This wiki has undergone a migration to Confluence found Here

Difference between revisions of "201709 Consumer Centered Data Exchange Implementation Notes for test.fhir.org"

From HL7Wiki
Jump to navigation Jump to search
Line 1: Line 1:
= JWT Cert =
+
= Acquiring the JWT =
  
You can get the JWT cert from [[https://test.fhir.org/.well-known/openid-configuration]] which directs you to here: [[https://test.fhir.org/oauth3/auth_key]]
+
you get the JWT (to use test.fhir.org as the target) by:
  
The unpacked JWT is:
+
  GET http://test.fhir.org/r3/$jwt?source=[uri]
  
{
+
Where [uri] is the address of the source system. Source is a mandatory parameter, though it does not make any difference to test.fhir.org
  "alg" : "RS256",
+
 
  "e" : "AQAB",
+
this returns a 200 OK with a body content type of application/jwt:
  "kid" : "https://test.fhir.org/auth3/auth_key",
+
 
  "kty" : "RSA",
+
   eyJhbGciIDogIlJTMjU2Iiwia2lkIiA6ICIvYXV0aF9rZXkiLCJ0eXAiIDogIkpXVCJ9.eyJleHAiIDogMTUwMTg2MzE3MCwiaWF0IiA6ICIxNTAxNzc2NzcwIiwiaXNzIiA6ICJsb2NhbC5maGlyLm9yZyIsInN1YiIgOiAibG9jYWwuZmhpci5vcmcifQ.RWhQyMf1Cr90kn1RtjV-BGAbi1lWobE0RQWTwYl_mBMcB8v4hpUzcjlay3miPRBrzxGYxhr0RPecv8zkk5KiGk_8VrVxqk21YGKjKoqXdi9fGkLuc4vw_sj_Nt6vDS3zdEyIYLMVELvu74Vemt2p16brQ-xKpJ-1PdUF8EVYI3n5r_b6xH6HcP9xgmSun38yDC-KbkfBYatdwZsVrnd2-VrOHBM-E8P44fu9-GQNyirvdD6rdpQQGtfcDyf4G940AJfW9WHUWLlWTyQ0uhYn1DD46Pc5wMqzHcja43u5O7r7g5oWxZ9Iiidq9tUV8UaGp_h2ejzdUds9uVA7Hd3VyVSBVUmIN-3oVH31-6o_MCKqeKOwB-Y9qFsN_8MTf77HS1xHXLeC4VPyKdk0rmb-v49b6_3DwI7SXLwYJu19kkqVWywHam-6_qaowB-8emdk-iE1QX9DXjna81CLGyFdsOPZ7kQEWlZrgsz7RmvLxrrJ0b8os8aqCW-3i7UDqUFIKXnvKwFPfsf7RMp_ruvxyyfIIcaI0T9RjZicME2-JBC3EoRTzAXkG9htX1KDe9vH3fcSTcjiCQ75gcGkKZWWDaN-6SV4itzoiFm0Re99E4mWmkQVj289y6jRAOercvioygyvUbgQ4rpLbZv1i2A5orx0Ze-6opc9Z1hGAQLcLn0
   "n" : "pWGCPEp8PNjfiTHNM_iB5JqC4SyfVJoAR8urI1guoFtfPPlH2c_ZO1p4S0W1rAy8qi_lLLOKmiTL2JDqd6xUA6AHcf8Fr7cwAJiqQBd-3AMOfm7fSIgVgKQXCFQAzTAefJYq4f7ydnkocrDuKSH29QhhlBqVIu3TwKNQUGs6Owk1HRRtxIlxHJRCNEbA-AFdjT4A5JKztyYaA5IiWr2cgU-q71_SeMDWUNHZNeBO7HJu0Jh7uX-9xhpSr8J3zt9kMBbFzIwH1ycglJ9e4yhFA5y5VE-ZjBvSnDrfC5J22IoEvzBOSuzy33D6Y4vbH26g7slh90atsMbzuTHJu7iaQQ",
+
 
  "use" : "sig"
+
(note that some browsers don't like this content type in the return body)
}
 
  
 
= Consent =
 
= Consent =

Revision as of 06:13, 3 August 2017

Acquiring the JWT

you get the JWT (to use test.fhir.org as the target) by:

 GET http://test.fhir.org/r3/$jwt?source=[uri]

Where [uri] is the address of the source system. Source is a mandatory parameter, though it does not make any difference to test.fhir.org

this returns a 200 OK with a body content type of application/jwt:

 eyJhbGciIDogIlJTMjU2Iiwia2lkIiA6ICIvYXV0aF9rZXkiLCJ0eXAiIDogIkpXVCJ9.eyJleHAiIDogMTUwMTg2MzE3MCwiaWF0IiA6ICIxNTAxNzc2NzcwIiwiaXNzIiA6ICJsb2NhbC5maGlyLm9yZyIsInN1YiIgOiAibG9jYWwuZmhpci5vcmcifQ.RWhQyMf1Cr90kn1RtjV-BGAbi1lWobE0RQWTwYl_mBMcB8v4hpUzcjlay3miPRBrzxGYxhr0RPecv8zkk5KiGk_8VrVxqk21YGKjKoqXdi9fGkLuc4vw_sj_Nt6vDS3zdEyIYLMVELvu74Vemt2p16brQ-xKpJ-1PdUF8EVYI3n5r_b6xH6HcP9xgmSun38yDC-KbkfBYatdwZsVrnd2-VrOHBM-E8P44fu9-GQNyirvdD6rdpQQGtfcDyf4G940AJfW9WHUWLlWTyQ0uhYn1DD46Pc5wMqzHcja43u5O7r7g5oWxZ9Iiidq9tUV8UaGp_h2ejzdUds9uVA7Hd3VyVSBVUmIN-3oVH31-6o_MCKqeKOwB-Y9qFsN_8MTf77HS1xHXLeC4VPyKdk0rmb-v49b6_3DwI7SXLwYJu19kkqVWywHam-6_qaowB-8emdk-iE1QX9DXjna81CLGyFdsOPZ7kQEWlZrgsz7RmvLxrrJ0b8os8aqCW-3i7UDqUFIKXnvKwFPfsf7RMp_ruvxyyfIIcaI0T9RjZicME2-JBC3EoRTzAXkG9htX1KDe9vH3fcSTcjiCQ75gcGkKZWWDaN-6SV4itzoiFm0Re99E4mWmkQVj289y6jRAOercvioygyvUbgQ4rpLbZv1i2A5orx0Ze-6opc9Z1hGAQLcLn0

(note that some browsers don't like this content type in the return body)

Consent

Use this consent resource as the base for authorization (post it to the server):

<Consent xmlns="http://hl7.org/fhir"> 
  <id value="1"/>
 <status value="active"/>
 <patient>
   <reference value="Patient/example"/>
 </patient>
 <policyRule value="http://hl7.org/fhir/ConsentDefinition/simple-oauth"/>  
 <except>  
   <type value="permit"/>
   <action>
     <coding>
       <system value="http://hl7.org/fhir/consentaction"/>
       
     </coding>
   </action>
   <class>
     <system value="http://smarthealthit.org/fhir/scopes"/>
      
   </class>
 </except> 
</Consent>

Authorization

This is what you post to the server as a body to the $authorize routine (this time in json):

{
 "resourceType" : "Parameters",
 "parameter" : [{
    "name" : "duration",
    "valueDuration" : {
      "value" : "3",
      "system" : "http://unitsofmeasure.org",
      "code" : "mo"
    }
  }, {
    "name" : "jwt",
    "valueString" : "{your packed JWT}"
  }  
 ]
}