GSoC'20 : Advancement of OAuth2 Module and Improvements in SMART OWA (SMART on FHIR)

Tags: #<Tag:0x00007fa3f5e9f570> #<Tag:0x00007fa3f5e9f458> #<Tag:0x00007fa3f5e9f390>

Hello everyone,

This is a public thread for the project “Advancement of OAuth2 Module and Improvements in SMART OWA”. This project aims for enabling SMART Apps on OpenMRS EMR through FHIR.

Actually the title of the project isn’t very appropriate with what we are trying to accomplish as of now. Just after the proposal submission period was over I started working on this project after talking to Ian and as the title suggests I starting working on improving the existing OAuth2 Module some of that work can be found here.

To enable SMART Apps an important requirement is an Authorisation server which was earlier fulfilled by the existing OAuth2 Module. But recently Spring release a Deprecation Notice which stated

The Spring Security OAuth project is deprecated. The latest OAuth 2.0 support is provided by Spring Security. See the OAuth 2.0 Migration Guide for further details.

But the major problem was that in Spring Security oauth2 there was no Authorisation server included so we were stuck on the earlier Spring Security OAuth project. Ian and I still tried to work on the earlier version of Spring oauth2 but as most of the classes were depreciated we had to shift to a different approach for an Authorisation server.

Ian suggested to completely come out of the Spring trap :smile: and try to make things work with Keycloak. Keycloak is basically an Open Source Identity and Access Management software. For our purpose it’ll work as an Authorisation server.

Till now we have been able to successfully connect OpenMRS user-store with Keycloak, this can be found here though it’s still in the PoC phase. The next we are working on is exposing the FHIR resources through DSTU3 profiles, this work can be found here.

My target is to wire up everything together and deploy a SMART App as a PoC before the Community Bonding period ends. This will ensure that we will be able to bring this project to a production level before the GSoC’20 ends.

I hope this will give a clear idea to anyone who is interested in this project.

cc @ibacher @jecihjoy @suthagar23