- Project Title : SMART on FHIR
- Primary mentor: @ibacher Ian Bacher
- Backup mentor: @jecihjoy Jacinta Gichuhi
- Student: Siddharth Vaish
- Project Link: SMART on FHIR
Overview
I was selected for the project named “Advancement of OAuth2 Module and Improvements in SMART OWA”. The basic idea of this project was to be able to run existing SMART apps on OpenMRS via FHIR. This would allow users of OpenMRS to take advantage of already existing health apps without writing a single line of code. It would also give a Plug and Play functionality to OpenMRS (just like we install apps on our Android/IOS devices through Play Store/App Store)
Just after the proposal submission period was over I started working on the project after discussing it with my mentor (and as the title suggests) I started working on improving the existing OAuth2 Module 1. Some of that work can be found here.
To enable SMART Apps, an important requirement is an Authorisation server which was earlier fulfilled by the existing OAuth2 module, which used Spring Security’s OAuth project to provide an OAuth2 server. But recently Spring released a Deprecation Notice which stated
“The Spring Security OAuth project is deprecated. The latest OAuth 2.0 support is provided by Spring Security. See the OAuth 2.0 Migration Guide for further details.”
But the major problem was that, in Spring Security oauth2 there was no Authorisation server included so we were stuck on the earlier version of Spring Security OAuth project. My mentor Ian and I still tried to work on the earlier version of Spring oauth2 but as most of the classes were depreciated we had to shift to a different approach for an Authorisation server.
Ian suggested to completely come out of the Spring trap and try to make things work with Keycloak. Keycloak is basically an Open Source Identity and Access Management software. For our purpose it works as an Authorisation server.
The first task was to find a way to get the OpenMRS users to keycloak’s user database. So for this we implemented Keycloak’s following providers:
- UserLookupProvider
- UserStorageProvider
- UserQueryProvider
And with the help of UserStorageProviderFactory add the OpenMRS user store to Keycloak. Link to repository
The next task was to Support DSTU3 profiles with OpenMRS FHIR2 server because many SMART Apps used DSTU3 standard to communicate with the FHIR server. This was pretty simple and hardly took 2 weeks to complete. Link to commit
The difficult part started with the Standalone Launch Sequence. So I had planned to implement the EHR launch sequence first and then the Standalone Launch sequence but Ian and I found an implementation of Standalone Launch Sequence with the igia organisation had already been done, so we started with the Standalone Launch Sequence first.
Initially we tried to leverage the igia repository itself and maintain a fork for OpenMRS SMART on FHIR implementation but as the code base was not maintained we faced a lot of errors. We decided to start from scratch and develop our own implementation for the Standalone Launch Sequence.
Soon we were able to come up with two new repositories openmrs-module-smartonfhir and openmrs-contrib-keycloak-smart-authentication. Smartonfhir repository was necessary to maintain the modularity of OpenMRS because earlier I was adding all the SMART-on-FHIR related stuff to the FHIR2 repository which was not how it should have been so we shift to smartonfhir repository, a dedicated repository will the SMART-on-FHIR stuff. Smart-authentication repository was something similar to the openmrs-contrib-keycloak-auth repository in the sense that it had nothing to do with the openmrs code as it had only the code required for Authentication flow of the SMART App. Basically it talked to Keycloak only.
During the 11th week of GSoC we were able to launch a dummy SMART App with OpenMRS users, patients and FHIR server but many things were hard coded so our next task was to remove the hard coded stuff with well polished and easy to implement code. The 12th and 13th week of coding period went in removing the hard coded part and making keys and configurations loadable through json files.
My mentor and I are still working to enable the SMART-on-FHIR implementation to support all the SMART Apps available.
SMART App Demo with OpenMRS FHIR Server
Project Objectives
The one and only goal of the project was to enable SMART-on-FHIR for OpenMRS.
- Objective 1 — Add OpenMRS userstore to Keycloak (COMPLETED)
- Objective 2 — Add method to get user by username (COMPLETED)
- Objective 3 — Add support for DSTU3 (COMPLETED)
- Objective 4 — Register a Client with Keycloak (ALMOST COMPLETED)
- Objective 5 — Verify Client validity with the Keycloak server (COMPLETED)
- Objective 6 — Implement SMART App Launch Conformance(COMPLETED)
- Objective 7 — Expire the OAuth2 token when the user logs out of OpenMRS (INCOMPLETE)
- Objective 8 — Add support for Standalone launch sequence (INCOMPLETE)
- Objective 9 — Add Page for appending token to url for patient context (COMPLETED)
- Objective 10 — Support dynamic Client Registration with Keycloak (PENDING)
Contributions
Repositories
- Openmrs-module-smartonfhir
- Openmrs-contrib-keycloak-smart-auth
- Openmrs-contrib-keycloak-auth
- Openmrs-module-fhir2
Pull Requests
- FM2–65 Add support for telecom to Patient (#70)
- FM2–73 Remove the OpenMRS Services from Translators (#73)
- FM2–74 Rename Task to FhirTask (#74)
- FM2–61 Add support for Observation.referenceRange (#82)
- FM2–89 Fix tests for Observation (#89)
- FM2–79 Improve Search for Encounter (#86)
- FM2–88 OpenMRS FHIR2 Module
- FM2–92 Add support for AND / OR queries using References (#115)
- FM2–173: Fix Type Mismatch (#169)
- FM2–183: Add support for DSTU3 (#158)
- FM2–237: Add method to get user by user name (#221)
- Expose conformance statement without authentication (#271)
Talk Thread links
- GSoC’20 : Advancement of OAuth2 Module and Improvements in SMART OWA (SMART on FHIR)
- Breaking down walls and attracting more devs to OpenMRS
Weekly Blog Posts
- Google Summer of Code 2020 with OpenMRS Organisation
- GSoC 2020 at OpenMRS | Community Bonding Period
- GSoC’20 @OpenMRS | Coding Period | Week 1
- GSoC’20 @OpenMRS | Coding Period | Week 2
- GSoC’20 @OpenMRS | Coding Period | Week 3
- GSoC’20 @OpenMRS | Coding Period | Week 4
- GSoC’20 @OpenMRS | Coding Period | Week 5
- GSoC’20 @OpenMRS | Coding Period | Week 6
- GSoC’20 @OpenMRS | Coding Period | Week 7
- GSoC’20 @OpenMRS | Coding Period | Week 8
- GSoC’20 @OpenMRS | Coding Period | Week 9
- GSoC’20 @OpenMRS | Coding Period | Week 10
- GSoC’20 @OpenMRS | Coding Period | Week 11
- GSoC’20 @OpenMRS | Coding Period | Week 12
Resources
Future Work
The SMART-on-FHIR project is vast with a lot of dynamic parts involved. Although we were able to lay a solid foundation with a flexible framework but still the project needs a lot of polishing. The major part I was able to cover was the Standalone Launch Sequence which basically means that a SMART App can be launched from outside the EHR and can get authenticated and finally talk to OpenMRS FHIR server. The part which I was not able to complete is the EHR Launch Sequence which involves a similar approach with some small changes. Undoubtedly it’ll be something very useful for the OpenMRS community. Also as of now the Client registration to Keycloak is a manual process but it will be nice if we could make it sort of automatic. Finally we would like to dockerize the whole project so that it’s easy for the OpenMRS implementer to use the SMART-on-FHIR functionality.
Thoughts on GSoC
It was an amazing experience working as a student in Google Summer of Code. The kind of learning that I gained during these 3 months is unparalleled. I have all praises for OpenMRS community and especially my mentor Ian Bacher. Ian has helped me every single day, may it be issues with my environment or git or any problem in understanding the codebase, he has always been there to help. During these 3 months I have gained a lot of interest in OpenSource and I will continue contributing to it in future as well. I am really thankful to Google for providing such an amazing platform to students like me.
Thanks for reading : )