Smart enable feature in open emr

chaudharyajay968 · July 18, 2025, 12:57pm

I have registered external client as smart fhir app in open emr. In fhir app contain launch endpoint and callback endpoint. In launch endpoint will hit when we launch fhir app from Open Emr for a particular patient and that patient launch context we get when launch endpoint will hit.

@GetMapping(“/{clientCode}/launchPublic”)
public ResponseEntity<?> launch(@PathVariable String clientCode, HttpServletRequest request, HttpServletResponse response) throws FocusException {
FocusConfig.getCurrentLogger().writeInfo(“Entered in Class : SmartPublicLaunchController launch()”);
String iss = request.getParameter(“iss”);
String launch = request.getParameter(“launch”);

    if (iss == null || launch == null) {
        FocusConfig.getCurrentLogger().writeDebug("Missing iss or launch parameter");
        return ResponseEntity.badRequest().body("Missing iss or launch parameter");
    }

    String state = UUID.randomUUID().toString();
    String codeVerifier = PkceUtil.generateCodeVerifier();
    String codeChallenge = PkceUtil.generateCodeChallenge(codeVerifier);

    request.getSession().setAttribute("code_verifier", codeVerifier);
    request.getSession().setAttribute("state", state);
    request.getSession().setAttribute("iss", iss);

    Properties properties = getClientAppConfigProperties();
    String redirectUri = properties.get("REDIRECT_URI_PUBLIC").toString();
    FocusConfig.getCurrentLogger().writeDebug("redirectUri : " + redirectUri);

    String redirect = UriComponentsBuilder.fromHttpUrl(authorizeUri)
            .queryParam("response_type", "code")
            .queryParam("client_id", clientId)
            .queryParam("scope", scope)
            .queryParam("redirect_uri", redirectUri)
            .queryParam("aud", iss)
            .queryParam("launch", launch)
            .queryParam("state", state)
            .queryParam("code_challenge", codeChallenge)
            .queryParam("code_challenge_method", "S256")
            .build().toUriString();

    try {
        response.sendRedirect(redirect);

this is code for launch endpoint
#launch selected patient context

but i’m getting error like

{
“error”: “invalid_request”,
“error_description”: “The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.”,
“hint”: “launch parameter was incorrectly formatted or did not originate from this server”,
“message”: “The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.”
}

adunsulag · July 18, 2025, 2:48pm

Are you getting an encrypted string for the launch parameter? The system isn’t liking the launch query parameter you’re using. Have you turned on the API debug logs to get more information in the php error logs? That will likely tell you more information.

chaudharyajay968 · July 28, 2025, 8:37am

Hi Nielson,

Actually this issues is fixed, issues behind that when we get launch context and passing it for authorization in query parameter that change ‘+’ operator in context into ’ ’ space that’s cause issues.