FHIR OAuth Smart Apps Integration and OAuth module enhancements


I am a Quantity Surveying Engineering Student from University Of Moratuwa. Although my field is quantity surveying at university, my passion was with computer science. I would like to push my boundaries and get exposed to the opensource community in this Gsoc 2016.

I am quite interested on the project FHIR OAuth Smart Apps Integration and OAuth module enhancements. I am quite familiar with Apache oltu, opensaml, xacml and little bit with Shibboleth. Talking about SSO, opensaml would be the best candidate to be used. That is to be discuees and decide. :slightly_smiling: Also I am quite familiar with the theories in OAuth2 and OpenID Connect.

@harsha89 This is my first time involvement in openmrs and Gsoc itself. There for your and community guidance will be highly appreciated to make this a success.

I went through the details about the existing oauth module and my thoughts (for a start) are as follows.

According to what I have found we have oauth2 implementation to support four grant types.

The main objective of the projects is as follows.

  • Improve the existing module. There are some TODOs mentioned in java docs in @maany s repos. Have to identify what are the other improvements to be done.

  • Give support for SMART apps to build on OpenMRS FHIR. AFAIK In doing so Authorization_Grant Type should be used.

  • Build a demo smart application using the oauth module

For someone else who need resources on this topic, following are the resources I referred to. [3] courtesy @maany who has done a great job in Gsoc 2015

[1] https://wiki.openmrs.org/display/projects/Implement+the+OAuth2+Support+for+Web+Services+APIs [2] https://wiki.openmrs.org/display/projects/OpenMRS+OAuth2+module+-+for+Client+Developers [3] https://prezi.com/r1031do5msm5/openmrs-oauth2-module-ui-mockups-and-use-cases/

1 Like

@tharaka thanks for your interest. Meanwhile you are working on the project proposal, continue your contributions as well. Then it will be a added benefit.

The mentioned objectives by above post is correct and it’s what we needed to be achieved. Please do let me know any questions and doubts. I will give my fullest support to clarify them to you.


Thank you very much @harsha89. I will play with the repo in coming days and see what improvements we have to do. Mainly these are the things that I have in mind. Please add or remove as suitable. :slight_smile:

About SMART apps development,

  • Since we have FHIR API, to support with the clean, open, developer-friendly specification for granular data access, we should identify what is mostly needed services from the FHIR API and should support them.

  • We can improve the UI and better we can introduce a UI Integration component. (A very simple one would be great to start.)

  • We can introduce some FHIR Starter apps which will do the basic things like selecting patients, showing some important charts, some calculators like your risk calculators fro diabetics, herat attacks etc.

About OAuth module enhancements,

  • May be we can improve the performance by utilizing a OAuthCache. With the samething we may be able to introduce session persistence feature. Don’t know whether it is available right now. Let me know how can I find more about that.

  • May be we can use JWTTokens inroduced by http://connect2id.com/products/nimbus-jose-jwt. It has implemented the critical specifications to be used with access tokens. Also with this may be able to give claims support as well. Wouldn’t it be great if we give claim support in our Oauth2 module. WDYT?

Please correct me if I am loosing things. :slight_smile:

1 Like

@tharaka extremely sorry for the delay. JWT tokens are used to get the details of a user belongs to the access token.

The points that you mentioned is good. Feel free to ask any more question and it’s better setup the module and try it out. :slight_smile:


@harsha89 Thank you very much for the information and support. I am working on the proposal at the moment.

Continue the conversation over in #dev, or request a new category