Automatic Login - Bypass - to the DICOMWeb client via https/https

admsnd · June 17, 2024, 4:02am

Hello,

Does Orthanc provide the possibility of automatic login to the DICOMWeb or Stone Web Viewer client via http/https? In order to then enter the consultation link and then share the images on Stone Web Viewer to the patient. Or rather, I need the login to work out of the box.

Thanks
Antonio Pereira

alainmazy · June 18, 2024, 6:49am

Hi Antonio,

By default, Orthanc only supports basic HTTP authentication. What you call the “login” is handled by the browser itself. You can imagine that any sort of “auto-login” would expose the Orthanc credentials which would grant access to the full Orthanc content. E.g, you can actually provide credentials in the url directly: http://orthanc:orthanc@localhost:8042/system.

If you need to share e.g only a single study with a user, you should have a look at the orthanc-auth-service side project.

Best regards,

Alain.

admsnd · June 19, 2024, 6:32pm

Hi Alain, thanks for the information.

I realized that you are his main developer of the Orthanc-auth-service.

You could indicate exactly the part of the code, which interacts with Orthanc API RESTFULL that performs the authentication, so I then launch the “curl” in the background, and provide access directly to the patient by simply filling the form as below:

Thanks,

http://localhost/confirmar.html?param=12345678

admsnd · June 19, 2024, 6:44pm

Receive the access number, take the study id and generate the new URL, BUT there is the authentication

<!DOCTYPE html>
<html lang="pt-BR">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Confirmação ver imagens dos exames</title>
    <script>
        // Função para obter parâmetros da URL
        function getURLParameter(name) {
            const urlParams = new URLSearchParams(window.location.search);
            return urlParams.get(name);
        }

        // Função para preencher o primeiro campo do formulário
        function fillFirstField() {
            const param = getURLParameter('param');
            if (param) {
                document.getElementById('codigo').value = param;
            }
        }

        // Função para redirecionar após o envio do formulário
        function redirectToNewPage(event) {
            event.preventDefault(); // Previne o envio padrão do formulário

            // Code to get STUDY_ID and mount the newUrl

            const newUrl = `http://localhost:8042/stone-webviewer/index.html?study=1.2.392.200036.9116.2.6.1.54365.1690081337.1715819594.760924`;

            window.location.href = newUrl;
        }

        // Chamar a função quando a página carregar
        window.onload = fillFirstField;
    </script>
    <style>
        body {
            font-family: Arial, sans-serif;
            margin: 20px;
        }
        form {
            max-width: 400px;
            margin: auto;
            padding: 10px;
            border: 1px solid #ccc;
            border-radius: 10px;
            background-color: #f9f9f9;
        }
        label {
            font-weight: bold;
            margin-top: 10px;
        }
        input[type="text"],
        input[type="date"] {
            width: 100%;
            padding: 8px;
            margin: 6px 0 12px 0;
            display: inline-block;
            border: 1px solid #ccc;
            border-radius: 4px;
            box-sizing: border-box;
        }
        input[type="submit"] {
            width: 100%;
            background-color: #4CAF50;
            color: white;
            padding: 10px 20px;
            border: none;
            border-radius: 4px;
            cursor: pointer;
        }
        input[type="submit"]:hover {
            background-color: #45a049;
        }
    </style>
</head>
<body>
    <form onsubmit="redirectToNewPage(event)">
        <label for="codigo">Código:</label>
        <input type="text" id="codigo" name="codigo"><br>

        <label for="dataNascimento">Data de Nascimento:</label>
        <input type="date" id="dataNascimento" name="dataNascimento"><br>

        <input type="submit" value="Enviar">
    </form>
</body>
</html>

alainmazy · June 20, 2024, 6:52am

You should play with this sample setup first and understand how that works.

In this setup, you have 2 orthancs: one that is protected by a login/pwd and one that is used for “shares”.

I understand that you want to have a web-form in which patients enter an AccessionNumber and the PatientBirthDate to access their data and then, access the study - I will not discuss the weak security here, people may try/guess values and get access to other patient data.

Once your patient has entered valid values in the form, your backend should get the StudyInstanceUID from the accession number using /tools/find and then, create a publication link or instant link through the Rest API of the auth-service through this kind of query:

curl -X PUT http://localhost:8000/tokens/stone-viewer-publication -H 'Content-Type: application/json' \
  -d '{"id": "toto",
       "resources" : [{
         "dicom-uid": "1.2",
         "level": "study"
       }],
       "type": "stone-viewer-publication", 
       "expiration-date": "2026-12-31T11:00:00Z"}'

(this is explained in the main README) and then, your backend should redirect your user to that link. This link does not need a login/pwd because it will use a JWT token