DOCS POC OHIF GOOGLE HEALTHCARE - DEV KD #6

New Issue

Closed

opened 2025-03-27 14:51:48 +07:00 by mario · 0 comments

mario commented 2025-03-27 14:51:48 +07:00

Owner

Copy Link

== DOCS POC OHIF GOOGLE HEALTHCARE - DEV KD ==

Setup a Google Cloud Healthcare Project​

1. Create a Google Cloud account

2. Create a project in Google Cloud
   A project in Google Cloud can be created by clicking the projects drop down box. And then clicking the NEW PROJECT button in the top-right corner of the dialogue that is displayed.

3. Enable the Cloud Healthcare API for your project

[!NOTE] TIP

• An API can be enabled through the APIs & Services > Enabled APIs & Services console and clicking the + ENABLE APIS AND SERVICES button.

• The principal (i.e. account) that is enabling the Cloud Healthcare API will require the following roles that can be set in the IAM & Admin > IAM console for the desired project.

  • Service Usage Viewer
  • Service Usage Admin

• Roles can be added to a principal in the IAM & Admin > IAM console by clicking the Edit principal (i.e. pencil) icon to the right of a principal or by clicking the GRANT ACCESS button at the top of the list of principals. The GRANT ACCESS button is particularly useful if the Edit principal icon is disabled.

4. (Optional): Create a Dataset and DICOM Data Store for storing your DICOM data

[!NOTE] TIP
To both list existing datasets as well as create a new dataset for your project, the principal (i.e. account) must have the following roles enabled in the IAM & Admin > IAM console.

• Editor

5. Enable the Cloud Resource Manager API for your project.
   Note: If you are having trouble finding the APIs, use the search box at the top of the Cloud console.

6. Go to APIs & Services > OAuth Consent Screen to create an OAuth Consent screen and fill in your application details.

   • Run through the three step process of adding an OAuth Consent Screen, clicking SAVE AND CONTINUE at the end of each step.

   • For the Scopes step, for Google APIs, click the ADD OR REMOVE SCOPES button.

   • In the Update selected scopes dialogue that flies in from the right, add the following scopes to the Manually add scopes text box.

     • https://www.googleapis.com/auth/cloudplatformprojects.readonly
     • https://www.googleapis.com/auth/cloud-healthcare
       

   • Click ADD TO TABLE and then click UPDATE

7. Go to APIs & Services > Credentials to create a new set of credentials:

   • Click + CREATE CREDENTIALS and from the drop down select OAuth Client ID. See OAuth 2.0 Client ID for more information.

     

   • Choose the "Web Application" type

   • Add your domain (e.g. http://devkedungdoro.aplikasi.web.id:3000) to the Authorized JavaScript origins.

   • Add your domain, plus callback (e.g. http://devkedungdoro.aplikasi.web.id:3000/callback) to the Authorized Redirect URIs.

   • Save your Client ID for later.

---

Cloud Storage

Before exporting and importing DICOM data to and from Cloud Storage, you must grant extra permissions to the Cloud Healthcare Service Agent service account. For more information, see DICOM store Cloud Storage permissions.

Here are the snapshot of current IAM Config:

Uploading DICOM to Cloud Storage

After creating Cloud Storage Bucket, try to upload dicom file through Cloud Console directly just like this: Upload an object to a bucket

Import DICOM from Bucket to Datastore Healthcare API

To import DICOM objects from a Cloud Storage bucket, complete the following steps:

1. In the Google Cloud console, go to the Datasets page.
   Go to Datasets
2. Click the dataset that contains the DICOM store to which you are importing DICOM objects.
3. In the list of data stores, choose Import from the Actions list for the DICOM store.
   The Import to DICOM store page appears.
4. In the Project list, select a Cloud Storage project.
5. In the Location list, select a Cloud Storage bucket.
6. To set a specific location for importing files, do the following:
   1. Expand Advanced Options.
   2. Select Override Cloud Storage Path.
   3. To set a specific source for importing files, define the path using the following variables in the Location text box:
      • * - matches non-separator characters.
      • ** - matches characters, including separators. This can be used with a file name extension to match all files of the same type.
      • ? - matches 1 character.
7. Click Import to import DICOM objects from the defined source.
8. To track the status of the operation, click the Operations tab. After the operation completes, the following indications appear:
   • The Long-running operation status section has a green check mark under the OK heading.
   • The Overview section has a green check mark and an OK indicator in the same row as the operation ID.
     If you encounter any errors, click Actions, and then click View details in Cloud Logging.

Output:

---

Konfigurasi OHIF

Setelah melakukan konfigurasi OAuth, maka akan mendapatkan ClientSecret.json. Value pada JSON tersebut kemudian disesuaikan ke platform/app/public/config/google.js

ClientSecret.json :

{
  "web": {
    "client_id": "382212153306-7q39hdie4ecj0uhemkitvedo93bnvfhn.apps.googleusercontent.com",
    "project_id": "westone-433204",
    "auth_uri": "https://accounts.google.com/o/oauth2/auth",
    "token_uri": "https://oauth2.googleapis.com/token",
    "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
    "client_secret": "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",
    "redirect_uris": [
      "http://devkedungdoro.aplikasi.web.id:3000/callback"
    ],
    "javascript_origins": [
      "http://devkedungdoro.aplikasi.web.id:3000"
    ]
  }
}

platform/app/public/config/google.js :

...existing code

oidc: [
    {
      // ~ REQUIRED
      // Authorization Server URL
      authority: 'https://accounts.google.com',
      client_id: '382212153306-7q39hdie4ecj0uhemkitvedo93bnvfhn.apps.googleusercontent.com',
      redirect_uri: '/callback',
      response_type: 'id_token token',
      scope:
        'email profile openid https://www.googleapis.com/auth/cloudplatformprojects.readonly https://www.googleapis.com/auth/cloud-healthcare', // email profile openid
      // ~ OPTIONAL
      post_logout_redirect_uri: '/logout-redirect.html',
      revoke_uri: 'https://accounts.google.com/o/oauth2/revoke?token=',
      automaticSilentRenew: true,
      revokeAccessTokenOnSignout: true,

      // Tambahan dari Google CLoud Secret
      project_id: "westone-433204",
      auth_uri: "https://accounts.google.com/o/oauth2/auth",
      token_uri: "https://oauth2.googleapis.com/token",
      auth_provider_x509_cert_url: "https://www.googleapis.com/oauth2/v1/certs",
      client_secret: "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",
      redirect_uris: [
        "http://devkedungdoro.aplikasi.web.id:3000/callback"
      ],
      javascript_origins: [
        "https://devone.aplikasi.web.id",
        "http://devkedungdoro.aplikasi.web.id:3000"
      ]
    },
  ],
  extensions: [],
  modes: [],
  showStudyList: true,
  // filterQueryParam: false,
  defaultDataSourceName: 'dicomweb',
  dataSources: [
    {
      namespace: '@ohif/extension-default.dataSourcesModule.dicomweb',
      sourceName: 'dicomweb',
      configuration: {
        friendlyName: 'dcmjs DICOMWeb Server',
        name: 'GCP',
        wadoUriRoot:
          'https://healthcare.googleapis.com/v1/projects/westone-433204/locations/asia-southeast2/datasets/sas-dicom-storage/dicomStores/ohif',
        qidoRoot:
          'https://healthcare.googleapis.com/v1/projects/westone-433204/locations/asia-southeast2/datasets/sas-dicom-storage/dicomStores/ohif',
        wadoRoot:
          'https://healthcare.googleapis.com/v1/projects/westone-433204/locations/asia-southeast2/datasets/sas-dicom-storage/dicomStores/ohif',
        qidoSupportsIncludeField: true,
        imageRendering: 'wadors',
        thumbnailRendering: 'wadors',
        enableStudyLazyLoad: true,
        supportsFuzzyMatching: true,
        supportsWildcard: true,
        dicomUploadEnabled: true,
        omitQuotationForMultipartRequest: true,
        configurationAPI: 'ohif.dataSourceConfigurationAPI.google',
      },
    },

...existing

Untuk menjalankannya, anda perlua mengatur:

APP_CONFIG=config/google.js yarn run dev

# ATAU
APP_CONFIG=config/google.js yarn run build

Jika lokasi server build dan berbeda seperti pada kasus ini, maka perlu build terlebih dahulu. tahapannya ialah:

[!important] Tips
Pastikan config sudah disesuaikan (IP Port) sebelum dilakukan build

# di 192.168.0.116 (PC AI)
APP_CONFIG=config/google.js yarn run build
cd /mnt/hdd250/Viewers-3.9.1/platform/app
zip dist.zip ./dist.zip
scp -i /home/one/ssh-key/id_rsa ./dist.zip one@devkedungdoro.aplikasi.web.id:/home/one/ohif
scp -i /home/one/ssh-key/id_rsa ./public/serve.json one@devkedungdoro.aplikasi.web.id:/home/one/ohif
serve.json

# == DI DEV KD ==
# install nvm untuk pakai v20 tanpa ilangin v16 default
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.3/install.sh | bash
source ~/.bashrc
nvm install v20
nvm deactivate
#jalankan
OHIF_PORT=3000 && /home/one/.nvm/versions/node/**v20.19.0**/bin/npx serve ./dist -c ./serve.json
# sesuaikan versi node

# == **DOCS POC OHIF GOOGLE HEALTHCARE - DEV KD** == ## Setup a Google Cloud Healthcare Project[​](https://docs.ohif.org/3.9/deployment/google-cloud-healthcare#setup-a-google-cloud-healthcare-project "Direct link to Setup a Google Cloud Healthcare Project") 1. **Create a Google Cloud account** 2. **Create a project in Google Cloud** A project in Google Cloud can be created by clicking the projects drop down box. And then clicking the `NEW PROJECT` button in the top-right corner of the dialogue that is displayed. 3. **Enable the [Cloud Healthcare API](https://cloud.google.com/healthcare/) for your project** > [!NOTE] TIP > - An API can be enabled through the `APIs & Services > Enabled APIs & Services` console and clicking the `+ ENABLE APIS AND SERVICES` button. > > - The principal (i.e. account) that is enabling the Cloud Healthcare API will require the following roles that can be set in the `IAM & Admin > IAM` console for the desired project. > - Service Usage Viewer > - Service Usage Admin > > - Roles can be added to a principal in the `IAM & Admin > IAM` console by clicking the `Edit principal` (i.e. pencil) icon to the right of a principal or by clicking the `GRANT ACCESS` button at the top of the list of principals. The `GRANT ACCESS` button is particularly useful if the `Edit principal` icon is disabled. 4. **(Optional): Create a Dataset and DICOM Data Store for storing your DICOM data** > [!NOTE] TIP > To both list existing datasets as well as create a new dataset for your project, the principal (i.e. account) must have the following roles enabled in the `IAM & Admin > IAM` console. > - Editor 5. **Enable the [Cloud Resource Manager API](https://cloud.google.com/resource-manager/) for your project.** _Note:_ If you are having trouble finding the APIs, use the search box at the top of the Cloud console. 6. **Go to APIs & Services > OAuth Consent Screen to create an OAuth Consent screen and fill in your application details.** - Run through the three step process of adding an OAuth Consent Screen, clicking `SAVE AND CONTINUE` at the end of each step. - For the Scopes step, for Google APIs, click the `ADD OR REMOVE SCOPES` button. - In the `Update selected scopes` dialogue that flies in from the right, add the following scopes to the `Manually add scopes` text box. - `https://www.googleapis.com/auth/cloudplatformprojects.readonly` - `https://www.googleapis.com/auth/cloud-healthcare`  - Click `ADD TO TABLE` and then click `UPDATE` 7. **Go to APIs & Services > Credentials to create a new set of credentials:** - Click `+ CREATE CREDENTIALS` and from the drop down select `OAuth Client ID`. See [OAuth 2.0 Client ID](https://developers.google.com/identity/protocols/oauth2/) for more information.  - Choose the "Web Application" type - Add your domain (e.g. `http://devkedungdoro.aplikasi.web.id:3000`) to the Authorized JavaScript origins. - Add your domain, plus `callback` (e.g. `http://devkedungdoro.aplikasi.web.id:3000/callback`) to the Authorized Redirect URIs. - Save your Client ID for later. --- ## Cloud Storage Before exporting and importing DICOM data to and from Cloud Storage, you must grant extra permissions to the **Cloud Healthcare Service Agent** [service account](https://cloud.google.com/iam/docs/service-accounts). For more information, see [DICOM store Cloud Storage permissions](https://cloud.google.com/healthcare-api/docs/how-tos/permissions-healthcare-api-gcp-products#dicom_store_cloud_storage_permissions). Here are the snapshot of **current IAM Config**:  ### Uploading DICOM to Cloud Storage After creating Cloud Storage Bucket, try to upload dicom file through Cloud Console directly just like this: [Upload an object to a bucket](https://cloud.google.com/storage/docs/uploading-objects#upload-object-console)  ## Import DICOM from Bucket to Datastore Healthcare API To import DICOM objects from a Cloud Storage bucket, complete the following steps: 1. In the Google Cloud console, go to the **Datasets** page. [Go to Datasets](https://console.cloud.google.com/healthcare/browser) 2. Click the dataset that contains the DICOM store to which you are importing DICOM objects. 3. In the list of data stores, choose **Import** from the **Actions** list for the DICOM store. The **Import to DICOM store** page appears. 4. In the **Project** list, select a Cloud Storage project. 5. In the **Location** list, select a Cloud Storage bucket. 6. To set a specific location for importing files, do the following: 1. Expand **Advanced Options**. 2. Select **Override Cloud Storage Path**. 3. To set a specific source for importing files, define the path using the following variables in the **Location** text box: - `*` - matches non-separator characters. - `**` - matches characters, including separators. This can be used with a file name extension to match all files of the same type. - `?` - matches 1 character. 7. Click **Import** to import DICOM objects from the defined source. 8. To track the status of the operation, click the **Operations** tab. After the operation completes, the following indications appear: - The **Long-running operation status** section has a green check mark under the **OK** heading. - The **Overview** section has a green check mark and an **OK** indicator in the same row as the operation ID. If you encounter any errors, click **Actions**, and then click **View details in Cloud Logging**. **Output:**  --- ## Konfigurasi OHIF Setelah melakukan konfigurasi OAuth, maka akan mendapatkan **ClientSecret.json**. Value pada JSON tersebut kemudian disesuaikan ke `platform/app/public/config/google.js` **ClientSecret.json :** ```json { "web": { "client_id": "382212153306-7q39hdie4ecj0uhemkitvedo93bnvfhn.apps.googleusercontent.com", "project_id": "westone-433204", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "token_uri": "https://oauth2.googleapis.com/token", "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "client_secret": "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", "redirect_uris": [ "http://devkedungdoro.aplikasi.web.id:3000/callback" ], "javascript_origins": [ "http://devkedungdoro.aplikasi.web.id:3000" ] } } ``` **`platform/app/public/config/google.js` :** ```json ...existing code oidc: [ { // ~ REQUIRED // Authorization Server URL authority: 'https://accounts.google.com', client_id: '382212153306-7q39hdie4ecj0uhemkitvedo93bnvfhn.apps.googleusercontent.com', redirect_uri: '/callback', response_type: 'id_token token', scope: 'email profile openid https://www.googleapis.com/auth/cloudplatformprojects.readonly https://www.googleapis.com/auth/cloud-healthcare', // email profile openid // ~ OPTIONAL post_logout_redirect_uri: '/logout-redirect.html', revoke_uri: 'https://accounts.google.com/o/oauth2/revoke?token=', automaticSilentRenew: true, revokeAccessTokenOnSignout: true, // Tambahan dari Google CLoud Secret project_id: "westone-433204", auth_uri: "https://accounts.google.com/o/oauth2/auth", token_uri: "https://oauth2.googleapis.com/token", auth_provider_x509_cert_url: "https://www.googleapis.com/oauth2/v1/certs", client_secret: "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", redirect_uris: [ "http://devkedungdoro.aplikasi.web.id:3000/callback" ], javascript_origins: [ "https://devone.aplikasi.web.id", "http://devkedungdoro.aplikasi.web.id:3000" ] }, ], extensions: [], modes: [], showStudyList: true, // filterQueryParam: false, defaultDataSourceName: 'dicomweb', dataSources: [ { namespace: '@ohif/extension-default.dataSourcesModule.dicomweb', sourceName: 'dicomweb', configuration: { friendlyName: 'dcmjs DICOMWeb Server', name: 'GCP', wadoUriRoot: 'https://healthcare.googleapis.com/v1/projects/westone-433204/locations/asia-southeast2/datasets/sas-dicom-storage/dicomStores/ohif', qidoRoot: 'https://healthcare.googleapis.com/v1/projects/westone-433204/locations/asia-southeast2/datasets/sas-dicom-storage/dicomStores/ohif', wadoRoot: 'https://healthcare.googleapis.com/v1/projects/westone-433204/locations/asia-southeast2/datasets/sas-dicom-storage/dicomStores/ohif', qidoSupportsIncludeField: true, imageRendering: 'wadors', thumbnailRendering: 'wadors', enableStudyLazyLoad: true, supportsFuzzyMatching: true, supportsWildcard: true, dicomUploadEnabled: true, omitQuotationForMultipartRequest: true, configurationAPI: 'ohif.dataSourceConfigurationAPI.google', }, }, ...existing ``` Untuk menjalankannya, anda perlua mengatur: ```bash APP_CONFIG=config/google.js yarn run dev # ATAU APP_CONFIG=config/google.js yarn run build ``` Jika lokasi server build dan berbeda seperti pada kasus ini, maka perlu build terlebih dahulu. tahapannya ialah: > [!important] Tips > Pastikan config sudah disesuaikan (IP Port) sebelum dilakukan build ```bash # di 192.168.0.116 (PC AI) APP_CONFIG=config/google.js yarn run build cd /mnt/hdd250/Viewers-3.9.1/platform/app zip dist.zip ./dist.zip scp -i /home/one/ssh-key/id_rsa ./dist.zip one@devkedungdoro.aplikasi.web.id:/home/one/ohif scp -i /home/one/ssh-key/id_rsa ./public/serve.json one@devkedungdoro.aplikasi.web.id:/home/one/ohif serve.json # == DI DEV KD == # install nvm untuk pakai v20 tanpa ilangin v16 default curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.3/install.sh | bash source ~/.bashrc nvm install v20 nvm deactivate #jalankan OHIF_PORT=3000 && /home/one/.nvm/versions/node/**v20.19.0**/bin/npx serve ./dist -c ./serve.json # sesuaikan versi node ```

mario closed this issue 2025-03-27 14:52:37 +07:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

prod-ab

add-rsab-ayani-config

prod-phkg

prod-batam

bisone

bisone-internal

auth-patch

v3.9.1

coba-panel-exp-hangtuah

coba-extension-expertise

No results found.

Labels

No items

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

adib andy bintang fajri farrel hanan sas.padmanto stephenk mario

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: mario/ohif-viewer#6