Versions Compared

Old Version 10

changes.mady.by.user Serhii Boldin (SoE eHealth)

Saved on

compared with

New Version 11

changes.mady.by.user Dmytro Kulibaba (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Related information

IL.Sign declaration request

Required parameters are marked with "*"

...

Purpose

...

This method is used to sign Declaration Request

Key features

  1. Only authenticated and authorized user can use this service

  2. Only APPROVED declaration request can be signed

  3. The request can be signed only by the employee who works in the same legal entity in which the request was made.

Specification

...

Link

Apiaryhttps://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/declaration-requests/sign-declaration-request-v3

Resource

/api/v3/declaration_requests/{{id}}/actions/sign

Scope

declaration_request:sign

Components

Необхідно зазначити перелік компонентів, які використовують цей метод, наприклад: ePrescriptionDeclarations

Using Dictionaries

Потрібно вказати словники, які використовує метод APIAPI paragraph not found

Using Microservices

Вкажіть перелік мікросервісів, які використовує метод API. Наприклад: Auth, ABACAPI paragraph not found

Protocol type

Вкажіть тип протоколу, який використовується запитом, наприклад: SOAP | REST | JSON

Request type

PATCH

Sync/Async

Метод є синхронним чи асинхронним?

...

Async

Public/Private/Internal

Public

Logic

The process is initiated by any employee with necessary scopes in this legal entity and involves the transfer of a signed person with electronic digital signature. 

Process is asynchronous. If all validations are successfully completed, the asynchronous process of creating a person starts by processing the message.

  1. Only authenticated and authorized user can use this service

  2. Only APPROVED declaration request can be signed

  3. The request can be signed only by the employee who works in the same legal entity in which the request was made.

Method receives signed message (pkcs7) including signed content, digital signature and signer public key in signed_content property. All signature fields will be validated (including signer certificate authority).

...

Declaration request can be signed either by doctor or admin (user with scope declaration_request:sign) from legal entity as in declaration request.

Important

Invoke Get Declaration Request by ID to obtain seed - Hash of previous block in declarations chain or other random component that should be signed with declaration.

There is a dummy method that describes the signed date example.

Preconditions

Digital signature

...

Filter

Values

Type

Description

Example

 id

 

String

declaration ID

7f93-4fc2-b2ec-2d81b19a9b7b

Request structure

...

See on Apiary

This request contains base64 coded content which was signed by digital sign. There is a dummy method that describes the signed date example.

Code Block
{
  "signed_declaration_request": "ewogICJpZCI6ICJiMDk5ZjE0OC03ZjkzLTRmYzItYjJlYy0yZDgxYjE5YTliN2IiLAogICJkZWNsYXJhdGlvbl9udW1iZXIiOiAiMDAwMC0xMkg0LTI0NUQiLAogICJkZWNsYXJhdGlvbl9pZCI6ICI4MzExYWI4Mi1lMzQxLTRkYTAtOGE5NS0yMzVlYzk4ODVlMjMiLAogICJzdGFydF9kYXRlIjogIjIwMTctMDMtMDIiLAogICJlbmRfZGF0ZSI6ICIyMDE3LTAzLTAyIiwKICAiY29udGVudCI6ICJEZWNsYXJhdGlvbiBjb250ZW50IiwKICAiY2hhbm5lbCI6ICJNSVMiLAogICJwZXJzb24iOiB7CiAgICAiaWQiOiAiNWZiNTdhNWQtMTQ1Ny00MzBlLTk2NzgtYzgxY2VjNzI3NzlmIiwKICAgICJmaXJzdF9uYW1lIjogItCf0LXRgtGA0L4iLAogICAgImxhc3RfbmFtZSI6ICLQhtCy0LDQvdC+0LIiLAogICAgInNlY29uZF9uYW1lIjogItCc0LjQutC+0LvQsNC50L7QstC40YciLAogICAgImJpcnRoX2RhdGUiOiAiMjAwOS0wNy0wNSIsCiAgICAiYmlydGhfY291bnRyeSI6ICLQo9C60YDQsNGX0L3QsCIsCiAgICAiYmlydGhfc2V0dGxlbWVudCI6ICLQktGW0L3QvdC40YbRjyIsCiAgICAiZ2VuZGVyIjogIk1BTEUiLAogICAgImVtYWlsIjogImVtYWlsQGV4YW1wbGUuY29tIiwKICAgICJub190YXhfaWQiOiBmYWxzZSwKICAgICJ0YXhfaWQiOiAiMzk5OTg2OTM5NCIsCiAgICAic2VjcmV0IjogInNlY3JldCIsCiAgICAiZG9jdW1lbnRzIjogWwogICAgICB7CiAgICAgICAgInR5cGUiOiAiQklSVEhfQ0VSVElGSUNBVEUiLAogICAgICAgICJudW1iZXIiOiAi0JDQkDEyMDUxOCIsCiAgICAgICAgImlzc3VlZF9ieSI6ICLQoNC+0LrQuNGC0L3Rj9C90YHRjNC60LjQvCDQoNCSINCT0KMg0JzQktChINCa0LjRl9Cy0YHRjNC60L7RlyDQvtCx0LvQsNGB0YLRliIsCiAgICAgICAgImlzc3VlZF9hdCI6ICIyMDE3LTAyLTI4IiwKICAgICAgICAiZXhwaXJhdGlvbl9kYXRlIjogIjIwMjctMDItMjgiCiAgICAgIH0KICAgIF0sCiAgICAiYWRkcmVzc2VzIjogWwogICAgICB7CiAgICAgICAgInR5cGUiOiAiUkVTSURFTkNFIiwKICAgICAgICAiY291bnRyeSI6ICJVQSIsCiAgICAgICAgImFyZWEiOiAi0JbQuNGC0L7QvNC40YDRgdGM0LrQsCIsCiAgICAgICAgInJlZ2lvbiI6ICLQkdC10YDQtNC40YfRltCy0YHRjNC60LjQuSIsCiAgICAgICAgInNldHRsZW1lbnQiOiAi0JrQuNGX0LIiLAogICAgICAgICJzZXR0bGVtZW50X3R5cGUiOiAiQ0lUWSIsCiAgICAgICAgInNldHRsZW1lbnRfaWQiOiAiYjA3NWYxNDgiLAogICAgICAgICJzdHJlZXRfdHlwZSI6ICJTVFJFRVQiLAogICAgICAgICJzdHJlZXQiOiAi0LLRg9C7LiDQndGW0LbQuNC90YHRjNC60LAiLAogICAgICAgICJidWlsZGluZyI6ICIxNSIsCiAgICAgICAgImFwYXJ0bWVudCI6ICIyMyIsCiAgICAgICAgInppcCI6ICIwMjA5MCIKICAgICAgfQogICAgXSwKICAgICJwaG9uZXMiOiBbCiAgICAgIHsKICAgICAgICAidHlwZSI6ICJNT0JJTEUiLAogICAgICAgICJudW1iZXIiOiAiKzM4MDUwMzQxMDg3MCIKICAgICAgfQogICAgXSwKICAgICJhdXRoZW50aWNhdGlvbl9tZXRob2RzIjogWwogICAgICB7CiAgICAgICAgInR5cGUiOiAiVEhJUkRfUEVSU09OIiwKICAgICAgICAidmFsdWUiOiAiKzM4MDUwODg4NzcwMCIsCiAgICAgICAgImFsaWFzIjogImh1c2JhbmQiCiAgICAgIH0KICAgIF0sCiAgICAidW56ciI6ICIyMDA5MDcwNS0wMDAxMSIsCiAgICAiZW1lcmdlbmN5X2NvbnRhY3QiOiB7CiAgICAgICJmaXJzdF9uYW1lIjogItCf0LXRgtGA0L4iLAogICAgICAibGFzdF9uYW1lIjogItCG0LLQsNC90L7QsiIsCiAgICAgICJzZWNvbmRfbmFtZSI6ICLQnNC40LrQvtC70LDQudC+0LLQuNGHIiwKICAgICAgInBob25lcyI6IFsKICAgICAgICB7CiAgICAgICAgICAidHlwZSI6ICJNT0JJTEUiLAogICAgICAgICAgIm51bWJlciI6ICIrMzgwNTAzNDEwODcwIgogICAgICAgIH0KICAgICAgXQogICAgfSwKICAgICJjb25maWRhbnRfcGVyc29uIjogWwogICAgICB7CiAgICAgICAgInJlbGF0aW9uX3R5cGUiOiAiUFJJTUFSWSIsCiAgICAgICAgImZpcnN0X25hbWUiOiAi0J/QtdGC0YDQviIsCiAgICAgICAgImxhc3RfbmFtZSI6ICLQhtCy0LDQvdC+0LIiLAogICAgICAgICJzZWNvbmRfbmFtZSI6ICLQnNC40LrQvtC70LDQudC+0LLQuNGHIiwKICAgICAgICAiYmlydGhfZGF0ZSI6ICIxOTcyLTEwLTI2IiwKICAgICAgICAiYmlydGhfY291bnRyeSI6ICLQo9C60YDQsNGX0L3QsCIsCiAgICAgICAgImJpcnRoX3NldHRsZW1lbnQiOiAi0JLRltC90L3QuNGG0Y8iLAogICAgICAgICJnZW5kZXIiOiAiTUFMRSIsCiAgICAgICAgInRheF9pZCI6ICIyNjU5NzE5MzUwIiwKICAgICAgICAic2VjcmV0IjogInNlY3JldCIsCiAgICAgICAgInVuenIiOiAiMTk5MDAxMDEtMDAwOTkiLAogICAgICAgICJwcmVmZXJyZWRfd2F5X2NvbW11bmljYXRpb24iOiAiZW1haWwiLAogICAgICAgICJkb2N1bWVudHNfcGVyc29uIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJQQVNTUE9SVCIsCiAgICAgICAgICAgICJudW1iZXIiOiAi0JDQkDEyMDUxOCIsCiAgICAgICAgICAgICJleHBpcmF0aW9uX2RhdGUiOiAiMjAyMS0wMi0yOCIsCiAgICAgICAgICAgICJpc3N1ZWRfYnkiOiAi0KDQvtC60LjRgtC90Y/QvdGB0YzQutC40Lwg0KDQkiDQk9CjINCc0JLQoSDQmtC40ZfQstGB0YzQutC+0Zcg0L7QsdC70LDRgdGC0ZYiLAogICAgICAgICAgICAiaXNzdWVkX2F0IjogIjIwMTctMDItMjgiCiAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAiZG9jdW1lbnRzX3JlbGF0aW9uc2hpcCI6IFsKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiQklSVEhfQ0VSVElGSUNBVEUiLAogICAgICAgICAgICAibnVtYmVyIjogItCQ0JAxMjA1MTgiLAogICAgICAgICAgICAiaXNzdWVkX2J5IjogItCg0L7QutC40YLQvdGP0L3RgdGM0LrQuNC8INCg0JIg0JPQoyDQnNCS0KEg0JrQuNGX0LLRgdGM0LrQvtGXINC+0LHQu9Cw0YHRgtGWIiwKICAgICAgICAgICAgImlzc3VlZF9hdCI6ICIyMDE3LTAyLTI4IgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgInBob25lcyI6IFsKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiTU9CSUxFIiwKICAgICAgICAgICAgIm51bWJlciI6ICIrMzgwNTAzNDEwODcwIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImVtYWlsIjogImVtYWlsbEBleGFtcGxlLmNvbSIKICAgICAgfQogICAgXSwKICAgICJwcmVmZXJyZWRfd2F5X2NvbW11bmljYXRpb24iOiAiZW1haWwiLAogICAgInBhdGllbnRfc2lnbmVkIjogdHJ1ZSwKICAgICJwcm9jZXNzX2Rpc2Nsb3N1cmVfZGF0YV9jb25zZW50IjogdHJ1ZQogIH0sCiAgImVtcGxveWVlIjogewogICAgImlkIjogImQyOTBmMWVlLTZjNTQtNGIwMS05MGU2LWQ3MDE3NDhmMDg1MSIsCiAgICAicG9zaXRpb24iOiAiUDYiLAogICAgInBhcnR5IjogewogICAgICAiaWQiOiAiYjA3NWYxNDgtN2Y5My00ZmMyLWIyZWMtMmQ4MWIxOWE5YjdiIiwKICAgICAgIm5vX3RheF9pZCI6IHRydWUsCiAgICAgICJmaXJzdF9uYW1lIjogItCf0LXRgtGA0L4iLAogICAgICAibGFzdF9uYW1lIjogItCG0LLQsNC90L7QsiIsCiAgICAgICJzZWNvbmRfbmFtZSI6ICLQnNC40LrQvtC70LDQudC+0LLQuNGHIiwKICAgICAgImVtYWlsIjogImVtYWlsQGV4YW1wbGUuY29tIiwKICAgICAgInBob25lcyI6IFsKICAgICAgICB7CiAgICAgICAgICAidHlwZSI6ICJNT0JJTEUiLAogICAgICAgICAgIm51bWJlciI6ICIrMzgwNTAzNDEwODcwIgogICAgICAgIH0KICAgICAgXQogICAgfQogIH0sCiAgImxlZ2FsX2VudGl0eSI6IHsKICAgICJuYW1lIjogItCa0LvRltC90ZbQutCwINCd0L7Rg9C90LXQudC8IiwKICAgICJzaG9ydF9uYW1lIjogItCd0L7Rg9C90LXQudC8IiwKICAgICJsZWdhbF9mb3JtIjogIjE0MCIsCiAgICAicHVibGljX25hbWUiOiAi0KbQn9Cc0KHQlCDihJYxIiwKICAgICJlZHJwb3UiOiAiNTQzMjM0NTQzMiIsCiAgICAibGljZW5zZXMiOiBbCiAgICAgIHsKICAgICAgICAibGljZW5zZV9udW1iZXIiOiAiZmQxMjM0NDMiLAogICAgICAgICJpc3N1ZWRfYnkiOiAi0JrQstCw0LvRltGE0ZbQutCw0YbQudC90LAg0LrQvtC80ZbRgdGW0Y8iLAogICAgICAgICJpc3N1ZWRfZGF0ZSI6ICIyMDE3LTAyLTI4IiwKICAgICAgICAiZXhwaXJ5X2RhdGUiOiAiMjAxNy0wMi0yOCIsCiAgICAgICAgImFjdGl2ZV9mcm9tX2RhdGUiOiAiMjAxNy0wMi0yOCIsCiAgICAgICAgIndoYXRfbGljZW5zZWQiOiAi0YDQtdCw0LvRltC30LDRhtGW0Y8g0L3QsNGA0LrQvtGC0LjRh9C90LjRhSDQt9Cw0YHQvtCx0ZbQsiIsCiAgICAgICAgIm9yZGVyX25vIjogItCS0JA0MzIzNCIKICAgICAgfQogICAgXSwKICAgICJhY2NyZWRpdGF0aW9uIjogewogICAgICAiY2F0ZWdvcnkiOiAiU0VDT05EIiwKICAgICAgImlzc3VlZF9kYXRlIjogIjIwMTctMDItMjgiLAogICAgICAiZXhwaXJ5X2RhdGUiOiAiMjAxNy0wMi0yOCIsCiAgICAgICJvcmRlcl9ubyI6ICJmZDEyMzQ0MyIsCiAgICAgICJvcmRlcl9kYXRlIjogIjIwMTctMDItMjgiCiAgICB9LAogICAgImFkZHJlc3NlcyI6IFsKICAgICAgewogICAgICAgICJ0eXBlIjogIlJFU0lERU5DRSIsCiAgICAgICAgImNvdW50cnkiOiAiVUEiLAogICAgICAgICJhcmVhIjogItCW0LjRgtC+0LzQuNGA0YHRjNC60LAiLAogICAgICAgICJyZWdpb24iOiAi0JHQtdGA0LTQuNGH0ZbQstGB0YzQutC40LkiLAogICAgICAgICJzZXR0bGVtZW50IjogItCa0LjRl9CyIiwKICAgICAgICAic2V0dGxlbWVudF90eXBlIjogIkNJVFkiLAogICAgICAgICJzZXR0bGVtZW50X2lkIjogImIwNzVmMTQ4IiwKICAgICAgICAic3RyZWV0X3R5cGUiOiAiU1RSRUVUIiwKICAgICAgICAic3RyZWV0IjogItCy0YPQuy4g0J3RltC20LjQvdGB0YzQutCwIiwKICAgICAgICAiYnVpbGRpbmciOiAiMTUiLAogICAgICAgICJhcGFydG1lbnQiOiAiMjMiLAogICAgICAgICJ6aXAiOiAiMDIwOTAiCiAgICAgIH0KICAgIF0sCiAgICAicGhvbmVzIjogWwogICAgICB7CiAgICAgICAgInR5cGUiOiAiTU9CSUxFIiwKICAgICAgICAibnVtYmVyIjogIiszODA1MDM0MTA4NzAiCiAgICAgIH0KICAgIF0sCiAgICAiZW1haWwiOiAiZW1haWxAZXhhbXBsZS5jb20iLAogICAgImlkIjogImIwNzVmMTQ4LTdmOTMtNGZjMi1iMmVjLTJkODFiMTlhOWI3YiIKICB9LAogICJkaXZpc2lvbiI6IHsKICAgICJpZCI6ICJkMjkwZjFlZS02YzU0LTRiMDEtOTBlNi1kNzAxNzQ4ZjA4NTEiLAogICAgImxlZ2FsX2VudGl0eV9pZCI6ICJjOGFhZGI4Ny1lY2I5LTQxY2EtOWFkNC1mZmRmZTFkZDg5YzkiLAogICAgIm5hbWUiOiAi0JHQvtGA0LjRgdC/0ZbQu9GM0YHRjNC60LUg0LLRltC00LTRltC70LXQvdC90Y8g0JrQu9GW0L3RltC60Lgg0J3QvtGD0L3QtdC50LwiLAogICAgImFkZHJlc3NlcyI6IFsKICAgICAgewogICAgICAgICJ0eXBlIjogIlJFU0lERU5DRSIsCiAgICAgICAgImNvdW50cnkiOiAiVUEiLAogICAgICAgICJhcmVhIjogItCW0LjRgtC+0LzQuNGA0YHRjNC60LAiLAogICAgICAgICJyZWdpb24iOiAi0JHQtdGA0LTQuNGH0ZbQstGB0YzQutC40LkiLAogICAgICAgICJzZXR0bGVtZW50IjogItCa0LjRl9CyIiwKICAgICAgICAic2V0dGxlbWVudF90eXBlIjogIkNJVFkiLAogICAgICAgICJzZXR0bGVtZW50X2lkIjogImIwNzVmMTQ4IiwKICAgICAgICAic3RyZWV0X3R5cGUiOiAiU1RSRUVUIiwKICAgICAgICAic3RyZWV0IjogItCy0YPQuy4g0J3RltC20LjQvdGB0YzQutCwIiwKICAgICAgICAiYnVpbGRpbmciOiAiMTUiLAogICAgICAgICJhcGFydG1lbnQiOiAiMjMiLAogICAgICAgICJ6aXAiOiAiMDIwOTAiCiAgICAgIH0KICAgIF0sCiAgICAicGhvbmVzIjogWwogICAgICB7CiAgICAgICAgInR5cGUiOiAiTU9CSUxFIiwKICAgICAgICAibnVtYmVyIjogIiszODA1MDM0MTA4NzAiCiAgICAgIH0KICAgIF0sCiAgICAiZW1haWwiOiAiZW1haWxAZXhhbXBsZS5jb20iLAogICAgInR5cGUiOiAiY2xpbmljIiwKICAgICJleHRlcm5hbF9pZCI6ICIzMjEzMjEzIiwKICAgICJkbHNfaWQiOiAiMjg3Mjk4NSIsCiAgICAiZGxzX3ZlcmlmaWVkIjogdHJ1ZQogIH0sCiAgInNlZWQiOiAiaGFzaCIKfQ=="
}

Authorize

...

  1. Verify the validity of access token

    1. Return 401 in case validation fails

  2. Check scopes in order to perform this action (scope = 'declaration_request:sign')

    1. Return 403 in case invalid scope(s)

Request to process the request using a token in the headers.

Headers

...

  • Content-Type:application/json

  • Authorization:Bearer c2778f3064753ea70de870a53795f5c9

Processing

...

Validate DRFO

  1. Check that DRFO in Certificate details exists and not empty

  2. Check that DRFO in Certificate details is equal to DRFO in Party

    1. Get party.tax_id using employee_id in person payload

    2. Compare DRFO in Certificate with party.tax_id

      1. Convert DRFO and TAX_ID to uppercase

      2. Compare DRFO and TAX_ID as Cyrillic letters

      3. Convert DRFO to Cyrillic and compare as Cyrillic letters

    3. In case validation fails - generate 422 error

Latin to Cyrillic mapping

Code Block
%{"A" => "А", "B" => "В", "C" => "С", "E" => "Е", "H" => "Н", "I" => "І", "K" => "К", "M" => "М", "O" => "О", "P" => "Р", "T" => "Т", "X" => "Х"}

Validate request

  1. Validate request using JSON schema

...

    1. In case validation fails - generate 422 error

  2. Check declaration request status

    1. If status is not APPROVED, - returned error 'Incorrect status'

Validate person verification status

  • validate patient's verification_status is not equal to NOT_VERIFIED.

    • in case of error return 409, "Patient is not verified"

Check signed content

Check decoded signed content with previously created on IL.db.

...

Declaration_request can be signed by any employee with necessery scopes in equal legal_entity_id.

  1. Extract legal_entity_id (client_id) from token

  2. Extract employee_id from request

  3. Check if $.client_id=employees.legal_entity_id 

    1. in case error return 422 

Check patient_signed flag

...

Save signed declaration to media storage

  1. Get url for declaration upload.
    Use Request a Secret WS

    Parameter

    Source

    action'GET'bucket'DECLARATIONS'resource_id: DECLARATION_IDresource_name: DECLARATION_NAME

  2. Upload signed declaration to media storage

Update declaration request:

  1. Change entity status in IL_DB.declaration_request to SIGNED

  2. Set updated_at - now() (Get current date-time)

  3. Set updated_by - user_id (Extract user from token)

Get active declarations

Search for active declarations using MPI ID

  1. If found, - terminate them and create new declaration.

    • If not found - create new declaration.

Terminate declaration

In case active declarations found - terminate all by changing status to INACTIVE.

Create declaration

  1. Check authentication_method_current

    Code Block
    SELECT authentication_method_current
FROM declaration_requests
WHERE id = {:id}

    1. If "type" = "OFFLINE"

      1.  set declaration status to "PENDING_VERIFICATION"

      2. set reason to 'offline'

    2. if "type" = "OTP" - set declaration status to "ACTIVE" 

  2. Check persons 'no_tax_id' flag

    1. if 'no_tax_id'=true 

      1. set declaration status to "PENDING_VERIFICATION"

      2. set reason to 'no_tax_id'

  3. Create a new declaration by adding a new entity to the declarations table ops_db without declaration_id.

    1. if there is existing record in the declarations table with the same id and declaration_request_id, return ok to IL

Response structure

...

Expand
titleRequest example
Code Block
{
  "meta": {
    "code": 200,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  },
  "data": {
    "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
    "start_date": "2017-03-02",
    "end_date": "2017-03-02",
    "signed_at": "2017-03-02T00:00:00.000Z",
    "status": "active",
    "declaration_request_id": "74a6fae6-4207-4e03-a136-f2e70c6b0c02",
    "person_id": "5fb57a5d-1457-430e-9678-c81cec72779f",
    "legal_entity_id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
    "employee_id": "d290f1ee-6c54-4b01-90e6-d701748f0851",
    "division_id": "d290f1ee-6c54-4b01-90e6-d701748f0851",
    "inserted_at": "2017-07-06T16:54:05.161571Z",
    "is_active": true,
    "reason": "manual_employee",
    "reason_description": "Згідно постанови 1 від 10.01.2017"
  }
}

Post-processing processes

...

API paragraph not found

HTTP status codes

HTTP status code

Message

What caused the error

 200

 

 

...