Concerning improvements in SMART OWA UI, can we add some little fields which would require some DB modifications ? That’s adding some little functionality which will need some alterations in the DB. Or it’s just required to improve the UI for existing functionalities ?
Oh Wow… This just answered the question I wanted to ask.
My bad . I think I got you OAuth login module that will replace the login flow of openMRS.
Isn’t it worth trying moving forward with keycloack.
Easy to define set of roles for the platform. Easy checking the roles and give access. I think currently we are manually checking the user roles of the users. But it’s easy to decode the token and identify the role of a user so it will be a more generic way for the modules of openMRS.
It depends on the context. Yes if you’re integrating OpenMRS in an entreprise setup.
Careful. Because Spring Security is not implemented in OpenMRS, therefore you can not manage role assignments outside of OpenMRS. There’s limitations as to what can be done:
- You can create users with a mechanism that lets the authentication server provide the ‘seed roles’ when creating users. But that’s just for the user creation moment in OpenMRS.
- For already created users, roles must be managed within OpenMRS.
About 1, that’s almost implemented in OAuth 2 Login, look at this:
createUser(user, RandomStringUtils.random(100, true, true),
Arrays.asList(new String[0]))
The last argument that you see now being provided as an empty list is meant to be a list of OpenMRS role names. The authentication provider could provide such list through a custom attribute of the ‘user info’. That was the plan when this was implemented and it was de-prioritised, but the last mile here is very easy to run.