
Proposed resolution comment: Will add a new section to the specification, something like the below --
## Authorization and scopesFHIRcast defines OAuth2 access scopes that correspond directly to FHIR resource types. We define read and write permissions. Apps that need to receive workflow related events should ask for read scopes. Apps that request context changes should ask for write scopes. Hubs may decide what specific interactions and operations will be enabled by these scopes.
Expressed in EBNF notation, FHIRcast's scope syntax is:
scope ::= ( 'fhircast' ) '/' ( FHIRcast-event ) '.' ( 'read' | 'write' )
FHIRcast events composed of a FHIR resource:
OAuth scope and event
--
- relevant to #108 (which defines the computable event syntax)
- related to #128 (discovery of supported events), #105 (duplicate of this).
- railroad diagram - scope syntax%2C%0A%20%20Choice(0%2CTerminal('%2F'))%2C%0A%20%20Choice(0%2CNonTerminal('FHIRcast-event'))%2C%0A%20%20Choice(0%2CTerminal('.')%20%20)%2C%0A%20%20Choice(0%2CTerminal('read')%2CTerminal('write')%20%20)%2C%0A)%0A%0A)
- railroad diagram - event and scope syntax%2C%0A%20%20Choice(0%2CTerminal('%2F'))%2C%0A%20%20Choice(0%2CNonTerminal('fhir-resource'))%2C%0A%20%20Choice(0%2CTerminal('-'))%2C%0A%20%20Choice(0%2CTerminal('open')%2CTerminal('close')%20%20)%2C%0A%20%20Choice(0%2CTerminal('.')%20%20)%2C%0A%20%20Choice(0%2CTerminal('read')%2CTerminal('write')%20%20)%2C%0A)%0A%0A)
Github Notifications (FHIRcast) (Jul 16 2019 at 14:14):
isaacvetter edited a comment on Issue #127:
Proposed resolution: Persuasive
Proposed resolution comment: Will add a new section to the specification, something like the below --
## Authorization and scopesFHIRcast defines OAuth2 access scopes that correspond directly to FHIR resource types. We define read and write permissions. Apps that need to receive workflow related events should ask for read scopes. Apps that request context changes should ask for write scopes. Hubs may decide what specific interactions and operations will be enabled by these scopes.
Expressed in EBNF notation, FHIRcast's scope syntax is:
scope ::= ( 'fhircast' ) '/' ( FHIRcast-event ) '.' ( 'read' | 'write' )
FHIRcast events composed of a FHIR resource:
OAuth scope and event
--
- relevant to #108 (which defines the computable event syntax)
- related to #126 (discovery of supported events), #105 (duplicate of this).
- railroad diagram - scope syntax%2C%0A%20%20Choice(0%2CTerminal('%2F'))%2C%0A%20%20Choice(0%2CNonTerminal('FHIRcast-event'))%2C%0A%20%20Choice(0%2CTerminal('.')%20%20)%2C%0A%20%20Choice(0%2CTerminal('read')%2CTerminal('write')%20%20)%2C%0A)%0A%0A)
- railroad diagram - event and scope syntax%2C%0A%20%20Choice(0%2CTerminal('%2F'))%2C%0A%20%20Choice(0%2CNonTerminal('fhir-resource'))%2C%0A%20%20Choice(0%2CTerminal('-'))%2C%0A%20%20Choice(0%2CTerminal('open')%2CTerminal('close')%20%20)%2C%0A%20%20Choice(0%2CTerminal('.')%20%20)%2C%0A%20%20Choice(0%2CTerminal('read')%2CTerminal('write')%20%20)%2C%0A)%0A%0A)
Github Notifications (FHIRcast) (Jul 17 2019 at 14:58):
isaacvetter commented on Issue #127:
Wg feedback:
- @NiklasSvenzen points out that this could get pretty wordy and the asterisks from SMART seems like a good idea.
Github Notifications (FHIRcast) (Jul 17 2019 at 15:01):
isaacvetter commented on Issue #127:
## :telephone_receiver: II Working Group Vote (6-16-2019)
Meeting notes: https://confluence.hl7.org/display/IMIN/Teleconferences
Ricardo moved the following disposition, seconded by @gkustas
Disposition: Persuasive
Disposition Comment: > Proposed resolution comment: Will add a new section to the specification, something like the below --And further refine the use of wildcard in the scopes.
## Authorization and scopes
FHIRcast defines OAuth2 access scopes that correspond directly to FHIR resource types. We define read and write permissions. Apps that need to receive workflow related events should ask for read scopes. Apps that request context changes should ask for write scopes. Hubs may decide what specific interactions and operations will be enabled by these scopes.Expressed in EBNF notation, FHIRcast's scope syntax is:
scope ::= ( 'fhircast' ) '/' ( FHIRcast-event ) '.' ( 'read' | 'write' | '*' )
FHIRcast events composed of a FHIR resource:
_OAuth scope and event_
:+1: For: 13
:expressionless: Abstain: 0
:-1: Against: 0:tada: The motion passed! :tada:
--
- relevant to #108 (which defines the computable event syntax)
- related to #126 (discovery of supported events), #105 (duplicate of this).
- railroad diagram - scope syntax%2C%0A%20%20Choice(0%2CTerminal('%2F'))%2C%0A%20%20Choice(0%2CNonTerminal('FHIRcast-event'))%2C%0A%20%20Choice(0%2CTerminal('.')%20%20)%2C%0A%20%20Choice(0%2CTerminal('read')%2CTerminal('write')%20%20)%2C%0A)%0A%0A)
- railroad diagram - event and scope syntax%2C%0A%20%20Choice(0%2CTerminal('%2F'))%2C%0A%20%20Choice(0%2CNonTerminal('fhir-resource'))%2C%0A%20%20Choice(0%2CTerminal('-'))%2C%0A%20%20Choice(0%2CTerminal('open')%2CTerminal('close')%20%20)%2C%0A%20%20Choice(0%2CTerminal('.')%20%20)%2C%0A%20%20Choice(0%2CTerminal('read')%2CTerminal('write')%20%20)%2C%0A)%0A%0A)
Github Notifications (FHIRcast) (Jul 17 2019 at 15:01):
wmaethner labeled Issue #127:
## May 2019 Ballot Comment: Expand 'fhircast' OAuth scope to include event and read/write
Submitted by Ricardo Quintano Neira on behalf of @bvdh
Chapter/section: Subscribing and Unsubscribingt
Url: https://fhircast.hl7.org/specification/May2019Ballot/index.html
Type: NEG :exclamation: EnhancementSummary: Expand 'fhircast' OAuth scope to include event and read/write
Comment: Issue/comment imported from: https://github.com/HL7/fhircast-docs/issues/64
"We could re-use the SMART on FHIR OAuth2 scope format in FHIRcast to better enable and repesent granular context synchronization authorization."
_This issue was imported by @hl7-fhircast-bot from the consolidated FHIRcast May 2019 ballot spreadsheet._
Github Notifications (FHIRcast) (Sep 11 2019 at 20:46):
wmaethner closed Issue #127:
May 2019 Ballot Comment: Expand 'fhircast' OAuth scope to include event and read/write
Submitted by Ricardo Quintano Neira on behalf of @bvdh
Chapter/section: Subscribing and Unsubscribingt
Url: https://fhircast.hl7.org/specification/May2019Ballot/index.html
Type: NEG :exclamation: EnhancementSummary: Expand 'fhircast' OAuth scope to include event and read/write
Comment: Issue/comment imported from: https://github.com/HL7/fhircast-docs/issues/64
"We could re-use the SMART on FHIR OAuth2 scope format in FHIRcast to better enable and repesent granular context synchronization authorization."
_This issue was imported by @hl7-fhircast-bot from the consolidated FHIRcast May 2019 ballot spreadsheet._
Last updated: Apr 12 2022 at 19:14 UTC
