# Creating a session from a saved token

Once we've gotten a token, we can save it and use it later. 
In this tutorial, we'll use a token created in the authorization tutorial.

To create a session for such a token, we can do the following:

In [36]:
SERVICE_ROOT = 'https://sb-fhir-dstu2.smarthealthit.org/smartdstu2/data'
CLIENT_ID = '9644d85e-07f0-4962-a78b-ab1bfe39c6d8'
CLIENT_SECRET = 'L4YpIzPyt48Ih7TTl7stWxWz0eQM3I-TU2QCjs_iL5ZdLNrSFy7fNUCCEL48nB3enl6GASy8v86oMBnMtfxIAA'

token = {
  "access_token": "eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI5NjQ0ZDg1ZS0wN2YwLTQ5NjItYTc4Yi1hYjFiZmUzOWM2ZDgiLCJpc3MiOiJodHRwczpcL1wvc2ItYXV0aC5zbWFydGhlYWx0aGl0Lm9yZ1wvIiwiaWF0IjoxNTEyNjE4MzQyLCJqdGkiOiI3OGEyNmU3OS1iZmFkLTQ3ZTYtOTRiNi0xNGQ4NzU0NDYxOWMifQ.CrN-01bcwqjhqwZvE0eV5yYjw1l3gFNYol0p6uNDpAefyJu_ZAiBs5YfgxYVI3U3YORDq8H3eZK_h-JlT-pHUXViYtwCD9CNmnO0sOUwp1A1zQ0F4MWno_KcilepkJNAxMvIPSaafv2mor8nVMX5fFK17c6xROPGQ3GsbDr8hW06u2H__NlJapGgCP6dc8FzTcLI9sxjndDMyCAiaRPY2u64o-k07IvXgFZhIaNaAStmPAtFOfIxHSAnI4egOeSf5-U96CZbPqDiut8F4DyzNjRw48w6bSzBsMJw0wuSnCcADLpw9W-Ft7SC5ANn5fl9nxci55n-HEVAJPqYGE3N0g", 
  "id_token": "eyJraWQiOiJyc2ExIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJqb2huZ2xvYmFsQHNtYXJ0ZHN0dTIiLCJhdWQiOiI5NjQ0ZDg1ZS0wN2YwLTQ5NjItYTc4Yi1hYjFiZmUzOWM2ZDgiLCJkaXNwbGF5TmFtZSI6IkpvaG4gU21pdGgiLCJwcm9maWxlIjoiUHJhY3RpdGlvbmVyXC9TTUFSVC0xMjM0Iiwia2lkIjoicnNhMSIsImlzcyI6Imh0dHBzOlwvXC9zYi1hdXRoLnNtYXJ0aGVhbHRoaXQub3JnXC8iLCJleHAiOjE1MTI2MTg5NDIsImlhdCI6MTUxMjYxODM0MiwiZW1haWwiOiJqb2huZ2xvYmFsQHNtYXJ0ZHN0dTIifQ.e8bBMNgDHWOJINcFOlps6_xFQOIk9TsmeUYlWSZ9OYB3iWfHY07i9BbPvi5_QRyWKUFxHO99x0KoHG8be0BaJuqZl-KHPAOPSrPzbPsVPHtY5JDk65g2tLbPO8zp1dYi3KApBHbVmYHoYSyHoiwSWM0Pss3yRSY_ABFuVb2PmlFQDnHg7pZAfOu7EOpSq0HqGsuujAKr8L8L7cE2gmkxH_QoLzRyF1XHqv5fgwCqSe-azqQ2f4GmZjnEiJxmxwcRGFoKuIw6iQ7YSrfi0xYmOqNZhaW2qojGI-V_XXLqR6l42kyjm59G2DvrpAO_WikwsDKa1QXJEgkz4gtfJlv5tA", 
  "patient": "783a1f02-5bf9-41c9-90d0-c2c4d35d3ec3", 
  "refresh_token": "eyJhbGciOiJub25lIn0.eyJleHAiOjE1MTI2MTgzNDIsImp0aSI6IjFjYmVjZTJiLWEzMzAtNDRlYy05NjczLWMwMmQ1OWRjNDU3ZiJ9.", 
  "scope": [
    "launch", 
    "openid", 
    "patient/*.*", 
    "offline_access", 
    "profile"
  ], 
  "token_type": "Bearer"
}


In [37]:
from fhirstorm import Connection
from requests_oauthlib import OAuth2Session
connection = Connection(
    SERVICE_ROOT,
    session=OAuth2Session(
        client_id=CLIENT_ID,
        token=token),
    client_secret=CLIENT_SECRET)
service = connection.metadata.rest[0]

# Getting the patient data

Generally, the patient ID is sent back to us with the token. 
Sometimes, however, we might have to decode the access or id token to get it.

In [38]:
import jwt

token = service.bind.session.token
patient_id = token.get('patient')
if patient_id is None:
    decoded = jwt.decode(token['access_token'], verify=False)
    patient_id = decoded.get('local_patient_id')

# Working around buggy servers

As far as I can tell, the FHIR sandbox doesn't really play nicely with confidential clients (token refresh does not
seem to work, and I can't manage to get it to do _anything_ when the app is confidential.)

SO lets' make our app public and play a bit:

In [43]:
token = {
  "access_token": "eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI5NjQ0ZDg1ZS0wN2YwLTQ5NjItYTc4Yi1hYjFiZmUzOWM2ZDgiLCJpc3MiOiJodHRwczpcL1wvc2ItYXV0aC5zbWFydGhlYWx0aGl0Lm9yZ1wvIiwiaWF0IjoxNTEyNjE4NTMwLCJqdGkiOiI4YjJiNWVjYi01MmFhLTRhZTgtOGQ1MC02MzE2YjM4Y2RmNDkifQ.p0ezP6rZgLdTWfPwMrNh6PNeBQO8ZmydhLx22VsRe0ZWXjkdok6-xOx7j5pX2tEQ2kkvzFBMWR8yBWEHAPxbavY_yDFw8rGAJ821pccyTP5E4GxddQBjcBjliSOhlc4gyrSFo4hPbAwUzunHNOXGqDtJLciImmWG_6ZhZeMMUlCLqVJBVxLyHknGPiN0L3XJpwEHcOJJSUSyo4mSvXJPZA5j_21pSUTcSc8AJ8SrcatNJ86JIZ0N3MOIjNvqqMKViL2dUWv4zTwKDhcfFhlzvL4RrBJaViq4iG0l69-u77oXuA7IAXXl7J1D3sYv-xGb_GHYPKeE4pjaLGM0dw12hA", 
  "id_token": "eyJraWQiOiJyc2ExIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJqb2huZ2xvYmFsQHNtYXJ0ZHN0dTIiLCJhdWQiOiI5NjQ0ZDg1ZS0wN2YwLTQ5NjItYTc4Yi1hYjFiZmUzOWM2ZDgiLCJkaXNwbGF5TmFtZSI6IkpvaG4gU21pdGgiLCJwcm9maWxlIjoiUHJhY3RpdGlvbmVyXC9TTUFSVC0xMjM0Iiwia2lkIjoicnNhMSIsImlzcyI6Imh0dHBzOlwvXC9zYi1hdXRoLnNtYXJ0aGVhbHRoaXQub3JnXC8iLCJleHAiOjE1MTI2MTkxMzEsImlhdCI6MTUxMjYxODUzMCwiZW1haWwiOiJqb2huZ2xvYmFsQHNtYXJ0ZHN0dTIifQ.F4gErBhW9V0wOns4IrsV3Qs3KiwPb8-Tx4ubvEmGSjO0CQcA7tF-1oFyluqQbMf7cJ93GMEgBONGVBs-D3l8DTleqb73k2GZYK-0RjjlbnrdZTIEPZN1wt82wqRC-N-RxO-eMqozwlQJbBchTLkgSKWChMWllDtfxkyhlVejyn911WCukIAmfiIIrhcfjyt0x2KdInPFV3XthtUd3loY1DllxROtJR-36YDoLXOxbPo-3Zcqsi3svYGhSLlC9upRi0r1EIQ6G18RteDDv3y7PoGSGiQpA3O2Gdsr8t8mQU9NkWtVd6TndZGJFWPv58t_s0fzVaILFBFqTkvJElWMeg", 
  "patient": "783a1f02-5bf9-41c9-90d0-c2c4d35d3ec3", 
  "refresh_token": "eyJhbGciOiJub25lIn0.eyJleHAiOjE1MTI2MTg1MzAsImp0aSI6IjRhMjEzMmFhLWQ1Y2EtNDQ1Zi05YmRkLTUzYmZkY2MxYWYzYiJ9.", 
  "scope": [
    "launch", 
    "openid", 
    "patient/*.*", 
    "offline_access", 
    "profile"
  ], 
  "token_type": "Bearer"
}
connection = Connection(
    SERVICE_ROOT,
    session=OAuth2Session(
        client_id=CLIENT_ID,
        token=token))
service = connection.metadata.rest[0]

# FHIR Resources

All the resources supported by the FHIR server are exposed as attributes of the `service.r` object.

The first one we might want to get is the `Patient`:

In [45]:
service.r.MedicationOrder.search(dict(patient=patient_id))

HTTPError: 500 Server Error:  for url: https://sb-fhir-dstu2.smarthealthit.org/smartdstu2/data/MedicationOrder?patient=783a1f02-5bf9-41c9-90d0-c2c4d35d3ec3

In [40]:
debug

> [0;32m/Users/rick446/.virtualenvs/eht/lib/python3.6/site-packages/requests/models.py[0m(935)[0;36mraise_for_status[0;34m()[0m
[0;32m    933 [0;31m[0;34m[0m[0m
[0m[0;32m    934 [0;31m        [0;32mif[0m [0mhttp_error_msg[0m[0;34m:[0m[0;34m[0m[0m
[0m[0;32m--> 935 [0;31m            [0;32mraise[0m [0mHTTPError[0m[0;34m([0m[0mhttp_error_msg[0m[0;34m,[0m [0mresponse[0m[0;34m=[0m[0mself[0m[0;34m)[0m[0;34m[0m[0m
[0m[0;32m    936 [0;31m[0;34m[0m[0m
[0m[0;32m    937 [0;31m    [0;32mdef[0m [0mclose[0m[0;34m([0m[0mself[0m[0;34m)[0m[0;34m:[0m[0;34m[0m[0m
[0m
ipdb> p self.json()
{'timestamp': 1512618367152, 'status': 500, 'error': 'Internal Server Error', 'exception': 'java.lang.IllegalStateException', 'message': 'Client id must be present in response from auth server', 'path': '/smartdstu2/data/MedicationOrder'}
ipdb> q


In [None]:

service.compartment

In [None]:
p = service.r.Patient.fetch(patient_id)
p

In [None]:
service.r.Condition.search(dict(patient=p.id))

In [None]:
p.name

In [None]:
p.keys()

In [None]:
service.r.MedicationOrder.metadata

In [None]:
res = service.r.MedicationOrder.search(dict(patient=p.id))
res.total

In [None]:
dict(res.entry[0].resource)

In [None]:
prac = res.entry[0].resource.prescriber.resolve()
dict(prac)

In [None]:
for resourceType, res in service.r.items():
    params = {sp.name: sp for sp in res.metadata['searchParam']}
    print(resourceType, params.keys())
    if 'patient' not in params: 
        continue
    try:
        bundle = res.search(dict(patient=p.id))
        print(f'- {bundle.total} {resourceType}s')
    except requests.HTTPError as err:
        print(type(err))
        if err.response.headers['content-type'] == 'json':
            print(err.response.json())
        else:
            print(err.response.content)