profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/jmandel/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Josh Mandel jmandel Microsoft Healthcare / Harvard Medical School / Boston Children's Hospital Madison, WI https://joshuamandel.com

FirelyTeam/fhirstarters 125

A collection of example projects to get you up to speed with HL7 FHIR

HL7/bulk-data 35

Bulk Data Implementation Guide

cds-hooks/cds-hooks 30

Archived

chb/ccdaScorecard 30

Automatic C-CDA scorecard to promote best practices

HL7/fhir-shorthand 28

FHIR Shorthand

FHIR/auto-ig-builder 21

Implementation Guide builder

HL7/fhir-shc-vaccination-ig 21

FHIR Implementation Guide describing clinical and patient data contained within a SMART Health Card

fhir-fuel/fhir-storage-and-analytics-track 16

FHIR Storage, Query & Analytics Track

AudaciousInquiry/fhir-saner 15

Situation Awareness for Novel Epidemic Response (COVID-19 driven project to track resource availability)

FHIR/ig-registry 15

Registry of published implementation guides

pull request commentHL7/fhir-shc-vaccination-ig

Add mmrv example

In this context: how to deal with the (very common) case where issuers can pick among many different vocabularies for coding a result (especially internationally), and we don't constrain them in our profiles? Does the Verifier need to write ? code=cxc|207,CVX|208,snomed|000|... with every possible code they care about?

Or do we wind up surfacing our "types"' within the FHIR payloads as categories or something like that? Even if we're querying the FHIR contents, we still need something our query can grab hold of. Tags, extensions, categories, standard codes, or whatever.

I think the base question here ("how does a Health Card identify what it's about, unambiguously and consistently") still applies . We could ask each profile to document its conventions, but then how do we impose consistent processing expectations at the base spec level? Pre-specify a limited number of fields that wallets need to be able to query? Pre-specify a tiny fhirpath subset that wallets need to support? I'm struggling a bit to understand how this plays out.

jmandel

comment created time in 5 hours

pull request commentHL7/fhir-shc-vaccination-ig

Add mmrv example

The only organizations that can help us answer this question are the ones who provide wallets supporting automated negotiation. The details of this negotiation need to make sense for those organizations. @p2-apple I wonder if you could comment on this or @jdkizer9 ?

My expectation is that most wallets would not want to go deep on evaluating fhir bundle contents when resolving requests to share a card, but I could be wrong.

jmandel

comment created time in 17 hours

issue openedmicrosoft-healthcare-madison/smart-launcher

Return errors to clients without throwing them

https://github.com/microsoft-healthcare-madison/smart-launcher/blob/489fedcbf77c491ecd1016e5b4e83593b43a9341/src/TokenHandler.js#L167-L179

these "throw" statements are causing the server to crash, instead of returning an error to the client.

created time in 18 hours

push eventmicrosoft-healthcare-madison/client-js

Josh Mandel

commit sha ddb0e8b8f0148d7f7511c8022d2519b11334b605

Fix encoding on PKCE challenge

view details

Josh Mandel

commit sha 68ddd4c2c2c6c594b9ef467e70ac46754f5f350b

Build

view details

push time in 18 hours

pull request commentsmart-on-fhir/client-js

PKCE and Asymmetric Client Auth

https://github.com/microsoft-healthcare-madison/client-js/tree/own-jws is a take on using SubtleCrypto (whether in node or in the browser) to handle keys/signatures. In that branch, the PKCE and JWS authn features will only work with node 16+, and with relatively recent browsers (i.e., those supporting crypto.subtle).

jmandel

comment created time in 18 hours

create barnchmicrosoft-healthcare-madison/client-js

branch : own-jws

created branch time in 18 hours

push eventmicrosoft-healthcare-madison/client-js

Josh Mandel

commit sha 79e55ff45e136983b85f7491c748a8f455837d24

Fix PKCE hashing in browser

view details

Josh Mandel

commit sha 566cbccf6e67a1e9dc6b907884287fb644d410eb

Build

view details

push time in 21 hours

issue openedmicrosoft-healthcare-madison/smart-launcher

Access token response, Token Introspection properties aren't quite right

The access token response (and introspection response) from the launcher has some extra properties like:

  • "val_method":"cc-asym"
  • "jwks":"{\...

these shouldn't be there; the fix is to store them outside of the "context" param of our signed authorization code, since all context is merged into the access token response.

The token introspection response is missing the fhirUser property (taken from the id_token); this may have gotten lost in a feature branch merge, and should be detected by tests.

created time in 2 days

create barnchmicrosoft-healthcare-madison/demo-smart-cc

branch : with-fhirclient

created branch time in 2 days

push eventmicrosoft-healthcare-madison/client-js

Josh Mandel

commit sha 9232fa32aae61e96576c493eefd764af02ad9f62

Build

view details

push time in 2 days

push eventsmart-health-cards/smart-health-cards.github.io

Christian Paquin

commit sha 11b601deedfa27c7d373ee985276560fb2efe6a0

Fixed typos, harmonized capitalization of "carte Santé", replaced some anglicisms.

view details

Josh Mandel

commit sha 3e336b1d7a0f08e0c62350ff7638db086bbd9937

Merge pull request #2 from christianpaquin/french-faq-typos Grammatical tweaks on French FAQ

view details

push time in 2 days

PR merged smart-health-cards/smart-health-cards.github.io

Grammatical tweaks on French FAQ

Fixed typos, harmonized capitalization of "carte Santé", replaced some anglicisms:

Détails (in French, for reviewers):

  • féminisé l'usage de carte Santé
  • Mis "Santé" en majuscule partout, comme le premier usage
  • délivrée -> émise, pour éviter l'anglicisme
  • quelques autres suggestions mineures
+21 -21

0 comment

1 changed file

christianpaquin

pr closed time in 2 days

push eventHL7/smart-app-launch

Josh Mandel

commit sha 927325664391010607bf3ef7153125c5db30c7f1

Add client authentication-asymmetric Add backend services and examples pages Rename client authn page Rename examples.html to examples.md Update client-confidential-asymmetric.md Update client-confidential-asymmetric.md Incorporate fixes for ballot issues FHIR-32331 FHIR-32329 FHIR-32184 FHIR-32182 FHIR-32185 FHIR-32181 FHIR-32187 FHIR-32328 Update examples.md Add backend services and auth definitions for FHIR-32200

view details

push time in 3 days

push eventHL7/smart-app-launch

Carl Anderson

commit sha 1bf9b5b325527609d437f377e0af1e7e1401fb28

apply FHIR-32652 resolution

view details

Carl Anderson

commit sha f2677cb5e3236a702f5e3bbcdca088d8737f2557

applies FHIR-32168 resolution

view details

Carl Anderson

commit sha e1908e1ca6dc44146fde575298b160486c3e8b5d

applies FHIR-32437 resolution

view details

Carl Anderson

commit sha 2601e6d910904ebdc33bb4c3583f21ba72bbd2a2

applies FHIR-32436 resolution

view details

Carl Anderson

commit sha 0b4c5189fa2c89041d2fe7d8bbd4f9de2da7ace8

applies FHIR-32429 resolution

view details

Carl Anderson

commit sha 42e9326ab3beaddcb0576ed4ef57f45ca0cf5a33

applies FHIR-32358 resolution

view details

Carl Anderson

commit sha d609b208a7b5d6c26d7f502e792a444169b5d472

applies FHIR-32023 resolution

view details

Carl Anderson

commit sha 9f39eec247245d0939664f924a6f225299b66afd

applies FHIR-32258 resolution

view details

Carl Anderson

commit sha c72d998222923a5953ecf9361b0f89889d860c06

applies FHIR-32257 resolution

view details

Carl Anderson

commit sha 5e6e418e2065f3c67383ab6c9a1c83b6e7da0220

applies FHIR-32254 resolution

view details

Carl Anderson

commit sha 2a8a2b8f2e5ae60199734ecac59db61d5f8fd25e

applies FHIR-32255 resolution

view details

Carl Anderson

commit sha a21d1a9fd790c73d81a5a181717a60bc85777ca6

applies FHIR-32251 resolution

view details

Carl Anderson

commit sha a2f589d099ff5121438ddf4ebfbe3b6cdf5884e6

applies FHIR-32250 resolution

view details

Carl Anderson

commit sha ccae38e9692882aa3e61331920bccabe8d7847fb

applies FHIR-32249 resolution

view details

Carl Anderson

commit sha cba45b0f93b429548d0b8d35e2717f8e455334ef

applies FHIR-32253 resolution

view details

Carl Anderson

commit sha d91fb8364ef62620fc0dc99c1a330087b0ac0a6c

applies FHIR-32252 resolution

view details

Carl Anderson

commit sha d0b7f5a21cc869a126ebeb8245dc40a469e81d7a

applies FHIR-32248 resolution

view details

Carl Anderson

commit sha e7a7b8e94cc28888b558ca5e67a8a6ebea353415

applies FHIR-32253 resolution (addendum)

view details

Carl Anderson

commit sha bd4d1dbf00dcec4d84b27941893b2223055292bb

applies FHIR-32229 resolution

view details

Carl Anderson

commit sha b3941d366ed80c6904b59080efccfeffcba87e1e

applies FHIR-32024 resolution

view details

push time in 3 days

PR merged HL7/smart-app-launch

Scopes and launch IG updates

This PR includes all the changes applied from ballot comment resolutions that affect the Scopes and Launch Context pages.

These changes were originally applied to a different branch (which had additional changes beyond the resolution work) so this branch was created and the commits were cherry picked onto this branch using:

git cherry-pick d167fcf5...cad692df
+199 -81

0 comment

2 changed files

barabo

pr closed time in 3 days

PR merged HL7/smart-app-launch

Conformance and misc

Consolidates the remaining May ballot issue resolutions:

  • [x] FHIR-32201 - Intro suggests only patient facing apps
  • [x] FHIR-32296 - SMART capabilities need to include online_access
  • [x] FHIR-32170 - Fix typo on Conformance page
  • [x] FHIR-32323 - Add Background: Trade-offs in App Architecture
  • [x] FHIR-32324 - Add best practices for server developers
  • [x] FHIR-32325 - Add best practices for app developers
  • [x] FHIR-32326 - Add Best Practices link to confluence
  • [x] FHIR-32609 - add note that artifact is deprecated
  • [x] FHIR-27831 - Fix token_auth_methods_
  • [x] FHIR-27830 - Clarify response_types_supported acceptable values
  • [x] FHIR-30876 - SMART should make clear that Accept is not required
  • [ ] FHIR-32200 - Add Backend-Authorization from Bulk Data to SmartOnFhir
+310 -144

0 comment

5 changed files

barabo

pr closed time in 3 days

PR merged HL7/smart-app-launch

Launch and auth resolutions

Applies resolutions from May-2021 ballot comments:

Issues:

  • [ ] FHIR-32210 - An IHE actor/transaction approach might make this section easier to read.
  • [ ] FHIR-32597 - update figure 1.0.5.1 AND 1.0.6.1
  • [ ] FHIR-31918 - Consistency between app launch diagrams and prose
  • [x] FHIR-32603 - fix link to bulk Jupyter example in git
  • [x] FHIR-32595 - clarify clear text cookies
  • [x] FHIR-32590 - Change to language to SHALL NOT
  • [x] FHIR-32435 - Can additional verbiage be added?
  • [x] FHIR-32434 - Is it the .well-known/smart-configuration endpoint? Can additional verbiage be added?
  • [x] FHIR-32433 - Suggest that the IG provide a general recommendation on this and highlight how SMART intersects with FHIRcast.
  • [x] FHIR-32432 - It will be good if brief description of the use cases can be provided in the IG
  • [x] FHIR-32371 - Adoption of SMART PKCE requirement
  • [x] FHIR-32222 - fhirUser can also be a Practitioner, Person or RelatedPerson
  • [x] FHIR-32224 - Missing launch scope in example
  • [x] FHIR-32215 - Unclear limitation requirement
  • [x] FHIR-32218 - duplicate specificaton
  • [x] FHIR-32217 - Unclear protocol requirement
  • [x] FHIR-32219 - Why not refer to OAuth2.1?
  • [x] FHIR-32216 - openid and fhiruser usefull beyond end-user identity authentication
  • [x] FHIR-32213 - aud is normally not a claim
  • [x] FHIR-32212 - Unclear state definition
  • [x] FHIR-32211 - Uncleare scope definition
  • [x] FHIR-32214 - Duplication of requirement for PKCE support.
  • [x] FHIR-32208 - Unclear sentence related to launch notification
  • [x] FHIR-32209 - What are launch context requirements?
  • [x] FHIR-32204 - Access tokens are opague
  • [x] FHIR-32205 - Inputs as code should not be executed
  • [x] FHIR-32202 - Definitions or examples
  • [x] FHIR-31916 - Clarification of PKCE Support
  • [x] FHIR-31894 - Require PKCE for confidential clients
+265 -137

0 comment

2 changed files

barabo

pr closed time in 3 days

push eventmicrosoft-healthcare-madison/smart-app-launch

Carl Anderson

commit sha 1bf9b5b325527609d437f377e0af1e7e1401fb28

apply FHIR-32652 resolution

view details

Carl Anderson

commit sha f2677cb5e3236a702f5e3bbcdca088d8737f2557

applies FHIR-32168 resolution

view details

Carl Anderson

commit sha e1908e1ca6dc44146fde575298b160486c3e8b5d

applies FHIR-32437 resolution

view details

Carl Anderson

commit sha 2601e6d910904ebdc33bb4c3583f21ba72bbd2a2

applies FHIR-32436 resolution

view details

Carl Anderson

commit sha 0b4c5189fa2c89041d2fe7d8bbd4f9de2da7ace8

applies FHIR-32429 resolution

view details

Carl Anderson

commit sha 42e9326ab3beaddcb0576ed4ef57f45ca0cf5a33

applies FHIR-32358 resolution

view details

Carl Anderson

commit sha d609b208a7b5d6c26d7f502e792a444169b5d472

applies FHIR-32023 resolution

view details

Carl Anderson

commit sha 9f39eec247245d0939664f924a6f225299b66afd

applies FHIR-32258 resolution

view details

Carl Anderson

commit sha c72d998222923a5953ecf9361b0f89889d860c06

applies FHIR-32257 resolution

view details

Carl Anderson

commit sha 5e6e418e2065f3c67383ab6c9a1c83b6e7da0220

applies FHIR-32254 resolution

view details

Carl Anderson

commit sha 2a8a2b8f2e5ae60199734ecac59db61d5f8fd25e

applies FHIR-32255 resolution

view details

Carl Anderson

commit sha a21d1a9fd790c73d81a5a181717a60bc85777ca6

applies FHIR-32251 resolution

view details

Carl Anderson

commit sha a2f589d099ff5121438ddf4ebfbe3b6cdf5884e6

applies FHIR-32250 resolution

view details

Carl Anderson

commit sha ccae38e9692882aa3e61331920bccabe8d7847fb

applies FHIR-32249 resolution

view details

Carl Anderson

commit sha cba45b0f93b429548d0b8d35e2717f8e455334ef

applies FHIR-32253 resolution

view details

Carl Anderson

commit sha d91fb8364ef62620fc0dc99c1a330087b0ac0a6c

applies FHIR-32252 resolution

view details

Carl Anderson

commit sha d0b7f5a21cc869a126ebeb8245dc40a469e81d7a

applies FHIR-32248 resolution

view details

Carl Anderson

commit sha e7a7b8e94cc28888b558ca5e67a8a6ebea353415

applies FHIR-32253 resolution (addendum)

view details

Carl Anderson

commit sha bd4d1dbf00dcec4d84b27941893b2223055292bb

applies FHIR-32229 resolution

view details

Carl Anderson

commit sha b3941d366ed80c6904b59080efccfeffcba87e1e

applies FHIR-32024 resolution

view details

push time in 3 days

push eventmicrosoft-healthcare-madison/smart-app-launch

Josh Mandel

commit sha 2ffa3821ab7e5347e1d03174341a8a87261a8e17

Add links to resolution for FHIR-27830

view details

push time in 3 days

push eventmicrosoft-healthcare-madison/smart-app-launch

Josh Mandel

commit sha a1ac35633bf1901619c91c5e587d696319558630

Fix positioning of state validation for FHIR-32215

view details

push time in 3 days

push eventmicrosoft-healthcare-madison/smart-app-launch

Josh Mandel

commit sha 1c8e31054a2d1fe60aa7d220b964a46a933e654e

Fix link in resolution for FHIR-32218

view details

push time in 3 days

push eventmicrosoft-healthcare-madison/smart-app-launch

Josh Mandel

commit sha 191dba9bee5b5a54387a8f91f88eaf8a4680a38c

For FHIR-31894 clarify that PKCE applies to all clients

view details

push time in 3 days

CommitCommentEvent

push eventmicrosoft-healthcare-madison/smart-app-launch

Josh Mandel

commit sha ebdf5dc2d4dac09adc1888db2437542b16cdaf5e

Apply remainder of FHIR-32255 resolution

view details

push time in 3 days

issue closedsmart-on-fhir/health-cards

Java implementation of Jws

Trying to construct compact Jws and convert it into numeric encoding for Qr code. Keep getting Data too big for requested version eventhough compressed json size is less than 600 characters. Not sure what the mistake is

-- Jws creation JWSObject jwsObject = new JWSObject(new JWSHeader.Builder(JWSAlgorithm.ES256).customParam("zip", "DEF") .keyID("123").build(), new Payload(compressedJsonInByteArray)); jwsObject.sign(new ECDSASigner((ECPrivateKey) privKey)); String compactJWS = jwsObject.serialize();

String numericCompactJWS = getNumericString(compactJWS);

--qr code generation Map<EncodeHintType, Object> hints = new EnumMap<EncodeHintType, Object>(EncodeHintType.class); hints.put(EncodeHintType.QR_VERSION,22);

QRCodeWriter qrCodeWriter = new QRCodeWriter(); BitMatrix bitMatrix = qrCodeWriter.encode("shc:/" +numericCompactJWS, BarcodeFormat.QR_CODE, 400, 400, hints);

ByteArrayOutputStream pngOutputStream = new ByteArrayOutputStream(); MatrixToImageWriter.writeToStream(bitMatrix, "PNG", pngOutputStream); byte[] pngData = pngOutputStream.toByteArray(); String encodedfile = new String(Base64.encodeBase64(pngData), "UTF-8");

public static String getNumericString(String data) { StringBuilder sb = new StringBuilder(); char[] letters = data.toCharArray(); for (char ch : letters) { int currentVal = (int)ch - 45; if (currentVal < 10) { sb.append("0" + currentVal); } else { sb.append(currentVal); }

} return sb.toString(); }

closed time in 3 days

ar3balaji

issue commentsmart-on-fhir/health-cards

Java implementation of Jws

I'm going to transfer this to discussions, since it's not a spec issue. If you want specific feedback, I'd recommend providing a minimal, reproducible example (https://stackoverflow.com/help/minimal-reproducible-example)

ar3balaji

comment created time in 3 days

push eventFHIR/auto-ig-builder

Josh Mandel

commit sha db7b0082e6c9c46043c6f73084649dbe826f95a9

Use scripts from https://github.com/HL7/ig-publisher-scripts

view details

push time in 3 days

push eventjmandel/my-health-data

Josh Mandel

commit sha 3797c88800f0ee1da0dde426fd4b253de81dccd7

Add SMART Health Card

view details

push time in 6 days