address review feedback.

Author: James Fuqian

ErrorResponses.md

@@ -11,26 +11,25 @@ This document serves as a supplementary to Blue Button 2.0 API Developer Documen
 
 | Status Code    | End Point URL   | Error Message              | Action            | Comments                                               |
 | -------------- | --------------- | -------------------------- | ----------------- | ------------------------------------------------------ |
-| 400<br>BAD REQUEST | /v[12]/o/.* | the response comes from blue button.<br>Example message:<br>error: unsupported grant type | Report, No Retry<br>Fix the request<br> | request has invalid parameter(s) |
-| 403<br>FORBIDDEN | /v[12]/o/authorize/<br>/v[12]/o/authorize/(?P<uuid>[\w-]+)/$<br>/v[12]/o/token | You do not have permission to perform this action. | Report, No Retry | request does not pass permission check |
-| 403<br>FORBIDDEN | /v[12]/o/authorize/<br>/v[12]/o/authorize/(?P<uuid>[\w-]+)/$ | This application, {your app name}, is temporarily inactive. <br>If you are the app maintainer, please contact the Blue Button 2.0 API team. <br>If you are a Medicare Beneficiary and need assistance, please contact the application's support team <br>or call 1-800-MEDICARE (1-800-633-4227) | Report, No Retry | the app is disabled by Blue Button 2.0 API administrator usually <br>due to abnormal usage pattern etc., contact CMS as instructed, <br>it is recommended to stop the app and resolve with Blue Button 2.0 API team |
-| 404<br>NOT FOUND | /v[12]/o/.* | Medicare is unable to retrieve your data at this time due to an internal issue.<br>Our team is aware of the issue and is working to resolve it.<br>Please try again at a later time. We apologize for any inconvenience. | Report, No Retry | If any abnormality encountered during authorization, e.g. <br>the patient is not found by mbi hash / hicn hash lookup, the message will be <br>rendered as html page to the beneficiary, and with a 404 status code.<br>the authorization process aborted. |
-| 502<br>BAD GATEWAY | /v[12]/o/.* | An error occurred connecting to medicare.gov account<br><br>other additional messages:<br><br>BBMyMedicareSLSxTokenException, or<br>BBMyMedicareSLSxSignoutException, or<br>BBMyMedicareSLSxValidateSignoutException, or<br>BBMyMedicareCallbackAuthenticateSlsUserInfoValidateException, or<br>BBMyMedicareSLSxUserinfoException at /mymedicare/sls-callback | Report, No Retry | Abnormality encountered during authorization for various causes as indicated by <br>error name in addition to the general message:<br><br>An error occurred connecting to medicare.gov account
- |
-| 500<br>SERVER ERROR | /v[12]/o/.* | The root cause of the 500 error, some times, is indicated by the error message, <br>the app can choose to retry the failed request depend on the nature of the root cause, <br>examples that might be retriable are those related to network down (temporarily):<br>Example:<br>ConnectionError at /mymedicare/login<br>HTTPSConnectionPool(host='test.accounts.cms.gov', port=443): <br>Max retries exceeded with url: /health (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f46599dafd0>: <br>Failed to establish a new connection: [Errno -2] Name or service not known')) | Report, Retry not recommended | App retry on request during authorization<br>is not recommended. |
+| 400<br>BAD REQUEST | /v[12]/o/.* | the response comes from blue button.<br>Example message:<br>error: unsupported grant type | Fix the request<br> | request has invalid parameter(s) |
+| 403<br>FORBIDDEN | /v[12]/o/authorize/<br>/v[12]/o/authorize/(?P<uuid>[\w-]+)/$<br>/v[12]/o/token | You do not have permission to perform this action. |  | request does not pass permission check |
+| 403<br>FORBIDDEN | /v[12]/o/authorize/<br>/v[12]/o/authorize/(?P<uuid>[\w-]+)/$ | This application, {your app name}, is temporarily inactive. <br>If you are the app maintainer, please contact the Blue Button 2.0 API team. <br>If you are a Medicare Beneficiary and need assistance, please contact the application's support team <br>or call 1-800-MEDICARE (1-800-633-4227) |  | the app is disabled by Blue Button 2.0 API administrator usually <br>due to abnormal usage pattern etc., contact CMS as instructed, <br>it is recommended to stop the app and resolve with Blue Button 2.0 API team |
+| 404<br>NOT FOUND | /v[12]/o/.* | Medicare is unable to retrieve your data at this time due to an internal issue.<br>Our team is aware of the issue and is working to resolve it.<br>Please try again at a later time. We apologize for any inconvenience. |  | If any abnormality encountered during authorization, e.g. <br>the patient is not found by mbi hash / hicn hash lookup, the message will be <br>rendered as html page to the beneficiary, and with a 404 status code.<br>the authorization process aborted. |
+| 502<br>BAD GATEWAY | /v[12]/o/.* | An error occurred connecting to medicare.gov account<br><br>other additional messages:<br><br>BBMyMedicareSLSxTokenException, or<br>BBMyMedicareSLSxSignoutException, or<br>BBMyMedicareSLSxValidateSignoutException, or<br>BBMyMedicareCallbackAuthenticateSlsUserInfoValidateException, or<br>BBMyMedicareSLSxUserinfoException at /mymedicare/sls-callback |  | Abnormality encountered during authorization for various causes as indicated by <br>error name in addition to the general message:<br><br>An error occurred connecting to medicare.gov account |
+| 500<br>SERVER ERROR | /v[12]/o/.* | The root cause of the 500 error, some times, is indicated by the error message, <br>the app can choose to retry the failed request depend on the nature of the root cause, <br>examples that might be retriable are those related to network down (temporarily):<br>Example:<br>ConnectionError at /mymedicare/login<br>HTTPSConnectionPool(host='test.accounts.cms.gov', port=443): <br>Max retries exceeded with url: /health (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f46599dafd0>: <br>Failed to establish a new connection: [Errno -2] Name or service not known')) | | App retry on request during authorization<br>is not recommended. |
 
 
 ### Data Requests
 
 
 | Status Code    | End Point URL   | Error Message              | Action            | Comments                                               |
 | -------------- | --------------- | -------------------------- | ----------------- | ------------------------------------------------------ |
-| 400<br>BAD REQUEST | /v[12]/fhir/.* | the response comes from FHIR data backend.<br>Example message:<br>details: IllegalArgumentException: Unsupported ID pattern | Report, No Retry<br>Fix the request<br> | fhir request has invalid parameter(s) |
-| 403<br>FORBIDDEN | /v[12]/fhir/.* | You do not have permission to perform this action. | Report, No Retry | the request is not in the scope of the grant authorized, <br>e.g. the beneficiary did not grant access to the demographic data |
-| 403<br>FORBIDDEN | /v[12]/fhir/.* | This application, {your app name}, is temporarily inactive. <br>If you are the app maintainer, please contact the Blue Button 2.0 API team. <br>If you are a Medicare Beneficiary and need assistance, please contact the application's support team <br>or call 1-800-MEDICARE (1-800-633-4227) | Report, No Retry | the app is disabled by Blue Button 2.0 API administrator usually <br>due to abnormal usage pattern etc., contact CMS as instructed, <br>it is recommended to stop the app and resolve with Blue Button 2.0 API team |
-| 404<br>NOT FOUND | /v[12]/fhir/.* | The requested resource does not exist | Report, No Retry | for example, for a fhir read request as:<br>/v2/fhir/Patient/-1234567890<br>but there is not a patient with<br>fhir_id = -1234567890, a 404 is returned |
-| 502<br>BAD GATEWAY | /v[12]/fhir/.* | An error occurred contacting the upstream server: <error details><br>Example:<br>UpstreamServerException('An error occurred contacting the upstream server:Failed to call access method: <br>java.lang.IllegalArgumentException: _lastUpdate lower bound has an invalid prefix') | Report, No Retry | An error occurred in FHIR data backend when retrieving the resources, <br>it could be client side error e.g. a malformed query parameter in the URL where the error code should be 400 BAD REQUEST, <br>or a back end internal error.<br>the action on the 502 error is on a case by case basis, e.g. if the root cause of the 502 is actually a bad query parameter, <br>then retry is a sensible action. |
-| 500<br>SERVER ERROR | /v[12]/fhir/.* | The root cause of the 500 error, some times, is indicated by the error message, <br>the app can choose to retry the failed request depend on the nature of the root cause, <br>examples that might be retriable are those related to network down (temporarily):<br>Example:<br>ConnectionError at /mymedicare/login<br>HTTPSConnectionPool(host='test.accounts.cms.gov', port=443): <br>Max retries exceeded with url: /health (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f46599dafd0>: <br>Failed to establish a new connection: [Errno -2] Name or service not known')) | Report, Heuristic on Retry | App can choose to retry on some of the 500 errors as shown by the example, this is a heuristic approach. |
+| 400<br>BAD REQUEST | /v[12]/fhir/.* | the response comes from FHIR data backend.<br>Example message:<br>details: IllegalArgumentException: Unsupported ID pattern | <br>Fix the request<br> | fhir request has invalid parameter(s) |
+| 403<br>FORBIDDEN | /v[12]/fhir/.* | You do not have permission to perform this action. |  | the request is not in the scope of the grant authorized, <br>e.g. the beneficiary did not grant access to the demographic data |
+| 403<br>FORBIDDEN | /v[12]/fhir/.* | This application, {your app name}, is temporarily inactive. <br>If you are the app maintainer, please contact the Blue Button 2.0 API team. <br>If you are a Medicare Beneficiary and need assistance, please contact the application's support team <br>or call 1-800-MEDICARE (1-800-633-4227) |  | the app is disabled by Blue Button 2.0 API administrator usually <br>due to abnormal usage pattern etc., contact CMS as instructed, <br>it is recommended to stop the app and resolve with Blue Button 2.0 API team |
+| 404<br>NOT FOUND | /v[12]/fhir/.* | The requested resource does not exist |  | for example, for a fhir read request as:<br>/v2/fhir/Patient/-1234567890<br>but there is not a patient with<br>fhir_id = -1234567890, a 404 is returned |
+| 502<br>BAD GATEWAY | /v[12]/fhir/.* | An error occurred contacting the upstream server: <error details><br>Example:<br>UpstreamServerException('An error occurred contacting the upstream server:Failed to call access method: <br>java.lang.IllegalArgumentException: _lastUpdate lower bound has an invalid prefix') |  | An error occurred in FHIR data backend when retrieving the resources, <br>it could be client side error e.g. a malformed query parameter in the URL where the error code should be 400 BAD REQUEST, <br>or a back end internal error.<br>the action on the 502 error is on a case by case basis, e.g. if the root cause of the 502 is actually a bad query parameter, <br>then retry is a sensible action. |
+| 500<br>SERVER ERROR | /v[12]/fhir/.* | The root cause of the 500 error, some times, is indicated by the error message, <br>the app can choose to retry the failed request depend on the nature of the root cause, <br>examples that might be retriable are those related to network down (temporarily):<br>Example:<br>ConnectionError at /mymedicare/login<br>HTTPSConnectionPool(host='test.accounts.cms.gov', port=443): <br>Max retries exceeded with url: /health (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f46599dafd0>: <br>Failed to establish a new connection: [Errno -2] Name or service not known')) | Heuristic on Retry | App can choose to retry on some of the 500 errors as shown by the example, this is a heuristic approach. |
 
 
 ### Retry

README.md

@@ -73,7 +73,7 @@ To start the sample in native OS (e.g. Linux) with server and client components
    2. yarn --cwd server start:dev 
 3. run below to start the client:
    1. yarn --cwd client install
-   2. yarn --cwd client start2
+   2. yarn --cwd client start-native
 
 To stop the sample:
 

client/package.json

@@ -24,7 +24,7 @@
   },
   "scripts": {
     "start": "REACT_APP_CTX=docker react-scripts start",
-    "start2": "REACT_APP_CTX=native react-scripts start",
+    "start-native": "REACT_APP_CTX=native react-scripts start",
     "build": "react-scripts build",
     "test": "react-scripts test",
     "eject": "react-scripts eject"

server/package.json

@@ -70,11 +70,9 @@
     "jet-logger": "^1.0.4",
     "jsonfile": "^6.1.0",
     "module-alias": "^2.2.2",
-    "morgan": "^1.10.0",
-    "node-cron": "^3.0.0"
+    "morgan": "^1.10.0"
   },
   "devDependencies": {
-    "@types/node-cron": "^3.0.0",
     "@types/command-line-args": "^5.0.0",
     "@types/cookie-parser": "^1.4.2",
     "@types/express": "^4.17.11",

server/src/routes/Data.ts

@@ -16,7 +16,8 @@ export async function getBenefitData(req: Request, res: Response) {
     const loggedInUser = getLoggedInUser(db);
     const envConfig = config[db.settings.env];
     // get EOB end point
-    const response = await get(envConfig.bb2BaseUrl + '/' + db.settings.version + '/fhir/ExplanationOfBenefit/', req.query, `${loggedInUser.authToken?.access_token}`);
+    // const response = await get(envConfig.bb2BaseUrl + '/' + db.settings.version + '/fhir/ExplanationOfBenefit/', req.query, `${loggedInUser.authToken?.access_token}`);
+    const response = await get(`${envConfig.bb2BaseUrl}/${db.settings.version}/fhir/ExplanationOfBenefit/`, req.query, `${loggedInUser.authToken?.access_token}`);
     return (response) ? response.data : null;
 }
 
@@ -37,23 +38,26 @@ export async function getPatientData(req: Request, res: Response) {
     const loggedInUser = getLoggedInUser(db);
     const envConfig = config[db.settings.env];
     // get Patient end point
-    const response = await get(envConfig.bb2BaseUrl + '/' + db.settings.version + '/fhir/Patient/', req.query, `${loggedInUser.authToken?.access_token}`);
+    // const response = await get(envConfig.bb2BaseUrl + '/' + db.settings.version + '/fhir/Patient/', req.query, `${loggedInUser.authToken?.access_token}`);
+    const response = await get(`${envConfig.bb2BaseUrl}/${db.settings.version}/fhir/Patient/`, req.query, `${loggedInUser.authToken?.access_token}`);
     res.json(response.data);
 }
 
 export async function getCoverageData(req: Request, res: Response) {
     const loggedInUser = getLoggedInUser(db);
     const envConfig = config[db.settings.env];
     // get Coverage end point
-    const response = await get(envConfig.bb2BaseUrl + '/' + db.settings.version + '/fhir/Coverage/', req.query, `${loggedInUser.authToken?.access_token}`);
+    // const response = await get(envConfig.bb2BaseUrl + '/' + db.settings.version + '/fhir/Coverage/', req.query, `${loggedInUser.authToken?.access_token}`);
+    const response = await get(`${envConfig.bb2BaseUrl}/${db.settings.version}/fhir/Coverage/`, req.query, `${loggedInUser.authToken?.access_token}`);
     res.json(response.data);
 }
 
 export async function getUserProfileData(req: Request, res: Response) {
     const loggedInUser = getLoggedInUser(db);
     const envConfig = config[db.settings.env];
     // get usrinfo end point
-    const response = await get(envConfig.bb2BaseUrl + '/' + db.settings.version + '/connect/userinfo', req.query, `${loggedInUser.authToken?.access_token}`);
+    // const response = await get(envConfig.bb2BaseUrl + '/' + db.settings.version + '/connect/userinfo', req.query, `${loggedInUser.authToken?.access_token}`);
+    const response = await get(`${envConfig.bb2BaseUrl}/${db.settings.version}/connect/userinfo`, req.query, `${loggedInUser.authToken?.access_token}`);
     res.json(response.data);
 }
 

server/src/utils/request.ts

@@ -10,18 +10,18 @@ export async function post(endpoint_url: string, data: FormData, extra: any) {
         headers: extra}, true);
 }
 
-export async function get(endpoint_url: string, req_qry: any, token: string) {
+export async function get(endpointUrl: string, params: any, authToken: string) {
     return await request({ 
         method: 'get',
-        url: endpoint_url,
-        params: req_qry,
+        url: endpointUrl,
+        params: params,
         headers: {
-            'Authorization': `Bearer ${token}`
+            'Authorization': `Bearer ${authToken}`
         }}, true);
 }
 
-export async function request(config: any, retry_flag: boolean) {
-    var resp = null
+export async function request(config: any, retryFlag: boolean) {
+    let resp = null
     try {
         resp = await axios(config);
     } catch (error: any) {
@@ -33,7 +33,7 @@ export async function request(config: any, retry_flag: boolean) {
             console.log("response text: " + error.response.data)
             // DEVELOPER NOTES:
             // check for retryable (e.g. 500 & fhir) errors and do retrying...
-            if (retry_flag && is_retryable(error)) {
+            if (retryFlag && isRetryable(error)) {
                 console.log("Request failed and is retryable, entering retry process...")
                 var retry_resp = await do_retry(config)
                 if (retry_resp) {
@@ -57,7 +57,7 @@ export async function request(config: any, retry_flag: boolean) {
     return resp    
 }
 
-function is_retryable(error: any) {
+function isRetryable(error: any) {
     if (error.response && error.response.status === 500) {
         if (error.request.path && error.request.path.match("^/v[12]/fhir/.*")) {
             return true;
@@ -93,9 +93,9 @@ async function do_retry(config: any) {
     return resp
 }
 
-function sleep(ms: any) {
+function sleep(time: number) {
     return new Promise((resolve) => {
-      setTimeout(resolve, ms);
+      setTimeout(resolve, time);
     });
 }
 

server/yarn.lock

@@ -168,11 +168,6 @@
   dependencies:
     "@types/node" "*"
 
-"@types/node-cron@^3.0.0":
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/@types/node-cron/-/node-cron-3.0.0.tgz#f946cefb5c05c64f460090f6be97bd50460c8898"
-  integrity sha512-RNBIyVwa/1v2r8/SqK8tadH2sJlFRAo5Ghac/cOcCv4Kp94m0I03UmAh9WVhCqS9ZdB84dF3x47p9aTw8E4c4A==
-
 "@types/node@*", "@types/node@^15.0.1":
   version "15.0.1"
   resolved "https://registry.yarnpkg.com/@types/node/-/node-15.0.1.tgz#ef34dea0881028d11398be5bf4e856743e3dc35a"
@@ -1686,18 +1681,6 @@ module-alias@^2.2.2:
   resolved "https://registry.yarnpkg.com/module-alias/-/module-alias-2.2.2.tgz#151cdcecc24e25739ff0aa6e51e1c5716974c0e0"
   integrity sha512-A/78XjoX2EmNvppVWEhM2oGk3x4lLxnkEA4jTbaK97QKSDjkIoOsKQlfylt/d3kKKi596Qy3NP5XrXJ6fZIC9Q==
 
-moment-timezone@^0.5.31:
-  version "0.5.33"
-  resolved "https://registry.yarnpkg.com/moment-timezone/-/moment-timezone-0.5.33.tgz#b252fd6bb57f341c9b59a5ab61a8e51a73bbd22c"
-  integrity sha512-PTc2vcT8K9J5/9rDEPe5czSIKgLoGsH8UNpA4qZTVw0Vd/Uz19geE9abbIOQKaAQFcnQ3v5YEXrbSc5BpshH+w==
-  dependencies:
-    moment ">= 2.9.0"
-
-"moment@>= 2.9.0":
-  version "2.29.1"
-  resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.1.tgz#b2be769fa31940be9eeea6469c075e35006fa3d3"
-  integrity sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ==
-
 morgan@^1.10.0:
   version "1.10.0"
   resolved "https://registry.yarnpkg.com/morgan/-/morgan-1.10.0.tgz#091778abc1fc47cd3509824653dae1faab6b17d7"
@@ -1739,13 +1722,6 @@ negotiator@0.6.2:
   resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.2.tgz#feacf7ccf525a77ae9634436a64883ffeca346fb"
   integrity sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw==
 
-node-cron@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/node-cron/-/node-cron-3.0.0.tgz#b33252803e430f9cd8590cf85738efa1497a9522"
-  integrity sha512-DDwIvvuCwrNiaU7HEivFDULcaQualDv7KoNlB/UU1wPW0n1tDEmBJKhEIE6DlF2FuoOHcNbLJ8ITL2Iv/3AWmA==
-  dependencies:
-    moment-timezone "^0.5.31"
-
 nodemon@^2.0.7:
   version "2.0.7"
   resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-2.0.7.tgz#6f030a0a0ebe3ea1ba2a38f71bf9bab4841ced32"