Final Project Talk Thread : https://talk.openmrs.org/t/gsoc-2018-oauth-module-enhancements-and-smart-apps-support-final-presentation/19472
Project Report : https://pkatgithub.github.io/GSoC-2018-Final-Evaluations/
The OAuth2 module is functional with all grant types working against OpenMRS 2.x releases with work done in FHIR OAuth Smart Apps Integration . The objective of this project is to enhance the OAuth2 module by writing unit tests to increase code coverage, migrate from an XML based configuration to an Annotation based configuration wherever possible, upgrade Spring, Spring Security, Jackson and Hibernate dependencies to make sure the module works against the latest OpenMRS release. Another major goal is to fully integrate EHR-launch flow for the SMART applications. This functionality must be tested out against the FHIR module with SMART applications from the SMART App Gallery . Also, the module needs to add support for SMART app "launch scopes".
- Upgrade Dependencies : Upgrade all the Spring, Spring Security, Hibernate, Jackson dependencies so that the module works against the latest OpenMRS release. As we have moved to Java8, Spring 4.x, Hibernate 4.x with the Platform 2.0 release, the OAuth2 module needs to be migrated to the latest tech stack. Please see the Platform Release notes [https://wiki.openmrs.org/display/RES/Platform+Release+Notes+2.1.2].
- Roles and Launch Scopes : At present, the module doesn't support any launch scope (Patient/read, Patient/write, etc.) See http://docs.smarthealthit.org/authorization/scopes-and-launch-context/. Implementing these launch scopes will make sure that the module works in accordance to the SMART Healthcare IT guidelines.
- Switch to Annotations where possible : Annotation based configuration is more common in the new spring security releases as compared to their xml counterpart. They are easier to understand. At present Spring Security and Spring Security OAuth2 are configured purely via xml. We need to identify places where it would make sense to switch to Annotations instead.
- EHR-launch flow : As of now, the module can only run SMART application running standalone. See http://www.hl7.org/fhir/smart-app-launch/. To properly utilize the power of SMART apps, EHR-launch flow must be integrated in the module with all necessary UI additions.
- Use-case implementation : Identify and Implement use-cases for different grant types. For instance, a basic SMART app can demonstrate using the OAuth2 module's Authorization Code Grant Type besides the interaction between OAuth2 and FHIR modules. Similarly, OWA module based app can demonstrate OAuth2 module's Implicit grant type while the OpenMRS Android Client can exploit the Resource Owner Password Credentials use case.
- Increase Code Coverage : Write unit tests for the untested code and increase code coverage. Follow OpenMRS Unit Tests Conventions and also add raw test data.