fhir-proxy
fhir-proxy copied to clipboard
microsoft
The FHIR proxy does not work with the latest FHIR client
There are authorization errors when using SMART on FHIR proxy with the latest FHIR client library, namely:
- AAD Authentication seems to require client secret. Setting this up is either missing from the documentation, or is not clear enough.
- After adding AAD Secret to the request, it still fails. This is due to the changed API of the FHIR client library, which returns
Promise<Client>on successful authentication sequence, instead of just accepting the callback.
Please note that I'm using the following set-up:
- Microsoft Health Data Services Azure template,
- FHIR server created from the "Add FHIR Server" functionality of the template,
- Azure AD Application set-up according to the official documentation.
I have also enabled the following functionalities in the Authentication Blade for the App which is allowed access to the FHIR server:
- Access Tokens,
- ID Tokens,
- Allow Public Client Flows.
Please check the proposed branch with the changes I made to fix the login flow.
@hivanov Are you trying this to implement EHR Launch sequence? I tried it with your changes still it is not working. Why do you want public client enabled as you added client secret in the app launcher code?
@Kedar782, did you add the Client Secret in the app secrets? If you don't pass the secret, it will not work -- the Client cannot authenticate against Azure AD.
@hivanov Yes, I added client secrets in the app secrets and appsettings.json file but still no luck. Are you using the fhir server proxy? Out of the context question, I'm using only app launcher project and in the launch URl I'm adding another application URl(inferno). I want to use inferno for g(10) certification. I'm receiving an error stating that launch-url, context-banner, context-style, context-ehr-patient, and permission-user capabilities are mssing in well-known-configuration for my fhir server. Any idea what changes I needed to implement in order to add these capabilities in fhir server well known configuration.
@Kedar782, I was using:
- Microsoft Healthcare Cloud,
- Microsoft FHIR Server,
- FHIR Server Proxy (enabled the setting from the app).
I did not do anything else. The reason for passing up the secret is that the Azure AD authentication set up did require it for authentication.
I believe your authentication and SMART issues have been resolved in the latest 2.0 branch of this repo. Try redeploying and following specific steps for SMART Clients, Service Clients and ONC Configuration steps which demonstrate all client types private, public, federated, etc...
