Git Product home page Git Product logo

health_cards's Introduction

HealthCards

Build

This repository includes a Ruby gem for SMART Health Cards and a reference implementation for the SMART Health Cards: Vaccination & Testing Implementation Guide. Go to the Health Card Gem section to read about the Ruby library or go to the Reference Implementation section to try a ready-to-use rails application.

Reference Implementation

The reference implementation is a Ruby on Rails application with Issuer capabilities for creating SMART Health Cards and Verifier capabilities for confirming an individual's vaccination status or laboratory test results.

This Issuer supports the three defined methods of retrieving a SMART Health Card:

  • via a *.smart-health-card file
  • via a QR code
  • via FHIR $health-card-issue operation

The Verifier supports scanning QR codes.

System Requirements

Quick Start

Clone and change directory into the repository:

git clone https://github.com/dvci/health_cards.git
cd health_cards

Local Development

Setup environment:

bin/setup

Run server:

bin/rails server

Then go to http://127.0.0.1:3000 to view the locally running application.

Docker:

Alternatively, you can create a Docker image and start it in a container:

docker build -t health_cards .
docker run -p 3000:3000 --env HOST=https://myserver.com health_cards

The HOST environment variable will be used as the iss value in the SMART Health Card JWS. By default this value is http://localhost:3000. The Docker container will be running at http://127.0.0.1:3000, unless mapped to a different port.

Docker Compose

Docker Compose can be used to deploy a production version of the application behind nginx and is especially useful for deploying behind an SSL terminating load balancer.

docker-compose up --build

There are two environment variables which can be configured:

  • HEALTH_CARDS_HOST is used as the iss value in issued Health Cards and for identifying the SMART Endpoint locations
  • HEALTH_CARDS_SECRET_KEY_BASE is used by rails as the input secret to the application's key generator, which in turn is used to create all MessageVerifiers/MessageEncryptors, including the ones that sign and encrypt cookies. See secret_key_base

When deploying a production instance it is important that a new secret base is generated and used. A new secret base can be generated with bin/rails secret.

When testing locally proxy_set_header X-Forwarded-Ssl on; should be commented out in nginx/nginx.conf.

Health Cards Gem

Health Cards is a Ruby gem that implements SMART Health Cards, a framework for sharing verifiable clinical data with HL7 FHIR and JSON Web Signatures (JWS) which may then be embedded into a QR code, exported to a *.smart-health-card file, or returned by a $health-card-issue FHIR operation.

This library also natively supports SMART Health Cards: Vaccination & Testing Implementation Guide specific cards.

Installation

Add this line to your application's Gemfile:

gem 'health_cards'

And then execute:

 $ bundle install

Or install it yourself as:

 $ gem install health_cards

Documentation

See usage examples in USAGE.md.

See full documentation in API.md.

Development

Fork or clone this repository, then run bin/setup or bundle install to install dependencies. Run tests with rake test. Access an interactive prompt for experimentation with bin/console.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/dvci/health_cards. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the code of conduct.

License

Copyright 2021 The MITRE Corporation

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Code of Conduct

Everyone interacting in the HealthCards project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.

health_cards's People

Contributors

danlee1025 avatar jammjammjamm avatar masnick avatar mickohanlon23 avatar p9g avatar pmadria avatar radamson avatar shaumik-ashraf avatar ssayer avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

ssayer robax007 p9g gjskha kimihipi albertico albertico-gov hellodocket jlduran

health_cards's Issues

USAGE.md have mistake

Summary

Thanks to all contributors.

I try to use the gem with USAGE.md.

but USAGE.md have one mistake.

# In console
> key = HealthCards::Key.generate_key
=> (irb):6:in `<main>': undefined method `generate_key' for HealthCards::Key:Class (NoMethodError)

# maybe correct using
> HealthCards::PrivateKey.generate_key
=> #<HealthCards::PrivateKey:0x0000561fa5e3ff88 @key=#<OpenSSL::PKey::EC:0x0000561fa5e34020 oid=id-ecPublicKey>>

FIx Proposal

before

# Generate or load a private key
key = HealthCards::Key.generate_key # or `key = HealthCards::Key.from_file`

After

# Generate or load a private key
key = HealthCards::PrivateKey.generate_key # or `key = HealthCards::PrivateKey.from_file`

Library is broken with OpenSSL v3

OpenSSL v1.1.1 is end-of-life this year, 2023-09-11.

I've upgraded a server I'm working with to Ubuntu Jammy (22.04, their LTS) with Ruby 3.2.0 and Rails 6.1 and it uses OpenSSL v3 by default.

This breaks the library since there are major backwards-incompatible changes. Here's the error I get:

OpenSSL::PKey::PKeyError (pkeys are immutable on OpenSSL 3.0):

Looking at the failing line of code, it's HealthCards::Key.from_jwk(jwk), or https://github.com/dvci/health_cards/blob/main/lib/health_cards/key.rb#L23

Please add support for OpenSSL v3.

additional_types aren't inherited

e.g. given

health_cards/lib/health_cards/covid_health_card.rb

Lines 11 to 12 in 4eaa1a5

additional_types 'https://smarthealth.cards#covid19'
additional_types 'https://smarthealth.cards#immunization'

... the code at https://github.com/HL7/fhir-shc-vaccination-ig/blob/8f1fc04e2f0c81c6b12ea5a2a85189cd5333e849/examples/generate-examples.rb#L6 inadvertently drops the #covid19 type, so it's missing in https://github.com/HL7/fhir-shc-vaccination-ig/blob/master/examples/Scenario1Bundle-jws-payload-expanded.json#L5-L8

looking for output file

I'm currently running a docker image attempting to find the raw output of shc file but i cannot find anything that has not been encoded. I just want to see the unencoded output of the qr where might I find this?

FHIR $health-cards-issue operation fails

Possibly related to Issue #94 . I created a test script as follows:

cat <<EOF >"/tmp/data"
{
  "resourceType": "Parameters",
  "parameter": [{
    "name": "credentialType",
    "valueUri": "https://smarthealth.cards#covid19"
  }]
}
EOF

curl -X POST 'https://<myinstance>/Patient/8/$health-cards-issue' \
-H 'Content-Type: application/fhir+json' -H 'Accept: application/fhir+json' \
-d @/tmp/data

I get back the following response:

{
  "issue": [
    {
      "severity": "error",
      "code": "exception"
    }
  ],
  "resourceType": "OperationOutcome"
}

The logs don't have much detail in this case.

Processing by HealthCardsController#create as FHIR_JSON
Parameters: {"patient_id"=>"8"}
Completed 500 Internal Server Error in 21ms (Views: 0.1ms | ActiveRecord: 7.6ms | Allocations: 8348)

patient page causes error if the patient was modified

If you create a patient, then go to any given patient page at the /patients/N route, where N is the patient ID, it will display fine. Then if you click "Record Immunization" or "Record Lab Result", once it is recorded, when the app redirects back to the /patients/N route, you will get an error with a backtrace:

ArgumentError (bad argument (expected URI object or URI string)):
lib/health_cards/health_card.rb:202:in `process_reference'
lib/health_cards/health_card.rb:161:in `block (2 levels) in strip_fhir_bundle'
lib/health_cards/health_card.rb:158:in `block in strip_fhir_bundle'
lib/health_cards/health_card.rb:157:in `each'
lib/health_cards/health_card.rb:157:in `strip_fhir_bundle'
lib/health_cards/health_card.rb:128:in `to_hash'
lib/health_cards/health_card.rb:144:in `to_json'
lib/health_cards/health_card.rb:138:in `to_s'
lib/health_cards/issuer.rb:35:in `issue_jws'
app/lib/patient_exporter.rb:36:in `jws'
app/lib/patient_exporter.rb:13:in `qr_codes'
app/controllers/patients_controller.rb:15:in `block (2 levels) in show'
app/controllers/patients_controller.rb:14:in `show'
app/controllers/application_controller.rb:31:in `handle_fhir_errors'

However, if you go to the json version e.g. /patients/N.json it renders fine. So it appears to be a problem with the HTML rendering.

Update Ruby to version 3.0

This project is currently configured to use Ruby 2.7 which will become End-of-Life in March 2023. At minimum, the project should be updated to Ruby 3.0 so that the community can continue to leverage it. That may also be a good opportunity to update various gems and dependencies.

PDFs don't render at "/patients/[patient id]/health_card.pdf"

PDFs don't render when fetching the PDF at the route "/patients/[number]/health_card.pdf" where [number] is the patient's ID. I found this message in the logs:

ActionView::Template::Error (The asset "qr-code.js" is not present in the asset pipeline.
):
1: <%= javascript_pack_tag 'qrcode' %>
2: <%= wicked_pdf_javascript_include_tag "qr-code" %>
3:
4: <%=wicked_pdf_stylesheet_link_tag 'pdf' %>
5: <p id="notice"><%= notice %></p>

app/views/health_cards/show.pdf.erb:2
app/controllers/health_cards_controller.rb:21:in `block (2 levels) in show'
app/controllers/health_cards_controller.rb:12:in `show'
app/controllers/application_controller.rb:31:in `handle_fhir_errors'

I noticed that there is a file at "app/javascript/packs/qrcode.js" so I changed the erb at line 2 above from qr-code to qrcode but it doesn't make a difference -- looks like it could be doing some fancy caching somewhere.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.