Comments (9)
from client-js.
Thank you Vlad for quick response,
Actually you are right about error originating from "JSON.parse".
I've thoroughly debugged the code, and found that sessionStorage gets cleared in IE11 after redirection to authorization server.
Code line:
window.location.href = redirect_to; // line 38571
Does this imply that the library is not supported for IE11? If yes, is there any alternate?
from client-js.
from client-js.
Thanks Vlad,
In fact, I've debugged fhir-client.js code, and observed two different behaviors for two different browsers 1. Chrome 2. IE11.
In Chrome we always get object from sessionStorage[state], that was set by the library before redirection. But in IE11, after redirect, we get undefined in same sessionStorage.
So basically everything is identical, library, scenario, flow but we get different results for IE.
from client-js.
I think I lost you here :( Can you provide some example?
from client-js.
@vlad-ignatov ,
OK let me rephrase the whole scenario.
The issue is related to IE11 only.
My SMART on FHIR application calls FHIR.oauth2.authorize method of fhir-client.js library on its launch.
For example when testing with AllScripts EHR Launch, my launch URL is:
http://localhost:52447/AllScript/Launch?launch=54520&iss=https://pro171.open.allscripts.com/FHIR
Below is the code from my AllScripts/Launch.html page.
<script>
FHIR.oauth2.authorize({
"client": {
"client_id": "xxxxxxxx-xxxx-4b36-xxxx-551069175650",
"scope": "launch user/*.* patient/*.read openid fhirUser online_access",
"redirect_uri": "http://localhost:52447"
}
});
</script>
After this call, I get following error from within the fhir-client.js on IE11:
SCRIPT1014: Invalid character
File: fhir-client.js, Line: 38113, Column: 3
var state = JSON.parse(sessionStorage[params.state]); //Line: 38113
Upon investigation, we found that sessionStorage is empty(length: 0) at this point, causing JSON.parse to throw error.
Upon further investigation on why sessionStorage is empty, I found that after below line of code (from fhir-client.js) the sessionStorage gets empty in IE11 (not in Chrome)
window.location.href = redirect_to; // line 38571
This whole scenario works smoothly on Chrome.
In case of any ambiguity or further queries, please feel free to ask.
from client-js.
Any thoughts?
from client-js.
I'm sorry. I have a few deadlines and can't alway answer on time.
I understand your example, but it doesn't look right. In the launch page (AllScripts/Launch.html) you have a call to FHIR.oauth2.authorize
. When that gets executed, the browser should redirect you to the auth server. You might have to select a patient, login, authorize the app etc. After all that is complete you should be redirected back to http://localhost:52447. That is where the error is happening, right?
What I'm saying is that it is normal for the sessionStorage to appear empty after a redirect to different domain. The question is, is it empty on your index page and if so - why?
Here are some questions that might help explaining the situation:
- Is the sessionStorage empty after all those redirects?
- What happens if you use relative path for
redirect_uri
? - Are there any warnings or errors in the console.
- Do you see additional URL parameters after the redirect (like
error
orerror_description
)? - Try setting
FHIR.oauth2.settings.fullSessionStorageSupport = false
before the authorize call and see if that works. - Do you have some weird security settings in IE that can mess with the sessionStorage behavior?
- Last but not least, do you have a specific reason to develop an app with an old (no longer maintained) version of the client library?
from client-js.
Thank you @vlad-ignatov for such a comprehensive answer and excellent questions.
Before answering each question, I would like to share one more finding that I observed yesterday. I don't see this issue happening when I tested my SMART application after deploying it on a staging server (instead of localhost). So looks like IE and localhost has something to do to settle things up.
Now answering each questions:
- Yes
- Have to try that
- No
- No
- Have to try that
- Don't think so
- I think moving to latest version would be major shift and could introduce some breaking changes in my application.
from client-js.
Related Issues (20)
- Client request pre-pends accept header when provided in options HOT 6
- Support for CryptoKey objects as private keys HOT 6
- 502 Gateway Error on codesandbox HOT 2
- Failing in web client projects due to NodeJS usage without polyfills. HOT 13
- Support for browser using multiple SMART clients at once. HOT 3
- Unable to authorize using PKCE HOT 2
- Typo in README
- Unable to get patientId after successful login HOT 1
- (Error handling skipped on init) CompleteAuth not triggered for init HOT 1
- includeResponse not working for FHIR update operations
- "target: popup" (etc) demos don't work in current Chromium HOT 2
- Single SMART_KEY breaks authorization of several users on server-side
- Jest + RTL :: Testing with FHIRClient
- Uncaught (in promise) Error: Failed to fetch the conformance statement from "https://staging-fhir.ecwcloud.com/fhir/r4/FFBJCD/metadata". TypeError: Network request failed HOT 7
- Question: Smart-On-Fhir implementation inside Service Worker
- FHIR type Meta requiring lastUpdated property when spec allows it to be optional
- Node js After 10 min 401 unauthorized response HOT 4
- Window closes itself when it's not actually a popup
- Save token info in DB
- Support of PKCE even when the EHR .well-known configuration is not set? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from client-js.