Is your feature request related to a problem? Please describe.
I cannot configure the issuer, audience parameter and fhirServerUrl separately. I have an authentication server and a FHIR server running on different domains. I want to configure the client accordingly such as:
Currently, in the authorize method of smart.js, iss or fhirServerUrl is used both as issuer, audience and fhir server url.
const serverUrl = String(iss || fhirServiceUrl || "");
...
const redirectParams = [..., "aud=" + encodeURIComponent(serverUrl), ...];
Describe the solution you'd like
I'd like to have the aud field in the auth configurations. Also, if the fhirServerUrl is provided, it should be used as serverUrl in the client state, not the issuer (iss).
router.get('/launch', function (req, res, next) {
smart(req, res).authorize({
clientId: "smart-app",
redirectUri: "/callback",
scope: "user/*.* openid launch",
iss: "https://auth-server.com",
// configurations below should be available
aud: "fhir-server",
fhirServerUrl: "https://fhir-server.com"
})
Describe alternatives you've considered
I could make it work with following workarounds:
To change the aud parameter:
- Disable redirect (
noRedirect: true)
- Get the redirect url from authorize method
- Replace the
aud parameter by parsing the redirect url string
- Redirect to the overridden redirect url manually
To use different FHIR server URL than issuer (auth-server):
- Call
smart(req, res).ready() method to get the client with gained access token, etc.
- Copy the state of the client and create a new client by changing the
serverUrl field of the state
Please see the Express JS code example below:
const smartSettings = {
clientId: "smart-app",
redirectUri: "/callback",
scope: "user/*.* openid",
iss: "https://auth-server.com",
noRedirect: true // Redirect will be handled manually after aud parameter is overridden
};
router.get('/launch', function (req, res, next) {
smart(req, res).authorize(smartSettings).then(redirectUrl => {
const [url, params] = redirectUrl.split('?')
// Get the parameters other than aud
const rest = params.split('&').filter(param => !param.startsWith("aud="))
// change the aud and construct the url again, then redirect
res.redirect([url, [...rest, "aud=fhir-server"].join('&')].join('?'))
}).catch(next);
})
router.get('/callback', function (req, res, next) {
smart(req, res)
.ready({})
.then(client => {
// Get the client, use its state to create a new client with correct FHIR server URL
const newClient = smart(req, res).client({...client.state, serverUrl: 'https://fhir-server.com'})
...
});
})
Additional context
I couldn't find a way in the documentation to achieve this via configurations. Please let me know if there already is a solution that I'm missing.
Is your feature request related to a problem? Please describe.
I cannot configure the issuer, audience parameter and fhirServerUrl separately. I have an authentication server and a FHIR server running on different domains. I want to configure the client accordingly such as:
Currently, in the authorize method of
smart.js,issorfhirServerUrlis used both as issuer, audience and fhir server url.Describe the solution you'd like
I'd like to have the
audfield in the auth configurations. Also, if thefhirServerUrlis provided, it should be used asserverUrlin the client state, not the issuer (iss).Describe alternatives you've considered
I could make it work with following workarounds:
To change the
audparameter:noRedirect: true)audparameter by parsing the redirect url stringTo use different FHIR server URL than issuer (auth-server):
smart(req, res).ready()method to get the client with gained access token, etc.serverUrlfield of the statePlease see the Express JS code example below:
Additional context
I couldn't find a way in the documentation to achieve this via configurations. Please let me know if there already is a solution that I'm missing.