Stream: smart/health-cards
Topic: Connectathon 27 Epic Issuer testing
Isaac Vetter (May 18 2021 at 20:47):
Three patients worth of QR codes and .smart-health-card files. One caveat, there isn't white space surrounding our QR code .png files directly, but will be in the UI.
Isaac Vetter (May 18 2021 at 20:47):
- VaccineA
VaccineA-HealthWalletExport-4.smart-health-card
Isaac Vetter (May 18 2021 at 20:47):
- VaccineB
EpicVaccineB.png
VaccineB-HealthWalletExport-5.smart-health-card
Isaac Vetter (May 18 2021 at 20:48):
- VaccineC
EpicVaccineC.png
(/user_uploads/10155/apa3fL5pdR_wef8HH0ePxUKo/VaccineC-two-Pfizer-immunizations.png)
Isaac Vetter (May 18 2021 at 20:48):
Would greatly appreciate any feedback!
Christian Paquin (May 18 2021 at 20:56):
Isaac Vetter said:
Three patients worth of QR codes and .smart-health-card files. One caveat, there isn't white space surrounding our QR code .png files directly, but will be in the UI.
I get the following error (on top of the non-public JWK set address) for all 3 QR images with the validation SDK:
Error
│ · Wrong number of segments in QR code: found 3, expected 2
I can debug further to see the QR segment outputs if that helps.
The .smart-health-card files look ok, other than not being able to validate the JWS signature, since https://eccp-internal.epic.com/Interconnect-Current-Stage1-Primary/api/epic/2021/Security/Open/EcKeys/32001/SHC/.well-known/jwks.json is non accessible.
Michael O'Hanlon (May 18 2021 at 20:57):
@Isaac Vetter I'm seeing a Moderna vaccine for the QR code labelled as J&J (Vaccine B) when I verify with connectathon.vci.org
Josh Mandel (May 18 2021 at 22:34):
@Isaac Vetter can you include your jwks file here too (or, ideally, host it)?
Isaac Vetter (May 18 2021 at 22:45):
Josh, Christian, All -- sorry about that. Our iss is a url that’s not publicly accessible. Here’s the content at:
{
"keys": [
{
"x": "f07_C3KseqPoaCeVYFu7mHB3wsywR7maJESohODwoEk",
"y": "HhPn-6e6ImMd9dBbaWhAgKeEM50s7rN7m_0NGybnoPk",
"kid": "5_jfpOR6j90-5XA-miOg-3yrqKGVIW_U3vfuLqdpfyo",
"use": "sig",
"kty": "EC",
"alg": "ES256",
"crv": "P-256"
}
]
}
Vijayendra Prabhakar (May 19 2021 at 10:36):
Isaac Vetter said:
Josh, Christian, All -- sorry about that. Our iss is a url that’s not publicly accessible. Here’s the content at:
{
"keys": [
{
"x": "f07_C3KseqPoaCeVYFu7mHB3wsywR7maJESohODwoEk",
"y": "HhPn-6e6ImMd9dBbaWhAgKeEM50s7rN7m_0NGybnoPk",
"kid": "5_jfpOR6j90-5XA-miOg-3yrqKGVIW_U3vfuLqdpfyo",
"use": "sig",
"kty": "EC",
"alg": "ES256",
"crv": "P-256"
}
]
}
Hey @Isaac Vetter is it possible to host this on a publicly accessible url?
Christian Paquin (May 19 2021 at 13:09):
Isaac Vetter said:
Josh, Christian, All -- sorry about that. Our iss is a url that’s not publicly accessible. Here’s the content at:
[...]
QR and cards validate correctly when passing the JWKS directly to the validation SDK, like this:
node . -p VaccineA-HealthWalletExport-4.smart-health-card -t healthcard -k epic.jwks (where epic.jwks is the data key data you provided)
Josh Mandel (May 19 2021 at 13:11):
Looking at that URL: also keep in mind that production issuer URLs are best kept kept short and recognizable. I wonder if we should add suggestions or context about this to the spec
Isaac Vetter (May 19 2021 at 14:28):
@Christian Paquin - I just reuploaded newly issued QR codes in my original post. I think they should pass the Validator SDK (except for the public key not being accessible).
Christian Paquin (May 19 2021 at 14:33):
(deleted)
Daniel Lee (May 19 2021 at 14:36):
@Isaac Vetter I'm looking at VaccineC. The Immunization resources have a vaccineCode of 27753. I don't see that code listed in this valueset. Am I looking in the wrong valueset?
Christian Paquin (May 19 2021 at 14:37):
Isaac Vetter said:
Christian Paquin - I just reuploaded newly issued QR codes in my original post. I think they should pass the Validator SDK (except for the public key not being accessible).
All three QR codes pass, when passing the provided key set:
node . -p /mnt/c/temp/EpicVaccineA.png -t qr -k epic.jwks
SMART Health Card Validation SDK v1.0.0-1
Validate Key-Set
QR image
│
└─ QR numeric
│
└─ JWS-compact
│
└─ JWS.payload
│
└─ FhirBundle
Validation completed
Abbie Watson (May 21 2021 at 16:46):
Doing some additional Connectathon testing in prep for Working Group meetings next week. Was able to validate QR codes for VaccineA Kurth, VaccineB Kurth, and VaccineC Kurth. Agreed with @Daniel Lee comment above that VaccineC has a code of 27753, which seems to be outside the published CVX codesystem/valueset?
IMG_8009.PNG IMG_8008.PNG IMG_8007.PNG
Isaac Vetter (May 21 2021 at 17:17):
thank you, Abbie! CVX 27753 is simply bad test data, my apologies.
Isaac Vetter (May 24 2021 at 22:07):
Freshly generated immunization QR code with an accessible jwks.json, if anyone's interested in testing their scanner (works against demo-portal) -- image.png
Christian Paquin (May 24 2021 at 22:30):
Isaac Vetter said:
Freshly generated immunization QR code with an accessible jwks.json, if anyone's interested in testing their scanner (works against demo-portal) -- image.png
When running the validation SDK, I get the following error:
├─ Error
│ · Wrong number of segments in QR code: found 3, expected 2
│ Segments types encountered, in order: byte; alphanumeric; numeric
Any idea what is the alphanumeric middle segment? I can trace into the SDK to figure out its content...
Josh Mandel (May 24 2021 at 22:32):
(Interesting find! Might be good to include which content was encountered in each segment.)
Christian Paquin (May 24 2021 at 22:47):
Josh Mandel said:
(Interesting find! Might be good to include which content was encountered in each segment.)
(Natural question indeed! Needs a bit more digging into the QR lib, but we'll work on adding debug log of each segment type and content)
Isaac Vetter (May 25 2021 at 01:56):
Ack! Sorry, Christian. We switched out QR code generation libraries halfway through, and the environment I'm using doesn't have the new one yet.
Christian Paquin (May 25 2021 at 14:47):
Christian Paquin said:
(...we'll work on adding debug log of each segment type and content)
See PR 104 on validation SDK.
Josh Mandel (May 25 2021 at 14:52):
Nice!
Isaac Vetter (May 27 2021 at 20:39):
Okay, retrying -- two files: two Immunization, one lab test. The lab test has a textual reference range.
Vetter-immunizations.png Vetter-lab.png
Josh Mandel (May 27 2021 at 20:45):
Nice! On the immunization, is it intentional that there's no performer?
Josh Mandel (May 27 2021 at 20:46):
On the lab test, the reference range doesn't seem to make sense to me -- "negative" isn't a range; did you intend to put this in Observation.component.interpretation.text rather than Observation.referenceRange.text?
Neelima Karipineni (May 28 2021 at 17:06):
Josh Mandel said:
On the lab test, the reference range doesn't seem to make sense to me -- "negative" isn't a range; did you intend to put this in
Observation.component.interpretation.textrather thanObservation.referenceRange.text?
Observation.referenceRange.text makes sense to me. Our system shows reference text for text based lab results to let you know what the expected normal value would be (Negative, Not Detected), along with a flag indicating normal/abnormal (ie interpretation).
With the lab profiles, you should be able to compare valueString to referenceRange.text to get a sense of whether the result is 'normal'. It's not perfect, but probably the best you can do with issuers who are unable to provide valueCodeableConcept short of manually parsing the text. Interpretation is disallowed in the DM profiles - we could think about allowing it, but it's an extensible value set so still not perfect, and it would increase size.
Josh Mandel (May 30 2021 at 20:59):
Thanks for this explanation! (I do see "Negative" as an example at http://hl7.org/fhir/observation-definitions.html#Observation.referenceRange.text -- so while I find this odd, I get it now.)
Last updated: Apr 12 2022 at 19:14 UTC
