Skip to main content

14 posts tagged with "iguhealth"

View All Tags

Updates 2024-10-08

· 2 min read
Confused-Moniker
Maintainer of IGUHealth

Admin App

  • We've added support for testing AccessPolicyV2 resources in the admin app. This allows you to test your AccessPolicyV2 resources and see the results of the evaluation.

UI

  • Added simplified views for Subscription creation/deletion and viewing.
  • Condensed sidebar text
  • Added IDP configuration

Server

  • We've altered how Operation Definitions are deployed. We now require users to deploy via the $deploy operation. This operation is invoked at the Operation Definition instance level and takes the code and environment variables as input parameters.

Security

OIDC

  • We've added support for SMART on FHIR patient scopes. We use the HL7 patient compartment definition to determine which resources are accessible by a given patient scope.

Federated Identity

  • We've added support for federated identity providers. This allows you to authenticate users via an external identity provider such as Azure, Okta, or Auth0. You can read more about this here

Here is a quick demo showing how to connect Azure as an external identity provider:

General

We are beginning work on performance improvements for single-value search parameters (search parameters whose type is not a collection). We are currently working on an optimized index for these parameters to improve search performance.

Updated Packages

  • @iguhealth/server: 0.23.4
  • @iguhealth/admin-app: 0.16.0

Updates 2024-09-10

· One min read
Confused-Moniker
Maintainer of IGUHealth

Server

Security

AccessPolicy V2

We have added support for a new version of the AccessPolicy resource. This version allows for more fine-grained control over access to resources. We use a rule engine based on XACML to evaluate whether a user can perform a given request. This is evaluated using fhirpath expressions on the request and the user's claims.

More information can be found in our RFC

General

FHIRPath

We've rewritten our FHIRPath parser to be more performant. Currently, we've seen a roughly 60% improvement in parsing time. This will allow us to index resources faster and improve the performance of our FHIRPath queries.

Expression component

We've added a new component to our component library that allows you to view FHIRPath expressions. We have written a custom codemirror mode to highlight and format FHIRPath expressions.

Meta values

We've altered the way we pull type information about resources. We've created a pre-generated hashtable of type information per resource and use this to validate resources and for type information in our FHIRPath queries.

Updated Packages

  • @iguhealth/server: 0.21.1
  • @iguhealth/x-fhir-query: 0.4.0
  • @iguhealth/components: 0.13.0
  • @iguhealth/fhirpath: 0.9.0
  • @iguhealth/fhir-validation: 0.11.0

Updates 2024-08-10

· One min read
Confused-Moniker
Maintainer of IGUHealth

Server

Security

OIDC

  • Added Support for RS384 for signing JWTs.
  • Added support for Refresh tokens and added a UI to manage/revoe them.
  • Added support for SMART Discovery document.
  • Added support for SMART Launch Context.
  • Added support for SMART V2 Scopes
  • Added SMART Claims (fhirUser, Patient) to JWT on SMART Launches
  • Added Scope interaction for Launches
  • PKCE no longer supports plain text. Only S256 is supported (per SMART spec).

General

Updated Packages

  • @iguhealth/server: 0.18.12

Updates 2024-07-19

· 2 min read
Confused-Moniker
Maintainer of IGUHealth

Terminology

We now support the following external terminologies:

We will be adding support for Loinc, ICD-10, and RxNorm codes in the following weeks.

Server

Conditional Updates

We've added support for conditional updates. This allows you to update a resource only if certain conditions are met.

Migration to Async for FHIRPath and Canonical Resolution

Our fhirpath library and canonical resolution have been migrated to use async functions. This is to allow for querying external services and databases for terminology and data.

Worker migration to HTTP

Workers are separate processes we use for processing subscriptions and asynchronous tasks. We've migrated these workers to use HTTP to communicate and pull data from our server. This will allow us to scale workers horizontally and improve performance.

GZip Compression

We've added support for GZip compression on all responses.

Security

PKCE Support

We've added support for Proof Key for Code Exchange. This is a security feature that helps prevent authorization code interception attacks. This will now be required for all authorization code flows. Our component library has been updated to make use of this feature.

CapabilityStatement Public

CapabilityStatements are now public for all tenants. This will allow clients to query the server for the capabilities of the server without needing to authenticate.

Conformance Testing

Finished the initial round of conformance testing via Touchstone. We currently have a 91% pass on the FHIR Standard R4 suite.

Bug fixes

  • We now allow undefined values on resources where the SD has a minimum set to 0 for the property.

General

Updated Packages

  • @iguhealth/server: 0.17.0
  • @iguhealth/admin-app: 0.10.0
  • @iguhealth/fhirpath: 0.6.4
  • @iguhealth/components: 0.9.0

Postman Integration

· 2 min read
Confused-Moniker
Maintainer of IGUHealth

Postman is a platform that allows you to use APIs with a user-friendly interface. It can be a great way to test your API endpoints and check for conformance and data quality. This guide will cover how to integrate with Postman.

How to integrate Postman with Iguhealth

Download Postman

  1. Download Postman from the official website.

Setup IGUHealth

  1. Go to the admin application and create a new ClientApplication.
  2. Set the name to Postman
  3. Set the grant type to client_credentials.
  4. Set the response type to token.
  5. Set the secret to a secure value.
  6. Hit Actions and create
  7. Mark down the client ID and secret.
  8. Click Security->AccessPolicyV2 in the admin app and create a new access policy.
  9. Create AccessPolicyV2 with the engine set to `Full Access'.
  10. Under Target.Link reference the ClientApplication created on step 5.

Authorize Postman

  1. Open Postman and create a new request.
  2. Under Authorization set type to OAuth 2.0.
  3. Under Configure New Token set Grant Type to Client Credentials.
  4. Set ClientID and ClientSecret to the values from step 7.
  5. Set the Access Token URL to value at User -> Settings -> Endpoints -> Security -> Token
  6. Click Get New Access Token and confirm that you get an access token.

Test

  1. Get R4 endpoint from User -> Settings -> Endpoints -> FHIR -> R4
  2. Make get requests in Postman to the ${r4Endpoint}/metadata
  3. Confirm that you get a 200 response with CapabilityStatement in body.

Updates 2024-06-29

· 2 min read
Confused-Moniker
Maintainer of IGUHealth

Server

Date ranges and Prefixes

Ranges

Date range support is now handled properly for date and datetime values. You can now search for a year like _lastUpdated=2024 or by month _lastUpdated=2024-02.

Date prefixes now supported

The following prefixes are now supported for date queries:

prefixdescriptionexample
gtgreater than_lastUpdated=gt2024-01
ltless than_lastUpdated=lt2024-01
gegreater than or equal to_lastUpdated=ge2024-01
leless than or equal to_lastUpdated=le2024-01

Headers

The following headers are now returned in the response:

HeaderDescription
Last-ModifiedThe last time the resource was modified
EtagThe version id for the resource

Conformance Testing

We've begun testing our conformance using Touchstone https://touchstone.aegis.net/touchstone. We expect to be finished with their FHIR Standard R4 suite by EOW.

Migrated Internal tests to Testscripts on CI

For CI we were testing our APIs using Jest. We've now migrated to using TestScripts. This allows us to test our APIs in a more FHIR compliant way. And to publish our results to our site at https://iguhealth.app/reports

CLI

Operation invocation is now supported on the CLI. You can now invoke operations on the CLI as follows:

System

iguhealth api invoke_system r4 --data $Parameters

Type

iguhealth api invoke_type r4 $ResourceType --data $Parameters

Instance

iguhealth api invoke_instance r4 $ResourceType $ResourceId --data $Parameters

Documentation Updated

We've updated our API Documentation for FHIR operations. You can find it here.

Postman Integration guide

We've added a guide on how to integrate Postman with Iguhealth. You can find it here.

General

Updated Packages

  • @iguhealth/server: 0.15.1
  • @iguhealth/admin-app: 0.9.0
  • @iguhealth/artifacts: 0.6.0
  • @iguhealth/cli: 1.5.0
  • @iguhealth/client: 0.9.0
  • @iguhealth/codegen: 0.7.0
  • @iguhealth/components: 0.8.0
  • @iguhealth/fhir-pointer: 0.5.0
  • @iguhealth/fhir-types: 0.7.0
  • @iguhealth/fhirpath: 0.6.0
  • @iguhealth/testscript-runner: 0.1.0
  • @iguhealth/hl7.fhir.r4.core: 0.4.2
  • @iguhealth/iguhealth.fhir.r4.core: 0.5.10
  • @iguhealth/hl7.fhir.r4.test-data: 0.2.1
  • @iguhealth/hl7.fhir.r4b.core: 0.2.2

Updated Dependencies

  • typescript: 5.5.2
  • react-router-dom: 6.24.0
  • @headlessui/react: ^2.1.1

Updates 2024-06-21

· One min read
Confused-Moniker
Maintainer of IGUHealth

Testing

Documentation

We've updated our documentation to include a guide on how to write and run TestScripts. You can find it here.

Migrations

We've finished migrating our API tests to TestScripts here. These tests are run on all PRs and the main branch.

Publishing Test Reports

We now publish test reports on our main site. You can view them here. These tests are generated off the main branch for the latest published version of our server.

Support for Variables

Variables are now supported on our TestScript runner. You can use them to create dynamic parameters for your testscripts. An example can be found here

Support for Operations and Assertions

We now support the following operations and assertions:

  • Assert: CompareToSourceExpression
  • Operation: history
  • Operation: patch

General

Updated Packages

  • @iguhealth/server: 0.14.33
  • @iguhealth/components: 0.7.22
  • @iguhealth/generated-ops: 0.5.15
  • @iguhealth/cli: 1.4.15
  • @iguhealth/testscript-runner: 0.0.8

Updates 2024-06-14

· 2 min read
Confused-Moniker
Maintainer of IGUHealth

Testing

We our beginning our migration to TestScript resources. This will replace our jest tests against our API and allow us to publish results as TestReports on our main site.

TestScript Runner

We've published our TestScript Runner as an NPM package here.

Testing on CLI

You can run our testscript runner via our latest cli update:

iguhealth test run -i testscripts -o testreports
  • -i , --input: The directory where the testscripts are located.
  • -o , --output: The directory where the testreports will be output.

Server Enhancements

Stronger restrictions on CSP

We have added stronger restrictions on CSP headers in particular to disallow inline scripts and styles.

Conditional Deletes

We now support conditional deletes on the server. You can now delete resources based on a conditional query.

DELETE /Patient?name=John

Client Alterations

Invoke by code

We now support invoke operations via Client with code instead of an Operation Instance. For this you pass a Parameter Resource instead of the simplified JS Object.

const invocation = await client
.invoke_type("validate", {}, R4, "Patient", {
resourceType: "Parameters",
parameter: [
{
name: "resource",
resource: patient,
},
],
} as Parameters)

General

Updated Packages

  • @iguhealth/cli: 1.4.11
  • @iguhealth/client: 0.8.10
  • @iguhealth/components: 0.7.18
  • @iguhealth/fhirpath: 0.5.6
  • @iguhealth/generated-ops: 0.5.11
  • @iguhealth/server: 0.14.28
  • @iguhealth/testscript-runner: 0.0.4
  • @iguhealth/admin-app: 0.8.11

Updates 2024-06-05

· 2 min read
Confused-Moniker
Maintainer of IGUHealth

Server Enhancements

Alterations to the User Data Model

Our data model had the concept of a root user that could be connected to multiple tenants. This was done to allow a user to easily access multiple tenants that they were a member of. We've removed this, and instead, each user is now entirely isolated and connected to a FHIR Membership resource.

Tenant Discovery

On root login, we now return a list of tenants that a user is registered with (via email). After selecting a tenant a user is directed to that tenants login.

Local Development

Docker

We now have the following Docker compose files for local development:

  • docker/services-compose.yml: Will setup all the services needed for local development.
  • docker/iguhealth-compose.yml: Will setup services and the iguhealth server and admin app.

Security

OperationDefinition Execution

OperationDefinitions must now be tied to an AccessPolicy resource to access and mutate data back on the server.

General

Updated Packages

  • @iguhealth/server: 0.14.17
  • @iguhealth/components: 0.7.10
  • @iguhealth/admin-app: 0.8.3

Dependencies Updated to Latest

We've updated the following dependencies to their latest versions:

  • tailwind: 3.4.4
  • prettier: 3.3.1
  • headless/react: 2.0.4
  • pg: 8.12.0
  • jose: 5.4.0
  • ajv: 8.16.0
  • adm-zip: 0.5.14
  • json-schema-to-typescript: 14.0.5

Updates 2024-05-30

· 2 min read
Confused-Moniker
Maintainer of IGUHealth

Server Enhancements

Author Parameter

We've moved the author parameter from being a token search parameter to a reference parameter. Custom operations, ClientApplications with client credentials, and Membership users who make any updates will now be displayed as an extension pointing back to them.

Below is an example of the extension (which is automatically generated on all resources under meta.extension).

      {
"url": "https://iguhealth.app/author",
"valueReference": {
"reference": "Membership/NuqYfcMykSm1Qsq2wHUNet"
}
}

You can now also perform chained searches against the author parameter as an example:

iguhealth api search_type r4 Patient _iguhealth-author.email=[email protected]

Alignment with new root users

Root users are now treated like every other member, with a membership resource being used to determine their role and access to newly created tenants.

Remove _ from ID generation

Per FHIR Spec, this is not compatible with the id regex.

See here for more information about how Vanya Client uncovered this on our server.

Admin Application Enhancements

Settings

Settings now displays links to R4, R4B, and OIDC endpoints, which are pulled from our .well-known/openid-configuration. Additionally, we've updated our libraries to use well-known/openid-configuration for pulling OIDC endpoints instead of hardcoding them.

History View

Versioned resources can now be viewed as a diff from the previous version.

Invite Modal

The invite modal will now allow you to specify a user role and tie an access policy to them.

General

Updated Packages

  • @iguhealth/iguhealth.fhir.r4.core: 0.5.8
  • @iguhealth/admin-app: 0.7.8
  • @iguhealth/cli: 1.4.4
  • @iguhealth/client: 0.8.4
  • @iguhealth/components: 0.7.7
  • @iguhealth/fhir-validation: 0.7.2
  • @iguhealth/fhirpath: 0.5.2
  • @iguhealth/generated-ops: 0.5.4
  • @iguhealth/jwt: 0.4.1
  • @iguhealth/meta-value: 0.5.2
  • @iguhealth/operation-execution: 0.7.2
  • @iguhealth/server: 0.14.9

Dependencies Updated to Latest

We've updated the following dependencies to their latest versions:

  • Storybook
  • ioredis