src/main/resources/application.properties

#################################################################################################################
# COACH Configuration                                                                                           #
#################################################################################################################
# This is the main configuration file for the COACH FHIR application.                                           #
#                                                                                                               #
# COACH is based on Spring Boot 2.6.7.                                                                          #
#                                                                                                               #
# You can find reference documentation for Spring Boot at the following location:                               #
# https://docs.spring.io/spring-boot/docs/2.6.7/reference/htmlsingle/                                           #
#################################################################################################################

#######################
# Basic Configuration #
#######################
# app.name
# app.version
#     These variables should not be changed, as they pull in variables from COACH's pom.xml.  To get these variables
#     to show appropriately in the app, ensure that you set the following environment variable prior to running the
#     app:
#          export SPRING_CONFIG_LOCATION=classpath:application.properties,file:///path/to/coach/config/files/
#     See https://github.com/OHSUCMP/coach/issues/152 for details.
app.name=@project.artifactId@
app.version=@project.version@
# application.name
#     Specifies the name of this application as you wish it to appear in a web browser's <title> tags.
#     Recommend to leave this as it is (although you may wish to append information to it, e.g. environment, etc.)
application.name=COACH
# fhirqueries.file
#     Specifies the location of the 'fhirqueries.properties' file, which defines how FHIR queries are to be executed
#     against the target FHIR server.
# fhirqueries.file=file:///path/to/coach/config/files/fhirqueries.properties
fhirqueries.file=classpath:fhirqueries.properties
# fhirconfig.file
#     Specifies the location of the 'fhirconfig.properties' file, which defines various codes, systems, etc. that COACH
#     uses to identify certain resources types of interest.  These are likely to vary by implementation environment.
# fhirconfig.file=file:///path/to/coach/config/files/fhirconfig.properties
fhirconfig.file=classpath:fhirconfig.properties
# logging.config
#     Specifies the location of the 'logback.xml' file, which defines how and where COACH writes logfile data.
# logging.config=file:///path/to/coach/config/files/logback.xml
logging.config=classpath:logback.xml
# server.port
#     Specifies the network port on which COACH listens.
#     This should NOT be port 8080 (which is the default), because CQF-Ruler - an auxiliary system on which COACH
#     depends in order to run recommendations, and which is recommended to run on the same server as COACH - is
#     hard-coded to listen on port 8080.  As such, COACH must listen on a different port so as to avoid conflicts.
server.port=8082
# socket.timeout
#     This property defines how many milliseconds COACH will wait for network operations to respond.
#     3600000ms = 3600 seconds = 60 minutes = 1 hour
socket.timeout=3600000
# spring.mvc.async.request-timeout
#     Amount of time before asynchronous requests timeout, in milliseconds.
#     3600000ms = 3600 seconds = 60 minutes = 1 hour
spring.mvc.async.request-timeout=3600000

###############################
# COACH System Status Message #
###############################
# system.status-message
#     If present, this message will be displayed prominently to users at the top of the COACH home page.
system.status-message=

#########################
# SSL/TLS Configuration #
#########################
# This section defines SSL and TLS configuration to enable COACH to serve encrypted traffic.
# See https://www.baeldung.com/spring-tls-setup for details and instructions on how to configure these properties.
server.ssl.enabled=false
server.ssl.key-store-password=change_me!
server.ssl.key-store=file:///git/coach/ssl/localhost-ssl.p12
server.ssl.key-store-type=PKCS12
server.ssl.protocol=TLS
server.ssl.enabled-protocols=TLSv1.2

################################
# Other Security Configuration #
################################
# security.salt
#     This property should contain a string of random characters and be at least 32 characters in length.
#     It is used by COACH when generating hash values for generated resource IDs and database records, as appropriate.
security.salt=CHANGE_THIS_BEFORE_RUNNING_IN_PRODUCTION
# security.show-dev-errors
#     If true, errors generated by the recommendation engine will be displayed.
#     If false, a generic error is displayed instead.
#     It is recommended that this property be set to 'true' in a development environment, and 'false' in production.
security.show-dev-errors=false
# security.browser.cache-credentials
#     If 'true', the browser will cache FHIR credentials, facilitating reloading of the COACH application.  However,
#     doing so presents a potential security risk, as these credentials are sensitive in nature.  As such, it is
#     recommended that this be set to 'true' in development environments, and 'false' in production ones.
security.browser.cache-credentials=false
# security.idle-timeout-seconds
#     This property specifies the number of seconds of inactivity that must occur for a user to be automatically
#     logged out of COACH.  If specified, it must be a number > 60, as the last 60 seconds will always be displayed in
#     a modal dialog to the user with a 60-second countdown that the user can abort if they so desire.  Specifying a
#     value that is smaller than 60 will cause the modal dialog to appear immediately.  If this is set to 0, the idle
#     timeout is disabled.
# security.idle-timeout-seconds=900
security.idle-timeout-seconds=0
# feature.clear-supplemental-data.enabled
#     This property drives the appearance of a link on the home page that reads "Clear Supplemental Data".
#     Clicking said link effectively resets any data stored in the COACH database for the user.
#     This is really only useful in development or testing environments, and so should always be set to 'false'
#     in production.
feature.clear-supplemental-data.enabled=false

###########################
# CQF Ruler Configuration #
###########################
# These configurations relate to CQF Ruler, which is responsible for analyzing FHIR resources and compiling
# recommendations for COACH users.
# cqfruler.cdshooks.endpoint.url
#     This is the CDS Hooks endpoint for the CQF Ruler instance used to generate recommendations.  CQF Ruler is
#     intended to run as a local service for security reasons.  Note that CQF Ruler MUST run on port 8080 due to
#     hard-coded ports in that codebase.
cqfruler.cdshooks.endpoint.url=http://localhost:8080/cds-services
# cqfruler.cdshooks.order.csv
#     This is the order in which recommendations will be ordered within the COACH user interface.
#     It is recommended to not change this.
cqfruler.cdshooks.order.csv=plandefinition-HypertensiveEmergency,plandefinition-AdverseEvents,plandefinition-Monitoring,plandefinition-Pharma,plandefinition-NonPharmacologicIntervention,plandefinition-Hypertension
# cqfruler.cdshooks.basic-group.allow-filter.csv
#     This represents the subset of recommendations that will be displayed to users in the "basic" group, i.e. the
#     "control" group, regarding the COACH clinical trial.
#     Do not change this.
cqfruler.cdshooks.basic-group.allow-filter.csv=plandefinition-HypertensiveEmergency,plandefinition-AdverseEvents

################################
# COACH Database Configuration #
################################
# The following configurations are used to define how to connect to the COACH database.
# At this time, MySQL and Microsoft SQL Server are supported.
# spring.datasource.driverClassName
#     This property defines the driver to use to connect to the target database.  Both MySQL and Microsoft SQL Server
#     drivers are provided (default MySQL):
# spring.datasource.driverClassName=com.microsoft.sqlserver.jdbc.SQLServerDriver
spring.datasource.driverClassName=com.mysql.cj.jdbc.Driver
# spring.datasource.url
#     This property defines the connection string that should be usec to connect to the target database.  Both MySQL
#     and Microsoft SQL Server URLs are provided, and which may need to be modified based on implementation details
#     (default MySQL):
# spring.datasource.url=jdbc:sqlserver://localhost;instanceName=SQLEXPRESS;databaseName=coach;encrypt=false
spring.datasource.url=jdbc:mysql://localhost:3306/coach
# spring.datasource.username
#     This is the username for the database user that should be used to connect to the target database
spring.datasource.username=coach
# spring.datasource.password
#     This is the password for the database user specified above
spring.datasource.password=CHANGE_THIS_in_PRODUCTION!

###############################
# SMART-on-FHIR Configuration #
###############################
# This section defines SMART-on-FHIR integration configurations.  These will need to match configurations as dictated
# by the FHIR server that COACH will be interacting with.
# smart.patient.scope
#     This property specifies the SMART-on-FHIR scope that is required by COACH to operate in the patient context.
#     It is recommended to not change this unless you really know what you're doing.
smart.patient.scope=launch/patient launch patient/*.read patient/Encounter.write patient/Observation.write user/*.read openid profile
# smart.patient.iss
#     This property stores the base FHIR API endpoint to which COACH will use when launching by way of the COACH
#     /launch-patient endpoint.
smart.patient.iss=https://api.logicahealth.org/htnu18r42/data
# smart.patient.clientId
#     This property stores the FHIR client ID for COACH when launching through the "patient" context.  This context
#     is intended to be used when launching COACH by way of a patient-facing portal (such as Epic MyChart), or by
#     way of the /launch-patient endpoint.
smart.patient.clientId=GET_THIS_FROM_FHIR_APP_CONFIG
# smart.provider.scope
#     This property specifies the SMART-on-FHIR scope that is required by COACH to operate in the provider context.
#     It is recommended to not change this unless you really know what you're doing.
smart.provider.scope=launch patient/*.read patient/Encounter.write patient/Observation.write user/*.read openid profile
# smart.provider.iss
#     This property stores the base FHIR API endpoint to which COACH will use when launching by way of the COACH
#     /launch-provider endpoint.
smart.provider.iss=https://api.logicahealth.org/htnu18r42/data
# smart.provider.clientId
#     This property stores the FHIR client ID for COACH when launching through the "provider" context.  This context
#     is intended to be used when launching COACH by way of a provider-facing system (such as Epic Hyperspace), or by
#     way of the /launch-provider endpoint.
smart.provider.clientId=GET_THIS_FROM_FHIR_APP_CONFIG
# smart.redirectUri
#     This property contains the COACH URL to which the SMART-on-FHIR handshake will redirect once it has completed.
#     This should be the root path on the server where COACH is running, or the appropriate context path on that
#     server, if such a configuration is being used in your deployment environment.
#     Note that the port specified in this URL must be the same port specified by the server.port property above.
smart.redirectUri=http://localhost:8082/

#########################################
# Site-Specific Resources Configuration #
#########################################
# This section facilitates including site-specific resources in the COACH Resources menu.
#
# site-specific-resources.pdf-folder.path
#     This property specifies a path on your local filesystem into which PDF files may be placed, that will
#     appear in the COACH Resources menu.  Each file should be named how it should be displayed in the Resources
#     menu, with the following transformations applied when converting the filename to what appears in the menu:
#         1. Only upper and lower-case letters, numbers, parentheses, underscore, comma, apostrophe, whitespace, and
#            dash characters are permitted (all others will be stripped);
#         2. The file extension will be removed; and
#         3. Only PDF files will be included.
# site-specific-resources.pdf-folder.path=/git/coach/local-config/pdfs/
site-specific-resources.pdf-folder.path=

#########################
# Contact Configuration #
#########################
# This section defines various contact configurations that will be specific to the institution where COACH is
# deployed.
#
# NOTE: If your deployment serves more than one clinic area, and you would like to display more than one clinic,
#       with distinct phone numbers for each, populate the clinic_contact table in the database with that info,
#       and it will be used instead.  Only if no records exist in the clinic_contact table will the contact.clinic
#       and contact.after-hours properties below be used.
#       This note does not apply to the contact.instructions-html property below.
#
# contact.clinic
#     This configuration should be a phone number that a COACH user can use to contact a clinic in response to
#     certain recommendations that might be generated, and for which a more rapid response might be needed (such as
#     in the event of COACH identifying an adverse event).
#     This number should be a geographically local number associated with the implementing institution.
contact.clinic=(xxx) yyy-zzzz
# contact.after-hours
#     This configuration is intended to be an after-hours contact phone number that a COACH user can use to reach
#     someone about a potentially serious issue, outside of regular clinic hours.
#     This number should be a geographically local number associated with the implementing institution.
#     If the after-hours contact phone number is the same as the default contact phone number, this property
#     may be left blank.
contact.after-hours=(xxx) yyy-zzzz
# contact.instructions-html
#     Some COACH recommendations instruct the user to contact their care team.  Contacting a care team involves
#     being directed to a prepopulated "contact" page within COACH, where the user is able to customize a text-
#     based message to their care team.  COACH does not presently have the ability to send messages by way
#     of an API or some other streamlined system; as such, there is a necessary manual step involved in this
#     process.  These instructions should instruct the user what to do with the message (which they can easily
#     copy to their clipboard), in order to get it to their care team.  Each deployment environment is likely to
#     be different, and as such these instructions need to be configurable on a per-environment basis.
#     This HTML will be directly incorporated into the "contact" page as instructions to the user, and is intended
#     to be displayed as an ordered list.
#     Note: If present, the token "{subject}" will be replaced with the message's predefined subject text.
contact.instructions-html=<ol>\
<li>Launch health portal</li>\
<li>Compose message (perhaps with subject "{subject}")</li>\
<li>Copy message</li>\
<li>Paste message</li>\
<li>Click "Send"</li>\
</ol>

############################
# Basic FHIR Configuration #
############################
# This section defines basic configuration settings that relate to FHIR services.
# fhir.bp-writeback-strategy
#     This defines how blood pressure vitals should be written back to the source FHIR server.  Valid values are
#     PATIENT, BACKEND, and DISABLED.  PATIENT will use the same context that is used by the patient portal, with
#     the same scope restrictions.  BACKEND is a separate context that may be defined, for which additional
#     scopes may be available.  However, the BACKEND context requires JWT settings to be configured (see below).
#     DISABLED specifies that blood pressure vitals should not be written back to the source FHIR server.  Under
#     all scenarios, blood pressure vitals will be retained in the COACH database.
fhir.bp-writeback-strategy=DISABLED
# fhir.pulse-writeback-strategy
#     This defines if and how pulse vitals should be written back to the source FHIR server.  Valid values are the
#     same as employed by fhir.bp-writeback-strategy as defined above.
fhir.pulse-writeback-strategy=DISABLED
# fhir.search.count
#     This is the maximum number of FHIR resources to be retrieved per request.  If more than 1000 records are
#     found, the system will request additional pages.
fhir.search.count=1000
# fhir.vendor-transformer-class
#     This property must specify an implementation of the VendorTransformer interface.  VendorTransformer
#     implementations are used to transform incoming and outgoing resources as required to integrate with target
#     vendor FHIR services.
#     DefaultVendorTransformer: use when the source FHIR server is Logica, Meld, HAPI-FHIR, Cerner, and others.
#     EpicVendorTransformer: use when the source FHIR server is backed by Epic, and vitals will be written to
#                            Epic flowsheets.
# fhir.vendor-transformer-class=edu.ohsu.cmp.coach.fhir.transform.EpicVendorTransformer
fhir.vendor-transformer-class=edu.ohsu.cmp.coach.fhir.transform.DefaultVendorTransformer

###############################################
# FHIR JWT Configurations for BACKEND Context #
###############################################
# If any FHIR "strategy" is configured to use the BACKEND context, and that context requires use of a JSON Web Token
# (JWT), those configurations must be set here.
# For Epic environments, see https://vendorservices.epic.com/Article/Index?docId=oauth2&section=BackendOAuth2Guide
#
# Instructions to create RSA keys using OpenSSL:
# NOTE: replace {ENV} with some identifier indicating the environment (e.g. "test", "prod", etc.)
#
# 1. Create 3072-bit RSA private key:
#       openssl genrsa -out coach-backend-{ENV}-privatekey.pem 3072
# 2. Export public key to base64 encoded X.509 certificate:
#       openssl req -new -x509 -key coach-backend-{ENV}-privatekey.pem -out coach-backend-{ENV}-publickey509.pem \
#           -subj '/CN=coach-backend-{ENV}'
# 3. Convert private key from PKCS1 to PKCS8 format:
#       openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in coach-backend-{ENV}-privatekey.pem \
#           -out coach-backend-{ENV}-privatekey-pkcs8.pem
#
# fhir.security.jwt.client-id
#     This is the FHIR client ID that should be used in conjunction with the JWT when employing the BACKEND context.
#     This may be left blank if BACKEND context is not used.
fhir.security.jwt.client-id=
# fhir.security.jwt.x509-certificate-file
#     This stores the filesystem location for where the x509 public certificate file can be found, associated with
#     the JWT.
# fhir.security.jwt.x509-certificate-file=/path/to/coach-backend-publickey509.pem
fhir.security.jwt.x509-certificate-file=
# fhir.security.jwt.pkcs8-private-key-file
#     This stores the filesystem location for where the PKCS8 private key file can be found, associated with the JWT.
# fhir.security.jwt.pkcs8-private-key-file=/path/to/coach-backend-privatekey-pkcs8.key
fhir.security.jwt.pkcs8-private-key-file=

##########################
# ValueSet Configuration #
##########################
# This section defines which ValueSets COACH will use to identify antihypertensive medications, and to keep those
# definitions updated on a regular basis.
# vsac.api-key
#     This is the VSAC API key that should be used by COACH to synchronize ValueSet definitions.  ValueSets are
#     synchronized when the application loads, and periodically thereafter based on a cron schedule.
vsac.api-key=GET_THIS_FROM_UMLS
# antihypertensive.medication.valueset.oid.csv
#     A comma-separated list of ValueSet OIDs that represent antihypertensive medications
#     These should not be changed unless you really know what you're doing.
antihypertensive.medication.valueset.oid.csv=2.16.840.1.113762.1.4.1178.10,2.16.840.1.113762.1.4.1200.242
# antihypertensive.medication.valueset.refresh-cron
#     A cron schedule that specifies when ValueSet data is to be refreshed from VSAC
antihypertensive.medication.valueset.refresh-cron=0 0 5 * * SUN

##################################
# Omron Wellness API Integration #
##################################
# COACH integrates with the Omron Wellness API to synchronize blood-pressure and pulse vitals from a user's Omron
# home blood-pressure monitoring device.  Each deployment of COACH requires its own API keys.
# See https://omronhealthcare.com/api/ for details.
# omron.application-id
#     This stores the application ID that Omron assigns to you for this integration.
omron.application-id=GET_THIS_FROM_OMRON
# omron.secret-key
#     This stores the secret key that Omron assigns to you for this integration.
omron.secret-key=GET_THIS_FROM_OMRON
# omron.authorize.url
#     This stores the Omron authorization URL.  There are two forms, one for staging, and one for production.
#     (default staging)
# omron.authorize.url=https://prd-oauth-website.ohiomron.com
omron.authorize.url=https://stg-oauth-website.ohiomron.com
# omron.url
#     This stores the Omron API URL.  There are two forms, one for staging, and one for production.
#     (default staging)
# omron.url=https://prd-oauth.ohiomron.com/prd
omron.url=https://stg-oauth.ohiomron.com/stg
# omron.scope
#     This stores the scope that is to be specified when performing synchronization operations.
#     It is recommended to leave this alone.
omron.scope=bloodpressure activity openid offline_access
# omron.redirect.url
#     This should reference your COACH /omron/oauth endpoint.
omron.redirect.url=http://localhost:8082/omron/oauth

########################
# REDCap Configuration #
########################
# This section defines configurations for REDCap integration, as it pertains to the COACH clinical trial.
# redcap.enabled
#     This defines whether or not REDCap integration should be enabled.  Set to 'true' if REDCap integration should
#     be enabled, 'false' otherwise.
redcap.enabled=false
# redcap.api-url
#     This defines the REDCap API endpoint to which COACH will attempt to connect (requires a trailing '/')
#     (For the purpose of the COACH clinical trial, leave this unchanged)
redcap.api-url=https://my.redcap.server/redcap/api/
# redcap.api-token
#     This defines the API token that should be used for REDCap authorization and integration
redcap.api-token=GET_THIS_FROM_REDCAP
# redcap.data-access-group
#     This identifies the clinical trial deployment environment.
#     (Valid values are ohsu, mu, and vumc, each representing one of the three institutions participating in the
#     COACH clinical trial)
redcap.data-access-group=ohsu
# redcap.patient-launch-url
#     This is the /launch-patient endpoint to which REDCap will redirect when its workflow has completed.
redcap.patient-launch-url=http://localhost:8082/launch-patient

#######################################
# End-of-Study Configuration Settings #
#######################################
# This section defines configuration settings that apply when a user completes their time in the COACH study.
# Logic applied here will only function if redcap.enabled=true.
# end-of-study.permit-continued-use
#     If true, a user will be permitted to continue using COACH once their participation in the COACH study has
#     completed.  If false, the user will be presented with a static page and disallowed from continued access.
end-of-study.permit-continued-use=true
# end-of-study.control-message-html
#     This is the message that will be displayed to control-group users in a popup window over the home screen, the
#     first time they log into COACH after completing the study, if the user will be permitted to use COACH after
#     study completion.  If the user isn't permitted to use COACH after study completion, this message will be
#     displayed as the contents of a static page instead.
end-of-study.control-message-html=Control-group user end-of-study message
# end-of-study.intervention-message-html
#     This is the message that will be displayed to intervention-group users in a popup window over the home screen,
#     the first time they log into COACH after completing the study, if the user will be permitted to use COACH after
#     study completion.  If the user isn't permitted to use COACH after study completion, this message will be
#     displayed as the contents of a static page instead.
end-of-study.intervention-message-html=Intervention-group user end-of study message

###################################
# Advanced Configuration Settings #
###################################
# This section defines configurations that drive core parts of COACH system operation.  It is recommended to not
# change these settings unless you really know what you're doing.
spring.flyway.locations=classpath:db/migration/{vendor}
spring.mustache.expose-request-attributes=true
spring.mustache.request-context-attribute=req
spring.mustache.expose-session-attributes=true
spring.jpa.hibernate.ddl-auto=none
spring.jpa.show-sql=false
spring.jpa.properties.hibernate.id.new_generator_mappings=false
spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true
spring.jpa.hibernate.naming.implicit-strategy=org.hibernate.boot.model.naming.ImplicitNamingStrategyLegacyJpaImpl
spring.jpa.hibernate.naming.physical-strategy=org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
spring.main.allow-bean-definition-overriding=true
hibernate.cache.use_second_level_cache=false
hibernate.cache.use_query_cache=false