Note This repository is unmaintained as of 2023-05-03 as I am no longer employed by Somerset NHS Foundation Trust.

Yeovil Hospital - FHIR API Authentication Service

Yeovil Hospital's FHIR API authentication service

Overview

This is Yeovil Hospital's FHIR API authentication service, a Node.js application using the Fastify web framework.

Yeovil Hospital uses Mirth Connect for its integration engines that, whilst a versatile system, does not provide the following:

• SSL/TLS support out of the box
• Easily configurable authentication on HTTP/FHIR listeners
• Easily configurable CORS

This service was created to provide that functionality, acting as a proxy and middleware between the firewall and the targeted FHIR/HTTP listener channel.

Prerequisites

• Node.js >=18.12.1 (if running outside of Docker)
• Mirth Connect

Setup

Perform the following steps before deployment:

1. Download and extract the latest release asset
2. Navigate to the extracted directory
3. Make a copy of .env.template in the root directory and rename it to .env
4. Configure the application using the environment variables in .env

Note Set the following environment variables in .env to meet NHS England's recommendation to retain six months' worth of logs:

• LOG_ROTATION_DATE_FORMAT="YYYY-MM-DD"
• LOG_ROTATION_FREQUENCY="daily"
• LOG_ROTATION_MAX_LOGS="180d"

Deployment

Standard deployment

1. Run npm ci --ignore-scripts --omit=dev to install dependencies
2. Run npm start

The service should now be up and running on the port set in the config. Output similar to the following should appear in stdout or in the log file specified using the LOG_ROTATION_FILENAME environment variable:

{
	"level": "info",
	"time": "2022-10-20T07:57:21.459Z",
	"pid": 148,
	"hostname": "MYCOMPUTER",
	"msg": "Server listening at http://127.0.0.1:51173"
}

To test it, use a request builder (i.e. Insomnia) and import the example requests in ./test_resources/insomnia-test-requests.json.

Deploying using Docker

This requires Docker installed.

1. Run docker compose up (or docker compose up -d to run in the background)

Deploying using PM2

If this cannot be deployed into production using Docker, use a process manager such as PM2.

1. Run npm ci --ignore-scripts --omit=dev to install dependencies
2. Run npm install -g pm2 to install pm2 globally
3. Launch application with pm2 start .pm2.config.js
4. Check the application has been deployed using pm2 list or pm2 monit

To install as a Windows service:

If using a Microsoft Windows OS utilise pm2-installer to install PM2 as a Windows service.

Note PM2 will automatically restart the application if .env is modified.

Usage

Accessing API documentation

API documentation can be found at /docs:

The underlying OpenAPI definitions are found at /docs/openapi.

Contributing

Contributions are welcome, and any help is greatly appreciated!

See the contributing guide for details on how to get started. Please adhere to this project's Code of Conduct when contributing.

Acknowledgements

• Mark Hunt - JWT and JWKS integration and testing
• Will Jehring - Forwarding and JWT testing

License

yh-fhir-authentication-service is licensed under the MIT license.