Using Google Health

The Google Health Data API is designed to enable developers to do two things:

  • Read a user's Google Health profile or query for medical records that match particular criteria and then use the results to provide personalized functionality based on the data.

  • Add new medical records to a user's profile by including CCR data when sending a notice to a user's profile. Note: The CCR data is stored as an XML blob within the <atom> entry. The library does not provide direct accessors to the object model but it does have helpers for extracting specific fields.

There are three main feeds, each of which requires authentication. Unlike other Google Data APIs, each Google Health feed has a limited set of HTTP operations you can perform on it, depending on which authentication method you are using (ClientLogin or AuthSub/OAuth). For a list of permitted operations, see » http://code.google.com/apis/health/reference.html#Authentication.

  • Profile Feed use the profile feed to query a user's health profile for specific information.

  • Register Feed use the register feed to reconcile new CCR data into a profile.

  • Profile List Feed the profile list feed should be used to determine which of the user's Health profiles to interact with. This feed is only available when using ClientLogin.

See » http://code.google.com/apis/health for more information about the Google Health API.

Connect To The Health Service

The Google Health API, like all Google Data APIs, is based off of the Atom Publishing Protocol (APP), an XML based format for managing web-based resources. Traffic between a client and the Google Health servers occurs over HTTP and allows for authenticated connections.

Before any transactions can occur, a connection needs to be made. Creating a connection to the Health servers involves two steps: creating an HTTP client and binding a Zend_Gdata_Health service instance to that client.

Authentication

The Google Health API allows programmatic access to a user's Health profile. There are three authentication schemes that are supported by Google Health:

  • ClientLogin provides direct username/password authentication to the Health servers. Since this method requires that users provide your application with their password, this authentication scheme is only recommended for installed/desktop applications.

  • AuthSub allows a user to authorize the sharing of their private data. This provides the same level of convenience as ClientLogin but without the security risk, making it an ideal choice for web-based applications. For Google Health, AuthSub must be used in registered and secure mode--meaning that all requests to the API must be digitally signed.

  • OAuth is an alternative to AuthSub. Although this authentication scheme is not discussed in this document, more information can be found in the » Health Data API Developer's Guide.

See » Authentication Overview in the Google Data API documentation for more information on each authentication method.

Create A Health Service Instance

In order to interact with Google Health, the client library provides the Zend_Gdata_Health service class. This class provides a common interface to the Google Data and Atom Publishing Protocol models and assists in marshaling requests to and from the Health API.

Once you've decided on an authentication scheme, the next step is to create an instance of Zend_Gdata_Health. This class should be passed an instance of Zend_Gdata_HttpClient. This provides an interface for AuthSub/OAuth and ClientLogin to create a special authenticated HTTP client.

To test against the H9 Developer's (/h9) instead of Google Health (/health), the Zend_Gdata_Health constructor takes an optional third argument for you to specify the H9 service name 'weaver'.

The example below shows how to create a Health service class using ClientLogin authentication:

  1. // Parameters for ClientLogin authentication
  2. $healthServiceName = Zend_Gdata_Health::HEALTH_SERVICE_NAME;
  3. //$h9ServiceName = Zend_Gdata_Health::H9_SANDBOX_SERVICE_NAME;
  4. $user = "user@gmail.com";
  5. $pass = "pa$$w0rd";
  6.  
  7. // Create an authenticated HTTP client
  8. $client = Zend_Gdata_ClientLogin::getHttpClient($user,
  9.                                                 $pass,
  10.                                                 $healthServiceName);
  11.  
  12. // Create an instance of the Health service
  13. $service = new Zend_Gdata_Health($client);

A Health service using AuthSub can be created in a similar, though slightly more lengthy fashion. AuthSub is the recommend interface to communicate with Google Health because each token is directly linked to a specific profile in the user's account. Unlike other Google Data APIs, it is required that all requests from your application be digitally signed.

  1. /*
  2. * Retrieve the current URL so that the AuthSub server knows where to
  3. * redirect the user after authentication is complete.
  4. */
  5. function getCurrentUrl() {
  6.     $phpRequestUri = htmlentities(substr($_SERVER['REQUEST_URI'],
  7.                                          0,
  8.                                          strcspn($_SERVER['REQUEST_URI'],
  9.                                                  "\n\r")),
  10.                                   ENT_QUOTES);
  11.  
  12.     if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') {
  13.         $protocol = 'https://';
  14.     } else {
  15.         $protocol = 'http://';
  16.     }
  17.     $host = $_SERVER['HTTP_HOST'];
  18.     if ($_SERVER['SERVER_PORT'] != '' &&
  19.        (($protocol == 'http://' && $_SERVER['SERVER_PORT'] != '80') ||
  20.        ($protocol == 'https://' && $_SERVER['SERVER_PORT'] != '443'))) {
  21.         $port = ':' . $_SERVER['SERVER_PORT'];
  22.     } else {
  23.         $port = '';
  24.     }
  25.     return $protocol . $host . $port . $phpRequestUri;
  26. }
  27.  
  28. /*
  29. * Redirect a user to AuthSub if they do not have a valid session token.
  30. * If they're coming back from AuthSub with a single-use token, instantiate
  31. * a new HTTP client and exchange the token for a long-lived session token
  32. * instead.
  33. */
  34. function setupClient($singleUseToken = null) {
  35.     $client = null;
  36.  
  37.     // Fetch a new AuthSub token?
  38.     if (!$singleUseToken) {
  39.         $next = getCurrentUrl();
  40.         $scope = 'https://www.google.com/health/feeds';
  41.         $authSubHandler = 'https://www.google.com/health/authsub';
  42.         $secure = 1;
  43.         $session = 1;
  44.         $authSubURL =  Zend_Gdata_AuthSub::getAuthSubTokenUri($next,
  45.                                                               $scope,
  46.                                                               $secure,
  47.                                                               $session,
  48.                                                               $authSubHandler);
  49.  
  50.          // 1 - allows posting notices && allows reading profile data
  51.         $permission = 1;
  52.         $authSubURL .= '&permission=' . $permission;
  53.  
  54.         echo '<a href="' . $authSubURL . '">Your Google Health Account</a>';
  55.     } else {
  56.         $client = new Zend_Gdata_HttpClient();
  57.  
  58.         // This sets your private key to be used to sign subsequent requests
  59.         $client->setAuthSubPrivateKeyFile('/path/to/your/rsa_private_key.pem',
  60.                                           null,
  61.                                           true);
  62.  
  63.         $sessionToken =
  64.             Zend_Gdata_AuthSub::getAuthSubSessionToken(trim($singleUseToken),
  65.                                                        $client);
  66.  
  67.         // Set the long-lived session token for subsequent requests
  68.         $client->setAuthSubToken($sessionToken);
  69.     }
  70.     return $client;
  71. }
  72.  
  73. // -> Script execution begins here <-
  74.  
  75.  
  76. $client = setupClient(@$_GET['token']);
  77.  
  78. // Create an instance of the Health service
  79. $userH9Sandbox = false;
  80. $healthService = new Zend_Gdata_Health($client,
  81.                                        'googleInc-MyTestAppName-v1.0',
  82.                                        $userH9Sandbox);

NOTE: the remainder of this document will assume you are using AuthSub for authentication.

Profile Feed

To query the user's profile feed, make sure your initial AuthSub token was requested with the permission parameter set to 1. The process of extracting data from the profile requires two steps, sending a query and iterating through the resulting feed.

Send a Structured Query

You can send structured queries to retrieve specific records from a user's profile.

When retrieving the profile using the Health API, specifically constructed query URLs are used to describe what (CCR) data should be returned. The Zend_Gdata_Health_Query class helps simplify this task by automatically constructing a query URL based on the parameters you set.

Query The Feed

To execute a query against the profile feed, invoke a new instance of an Zend_Gdata_Health_Query and call the service's getHealthProfileFeed() method:

  1. $healthService = new Zend_Gdata_Health($client);
  2.  
  3. // example query for the top 10 medications with 2 items each
  4. $query = new Zend_Gdata_Health_Query();
  5. $query->setDigest("true");
  6. $query->setGrouped("true");
  7. $query->setMaxResultsGroup(10);
  8. $query->setMaxResultsInGroup(2);
  9. $query->setCategory("medication");
  10.  
  11. $profileFeed = $healthService->getHealthProfileFeed($query);

Using setDigest("true") returns all of user's CCR data in a single Atom <entry>.

The setCategory() helper can be passed an additional parameter to return more specific CCR information. For example, to return just the medication Lipitor, use setCategory("medication", "Lipitor"). The same methodology can be applied to other categories such as conditions, allergies, lab results, etc.

A full list of supported query parameters is available in the » query parameters section of the Health API Reference Guide.

Iterate Through The Profile Entries

Each Google Health entry contains CCR data, however, using the digest query parameter and setting is to TRUE will consolidate all of the CCR elements (that match your query) into a single Atom <entry>.

To retrieve the full CCR information from an entry, make a call to the Zend_Gdata_Health_ProfileEntry class's getCcr() method. That returns a Zend_Gdata_Health_Extension_CCR:

  1. $entries = $profileFeed->getEntries();
  2. foreach ($entries as $entry) {
  3.     $medications = $entry->getCcr()->getMedications();
  4.     //$conditions = $entry->getCcr()->getConditions();
  5.     //$immunizations = $entry->getCcr()->getImmunizations();
  6.  
  7.     // print the CCR xml (this will just be the entry's medications)
  8.     foreach ($medications as $med) {
  9.         $xmlStr = $med->ownerDocument->saveXML($med);
  10.         echo "<pre>" . $xmlStr . "</pre>";
  11.     }
  12. }

Here, the getCcr() method is used in conjunction with a magic helper to drill down and extract just the medication data from the entry's CCR. The formentioned magic helper takes the form getCATEGORYNAME(), where CATEGORYNAME is a supported Google Health category. See the » Google Health reference Guide for the possible categories.

To be more efficient, you can also use category queries to only return the necessary CCR from the Google Health servers. Then, iterate through those results:

  1. $query = new Zend_Gdata_Health_Query();
  2. $query->setDigest("true");
  3. $query->setCategory("condition");
  4. $profileFeed = $healthService->getHealthProfileFeed($query);
  5.  
  6. // Since the query contained digest=true, only one Atom entry is returned
  7. $entry = $profileFeed->entry[0];
  8. $conditions = $entry->getCcr()->getConditions();
  9.  
  10. // print the CCR xml (this will just be the profile's conditions)
  11. foreach ($conditions as $cond) {
  12.     $xmlStr = $cond->ownerDocument->saveXML($cond);
  13.     echo "<pre>" . $xmlStr . "</pre>";
  14. }

Profile List Feed

NOTE: This feed is only available when using ClientLogin

Since ClientLogin requires a profile ID with each of its feeds, applications will likely want to query this feed first in order to select the appropriate profile. The profile list feed returns Atom entries corresponding each profile in the user's Google Health account. The profile ID is returned in the Atom <content> and the profile name in the <title> element.

Query The Feed

To execute a query against the profile list feed, call the service's getHealthProfileListFeed() method:

  1. $client = Zend_Gdata_ClientLogin::getHttpClient('user@gmail.com',
  2.                                                 'pa$$word',
  3.                                                 'health');
  4. $healthService = new Zend_Gdata_Health($client);
  5. $feed = $healthService->getHealthProfileListFeed();
  6.  
  7. // print each profile's name and id
  8. $entries = $feed->getEntries();
  9. foreach ($entries as $entry) {
  10.     echo '<p>Profile name: ' . $entry->getProfileName() . '<br>';
  11.     echo 'profile ID: ' . $entry->getProfileID() . '</p>';
  12. }

Once you've determined which profile to use, call setProfileID() with the profileID as an argument. This will restrict subsequent API requests to be against that particular profile:

  1. // use the first profile
  2. $profileID = $feed->entry[0]->getProfileID();
  3. $healthService->setProfileID($profileID);
  4.  
  5. $profileFeed = $healthService->getHealthProfileFeed();
  6.  
  7. $profileID = $healthService->getProfileID();
  8. echo '<p><b>Queried profileID</b>: ' . $profileID . '</p>';

Sending Notices to the Register Feed

Individual posts to the register feed are known as notices. Notice are sent from third-party applications to inform the user of a new event. With AuthSub/OAuth, notices are the single means by which your application can add new CCR information into a user's profile. Notices can contain plain text (including certain XHTML elements), a CCR document, or both. As an example, notices might be sent to remind users to pick up a prescription, or they might contain lab results in the CCR format.

Sending a notice

Notices can be sent by using the sendHealthNotice() method for the Health service:

  1. $healthService = new Zend_Gdata_Health($client);
  2.  
  3. $subject = "Title of your notice goes here";
  4. $body = "Notice body can contain <b>html</b> entities";
  5. $ccr = '<ContinuityOfCareRecord xmlns="urn:astm-org:CCR">
  6.   <Body>
  7.    <Problems>
  8.     <Problem>
  9.       <DateTime>
  10.         <Type><Text>Start date</Text></Type>
  11.         <ExactDateTime>2007-04-04T07:00:00Z</ExactDateTime>
  12.       </DateTime>
  13.       <Description>
  14.         <Text>Aortic valve disorders</Text>
  15.         <Code>
  16.           <Value>410.10</Value>
  17.           <CodingSystem>ICD9</CodingSystem>
  18.           <Version>2004</Version>
  19.         </Code>
  20.       </Description>
  21.       <Status><Text>Active</Text></Status>
  22.     </Problem>
  23.   </Problems>
  24.   </Body>
  25. </ContinuityOfCareRecord>';
  26.  
  27. $responseEntry = $healthService->sendHealthNotice($subject,
  28.                                                   $body,
  29.                                                   "html",
  30.                                                   $ccr);
blog comments powered by Disqus