FHIR registration issue with Swagger

OpenEMR Development Data Analysis
#1

Here is my request and response.

image
image1565×642 43.1 KB

When I take the client_id and client_secret and put it into swagger. It opens in a new blank screen. No errors

image
image1449×560 40.8 KB

The blank page URL is

  https://sites.affordablecustomehr.com/oauth2/default/authorize?response_type=code&client_id=UrDKP0ZqyqGZ0QHNYUDAcZOjtA6WDSeHqg95Tqh1OHs&redirect_uri=https%3A%2F%2Fsites.affordablecustomehr.com%2Fswagger%2Foauth2-redirect.html&scope=openid%20offline_access%20launch%2Fpatient%20api%3Afhir%20patient%2FAllergyIntolerance.read%20patient%2FAppointment.read%20patient%2FBinary.read%20patient%2FCarePlan.read%20patient%2FCareTeam.read%20patient%2FCondition.read%20patient%2FCoverage.read%20patient%2FDevice.read%20patient%2FDiagnosticReport.read%20patient%2FDocumentReference.read%20patient%2FDocumentReference.%24docref%20patient%2FEncounter.read%20patient%2FGoal.read%20patient%2FImmunization.read%20patient%2FLocation.read%20patient%2FMedication.read%20patient%2FMedicationRequest.read%20patient%2FObservation.read%20patient%2FOrganization.read%20patient%2FPatient.read%20patient%2FPerson.read%20patient%2FPractitioner.read%20patient%2FProcedure.read%20patient%2FProvenance.read%20system%2FAllergyIntolerance.read%20system%2FBinary.read%20system%2FCarePlan.read%20system%2FCareTeam.read%20system%2FCondition.read%20system%2FCoverage.read%20system%2FDevice.read%20system%2FDiagnosticReport.read%20system%2FDocumentReference.read%20system%2FDocumentReference.%24docref%20system%2FEncounter.read%20system%2FGoal.read%20system%2FGroup.read%20system%2FImmunization.read%20system%2FLocation.read%20system%2FMedication.read%20system%2FMedicationRequest.read%20system%2FObservation.read%20system%2FOrganization.read%20system%2FPatient.read%20system%2FPerson.read%20system%2FPractitioner.read%20system%2FPractitionerRole.read%20system%2FProcedure.read%20system%2FProvenance.read%20system%2FValueSet.read%20user%2FAllergyIntolerance.read%20user%2FBinary.read%20user%2FCarePlan.read%20user%2FCareTeam.read%20user%2FCondition.read%20user%2FCoverage.read%20user%2FDevice.read%20user%2FDiagnosticReport.read%20user%2FDocumentReference.read%20user%2FDocumentReference.%24docref%20user%2FEncounter.read%20user%2FGoal.read%20user%2FImmunization.read%20user%2FLocation.read%20user%2FMedication.read%20user%2FMedicationRequest.read%20user%2FObservation.read%20user%2FOrganization.read%20user%2FOrganization.write%20user%2FPatient.read%20user%2FPatient.write%20user%2FPerson.read%20user%2FPractitioner.read%20user%2FPractitioner.write%20user%2FPractitionerRole.read%20user%2FProcedure.read%20user%2FProvenance.read%20user%2FValueSet.read%20api%3Aoemr%20user%2Fallergy.read%20user%2Fallergy.write%20user%2Fappointment.read%20user%2Fappointment.write%20user%2Fdental_issue.read%20user%2Fdental_issue.write%20user%2Fdocument.read%20user%2Fdocument.write%20user%2Fdrug.read%20user%2Fencounter.read%20user%2Fencounter.write%20user%2Ffacility.read%20user%2Ffacility.write%20user%2Fimmunization.read%20user%2Finsurance.read%20user%2Finsurance.write%20user%2Finsurance_company.read%20user%2Finsurance_company.write%20user%2Finsurance_type.read%20user%2Flist.read%20user%2Fmedical_problem.read%20user%2Fmedical_problem.write%20user%2Fmedication.read%20user%2Fmedication.write%20user%2Fmessage.write%20user%2Fpatient.read%20user%2Fpatient.write%20user%2Fpractitioner.read%20user%2Fpractitioner.write%20user%2Fprescription.read%20user%2Fprocedure.read%20user%2Fsoap_note.read%20user%2Fsoap_note.write%20user%2Fsurgery.read%20user%2Fsurgery.write%20user%2Ftransaction.read%20user%2Ftransaction.write%20user%2Fuser.read%20user%2Fvital.read%20user%2Fvital.write%20api%3Aport%20patient%2Fencounter.read%20patient%2Fpatient.read%20patient%2Fappointment.read&state=V2VkIE1heSAyOSAyMDI0IDEzOjI4OjQzIEdNVC0wNDAwIChFYXN0ZXJuIERheWxpZ2h0IFRpbWUp&code_challenge=P2od4i2jk74LjPFnQXSRiukUS8MnlTwhRnDD1b-r-Cg&code_challenge_method=S256

Why is not opening in the same window as in the video here? The login page should be showing next. There are no error messages in the PHP error log either. @adunsulag do you know what I am missing?

#2

Your client registration does not allow for a redirect_uri with swagger. Look at your registration requestion in the redirect_uris array.

You can see in the swagger URL that the request is failing due to the mismatched redirect_uri:
https://sites.affordablecustomehr.com/swagger/oauth2-redirect.html

If you turn on the debug logging in the Config → Logging → System Error Logging Options you’d see the errors.

#3

Ok. The answer was confusing me at first but I think I understand now. I can’t test when the redirect is not on the same server as Swagger. I need to get an auth using the Swagger location as the redirect. Good to know. The Swagger will generate the SDK at that point.
Thanks @adunsulag

#4

The OpenEMR server needs to send an authorization ‘code’ parameter back to the destination that originates the authentication flow. For security reasons your SMART app does not want a authorization code being sent to a location that is not authorized. When you first register your app/api receiver you have to tell OpenEMR what are all of the locations that are allowed to receive the authorization code back when the browser is redirected. In your case swagger was not listed as a valid location. The URLs / servers can all be completely different in your redirect_uri, the key point is that it has to be registered in the redirect_uris at the point you register your application, otherwise its blocked.

At some point we need to allow an application’s registration to be updated as redirect_uris likely can change in the future, but its not something we support right now.