Hi @seth_cis, thank you for your proposal, but in my conception of open source I think that sharing user feedback is very important.
Hi @sjpadgett, I advanced on my problem:
Based on V6 Authorization and API changes afoot, I understood the necessary sequence to authenticate with OAuth2.
- Registration
- Authorize
- Get token (grant_type=authorization_code or grant_type=password)
- API request + token
Despite this, I cannot request my patient through the FHIR API.
I use this
curl -X GET -k -i 'https://localhost/oauth2/default/authorize?
response_type=code
&client_id=P5s9xNlJSSizU0ArnTuxHHkBp5Hhy3bBcvr-7ABiczw
&scope=openid email phone address api:pofh api:fhir
Next with this code:
curl -X POST -k -H ‘Content-Type: application/x-www-form-urlencoded’
-i https://localhost/oauth2/default/token
–data 'grant_type=authorization_code
&client_id=P5s9xNlJSSizU0ArnTuxHHkBp5Hhy3bBcvr-7ABiczw
&client_secret=7a2f67a2-20fe-4cf4-922c-9f5af52fb039
&code=18d9924ef7bdb9a005d3cca5bbc9045812851816da139da3cba29ebf7e44f776a8e43809a7733eea2b6a9dc68aa9d80e837edf850aeb1e8b6f9bf34b0ca2671684d41b26d1c97dd75224f1f318d5771beebbf8e29d99807a2ddc1f4215c7abab4f663136e514337fef9b4fb33594a6ce154220eb272bb4cb99a9f2f00bbf52fd403faa75bf636e8b73fc95d756bfd244103ce34678ad628235c9b296a02b8f44dd29628ab66e46b7fa4bd66d92d6e9f630b5ce174dbf1f36fd303737e120bf2f0737740783da2a2665a82477e43699837a05c04105888f05326e74f25f5612ebf7259b8d5430d08
I receve bad request (400).
if I test with password, I receve a token but the scope field of the response does not correspond to the scope of the request.
in.scope: openid email phone address api:fhir
out.scope: openid email phone address
using this token, I cannot make a request on the FHIR API.
One more thing, when I use the authorization request and there is a drug in the inventory then I get this result:
Query Error
ERROR: query failed: UPDATE drugs SET uuid = ? WHERE id = ?
Error: Unknown column ‘id’ in ‘where clause’
/var/www/localhost/htdocs/openemr/src/Common/Uuid/UuidRegistry.php at 155:sqlQueryNoLog
/var/www/localhost/htdocs/openemr/src/Services/PrescriptionService.php at 40:createMissingUuids()
/var/www/localhost/htdocs/openemr/src/Services/FHIR/FhirMedicationRequestService.php at 29:__construct()
/var/www/localhost/htdocs/openemr/src/RestControllers/RestControllerHelper.php at 133:__construct()
/var/www/localhost/htdocs/openemr/src/RestControllers/RestControllerHelper.php at 216:setSearchParams(MedicationRequest,Array,OpenEMR\Services\FHIR\Fhir)
/var/www/localhost/htdocs/openemr/src/Common/Auth/OpenIDConnect/Repositories/ScopeRepository.php at 508:getCapabilityRESTJSON(Array)
/var/www/localhost/htdocs/openemr/src/Common/Auth/OpenIDConnect/Repositories/ScopeRepository.php at 682:getCurrentSmartScopes()
/var/www/localhost/htdocs/openemr/src/Common/Auth/OpenIDConnect/Repositories/ScopeRepository.php at 53:buildScopeValidatorArray()
/var/www/localhost/htdocs/openemr/vendor/league/oauth2-server/src/Grant/AbstractGrant.php at 297:getScopeEntityByIdentifier(openid)
/var/www/localhost/htdocs/openemr/vendor/league/oauth2-server/src/Grant/AuthCodeGrant.php at 277:validateScopes(Array,https://client.example.org/callback)
/var/www/localhost/htdocs/openemr/vendor/league/oauth2-server/src/AuthorizationServer.php at 157:validateAuthorizationRequest
Regards,