Twilio Fax/SMS Module Deprecation

Unfortunately, Twillio has changed their API access security for new accounts. They no longer allow API public key with secret unless you have an enterprise account. They also no longer support Fax.

So because the current module will not support new accounts, I’m going to deprecate/remove the module in release v6.1.0.
The work needed would be to pull fax controllers/capability to make it only a SMS/MMS feature.
While doing this it would make sense to add the same SMS capability that the RC module has i.e., to reply to and view SMS notifications chain confirm SMS messages from patient in modules dashboard.

Also would be prudent to replace Twilio fax with another vendor or two.

Ring Central vendor option works well for both fax and SMS last as checked.

Anyone wishing to sponsor an update/new development to module. Contact me in a P.M.

Thanks for letting us know about this.
Now I can stop beating my head against it, and close our Twilio account.

If you already have an account that allows using your User name and password token in place of Api secure token(like my account) then you’re okay. How long have you had your account? Are you trying to use fax?

We closed our Twilo account after we heard the module would be deprecated. We loved the service and used them from 2013 until May of last year when we lost functionality in the upgrade to 5.02 and just couldn’t get the help we needed to get it going again. I found a wiki page about MedEx and had it up and running in a few minutes, it costs more but still less than the labor to make phone call reminders. The features and integration with OpenEMR are amazing, plus profits go to support openemr.org so for us it’s a win-win.

2 Likes

@sjpadgett Just to make sure I understand, the code needs to be updated for twilio to handle their new security requirements or its just not possible anymore to send SMS via twilio unless you are on an enterprise account?

Yep code needs to be updated to use 2FA as I do with RC. Currently I use a signed API key with the Auth and User token or client validation w/public key.

Ok, finally I gave up.
RC seemed/is too complicated for me, hence I setup an apache24 server and this is the message my error logs are giving me upon hitting that “save” button on the twilio credentials form:

Got error 'PHP message: OpenEMR Error : Key creation is not working - Exiting.', referer: https://domain.net:8448/interface/modules/custom_modules/oe-module-faxsms/setup.php

So, at least we know the ningx rewrite rules are correct! (although, I still don’t like the if statement within the location block, and honestly apache24 was faster than I remember it!)

Is it possible OpenEMR could write this out to the screen? Something along the lines of:

"Error creating keys, or error saving keys"

Or is that a twilio back end prerogative?

I don’t understand why it is difficult to get fax service working but many will differ as forum posts will prove.

After composer install, accessing setup or services is not any different than accessing another openemr feature as long as one ensure permissions are correct. Using nginx, it’s a matter of adding the htaccess rewrites and would be similar to portal rewrite rules.

The key errors are most likely due to a database upgrade mishap however, I can’t put my finger on why we are seeing this type of security errors in v6… I do think it could be either a corrupt keys table or file permissions where you should see the error elsewhere in openemr. Redirect could also be an issue.

Hmm, I see.
Well my point is that nginx was not giving me an error like so. It was giving me:

"Primary script unknown" while reading response header from upstream, 
client: client IP address, server: mydomain.net, 
request: "GET /interface/modules/custom_modules/oe-module-faxsms/interface/login/login.php?site=default HTTP/2.0", 
upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "mydomain.net", 
referrer: "https://mydomain.net/interface/modules/custom_modules/oe-module-faxsms/setup.php"

However, I did rebuild nginx to support debugging. I can now troubleshoot!

to me, that means rewrite isn’t working or file permission.

1 Like

Yes, it is a rewrite issue. Also, I created my site in a different site from default; that is another issue in my setup.
I plan to figure it out, though.
Maybe soon we can add nginx to install information

1 Like

Are these rewrites correct?

rewritten data: "/interface/modules/zend_modules/public/index.php", 
args: "/multipledb/index", client: client IP address, 
server: domain.net, 
request: "GET /interface/modules/zend_modules/public/multipledb/index HTTP/2.0", 
host: "domain.net", 
referrer: "https://domain.net/interface/main/tabs/main.php?token_main=token

how about:

rewritten data: "/interface/modules/custom_modules/oe-module-faxsms/index.php", 
args: "_ACTION_COMMAND=/getPending", client: client IP address, 
server: domain.net, 
request: "POST /interface/modules/custom_modules/oe-module-faxsms/getPending HTTP/2.0",  
host: "domain.net", 
referrer: "https://domain.net/interface/modules/custom_modules/oe-module-faxsms/messageUI.php"

and:

rewritten data: "/interface/modules/custom_modules/oe-module-faxsms/index.php", 
args: "_ACTION_COMMAND=/saveSetup", client: client IP address, 
server: domain.net, 
request: "POST /interface/modules/custom_modules/oe-module-faxsms/saveSetup HTTP/2.0", 
host: "domain.net", 
referrer: "https://domain.net/interface/modules/custom_modules/oe-module-faxsms/setup.php"

There is also:

rewritten data: "/interface/modules/zend_modules/public/index.php", 
args: "/multipledb/index", client: client IP address, 
server: domain.net, 
request: "GET /interface/modules/zend_modules/public/multipledb/index HTTP/2.0", 
host: "domain.net", 
referrer: "https://domain.net/interface/main/tabs/main.php?token_main=token

and,

rewritten data: "/interface/modules/zend_modules/public/index.php", 
args: "/multipledb/edit", client: client IP address, 
server: domain.net, 
request: "GET /interface/modules/zend_modules/public/multipledb/edit HTTP/2.0", 
host: "domain.net", 
referrer: "https://domain.net/interface/modules/zend_modules/public/multipledb/index"

and

rewritten data: "/interface/modules/zend_modules/public/index.php", 
args: "/multipledb/checknamespacejson", client: client IP address, 
server: domain.net, 
request: "POST /interface/modules/zend_modules/public/multipledb/checknamespacejson HTTP/2.0", 
host: "domain.net", 
referrer: "https://domain.net/interface/modules/zend_modules/public/multipledb/edit"


rewritten data: "/interface/modules/zend_modules/public/index.php", 
args: "/multipledb/save", client: client IP address, 
server: domain.net, 
request: "POST /interface/modules/zend_modules/public/multipledb/save HTTP/2.0", 
host: "domain.net", 
referrer: "https://domain.net/interface/modules/zend_modules/public/multipledb/edit"


rewritten data: "/portal/patient/index.php", 
args: "_REWRITE_COMMAND=/onsitedocuments&pid=#", client: client IP address, 
server: domain.net, 
request: "GET /portal/patient/onsitedocuments?pid=# HTTP/2.0", 
host: "domain.net", 
referrer: "https://domain.net/portal/home.php"

I am trying to get nignx rewrite rules down. It looks to me that these rewrites are missing the site ID. If possible, it would be great if the modules were compatible with multisite! (sorry for the long post)
Thanks

umm I purposely avoid nginx! However, try these and/or follow the logic:

for fax server:

location / {
  if (!-e $request_filename){
    rewrite ^(.*)$ /fax_serve\.php?_FAX=$1 break;
  }
}

and module rewrites for actions:

location / {
  if (!-e $request_filename){
    rewrite ^(.*)$ /?_ACTION_COMMAND=$1 break;
  }
}

A few things things

  1. basically same rewrite as used in portal which I believe you have working.
  2. you could add a root to your location for rewrite but not needed IMO.
  3. these rewrites are needed within the destination directory. for example an app endpoint could be:
https://opensourcedemr.us/interface/modules/custom_modules/oe-module-faxsms/getPending

where the server parses and rewrites the url

https://opensourcedemr.us/interface/modules/custom_modules/oe-module-faxsms/?_ACTION_COMMAND=getPending

thus passing the action (getPending which is an action/class method in app) as query param to the app.
The module app then fetches the _ACTION_COMMAND=getPending from rewritten url endpoint
where the app then does a getQuery of rewritten url so it can execute the action from the appropriate class, Twilio in this case. Could be RingCentral as well thus why we use the abstracted class pattern (could have been an interface class also).

and 4. If the action is not a method the app needs to handle then the rewrite rule tells server to execute the endpoint. setup.php is an example.

I hope I’ve not once again over explained Sandra and this helps!

My ignorance on this subject is virtually unbounded.

All I can offer is a user perspective, a description of use cases, and my reflections.

If I understand correctly, there’s a ‘notifications’ setup (see below) which apparently can use SMS or email, but this apparently only applies to appointment reminders, not ordinary communication?

I just posted another message asking about sending SMS or email directly from a patient record, and keeping that as an encounter note.
Various services apparently offer integration-and of course make it sound easy. I sent a message to Clickatell asking them about integration. Maybe they would do the coding?

Clickatell offers very inexpensive SMS- e.g., 300/mo for $3.25, or 3000/mo for $23.50.
They have an API interface and a GITHUB entry for PHP code.

There are, fortunately or unfortunately, lots of choices, and one thing we ought to consider is users may want to have redundant email servers in case one goes down or disappears.
Mailgun, for instance offers 1000 emails for $0.80 with Email APIs, SMTP Relay, and Webhooks (I’m just copying what’s on their site.)
Google workspace comes with Gmail, up to 10,000 emails a day via SMTP.

Since I know nothing about what’s involved in connecting to any of these, I’m going to say the best interface is to provide an internal form to enter the account API connection data, or a way to plug in the service API, instead of hand coding this for each service, as I gather you did at GitHub - openemr/oe-module-faxsms: Fax and SMS feature for OpenEMR

Maybe we need the view from 5000 feet.

I don’t blame you. I ended up setting up apache anyway. It is not as slow as I remember it. However, it is bothering me. I would like to understand what the issues are. I don’t like not understanding!

Ah, yes, this is what I need! Thanks

Yes, I see. BTW, I have a phone meeting coming up with RC. Apparently I signed up for the incorrect account!

No, you didn’t. this is exactly what I need! Thanks

No, actually this is only sms/fax. The globals page is outdated. Nothing goes there as far as Jerry’s module is concerned. The fields you see in the globals > notifications form/page for fax and sms are outdated (your image). That may be working for a previous version of openemr!

Hence my attempt at getting the module working in my system so I can build a new tutorial page for the wiki.

Clickatell sounds interesting.
My concern with gmail is HIPAA related.