carin_for_blue_button_test_kit 0.13.3 → 0.15.0

data/lib/carin_for_blue_button_test_kit/client/v2.0.0/required_searches_tests/patient_required_searches.rb

@@ -26,7 +26,6 @@ module CarinForBlueButtonTestKit
         * birthdate+name
         * gender+name
     )
-    input :access_token
 
     verifies_requirements 'hl7.fhir.us.carin-bb_2.0.0@14'
 

data/lib/carin_for_blue_button_test_kit/client/v2.0.0/required_searches_tests/practitioner_required_searches.rb

@@ -18,7 +18,6 @@ module CarinForBlueButtonTestKit
         * name
         * identifier
     )
-    input :access_token
 
     verifies_requirements 'hl7.fhir.us.carin-bb_2.0.0@14'
 

data/lib/carin_for_blue_button_test_kit/client/v2.0.0/required_searches_tests/relatedperson_required_searches.rb

@@ -16,7 +16,6 @@ module CarinForBlueButtonTestKit
       Capability Statements:
         * _id
     )
-    input :access_token
 
     verifies_requirements 'hl7.fhir.us.carin-bb_2.0.0@14'
 

data/lib/carin_for_blue_button_test_kit/client/v2.0.0/tags.rb

@@ -4,4 +4,6 @@ module CarinForBlueButtonTestKit
   AUTH_TAG = 'carin_auth'
   RESOURCE_API_TAG = 'carin_resource_api'
   RESOURCE_ID_TAG = 'carin_resource_id'
+  AUTHORIZE_TAG = 'carin_smart_app_authorize'
+  TOKEN_TAG = 'carin_smart_app_token'
 end

data/lib/carin_for_blue_button_test_kit/client/v2.0.0/urls.rb

@@ -1,13 +1,16 @@
 module CarinForBlueButtonTestKit
-  TOKEN_PATH = '/mock_auth/token'
-  PATIENT_PATH = '/fhir/Patient'
-  RESOURCE_API_PATH = '/fhir/:endpoint'
-  RESOURCE_ID_PATH = '/fhir/:endpoint/:id'
-  METADATA_PATH = '/fhir/metadata'
-  BASE_FHIR_PATH = '/fhir'
-  RESUME_PASS_PATH = '/resume_pass'
-  RESUME_CLAIMS_DATA_PATH = '/resume_claims_data'
-  RESUME_FAIL_PATH = '/resume_fail'
+  TOKEN_PATH = '/mock_auth/token'.freeze
+  AUTH_PATH = '/mock_auth/authorization'.freeze
+  JKWS_PATH = '/.well-known/jwks.json'.freeze
+  SMART_CONFIG_PATH = '/.well-known/smart-configuration'.freeze
+  PATIENT_PATH = '/fhir/Patient'.freeze
+  RESOURCE_API_PATH = '/fhir/:endpoint'.freeze
+  RESOURCE_ID_PATH = '/fhir/:endpoint/:id'.freeze
+  METADATA_PATH = '/fhir/metadata'.freeze
+  BASE_FHIR_PATH = '/fhir'.freeze
+  RESUME_PASS_PATH = '/resume_pass'.freeze
+  RESUME_CLAIMS_DATA_PATH = '/resume_claims_data'.freeze
+  RESUME_FAIL_PATH = '/resume_fail'.freeze
 
   module URLs
     def base_url
@@ -18,6 +21,18 @@ module CarinForBlueButtonTestKit
       @token_url ||= base_url + TOKEN_PATH
     end
 
+    def authorization_url
+      @authorization_url ||= base_url + AUTH_PATH
+    end
+
+    def jwks_url
+      @jwks_url ||= base_url + JKWS_PATH
+    end
+
+    def smart_configuration_url
+      @smart_configuration_url ||= base_url + SMART_CONFIG_PATH
+    end
+
     def base_fhir_url
       @base_fhir_url ||= base_url + BASE_FHIR_PATH
     end
@@ -51,7 +66,7 @@ module CarinForBlueButtonTestKit
     end
 
     def suite_id
-      self.class.suite.id
+      CarinForBlueButtonTestKit::C4BBV200ClientSuite.id
     end
   end
 end

data/lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0/c4bb_smart_launch/smart_scopes_test.rb

@@ -22,7 +22,8 @@ module CarinForBlueButtonTestKit
           * `user/Organization.read`
           * `user/Practitioner.read`
       )
-      input :requested_scopes, :received_scopes
+      input :received_scopes
+      input :smart_auth_info, type: :auth_info
       uses_request :token
 
       PATIENT_COMPARTMENT_RESOURCE_TYPES = %w[
@@ -41,6 +42,10 @@ module CarinForBlueButtonTestKit
         config.options[:required_scopes]
       end
 
+      def requested_scopes
+        smart_auth_info.requested_scopes
+      end
+
       def access_level_regex
         /\A(\*|\b(read|c?ru?d?s?)\b)/
       end

data/lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0/c4bb_smart_launch_group.rb

@@ -22,12 +22,32 @@ module CarinForBlueButtonTestKit
         They then perform a standalone launch to obtain an access token which
         can be used by the remaining tests to access patient data.
       )
-      input_order :url,
-                  :standalone_client_id,
-                  :standalone_client_secret,
-                  :standalone_requested_scopes,
-                  :use_pkce,
-                  :pkce_code_challenge_method
+
+      config(
+        inputs: {
+          received_scopes: { name: :standalone_received_scopes },
+          smart_auth_info: {
+            options: {
+              components: [
+                {
+                  name: :requested_scopes,
+                  default: %(
+                    launch/patient openid fhirUser
+                    patient/ExplanationOfBenefit.read patient/Coverage.read
+                    patient/Patient.read patient/Organization.read
+                    patient/Practitioner.read user/ExplanationOfBenefit.read
+                    user/Coverage.read user/Patient.read
+                    user/Organization.read user/Practitioner.read
+                  ).gsub(/\s{2,}/, ' ').strip
+                }
+              ]
+            }
+          }
+        },
+        outputs: {
+          patient_id: { name: :patient_ids }
+        }
+      )
 
       group from: :smart_discovery do
         run_as_group
@@ -76,31 +96,8 @@ module CarinForBlueButtonTestKit
           * [Standalone Launch Sequence](https://www.hl7.org/fhir/smart-app-launch/1.0.0/index.html#standalone-launch-sequence)
         )
 
-        config(
-          inputs: {
-            requested_scopes: {
-              default: %(
-                launch/patient openid fhirUser
-                patient/ExplanationOfBenefit.read patient/Coverage.read
-                patient/Patient.read patient/Organization.read
-                patient/Practitioner.read user/ExplanationOfBenefit.read
-                user/Coverage.read user/Patient.read
-                user/Organization.read user/Practitioner.read
-              ).gsub(/\s{2,}/, ' ').strip
-            }
-          },
-          outputs: {
-            patient_id: { name: :patient_ids },
-            smart_credentials: { name: :smart_credentials }
-          }
-        )
-
         test from: :c4bb_v200_smart_scopes do
           config(
-            inputs: {
-              requested_scopes: { name: :standalone_requested_scopes },
-              received_scopes: { name: :standalone_received_scopes }
-            },
             options: {
               required_scopes: %w[
                 openid

data/lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0-dev-nonfinancial/c4bb_smart_launch/smart_scopes_test.rb

@@ -22,7 +22,8 @@ module CarinForBlueButtonTestKit
           * `user/Organization.read`
           * `user/Practitioner.read`
       )
-      input :requested_scopes, :received_scopes
+      input :received_scopes
+      input :smart_auth_info, type: :auth_info
       uses_request :token
 
       PATIENT_COMPARTMENT_RESOURCE_TYPES = %w[
@@ -41,6 +42,10 @@ module CarinForBlueButtonTestKit
         config.options[:required_scopes]
       end
 
+      def requested_scopes
+        smart_auth_info.requested_scopes
+      end
+
       def access_level_regex
         /\A(\*|\b(read|c?ru?d?s?)\b)/
       end

data/lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0-dev-nonfinancial/c4bb_smart_launch_group.rb

@@ -22,15 +22,32 @@ module CarinForBlueButtonTestKit
         They then perform a standalone launch to obtain an access token which
         can be used by the remaining tests to access patient data.
       )
-      input_order :url,
-                  :standalone_client_id,
-                  :standalone_client_secret,
-                  :standalone_requested_scopes,
-                  :use_pkce,
-                  :pkce_code_challenge_method,
-                  :standalone_authorization_method,
-                  :client_auth_type,
-                  :client_auth_encryption_method
+
+      config(
+        inputs: {
+          received_scopes: { name: :standalone_received_scopes },
+          smart_auth_info: {
+            options: {
+              components: [
+                {
+                  name: :requested_scopes,
+                  default: %(
+                    launch/patient openid fhirUser
+                    patient/ExplanationOfBenefit.read patient/Coverage.read
+                    patient/Patient.read patient/Organization.read
+                    patient/Practitioner.read user/ExplanationOfBenefit.read
+                    user/Coverage.read user/Patient.read
+                    user/Organization.read user/Practitioner.read
+                  ).gsub(/\s{2,}/, ' ').strip
+                }
+              ]
+            }
+          }
+        },
+        outputs: {
+          patient_id: { name: :patient_ids }
+        }
+      )
 
       group from: :smart_discovery do
         run_as_group
@@ -79,31 +96,8 @@ module CarinForBlueButtonTestKit
           * [Standalone Launch Sequence](https://www.hl7.org/fhir/smart-app-launch/1.0.0/index.html#standalone-launch-sequence)
         )
 
-        config(
-          inputs: {
-            requested_scopes: {
-              default: %(
-                launch/patient openid fhirUser
-                patient/ExplanationOfBenefit.read patient/Coverage.read
-                patient/Patient.read patient/Organization.read
-                patient/Practitioner.read user/ExplanationOfBenefit.read
-                user/Coverage.read user/Patient.read
-                user/Organization.read user/Practitioner.read
-              ).gsub(/\s{2,}/, ' ').strip
-            }
-          },
-          outputs: {
-            patient_id: { name: :patient_ids },
-            smart_credentials: { name: :smart_credentials }
-          }
-        )
-
         test from: :c4bb_v200devnonfinancial_smart_scopes do
           config(
-            inputs: {
-              requested_scopes: { name: :standalone_requested_scopes },
-              received_scopes: { name: :standalone_received_scopes }
-            },
             options: {
               required_scopes: %w[
                 openid

data/lib/carin_for_blue_button_test_kit/docs/carin_for_blue_button_v2.0.0_client_suite_description.md

@@ -40,7 +40,8 @@ During execution, Inferno will wait for the client under test to issue requests
 
 The following input must be provided by the tester to execute
 any tests in this suite:
-1. *Access Token*: A `Bearer` token that the client under test will send in the 
+1. *Client ID*: A Client ID that the client under test will use to connect to the test suite via SMART.
+   This client ID will be sent back to the client as the `Bearer` token that the client under test will send in the 
    `Authorization` header of HTTP requests made against Inferno. Inferno uses the
    value to identify incoming requests that belong to the testing session.
 
@@ -63,7 +64,7 @@ requests needed to pass all of the tests. Note that some requests within the col
 
 To run the client tests against the Postman collection:
 1. Start an Inferno session of the CARIN for Blue Button Client test suite.
-3. Click the "Run All Tests" button in the upper right and type in "SAMPLE_TOKEN" for the `access_token` input in the dialog that appears.
+3. Click the "Run All Tests" button in the upper right and type in "SAMPLE_CLIENT_ID" for the `Client ID` input in the dialog that appears.
 4. Click the "Submit" button. The simulated server will then be waiting for an interaction.
 4. Open Postman and import the `C4BB Client Search Tests` Postman collection.
 5. Send each of the requests listed under the `C4BB Client Search Tests` Postman collection and ensure a
@@ -77,8 +78,9 @@ to associate requests with sessions. If multiple concurrent sessions are configu
 to use the same token, they may interfere with each other. To prevent concurrent executors
 of these sample executions from disrupting your session it
 is recommended, but not required, to:
-1. Update the Authorization tab of the C4BB Client Search Tests collection in Postman to a random value
-2. When starting the tests, provide the same value in the access_token input.
+1. When starting the tests, provide a random client id in the `Client ID` input.
+2. A wait dialog will appear for the first test to wait for incoming requests. This window provides the bearer token Inferno expects to receive in the Authorization header of incoming requests.
+3. Update the Authorization tab of the C4BB Client Search Tests collection in Postman to this provided bearer token.
 
 ## Current Limitations
 
@@ -91,3 +93,4 @@ Specific current limitations to highlight include:
    - Inferno's simulated CARIN server does not support all required search parameters on the ExplanationOfBenefit resource, including service-date, service-start-date, billable-period-start, type, and _include=ExplanationOfBenefit:insurer. Inferno recognizes searches made using those parameters and will give the client credit for having performed them, but will always return an OperationOutcome indicating failure. 
    - Testers must manually configure their client system to connect to a specific target patient and ingest specific curated sample CARIN data. Future versions of the tests may allow more flexibility in the patient identity and the associated data.
    - Testers must attest to their system's ability to process and retain all received information. Currently, this is implemented as a single test. Future versions of the tests may split this test out into different attestations per profile or other more fine-grained organization.
+   - This test kit contains basic SMART App Launch capabilities that may not be complete. In particular, refresh tokens are not currently supported and scopes are not precise. To provide feedback and input on the design of this feature and help us prioritize improvements, submit a ticket [here](https://github.com/inferno-framework/carin-for-blue-button-test-kit/issues).

data/lib/carin_for_blue_button_test_kit/generated/v1.1.0/c4bb_test_suite.rb

@@ -1,4 +1,3 @@
-require 'inferno/dsl/oauth_credentials'
 require 'smart_app_launch_test_kit'
 require_relative '../../version'
 
@@ -20,12 +19,20 @@ module CarinForBlueButtonTestKit
 
         
       )
-      version VERSION
+
       links [
+        {
+          label: 'Report Issue',
+          url: 'https://github.com/inferno-framework/carin-for-blue-button-test-kit/issues'
+        },
         {
           label: 'Open Source',
           url: 'https://github.com/inferno-framework/carin-for-blue-button-test-kit'
         },
+        {
+          label: 'Download',
+          url: 'https://github.com/inferno-framework/carin-for-blue-button-test-kit/releases'
+        },
         {
           label: 'Implementation Guide',
           url: 'http://hl7.org/fhir/us/carin-bb/STU1.1'
@@ -52,13 +59,22 @@ module CarinForBlueButtonTestKit
         end
       end
 
+      config(
+        inputs: {
+          smart_auth_info: { name: :smart_auth_info }
+        },
+        outputs: {
+          smart_auth_info: { name: :smart_auth_info }
+        }
+      )
+
       input :url,
         title: 'FHIR Endpoint',
         description: 'URL of the FHIR endpoint'
 
       fhir_client do
         url :url
-        oauth_credentials :smart_credentials
+        auth_info :smart_auth_info
       end
 
       group from: :c4bb_v110_smart_launch
@@ -71,11 +87,10 @@ module CarinForBlueButtonTestKit
           conformant C4BB resources.
         )
 
-        input :smart_credentials,
+        input :smart_auth_info,
             title: 'OAuth Credentials',
-            type: :oauth_credentials,
+            type: :auth_info,
             optional: true
-        input_order :url, :smart_credentials
 
         group from: :capability_statement_group
     

data/lib/carin_for_blue_button_test_kit/generated/v2.0.0/c4bb_test_suite.rb

@@ -1,4 +1,3 @@
-require 'inferno/dsl/oauth_credentials'
 require 'smart_app_launch_test_kit'
 require_relative '../../version'
 
@@ -21,12 +20,20 @@ module CarinForBlueButtonTestKit
 
         
       )
-      version VERSION
+
       links [
+        {
+          label: 'Report Issue',
+          url: 'https://github.com/inferno-framework/carin-for-blue-button-test-kit/issues'
+        },
         {
           label: 'Open Source',
           url: 'https://github.com/inferno-framework/carin-for-blue-button-test-kit'
         },
+        {
+          label: 'Download',
+          url: 'https://github.com/inferno-framework/carin-for-blue-button-test-kit/releases'
+        },
         {
           label: 'Implementation Guide',
           url: 'http://hl7.org/fhir/us/carin-bb/STU2'
@@ -53,13 +60,22 @@ module CarinForBlueButtonTestKit
         end
       end
 
+      config(
+        inputs: {
+          smart_auth_info: { name: :smart_auth_info }
+        },
+        outputs: {
+          smart_auth_info: { name: :smart_auth_info }
+        }
+      )
+
       input :url,
         title: 'FHIR Endpoint',
         description: 'URL of the FHIR endpoint'
 
       fhir_client do
         url :url
-        oauth_credentials :smart_credentials
+        auth_info :smart_auth_info
       end
 
       group from: :c4bb_v200_smart_launch
@@ -72,11 +88,10 @@ module CarinForBlueButtonTestKit
           conformant C4BB resources.
         )
 
-        input :smart_credentials,
+        input :smart_auth_info,
             title: 'OAuth Credentials',
-            type: :oauth_credentials,
+            type: :auth_info,
             optional: true
-        input_order :url, :smart_credentials
 
         group from: :capability_statement_group
     

data/lib/carin_for_blue_button_test_kit/generated/v2.0.0-dev-nonfinancial/c4bb_test_suite.rb

@@ -1,4 +1,3 @@
-require 'inferno/dsl/oauth_credentials'
 require 'smart_app_launch_test_kit'
 require_relative '../../version'
 
@@ -23,12 +22,20 @@ module CarinForBlueButtonTestKit
         Development build for the [non-financial branch](https://build.fhir.org/ig/HL7/carin-bb/branches/non-financial/).
         
       )
-      version VERSION
+
       links [
+        {
+          label: 'Report Issue',
+          url: 'https://github.com/inferno-framework/carin-for-blue-button-test-kit/issues'
+        },
         {
           label: 'Open Source',
           url: 'https://github.com/inferno-framework/carin-for-blue-button-test-kit'
         },
+        {
+          label: 'Download',
+          url: 'https://github.com/inferno-framework/carin-for-blue-button-test-kit/releases'
+        },
         {
           label: 'Implementation Guide',
           url: 'http://hl7.org/fhir/us/carin-bb/history.html'
@@ -55,13 +62,22 @@ module CarinForBlueButtonTestKit
         end
       end
 
+      config(
+        inputs: {
+          smart_auth_info: { name: :smart_auth_info }
+        },
+        outputs: {
+          smart_auth_info: { name: :smart_auth_info }
+        }
+      )
+
       input :url,
         title: 'FHIR Endpoint',
         description: 'URL of the FHIR endpoint'
 
       fhir_client do
         url :url
-        oauth_credentials :smart_credentials
+        auth_info :smart_auth_info
       end
 
       group from: :c4bb_v200devnonfinancial_smart_launch
@@ -74,11 +90,10 @@ module CarinForBlueButtonTestKit
           conformant C4BB resources.
         )
 
-        input :smart_credentials,
+        input :smart_auth_info,
             title: 'OAuth Credentials',
-            type: :oauth_credentials,
+            type: :auth_info,
             optional: true
-        input_order :url, :smart_credentials
 
         group from: :capability_statement_group
     

data/lib/carin_for_blue_button_test_kit/generator/templates/group.rb.erb

@@ -0,0 +1,24 @@
+<% test_file_list.each do |file_name| %>require_relative '<%= file_name %>'
+<% end %>
+module CarinForBlueButtonTestKit
+  module <%= module_name %>
+    class <%= class_name %> < Inferno::TestGroup
+      title '<%= title %> Tests'
+      short_description '<%= short_description %>'
+      description %(
+<%=description %>
+      )
+
+      id :<%= group_id %>
+      run_as_group<% if optional? %>
+      optional
+      <% end %>
+
+      def self.metadata
+        @metadata ||= Generator::GroupMetadata.new(YAML.load_file(File.join(__dir__, '<%= profile_identifier %>', 'metadata.yml'), aliases: true))
+      end
+  <% test_id_list.each do |id| %>
+      test from: :<%= id %><% end %>
+    end
+  end
+end

data/lib/carin_for_blue_button_test_kit/generator/templates/include_search.rb.erb

@@ -0,0 +1,37 @@
+require_relative '../../../carin_search_test'
+require_relative '../../../generator/group_metadata'
+
+module CarinForBlueButtonTestKit
+  module <%= module_name %>
+    class <%= class_name %> < Inferno::Test
+      include CarinForBlueButtonTestKit::CarinSearchTest
+
+      title 'Server returns valid results for <%= resource_type %> search by id + _include=<%= search_param %>'
+      description %(<%=
+        description %>
+      )
+
+      def self.properties
+        @properties ||= SearchTestProperties.new(
+          resource_type: '<%=resource_type%>',
+        search_param_names: ['_include'],
+        include_parameters: <%= include_parameters %>
+        )
+      end
+
+      id :<%= test_id %>
+
+      def self.metadata
+        @metadata ||= Generator::GroupMetadata.new(YAML.load_file(File.join(__dir__, 'metadata.yml'), aliases: true))
+      end
+
+      def scratch_resources
+        scratch[:<%= resource_type.downcase %>_resources] ||= {}
+      end
+
+      run do
+        run_include_search('<%=include_search_param%>')
+      end
+    end
+  end
+end

data/lib/carin_for_blue_button_test_kit/generator/templates/must_support.rb.erb

@@ -0,0 +1,44 @@
+require_relative '../../../must_support_test'
+require_relative './read_test'
+require_relative '../../../generator/group_metadata'
+
+module CarinForBlueButtonTestKit
+  module <%= module_name %>
+    class <%= class_name %> < Inferno::Test
+      include CarinForBlueButtonTestKit::MustSupportTest
+      include CarinForBlueButtonTestKit::<%= module_name %>
+
+      title 'All must support elements are provided in the <%= specific_resource_type %> resources returned'
+      description %(
+        CARIN for Blue Button Responders SHALL be capable of populating all data elements as
+        part of the query results as specified by the CARIN for Blue Button Capability
+        Statement. This test will look through the <%= specific_resource_type %> resources
+        found previously for the following must support elements:
+
+        <%= must_support_list_string %><% if uscdi_list_string.present? %>
+
+        For ONC USCDI requirements, each <%= resource_type %> must support the following additional elements:
+
+        <%= uscdi_list_string %><% end %>
+      )
+
+      id :<%= test_id %>
+
+      def resource_type
+        '<%= resource_type %>'
+      end
+
+      def self.metadata
+        @metadata ||= Generator::GroupMetadata.new(YAML.load_file(File.join(__dir__, 'metadata.yml'), aliases: true))
+      end
+
+      def scratch_resources
+        scratch[:<%= resource_type.downcase %>_resources] ||= {}
+      end
+
+      run do
+        perform_must_support_test(all_scratch_resources)
+      end
+    end
+  end
+end

data/lib/carin_for_blue_button_test_kit/generator/templates/read.rb.erb

@@ -0,0 +1,38 @@
+require_relative '../../../read_test'
+require 'json'
+
+module CarinForBlueButtonTestKit
+  module <%= module_name %>
+    class <%= class_name %> < Inferno::Test
+      include CarinForBlueButtonTestKit::ReadTest
+
+      title 'Server returns correct <%= resource_type %> resource from <%= resource_type %> read interaction'
+      description 'A server <%= conformance_expectation %> support the <%= resource_type %> read interaction.'
+
+      id :<%= test_id %>
+      <% if no_search_params? %>
+      input :additional_<%= profile_identifier %>_ids,
+        title: "Additional <%= profile_identifier %> IDs",
+        type: 'text',
+        description: "<%= input_description.strip %>. This is optional, but must be provided if executing only the <%= resource_type %> test group.",
+        optional: true
+      <% end %>
+      def resource_type
+        '<%= resource_type %>'
+      end
+
+      def scratch_resources
+        scratch[:<%= resource_type.downcase %>_resources] ||= {}
+      end
+
+      def resource_ids
+        return [] unless respond_to? :additional_<%= profile_identifier%>_ids
+        additional_<%= profile_identifier%>_ids.split(',').map(&:strip)
+      end
+
+      run do
+        perform_read_test(<%= resource_collection_string %>)
+      end
+    end
+  end
+end

data/lib/carin_for_blue_button_test_kit/generator/templates/resource_list.rb.erb

@@ -0,0 +1,9 @@
+module CarinForBlueButtonTestKit
+    module <%= module_name %>
+      module ResourceList
+        RESOURCE_LIST = [
+    <%= resource_list_string %>
+        ].freeze
+        end
+    end
+end