search

chronic-care / mcc-project

MCC eCare Plan project planning and documentation
Apache License 2.0
0 stars 1 forks source link

MyCarePlanner sdsbeta : encountering "mixed active content" error due to use of HTTP (not HTTPS) in a call to the SDS #433

Open mattStorer opened 1 month ago

mattStorer commented 1 month ago

The latest release of MyCarePlanner is able to query Linkage, and create appropriate Patient resources during bootstrap. So that part works great.

However, the next call by MyCarePlanner is to retrieve the local Patient resource using the following query:

GET /fhir/Patient/e56a671a-dbec-4c8e-a187-12e499b3ad1b/_history/1 undefined
Host: sds-mccecare-dev.ohsu.edu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/json
authorization: Bearer <truncated>
Origin: https://patient-mccecare2-dev.ohsu.edu

This throws an exception, which triggers the app to think the SDS is invalid.

image

This error is accompanied by the following console log:

Blocked loading mixed active content “http://sds-mccecare-dev.ohsu.edu/fhir/Patient/e56a671a-dbec-4c8e-a187-12e499b3ad1b/_history/1”

It's definitely not an issue with the SDS, as I can execute a Postman request using the same authorization header (i.e. the same Bearer access-token) to request the following URL:

http://sds-mccecare-dev.ohsu.edu/fhir/Patient/e56a671a-dbec-4c8e-a187-12e499b3ad1b/_history/1

Doing this, I receive a 200 OK response with the following data:

{
    "resourceType": "Patient",
    "id": "e56a671a-dbec-4c8e-a187-12e499b3ad1b",
    "meta": {
        "versionId": "1",
        "lastUpdated": "2024-07-17T12:01:54.386-07:00",
        "source": "#bw4FkmSS4br2GmwF"
    }
}

The error appears to be due to this query being executed using http as opposed to https, as documented here:

https://support.mozilla.org/en-US/kb/mixed-content-blocking-firefox

Please ensure that all calls to the SDS use https - that should resolve the issue.

Logs:

buildAvailableEndpoints: process.env.REACT_APP_SHARED_DATA_ENDPOINT:  https://sds-mccecare-dev.ohsu.edu/fhir providerEndpointService.ts:27
Not adding SDS to the availableEndpoints with clientId as at least one of the following env vars are not truthy:
    process.env.REACT_APP_SHARED_DATA_CLIENT_ID, process.env.REACT_APP_SHARED_DATA_ENDPOINT,
    or process.env.REACT_APP_SHARED_DATA_SCOPE).
    Note: We may still add the SDS without a clientId, though. providerEndpointService.ts:45
Adding SDS without clientId to availableEndpoints providerEndpointService.ts:53
availableEndpoint.config?.iss (availableEndpointIss):  https://sds-mccecare-dev.ohsu.edu/fhir providerEndpointService.ts:118
launcherData: Check for patient name...is it in here to use vs using launcherClient.tokenResponse?.patient from client itself? 
Object { serverUrl: "https://epicmobile.ohsu.edu/FHIRDEV/api/FHIR/R4", isSDS: false, clientScope: "patient/Binary.read patient/CarePlan.read patient/CareTeam.read patient/Condition.read patient/DiagnosticReport.read patient/Encounter.read patient/Flag.read patient/Goal.read patient/Immunization.read patient/Location.read patient/Medication.read patient/MedicationRequest.read patient/Observation.read patient/Organization.read patient/Patient.read patient/Practitioner.read patient/PractitionerRole.read patient/Procedure.read patient/Provenance.read patient/Questionnaire.read patient/QuestionnaireResponse.Read patient/RelatedPerson.read patient/ServiceRequest.read patient/Task.read fhirUser launch launch/patient openid", fhirUser: {…}, caregiverName: undefined, patient: {…}, patientPCP: {…}, carePlans: (2) […], careTeams: (1) […], careTeamMembers: Map(19), … }
App.tsx:318
connect to SDS so we can verify it can exist App.tsx:352
getSupplementalDataClient sdsURL:  https://sds-mccecare-dev.ohsu.edu/fhir fhirService.ts:195
getSupplementalDataClient sdsScope:  patient/*.cruds patient/* user/*.cruds user/* goal/*.read fhirService.ts:196
getSupplementalDataClient sdsClientId:  <empty string> fhirService.ts:197
getSupplementalDataClient else if (authURL && sdsURL && sdsScope) == true; authorize using existing token fhirService.ts:207
Blocked loading mixed active content “http://sds-mccecare-dev.ohsu.edu/fhir/Patient/e56a671a-dbec-4c8e-a187-12e499b3ad1b/_history/1” browser-ponyfill.js:441
getSupplementalDataClient Error creating Patient resource: TypeError: Network request failed
    onerror browser-ponyfill.js:412
    irrelevant browser-ponyfill.js:411
    fetch browser-ponyfill.js:392
    request lib.js:166
    request lib.js:202
    promise callback*request lib.js:193
    ./node_modules/fhirclient/lib/Client.js/_callee7/_callee7$/< Client.js:715
    promise callback*_callee7$ Client.js:713
    tryCatch Client.js:6
    makeInvokeMethod Client.js:6
    defineIteratorMethods Client.js:6
    Babel 2
    node_modules 0.chunk.js:615
    node_modules 0.chunk.js:604
    request Client.js:916
    create Client.js:552
    _callee2$ fhirService.ts:230
    tryCatch fhirService.ts:2
    makeInvokeMethod fhirService.ts:2
    defineIteratorMethods fhirService.ts:2
    Babel 6
    node_modules 1.chunk.js:107380
    node_modules 1.chunk.js:107369
    getSupplementalDataClient fhirService.ts:186
    _callee7$ App.tsx:625
    tryCatch App.tsx:2
    makeInvokeMethod App.tsx:2
    defineIteratorMethods App.tsx:2
    Babel 2
    node_modules 1.chunk.js:107380
    node_modules 1.chunk.js:107369
    setSupplementalDataClient App.tsx:679
    _callee$ App.tsx:352
    tryCatch App.tsx:2
    makeInvokeMethod App.tsx:2
    defineIteratorMethods App.tsx:2
    Babel 2
    node_modules 1.chunk.js:107380
    node_modules 1.chunk.js:107369
    setLoadAndMergeSDSIfAvailable App.tsx:422
    _callee12$ App.tsx:329
    tryCatch App.tsx:2
    makeInvokeMethod App.tsx:2
    defineIteratorMethods App.tsx:2
    Babel 2
index.js:1211
getSupplementalDataClient FHIR.client(sdsFhirAccessDataObject) sdsClient =  
Object { units: {…}, state: {…}, environment: {…}, _refreshTask: null, patient: {…}, encounter: {…}, user: {…} }
index.js:1211
getSupplementalDataClient End index.js:1211
Non-terminating Error: The SDS is invalid. Loading the launcher only. App.tsx:723
Technical Message: The SDS cannot be used due to an invalid SDS configuration,
                a missing patient, or otherwise: Loading the launcher only, the SDS will not be loaded. App.tsx:724
Warning: validateDOMNesting(...): <h5> cannot appear as a descendant of <p>.
    in h5 (at Home.tsx:183)
    in p (at Home.tsx:182)
    in div (at Home.tsx:180)
    in div (at Home.tsx:134)
    in div (at Home.tsx:67)
    in Home (at App.tsx:916)
    in div (created by MuiTabPanelRoot)
    in MuiTabPanelRoot (created by ForwardRef(TabPanel))
    in ForwardRef(TabPanel) (at App.tsx:915)
    in div (created by Styled(div))
    in Styled(div) (created by ForwardRef(Box))
    in ForwardRef(Box) (at App.tsx:902)
    in TabContext (at App.tsx:901)
    in SessionProtected (at App.tsx:900)
    in Route (at App.tsx:899)
    in Switch (at App.tsx:839)
    in div (at App.tsx:818)
    in App (created by Context.Consumer)
    in Route (at src/index.js:18)
    in Switch (at src/index.js:16)
    in Router (created by BrowserRouter)
    in BrowserRouter (at src/index.js:15)
    in StrictMode (at src/index.js:14) index.js:1211
kbertodatti commented 1 month ago

Unable to reproduce as of 7/23. May be OBE after refresh functionality is implemented. Will revisit.