-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
137 lines (127 loc) · 3.47 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
const { initialize, loggers, constants } = require('@asymmetrik/node-fhir-server-core');
const { VERSIONS } = constants;
var bodyParser = require('body-parser');
var express = require('express');
var OAuthServer = require('express-oauth-server');
const Request = require('oauth2-server').Request;
const Response = require('oauth2-server').Response;
var memorystore = require('./src/oauth/memoryModel.js');
var cors = require('cors');
let config = {
auth: {
// This is so we know you want scope validation, without this, we would only
// use the strategy
type: 'smart',
// Define our strategy here, for smart to work, we need the name to be bearer
// and to point to a service that exports a Smart on FHIR compatible strategy
strategy: {
name: 'bearer',
service: './src/services/authentication.service.js'
}
},
server: {
// Allow Access-Control-Allow-Origin
port: 3000,
corsOptions: {
origin: 'http://localhost:8080'
}
},
logging: {
level: 'debug'
},
security: [
{
url: 'authorize',
valueUri: `http://localhost:3001/oauth/authorize`
},
{
url: 'token',
valueUri: `http://localhost:3001/oauth/token`
}
],
profiles: {
Patient: {
service: './src/services/patient.service.js',
versions: [
VERSIONS['4_0_0']
]
},
Condition: {
service: './src/services/condition.service.js',
versions: [
VERSIONS['4_0_0']
]
},
Observation: {
service: './src/services/observation.service.js',
versions: [
VERSIONS['4_0_0']
]
},
Procedure: {
service: './src/services/procedure.service.js',
versions: [
VERSIONS['4_0_0']
]
},
QuestionnaireResponse: {
service: './src/services/questionnaireresponse.service.js',
versions: [
VERSIONS['4_0_0']
]
}
}
};
// server is the FHIR server
let server = initialize(config);
let logger = loggers.get('default');
// app is the OAuth2 server
app = express();
// Allow Access-Control-Allow-Origin
app.use(cors({
corsOptions: {
origin: 'http://localhost:8080'
}
}));
// OAuth2 server uses a simple in-memory cache.
app.oauth = new OAuthServer({
model: new memorystore()
});
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
// Endpoint for authorizing in-coming requests.
app.get('/oauth/authorize', app.oauth.authorize({
'authenticateHandler': {
'handle': function(req,res){
// The requested patient id is encoded in the launch parameter.
// We need to pass this along to the OAuth server so it can return it in the token.
this.app.oauth.server.options.model.patientId = req.query.launch;
return app.oauth.server.options.model.users[0];
}
}
}));
// Returns access token after successful authorization.
app.post('/oauth/token', app.oauth.token({
'requireClientAuthentication': {authorization_code: false},
'allowExtendedTokenAttributes': true
}));
// Authenticates via bearer token.
app.post('/oauth/authenticate', function(req,res,next) {
if (req.body.token) {
req.body.access_token = req.body.token;
}
next();
},
app.oauth.authenticate(), function(req,res,next){
let tkn = res.locals.oauth.token;
tkn.active = true;
res.send(tkn);
});
// server is the FHIR server
server.listen(3000, () => {
logger.info('Starting the FHIR server at localhost:3000');
});
// app is the OAuth2 server
app.listen(3001, () => {
logger.info('Starting the OAuth2 server at localhost:3001');
});