Versions Compared

Old Version 10

changes.mady.by.user Dmytro Omelchenko (SoE eHealth)

Saved on

compared with

New Version Current

changes.mady.by.user Dmytro Omelchenko (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel7

...

Page Properties
idAPI_Specification

Link

https://ehealthmisapi1uaehealthapi.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/oauth/exchange-oauth-code-grant-to-access-token

Посилання на Apiary або Swagger

Resource

/oauth/tokens

Посилання на ресурс, наприклад: /api/persons/create

Scope

List of scopes that are required in application business logic, separated by space

Scope для доступу

Components

oAuth_system_component

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

mithril/api

mithril_scheduler

abac/api

abac_log_consumer

fe/auth-web

mithril/fe

mithril/gatekeeper-mithril

fe/admin-gatekeeper-web

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

REST

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

POST

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

Sync

Метод є синхронним чи асинхронним?

Public/Private/Internal

Public

Потрібно зазначити тип методу за ступенем доступності

Logic

  1. Update grant code in mithril database, tokens table, set:

    1. details.used = true

    2. updated_at = now()

  2. Generate ‘access token’ with requested scopes for user_id and client_id based on value of ACCESS_TOKEN_JWT configuration parameter:

  3. Generate ‘refresh token’.

  4. Save tokens that were generated in existing format to mithil database, tokens table, set:

    1. id = token uuid

    2. name = token name (‘access_token’ or ‘refresh_token')

    3. value = hased token

    4. expires_at = date and time when token will be expired in unix-time format

    5. details = additional details of token (scopes, client_id, grant_type, applicant_user_id, applicant_person_id, app_id)

      1. applicant_user_id = value of details.applicant_user_id from grant code (if exists)

      2. applicant_person_id = value of details.applicant_person_id from grant code (if exists)

      3. app_id = uuid of approval between user_id, applicant_user_id and client_id

    6. user_id = id of user

    7. inserted_at = now()

    8. updated_at = now()

  5. Render a response according to specification.

...

Attribute

Values

Type

Description

Example

client_id

(required)

String

Medical Service provider ID issued after legal_entity registration. Used to identify the context of the MSP/Pharmacy

6498d88e-97fb-47e2-85a5-99e884f888aa

client_secret

(required)

String

Medical Information System secret key issued upon integration request. Used to identify application developer

msp-001-secret-key

code

(required)

String

oAuth code grant

299383828

grant_type

(required)

String

oAuth Grant Type. Currently only authorization_code is supported

authorization_code

redirect_uri

(required)

String

URL where user will be redirected after authentification. This url will receive code and state parameters in query string

https://example.com/

scope

(required)

String

List of scopes that is required in application business logic, separated by space. Different login forms will be shown based on scopes that you requested

capitation_contracts:view capitation_contracts:create patients:view patients:create

Request structure

See on Apiary

Example

Expand
titleRequest example
Code Block
{
  "token": {
    "client_id": "6498d88e-97fb-47e2-85a5-99e884f888aa",
    "client_secret": "msp-001-secret-key",
    "code": "299383828",
    "grant_type": "authorization_code",
    "redirect_uri": "https://example.com/",
    "scope": "capitation_contracts:view capitation_contracts:create patients:view patients:create"
  }
}

...

API paragraph not found

Response structure

See on Apiary

Example:

Code Block
{
  "meta": {
    "code": 201,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": {
    "value": "SnNRdCtvU0tTOENBV2dLRUZwNmIzZz09",
    "user_id": "3ff33ced-69dc-415a-b231-c6446898335a",
    "name": "access_token",
    "id": "3ff33ced-69dc-415a-b231-c6446898335a",
    "expires_at": 1498749591,
    "details": {
      "scope": "capitation_contracts:view capitation_contracts:create patients:view patients:create",
      "refresh_token": "my-oauth-refresh-token",
      "redirect_uri": "https://example.com/",
      "grant_type": "authorization_code",
      "client_id": "d290f1ee-6c54-4b01-90e6-d701748f0851"
    }
  }
}

...