PPE re-authorization part 2

Question

I asked another question at the bottom of that other post and I fear it will never be addressed.

Here my question: I have a HV account with 3 sets of records: Mine (self), Child1 and Child 2. They all authorized my application upon creating the accounts in the HV shell via re-direction from my app.

I went into the HV shell and removed authorization for Child 1. When I log into my app, I see Mine and Child 2 as authorized records. All well and good.

Now, I go back into the HV shell and try to re-authorize Child 1. As far as I can tell, there is no way for me to do that in PPE. There is no way for me to have my app re-direct to the shell for authorization because I do not detect that Child 1 exists.

Is there another way to re-authorize Child 1 withough removing authorization for ALL accounts (Mine, Child 2) and then logging into my app - which causes re-direction to the HV shell?

Ken J.

Answer 1

In order for you to reauthorize/authorize a record, you need to redirect the user from your application with appropriate shell redirect target... You cannot directly do that by directly logging into HV shell.

You cannot know that Child1 record exists from an application until that record is authorized for use by the application by the user.  The AuthorizedRecords collection shows only records that a user has already authorized...  The generic way is to ask the user if he wanted to do additional authorization and then redirect him to shell from the application.

I am sure you would have looked at the Shell redirect interface here:

http://msdn.microsoft.com/en-us/healthvault/cc265056.aspx

Try either of the functions in the following code and let me know if it works for you in your scenario: (again refer to shell redirect  interface for explanation)

The first one forces the user to always select a record while logging in. The second one is for a user to authorize more records to this application that he may have access to..

public static void RedirectToHVAuthPageWithForcedSelectRecord()
        {
            StringBuilder sb = new StringBuilder(128);
            sb.Append("appid=");
            sb.Append(WebApplicationConfiguration.AppId.ToString());
            sb.Append("&forceappauth=True");

            Microsoft.Health.Web.WebApplicationUtilities.RedirectToShellUrl(
                System.Web.HttpContext.Current,
                "AUTH",
                sb.ToString());
        }







public void AuthorizeMoreUsers()

        {

            StringBuilder sb = new StringBuilder(128);



            sb.Append("appid=");

            sb.Append(WebApplicationConfiguration.AppId.ToString());

            sb.Append("&actionqs=");

            sb.Append(HttpUtility.UrlEncode(String.Concat(

                "redirect=",

                HttpUtility.UrlEncode(Request.Url.PathAndQuery))));



            (Page as HealthServicePage).RedirectToShellUrl(

                "APPAUTH",

                sb.ToString());



        }

Raj

---

Raj HealthVault Developer Tool http://xray.getrealconsulting.com

Answer 2

Raj,

So, if I understand you correctly, if I wanted to perform the action I suggested in my scenario, I would have to de-authorize everyone and then re-authorize everyone - as my application functions today.

However, we should add the ability to authorize from our app to handle the scenario more conveniently for our users.

I am familiar with the re-direction interface so construction of this capability will not be a monumental task.

Thanks again for all of your help.

Ken J.

Answer 3

If I understand your statement correctly, 

I do NOT think that if a user has authorized an application to use records A,B,C and the record B got later deauthorized from shell directly, inorder for the user to access B again he has to deauthorize everyone and reauthorize them...

You should be able to redirect the user to select another record and which would allow him to select B again...  The only side effect of deauth-reauth pair is that the recordid of B with respect to the application will change.

Again, I havent tried this scenario, but let me know ..

Raj

---

Raj HealthVault Developer Tool http://xray.getrealconsulting.com