Reviving The Health Revolution » Open Source

Enhanced HealthVault Java Library!

vaibhavb — Thu, 10 Dec 2009 03:54:23 +0000

The first release (R1.0) of HealthVault Java Library has been very successful and is being extensively used by HealthVault partners. This library provides basic capabilities to authenticate and exchange XML with HealthVault platform.

Over last few months, thanks to Rob, Siddhartha & Ali we have gained some momentum in developing this library. The current beta release (JAXB integration) includes beginnings of an object model for HealthVault methods and types. Kudos to Rob for some great work here.

If you are already using the community supported HealthVault Java Library, I would encourage you to try the new JAXB Integration release. It will be great to get your feedback before we make this work as our core development codebase. If you are new to working with HealthVault from Java please follow the getting started guide.

Looking forward to comments, feedback and contributions!

Working with HealthVault XML APIs

vaibhavb — Wed, 25 Mar 2009 23:58:31 +0000

Last year I did an N-part series about working with HealthVault XML APIs. It was implemented with ruby on UBuntu Linux system using OpenSSL. I got time to go mark all those articles with next links and I thought i would summarize the series here:

Part 1: Working with certificates using OpenSSL
Part 2: Talking to HealthVault anonymously
Part 3: Authenticating your application with HealthVault
Part 4: Authenticating the user in context of your application with HealthVault
Part 5: Putting it all together
Part 6: Doing offline access with HealthVault

Looking at XML over the wire using HealthVault .NET SDK

One of our partners has also implemented Drop Off Pick Up solution in ruby using the above articles. Hopefully sometime in near future, I’ll convince them to do a blog post about the same.

Well you can SVN on CodePlex now!

vaibhavb — Tue, 16 Sep 2008 20:48:39 +0000

So CodePlex launched support for TortoiseSVN, more details about it are here. In the past there have been a couple of HealthVault projects which chose to do something else since SVN was not available on CodePlex, so this is a really great news. The SVN support is through SVN Bridge – essentially CodePlex is now hosting a bridge server which will let you talk to the native TFS project using a SVN client. Well – may be you can check out the HealthVaultD2C sample using TortoiseSVN now .

PutThings for OfflineAccess

vaibhavb — Wed, 20 Aug 2008 16:46:57 +0000

Folks trying to talk through raw xml layer with HealthVault have asked this a few times – so i thought I’ll put it up here, thanks to Rob for digging the XML.

The key to do a PutThings for an application in offline mode is the following snippet in the auth-session:


11111111-1111-1111-1111-111111111111

An application with OfflineAccess is ready to publish data in a users record once it successfully does the CreateAuthenticateSession call. Here is a sample PutThings call:



Ax4hxwu+7BAkrH62g8tUvjNzpEQ=


PutThings
1
22210250-3d35-4170-bffa-514e12e7f925

ASAAAEJsFrdImoBPhEuDFRUObCKOvcbsicri3tSAaYRo+dQIg1Rsl9/Au7pM2YYfTdN2z0VlRnz4G5iCaSjXIFQGiG98qmaKy8IMt63b1FMahGKC13JVjpBA7LOAvKgpOkv7GJm7xrUlEyQWwSL39dzMTcuiyLB12hugNYIBB9r8pYOJhlLcD/Y0lEDHMTH+XbqZXSdF0SAoq60OWEXkPhTeaKrN8fNq
11111111-1111-1111-1111-111111111111

en
US
2008-08-13T00:24:58.126-07:00
60
0.0.0.1

v08Nd7MFCdO8aDwIOFJvU/0TpWw=




3d34d87e-7fc1-4153-800f-f56592cb0d17


200881302458777777

Related Article: Whats Under the hood of HealthVault SDK

Lighting it up!

vaibhavb — Mon, 02 Jun 2008 10:24:19 +0000

Alrite now that you have the firewood (application auth token) and the firestarter (user auth token) how can we start the fire (get details user’s record).

Well first of all congratulations! most of the hard part is done!! Just a few more nitty gritty tricks though! In order to get the details about a user’s health record, you need to use a method GetPersonInfo.

The XML for GetPersonInfo look like this:



  da9WYaQGEoseAYDOhJv2cwNIEVg=


GetPersonInfo
1

ASAAADNt1Jwbx85MgH9vkWzAINBxBWQFCtQ+osTzGw/I0Ty27OhKFCXUb83dxI5/M2mtGYymc1gKx6qwsWEtw31ZV/tyscJwmc5dNT2o2nYJcFTf1vfi/L4R5V68ckxFrd48Rz4jhU9Yg6lDhNTymCsJSDiVJCKLqKwcHcr/QSTsytRpVXBK7LpAVBicjC3OPGCEg4XE/UGwM7ZDAXlR4AR+emiHBaPOzSQD9iYMYxAyDBYZPde8N+rDv58zFw9pjDLJJIwvhXOOLahhFvX/n5DqwAb+BpdTlE19x5P/B67kKie/zDtEYWHEXHMhX+KNdvrxdm17l5pwt8JShIGimbXgAcZEFTiPVOW77mCgDxpc0U2ykcG7RVqXKTA3Gqt42OZf9aCuzq/J0wHOTLQvdx1ZYVOxo7+1TpMaW+13Fz5/jgOHR7hJZ/DPUIcKfCYdHS7phQ3r60nOReUl2qeq7rDvDmGQBWPjcCrT7CuQRSgZlyUpAav4DiFJtKh9U5DbJ5VW80dUAqcxamulklTxSR75Sb6v0X4T8B2zbfmVl+HtcupUIuz66Q==
ASAAAE57vlXwS8VDupO6/FSWlMZR+OL02JQyhWvlesegc/J6f7XGgJq4xRW1WIWc7ZXufY9U1cAFeQMDF9pAvmNG1/1KGlp7FFFBdrUMk7gJLPpdTYkQeDMdp8UXcXNht+U6hJzpI7plchQKvpBMFeBj1XMOC15fLXRyfRFpD3RaIF66awgUVw==

en
US
2008-06-01T02:44:16.73Z
1800
0.9.1712.2902

1mWxpY+leClypXQzPvDBLFIBDpI=

So now do we go about concoting the seemingly complicated xml above. Well we already have the token and wctoken from our previous CreateAuthenticatedSession and Shell -redirect. Use the token for the auth-token in line 9 and the wctoken as user-token in line 10.

Most of the elements in the header section are straight forward. The one to comment about is hash-data (line 18). The hash in this case is SHA-1 hash of the info section. Matter of fact our info section is empty so that make sure that the SHA-1 hash is done right. In ruby i do it the following way (using OpenSSL):

  def self.doSha1(text)
    Base64.encode64(OpenSSL::Digest::SHA1.digest(text)).chomp
  end

Now the interesting part – whats this auth on line 2? Well auth is a HMAC of header (line 5-20) section. Remember we generated the shared secret in CreateAutheticatedSession method? Now use that secret to do a HMAC digest for the header. In ruby i do it the following way:

  def self.doHmac(secret, payload)
    key = Base64.decode64(secret)
    hashmac = OpenSSL::HMAC.digest(OpenSSL::Digest::SHA1.new(key), key, payload)
    Base64.encode64(hashmac).chomp
  end

secret is the shared secret used for createauthenticationtoken.

Now the fun part,caveats:

Don’t leave any white spaces between you xml tags. HealthVault behaves weird sometime when their is white space.
If you are getting an error saying code 3 (which implied invalid xml) and you are sure that your xml is correct, then most likely your auth section or your hash-data section are not proper. Which in turn implies that your HMAC-ing or SHA-1 hashing is a little off. The best way to actually resolve this is to first write tiny parts which make sure that the HMAC /SHA-1 is same for a known successfully call. You can get the xml for such a call from HealthVault SDK, the process is described here. However for ease of testing i’m appending know good calls below.

PLEASE NOTE: Remove all the white-space between tags before testing your crypto functions to match the result seen here. I have put the white space for readability.

CreateAuthenticatedSessionToken (for SharedSecret)



CreateAuthenticatedSessionToken
1
05a059c9-c309-46af-9b86-b06d42510550
en
US
2008-06-01T02:44:16.21Z
1800
0.9.1712.2902



05a059c9-c309-46af-9b86-b06d42510550

b2uCbONZDGj8jDYhz3e5PcJfugPQTHOsOvpZ6kA9uG5XzQXV+EHtXtTDAbwHbFyNozC1uR7uZwgi44pfgw4NyQp8LO2PwI9E7pOx/Ho7+6siY41sjI5+frhq2fcj8iljpG8EK07WGDuf4JeFg5yc8IWjHHtUwabpdPVJWYLi18+Gk7AaFfCuM1iQwFbBSWWMyckCe3V48JaCZcNVcS/XuJJovFdsM9QnZ1CwrQaaBB/evf1u1YGM3fXpVeCjVWPXpHiu3WWVVsJ5aURtCzGvXJe9R7Gh10sYDSG6wC/CJvcBSJlRCpacA1qds2gcMCBwO+iDCPY3I15+FbM0E9D+Qw==

05a059c9-c309-46af-9b86-b06d42510550
RXziN4RDYIu89cu+cOp4POLhKUCSUb0sPsV9yaz8m6BfJxjpDNUBRUF5MU3OJMJ7DH0FPXg8HFuahbvSz1HxG1Q6MlahpHAmUkXNBJ0zcrKvcH3+NiS3qD26FkpLXsvzjNv/QSxwqRMpYnDhY11RkUkOvz2M2Ybg9H5aEe7RpfYCYwEAudpj05J2KEFMP2WO1Q6Kz8hjIhf2QdswgzvLueUQ2ajG8Al9DvpGWLKl4dGNqnY1/FUnJOZq/nPivTYHYOcH/qpC5euWIt7bU6hXRehAIC9IYTbHG32jLBoIxhM79Wtj2sRdn4j3SBk/QVqQNXyPrAgFIzmtR7CSaN393A==

Doing User Authentication with HealthVault

vaibhavb — Mon, 02 Jun 2008 09:46:50 +0000

My previous post with regards to writing the HealthVault Ruby Library demonstrated how one goes about authentication their application with HealthVault. Now that you have successfully gotten HealthVault to trust your application how do you make sure that the user who logs in is a valid user. In the HealthVault lingo this is called user authentication.

To successfully do a user authentication, an application must:

Redirect the user to HealthVault shell sign-in page.
Receive a token identifying the current user on a pre-registered URL with HealthVault, and use that token to do any user related transactions with HealthVault hence onwards. This token is valid for 20 minutes.

Now, in code it looks like follows lets assume that you application has a pre-registered URL of http://localhost:3000/healthvault/redirect. When a user wants to login, you actually redirect them to HealthVault shell (http://account.healthvault-ppe.com/redirect.aspx) in the following way:

redirect_to "https://account.healthvault-ppe.com/redirect.aspx?target=AUTH&targetqs=?appid=05a059c9-c309-46af-9b86-b06d42510550%26redirect%3dhttp%253a%252f%252flocalhost%253a3000%252fhealthvault%252fredirect"

Note the parameters target, appid & redirect in the above URL.

The above redirection once successful will send the user to the page http://localhost:3000/healthvault/redirect. On this page you should read the wctoken from the URL query-string. In ruby I do this the following way:

  def redirect
    if (request.query_parameters["target"] == "AppAuthSuccess")
      session[:wctoken] = request.query_parameters["wctoken"]
      redirect_to :controller => 'healthvault', :action => 'index'
    end
  end

Voila!! you have the much needed wctoken. In the next article we will what can we do with this magic wctoken!

Next time: Putting it all together!

Curious about whats under the HealthVault SDK’s hood?

vaibhavb — Mon, 02 Jun 2008 09:23:54 +0000

HealthVault SDK provides a very useful feature to check under its hood! One can turn-on the tracing for the SDK very easily. The trace log is very helpful for

Debugging the SDK
Looking at the raw-xml exchanged between your application and HealthVault platform. The Raw XML in turn is very useful if you are:
- Trying to write-xml in the thing types
- Trying to write a HealthVault wrapper library in you favorite language
- Just curious to look under the hood:)

To look at the trace log add the following in configuration section of your web.config. One you run you application with settings below, a sdk.log file will be generated in the base directory of the website. You can also provide an absolute path for sdk.log to a directory where you web process has a write access.

NOTE: In case the file doesn’t get generated, make sure your web process has write access to the directory sdk.log is getting generated in.

Long Tail Tale – Getting an Auth Token, sure OpenHealthVault can!

admin — Fri, 18 Apr 2008 07:02:28 +0000

Alrite finally i got the OpenSSL Crypto to work HealthVault. It took some Ninja hacking and quite a lot of debugging to figure out what was going wrong with signing of a xml for getting an authentication token from HealthVault. Turns out that my signing code was dead on but HealthVault didn’t quite like the white space in the “content” section. I wont belabor you more but the short of the long is that now OpenHealthVault can talk to HealthVault and get itself authenticated. As usual the code is at http://svn.vitraag.com/openhealthvault and the application in action is at http://openhealthvault.vitraag.com. Well now its time to get a user to be authenticated with HealthVault Shell and the Rails goodies, I expect these to flow rather smoothly.

Next part : Doing User Authentication

Microsoft and Opensource – a new age

admin — Wed, 02 Apr 2008 18:29:58 +0000

This post by John Lam, highlights the change of tide at Microsoft. The company is actively trying to court opensource, notable measures in this direction are:

See the code – Opensourcing .NET framework
Resources for interoperating – The Opensource interoperability lab
Support opensource – The Dynamic Languages Runtime

Well, you might argue that these are tactical moves and not a strategy. I let that be dictated by time and persuasion ….

Talking to the public methods of healthvault platform

admin — Tue, 01 Apr 2008 16:58:48 +0000

My last post explained a little about challenges of OpenSSL to achieve the healthvault signing for opensource LAMP/R platforms. In this post i’m showing below an actual snippet for talking to the public methods of healthvault platform.

      
        GetServiceDefinition
        1
        05a059c9-c309-46af-9b86-b06d42510550
        en
        US
        2010-01-01T00:00:00Z
        36000
        0.0.0.1

Sean is starting a series detailing his adventure with healthvault .NET applcations. In the same spirit i’m going to build the ruby on rails application and library through a series of posts here. The application is live at http://openhealthvault.vitraag.com and the source code is in the SVN repository at http://svn.vitraag.com/openhealthvault.

Next part: Getting the Auth Token