From 9d4db5353b6d410de7574ae467e2d4760bc0e49b Mon Sep 17 00:00:00 2001 From: "Qian (Jim) Fu" Date: Thu, 10 Apr 2025 09:32:05 -0700 Subject: [PATCH 1/6] update readme scopes related text to reflect smart app v2 scopes per AC. --- README.md | 31 ++++++++++++++++++++++--------- 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 0e94e8d..cdcc1df 100644 --- a/README.md +++ b/README.md @@ -218,26 +218,39 @@ def authorization_callback(): scopes = auth_token.scope # iterate scope entries here or check if a permission is in the scope - if "patient/Patient.read" in scopes: - # patient info access granted + if "patient/Patient.r" in scopes: + # patient read access granted, similarly can check: + # "patient/Patient.s", or "patient/Patient.rs" """ 1. access token scope where demographic info included: scope: [ - "patient/Coverage.read", - "patient/ExplanationOfBenefit.read", - "patient/Patient.read", - "profile", - "openid", + "profile", + "openid", + "patient/Patient.r", + "patient/Patient.s", + "patient/Patient.rs", + "patient/ExplanationOfBenefit.r", + "patient/ExplanationOfBenefit.s", + "patient/ExplanationOfBenefit.rs", + "patient/Coverage.r", + "patient/Coverage.s", + "patient/Coverage.rs", + "launch/patient", ] 2. access token scope where demographic info not included: scope: [ - "patient/Coverage.read", - "patient/ExplanationOfBenefit.read", "openid", + "patient/ExplanationOfBenefit.r", + "patient/ExplanationOfBenefit.s", + "patient/ExplanationOfBenefit.rs", + "patient/Coverage.r", + "patient/Coverage.s", + "patient/Coverage.rs", + "launch/patient", ] """ config = { From 02f1bbc7626cab2089a38977901d26af2bd88c22 Mon Sep 17 00:00:00 2001 From: "Qian (Jim) Fu" Date: Mon, 14 Apr 2025 11:46:06 -0700 Subject: [PATCH 2/6] add link to SMART App v2 scopes spec. --- README.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index cdcc1df..1b24a0c 100644 --- a/README.md +++ b/README.md @@ -167,7 +167,12 @@ There are three ways to configure the SDK when instantiating a `BlueButton` clas ## Sample Usage: Obtain Access Grant, Probe Scope, and Access Data -Below are code snippets showing the SDK used with Python server and Flask. +Below are code snippets showing the SDK used with Python server and Flask. This code walks through: + +- Obtaining an access token with scope ([SMART App Launch: Scopes](https://build.fhir.org/ig/HL7/smart-app-launch/scopes-and-launch-context.html#scopes-for-requesting-fhir-resources)) chosen by a user +- Passing the token to query for FHIR data +- Using URL links from the response to page through data +- Using the SDK paging support to return all data in one call ```python from flask import Flask From 88927670aca92547e83678f95d7573b35621a06a Mon Sep 17 00:00:00 2001 From: "Qian (Jim) Fu" Date: Tue, 15 Apr 2025 08:11:46 -0700 Subject: [PATCH 3/6] add link pointing to 'scopes' in dev doc --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1b24a0c..2346540 100644 --- a/README.md +++ b/README.md @@ -169,7 +169,7 @@ There are three ways to configure the SDK when instantiating a `BlueButton` clas Below are code snippets showing the SDK used with Python server and Flask. This code walks through: -- Obtaining an access token with scope ([SMART App Launch: Scopes](https://build.fhir.org/ig/HL7/smart-app-launch/scopes-and-launch-context.html#scopes-for-requesting-fhir-resources)) chosen by a user +- Obtaining an access token with scope ([Scopes](https://bluebutton.cms.gov/developers/#scopes)) chosen by a user - Passing the token to query for FHIR data - Using URL links from the response to page through data - Using the SDK paging support to return all data in one call From 1502bf48626a0d7f94b652acbe1c208fca2c0186 Mon Sep 17 00:00:00 2001 From: "Qian (Jim) Fu" <135686833+JFU-NAVA-PBC@users.noreply.github.com> Date: Fri, 18 Apr 2025 13:44:54 -0700 Subject: [PATCH 4/6] Update README.md Co-authored-by: jimmyfagan <90421499+jimmyfagan@users.noreply.github.com> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2346540..bbc9f2e 100644 --- a/README.md +++ b/README.md @@ -223,7 +223,7 @@ def authorization_callback(): scopes = auth_token.scope # iterate scope entries here or check if a permission is in the scope - if "patient/Patient.r" in scopes: + if "patient/Patient.r" in scopes or "patient/Patient.rs" in scopes: # patient read access granted, similarly can check: # "patient/Patient.s", or "patient/Patient.rs" From 69061fc955f159779e2834fff73b3a51d13aeec5 Mon Sep 17 00:00:00 2001 From: "Qian (Jim) Fu" Date: Mon, 21 Apr 2025 08:22:58 -0700 Subject: [PATCH 5/6] minor edits --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index bbc9f2e..d3c9c71 100644 --- a/README.md +++ b/README.md @@ -245,7 +245,7 @@ def authorization_callback(): "launch/patient", ] - 2. access token scope where demographic info not included: + 2. access token scope where demographic info (profile patient/Patient.r patient/Patient.s patient/Patient.rs) not included: scope: [ "openid", From 82fa6e654e5cc210eb6c0f51a919c2a6d131f383 Mon Sep 17 00:00:00 2001 From: "Qian (Jim) Fu" Date: Thu, 1 May 2025 11:39:55 -0700 Subject: [PATCH 6/6] make the version point to 1.0.4, ready to publish --- cms_bluebutton/version.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cms_bluebutton/version.py b/cms_bluebutton/version.py index 976498a..92192ee 100644 --- a/cms_bluebutton/version.py +++ b/cms_bluebutton/version.py @@ -1 +1 @@ -__version__ = "1.0.3" +__version__ = "1.0.4"