Hi! I'm trying to authenticate a patient in our client Ruby application and fetch its data, but all I get back is a seemingly valid token, from which I can't fetch more data.
I'm using fhir_client rubygem version 3.0.2, our test client id is 1e9dd103-1e78-45ed-aed0-491f57ccc0a1 and the scopes we use are:
launch online_access openid patient/Patient.read profile user/Patient.read
We first get the authorization URL, and then use a bearer token similarly to what's described in
https://groups.google.com/forum/#!searchin/cerner-fhir-developers/set_bearer_token%7Csort:date/cerner-fhir-developers/t_kue80YyzA/bKOKuEzuBgAJ. Sample code:
def code
code = params.fetch("code")
auth_params = {
aud: session[:cerner_url],
launch: session[:cerner_launch],
redirect_url: REDIRECT_URL,
scope: SCOPE,
}
oauth2_token = oauth2_client.auth_code.get_token(code, auth_params)
fhir_client.set_bearer_token(oauth2_token.token)
fhir_client.read(FHIR::Patient, oauth2_token.params["patient"]).inspect # 401
fhir_client.read(FHIR::Patient, oauth2_token.params["patient"]).resource # 401
fhir_client.read(FHIR::Person, oauth2_token.params["user"]).resource # nil
end
private
def oauth2_client
client_secret = nil
options = fhir_client.get_oauth2_metadata_from_conformance
client_options = {
site: session[:cerner_url],
authorize_url: options[:authorize_url],
token_url: options[:token_url],
raise_errors: true,
}
OAuth2::Client.new(CLIENT_ID, client_secret, client_options)
end
def fhir_client
@fhir_client = FHIR::Client.new session.fetch(:cerner_url)
end
Some response headers:
- "www-authenticate"=>"Bearer realm=\"
fhir-ehr.sandboxcerner.com\"",
- "x-request-id"=>"24955c998e582f6276a614732d1040a5",
- :body=>"{\"resourceType\":\"OperationOutcome\",\"issue\":[{\"severity\":\"error\",\"code\":\"login\",\"diagnostics\":\"Bearer realm=\\\"
fhir-ehr.sandboxcerner.com\\\"\",\"expression\":[\"http.Authorization\"]}]}"},
How can I fetch more patient data?
Thank you,
Tute.