I need to create a JWT to connect to EPIC FHIRserver sandbox.
https://fhir.epic.com/Documentation?docId=oauth2§ion=BackendOAuth2Guide
You will generate a one-time use JSON Web Token (JWT) to authenticate your app to the authorization server and obtain an access token that can be used to authenticate your app's web service calls. There are several libraries for creating JWTs. See jwt.io for some examples.
The header and payload are then base64 URL encoded, combined with a period separating them, and cryptographically signed using the private key to generate a signature.
I attempted using this code:
ClassMethod test2() As %Status
{
#Dim sigJOSE As %DynamicObject
#Dim encJOSE As %DynamicObject
#Dim claims As %DynamicObject
Set ts = $ZTIMESTAMP // 67161,81327.6633447
Set exp = ##class(%OAuth2.Utils).TimeInSeconds(ts,300)
Set nbf = ##class(%OAuth2.Utils).TimeInSeconds(ts,0)
Set iat = ##class(%OAuth2.Utils).TimeInSeconds(ts,0)
Set sigJOSE = {}
Set sigJOSE.alg = "RS384"
Set sigJOSE.typ = "JWT"
Set header = sigJOSE.%ToJSON()
Set claims = {}
Set claims.iss = "863e73c5-9839-4b54-8205-c9404d2bb762"
Set claims.sub = claims.iss
Set claims.aud = "https://fhir.epic.com/interconnect-fhir-oauth/oauth2/token"
Set claims.jti = "f9eaafba-2e49-11ea-8880-5ce0c5aee679"
Set claims.exp = exp
Set claims.nbf = nbf
Set claims.iat = iat
Set payload = claims.%ToJSON()
//Set sigJWKS = ..MyKeys()
//Set encJWKS = ""
//Set tSC = ##class(%Net.JSON.JWT).Create(sigJOSE,{},claims,sigJWKS,encJWKS,.JWT)
//Do $System.Status.DisplayError(tSC)
Set bitLength = 384
Set flags = 0
Set tData = ##class(%SYSTEM.Encryption).Base64Encode(header,flags)_"."_##class(%SYSTEM.Encryption).Base64Encode(payload,flags)
Set key = ..PrivateKey()
//Set privKeyPassword = ""
Set x = ##class(%SYSTEM.Encryption).RSASHA3Sign(bitLength, tData, key)
zw
Quit x
}
x does not look like the expected value
