server: send correct Accept=application/fhir+json HTTP headers

First and foremost, stop requesting application/json for FHIR
objects. The correct type is application/fhir+json. The spec says:

"If a client provides a generic mime type in the Accept header
(application/xml, text/json, or application/json), the server SHOULD
respond with the requested mime type, using the XML or JSON formats
described in this specification as the best representation for the
named mime type (except for binary - see the note on the Binary
resource)."

So this was only ever working by accident, and wasn't correct for
Binary resources, which when provided a non-fhir+json Accept header
are supposed to return their binary content, not the FHIR object.

So now we send the right header.

Also for DELETE requests, send signed headers if possible.

Fixes #191

Author: mikix

README.md

@@ -53,7 +53,7 @@ patient = Patient.read('2cda5aad-e409-4070-9a15-e1c35c46ed5a', smart.server)
 print(patient.birthDate.isostring)
 # '1992-07-03'
 print(smart.human_name(patient.name[0]))
-# 'Mr. Geoffrey Abbott'
+# 'Mr. steve Smith'
 ```
 If this is a protected server, you will first have to send your user to the authorization endpoint to log in.
 Just call `smart.authorize_url` to obtain the correct URL.
@@ -90,7 +90,7 @@ from fhirclient.models.patient import Patient
 smart = server.FHIRServer(None, 'https://r4.smarthealthit.org')
 patient = Patient.read('2cda5aad-e409-4070-9a15-e1c35c46ed5a', smart)
 print(patient.name[0].given)
-# ['Geoffrey']
+# ['steve']
 ```
 
 ##### Search Records on Server

fhirclient/server.py

@@ -159,19 +159,18 @@ def request_json(self, path, nosign=False):
         :throws: Exception on HTTP status >= 400
         :returns: Decoded JSON response
         """
-        headers = {'Accept': 'application/json'}
-        res = self._get(path, headers, nosign)
+        res = self._get(path, nosign=nosign)
 
         return res.json()
 
-    def request_data(self, path, headers={}, nosign=False):
+    def request_data(self, path, headers=None, nosign=False):
         """ Perform a data request data against the server's base with the
         given relative path.
         """
-        res = self._get(path, headers, nosign)
+        res = self._get(path, headers=headers, nosign=nosign)
         return res.content
 
-    def _get(self, path, headers={}, nosign=False):
+    def _get(self, path, headers=None, nosign=False):
         """ Issues a GET request.
         
         :returns: The response object
@@ -184,7 +183,8 @@ def _get(self, path, headers={}, nosign=False):
             'Accept-Charset': 'UTF-8',
         }
         # merge in user headers with defaults
-        header_defaults.update(headers)
+        if headers:
+            header_defaults.update(headers)
         # use the merged headers in the request
         headers = header_defaults
         if not nosign and self.auth is not None and self.auth.can_sign_headers():
@@ -251,10 +251,6 @@ def post_as_form(self, url, formdata, auth=None):
         :throws: Exception on HTTP status >= 400
         :returns: The response object
         """
-        headers = {
-            'Content-Type': 'application/x-www-form-urlencoded; charset=utf-8',
-            'Accept': 'application/json',
-        }
         res = self.session.post(url, data=formdata, auth=auth)
         self.raise_for_status(res)
         return res
@@ -276,7 +272,7 @@ def delete_json(self, path, nosign=False):
             headers = self.auth.signed_headers(headers)
 
         # perform the request but intercept 401 responses, raising our own Exception
-        res = self.session.delete(url)
+        res = self.session.delete(url, headers=headers)
         self.raise_for_status(res)
         return res