P2P - Implement P2P FHIR Core Authentication (Team/Location)* - Githubissues

opensrp / fhircore

FHIR Core / OpenSRP 2 is a Kotlin application for delivering offline-capable, mobile-first healthcare project implementations from local community to national and international scale using FHIR and WHO Smart Guidelines on Android.

https://opensrp.io

Apache License 2.0

59 stars 59 forks source link

P2P - Implement P2P FHIR Core Authentication (Team/Location)* #1001

Open f-odhiambo opened 2 years ago

f-odhiambo commented 2 years ago

Epic Create Session interfaces + Authentication (Team/Location)

Authentication strategy Check if you are in the same team or location based on the logged in practitioner details

Fetch the following details
- Location id
- Organization id
- P2P sync version number
- Practitioner role (CHA, Supervisor e.t.c)
- App Id
- App flavor
Reject the connection request if i) the P2P sync version number is incompatible ii) the authentication credentials do not match
- The authentication conditions are configurable and implemented on the implementing application. Examples of the conditions that can be evaluated are listed below:
  - Location needs to be the same
  - Organization needs to be the same
  - Team needs to be the same
  - Authentication can only be accepted for supervisor and CHW with certain conditions
  - Supervisor is the receiver
  - CHW is the sender
  - Supervisor is in a location above the CHW
  - CHW is in a location below the supervisor
  - (Optional) They are both in the same team
  - FHIR server URLs do not match.

Requires #1077

[ ] Implement interfaces from #1077

f-odhiambo commented 2 years ago

See Diagram here

Screen Shot 2022-01-31 at 6 11 01 PM

Rkareko commented 2 years ago

LOE 1 - 2 FTE days

ekigamba commented 2 years ago

This will be implemented in FHIR Core