davinci_crd_test_kit 0.12.2 → 0.14.0

data/lib/davinci_crd_test_kit/client/v2.0.1/api/client_fhir_api_create_test.rb

@@ -0,0 +1,43 @@
+module DaVinciCRDTestKit
+  module V201
+    class ClientFHIRApiCreateTest < Inferno::Test
+      id :crd_v201_client_fhir_api_create_test
+      title 'Create Interaction'
+      description %(
+        Verify that the CRD client supports the create interaction for the given resource. The capabilities required
+        by each resource can be found here: https://hl7.org/fhir/us/davinci-crd/CapabilityStatement-crd-client.html#resourcesSummary1
+      )
+
+      input :create_resources,
+            type: 'textarea',
+            description: 'Provide a list of resources to create. e.g., [json_resource_1, json_resource_2]',
+            optional: true
+
+      def resource_type
+        config.options[:resource_type]
+      end
+
+      run do
+        skip_if create_resources.blank?, 'Provide a list of resources to create to run this test.'
+        assert_valid_json(create_resources)
+        create_resources_list = JSON.parse(create_resources)
+        skip_if(!create_resources_list.is_a?(Array), 'Resources to create not inputted in list format, skipping test.')
+
+        valid_create_resources =
+          create_resources_list
+            .compact_blank
+            .map { |resource| FHIR.from_contents(resource.to_json) }
+            .select { |resource| resource.resourceType == resource_type }
+            .select { |resource| resource_is_valid?(resource:) }
+
+        skip_if(valid_create_resources.blank?,
+                %(No valid #{resource_type} resources were provided to send in Create requests, skipping test.))
+
+        valid_create_resources.each do |create_resource|
+          fhir_create(create_resource)
+          assert_response_status(201)
+        end
+      end
+    end
+  end
+end

data/lib/davinci_crd_test_kit/client/v2.0.1/api/client_fhir_api_read_test.rb

@@ -0,0 +1,43 @@
+module DaVinciCRDTestKit
+  module V201
+    class ClientFHIRApiReadTest < Inferno::Test
+      id :crd_v201_client_fhir_api_read_test
+      title 'Read Interaction'
+      description %(
+        Verify that the CRD client supports the read interaction for the given resource. The capabilities required by
+        each resource can be found here: https://hl7.org/fhir/us/davinci-crd/CapabilityStatement-crd-client.html#resourcesSummary1
+      )
+
+      input :resource_ids,
+            optional: true
+
+      def resource_type
+        config.options[:resource_type]
+      end
+
+      def no_resources_skip_message
+        "No #{resource_type} resource ids were provided, skipping test. "
+      end
+
+      def bad_resource_id_message(expected_id)
+        "Expected resource to have id: `#{expected_id}`, but found `#{resource.id}`"
+      end
+
+      run do
+        skip_if resource_ids.blank?, no_resources_skip_message
+
+        resource_id_list = resource_ids.split(',').map(&:strip)
+        assert resource_id_list.present?, "No #{resource_type} id provided."
+
+        resource_id_list.each do |resource_id_to_read|
+          fhir_read resource_type, resource_id_to_read, tags: [resource_type, 'read']
+
+          assert_response_status(200)
+          assert_resource_type(resource_type)
+          assert resource.id.present? && resource.id == resource_id_to_read,
+                 bad_resource_id_message(resource_id_to_read)
+        end
+      end
+    end
+  end
+end

data/lib/davinci_crd_test_kit/client/v2.0.1/api/client_fhir_api_search_test.rb

@@ -0,0 +1,234 @@
+module DaVinciCRDTestKit
+  module V201
+    class ClientFHIRApiSearchTest < Inferno::Test
+      id :crd_v201_client_fhir_api_search_test
+      title 'Search Interaction'
+      description %(
+        Verify that the CRD client supports the specified search interaction for the given resource. The capabilities
+        required by each resource can be found here: https://hl7.org/fhir/us/davinci-crd/CapabilityStatement-crd-client.html#resourcesSummary1
+      )
+
+      input :search_param_values,
+            optional: true
+
+      attr_accessor :successful_search
+
+      def resource_type
+        config.options[:resource_type]
+      end
+
+      def search_type
+        config.options[:search_type]
+      end
+
+      def include_searches
+        ['organization_include', 'practitioner_include', 'location_include']
+      end
+
+      def reference_search_parameters
+        ['organization', 'practitioner', 'patient']
+      end
+
+      def bad_resource_id_message(expected_id, actual_id)
+        "Expected resource to have id: `#{expected_id}`, but found `#{actual_id}`"
+      end
+
+      def perform_fhir_search(search_params, tags)
+        fhir_search(resource_type, params: search_params, tags:)
+        assert_response_status(200)
+        assert_resource_type(:bundle)
+        resource
+      end
+
+      def status_search_result_check(bundle, status)
+        return if bundle.entry.empty?
+
+        self.successful_search = true
+
+        bundle.entry
+          .reject { |entry| entry&.resource&.resourceType == 'OperationOutcome' }
+          .map(&:resource)
+          .each do |resource|
+            assert_resource_type(resource_type, resource:)
+            assert(resource.status == status, %(
+            Each #{resource_type} resource in search result bundle should have a status of `#{status}`, instead got:
+            `#{resource.status}` for resource with id: `#{resource.id}`
+            ))
+          end
+      end
+
+      def check_id_search_result_entry(bundle_entry, search_id, entry_resource_type)
+        assert_resource_type(entry_resource_type, resource: bundle_entry)
+
+        assert bundle_entry.id.present?, "Expected id field in returned #{entry_resource_type} resource"
+
+        assert bundle_entry.id == search_id,
+               bad_resource_id_message(search_id, bundle_entry.id)
+      end
+
+      def id_search_result_check(bundle, search_id)
+        warning do
+          assert bundle.entry.any?,
+                 "Search result bundle is empty for #{resource_type} _id search with an id of `#{search_id}`"
+        end
+        return if bundle.entry.empty?
+
+        self.successful_search = true
+
+        bundle.entry
+          .reject { |entry| entry&.resource&.resourceType == 'OperationOutcome' }
+          .map(&:resource)
+          .each do |resource|
+            check_id_search_result_entry(resource, search_id, resource_type)
+          end
+      end
+
+      def check_include_reference(base_resource_entry, include_resource_id, include_resource_type)
+        base_resource_references = Array.wrap(get_reference_field(include_resource_type, base_resource_entry)).compact
+
+        assert(base_resource_references.present?, %(
+             #{resource_type} resource with id #{base_resource_entry.id} did not include the field that references a
+             #{include_resource_type} resource}
+             ))
+
+        base_resource_reference_match_found = base_resource_references.any? do |base_resource_reference|
+          base_resource_reference.reference_id == include_resource_id
+        end
+
+        assert(base_resource_reference_match_found, %(
+        The #{resource_type} resource in search result bundle with id #{base_resource_entry.id} did not have a
+        #{include_resource_type} reference with an id of `#{include_resource_id}`.`
+      ))
+      end
+
+      def include_search_result_check(bundle, search_id, included_resource_type) # rubocop:disable Metrics/CyclomaticComplexity
+        warning do
+          assert bundle.entry.any?,
+                 "Search result bundle is empty for #{resource_type} _include #{search_type} search with an id
+               of `#{search_id}`"
+        end
+        return if bundle.entry.empty?
+
+        self.successful_search = true
+
+        base_resource_entry_list = bundle.entry.select do |entry|
+          entry.resource&.resourceType == resource_type
+        end
+
+        assert(base_resource_entry_list.length == 1, %(
+        The #{included_resource_type} _include search for #{resource_type} resource with id #{search_id}
+        should include exactly 1 #{resource_type} resource, instead got #{base_resource_entry_list.length}.
+      ))
+
+        base_resource_entry = base_resource_entry_list.first.resource
+
+        bundle.entry
+          .map(&:resource)
+          .each do |resource|
+            entry_resource_type = resource.resourceType
+
+            if entry_resource_type == resource_type
+              check_id_search_result_entry(resource, search_id, entry_resource_type)
+            elsif entry_resource_type != 'OperationOutcome'
+              entry_resource_type = included_resource_type.capitalize
+              assert_resource_type(entry_resource_type, resource:)
+
+              included_resource_id = resource.id
+              assert included_resource_id.present?, "Expected id field in returned #{entry_resource_type} resource"
+              check_include_reference(base_resource_entry, included_resource_id, included_resource_type)
+            end
+          end
+      end
+
+      def get_reference_field(reference_type, entry)
+        case reference_type
+        when 'patient'
+          entry.beneficiary
+        when 'practitioner'
+          entry.practitioner
+        when 'organization'
+          if resource_type == 'Encounter'
+            entry.serviceProvider
+          else
+            entry.organization
+          end
+        when 'location'
+          locations = entry.location
+          locations.map(&:location)
+        end
+      end
+
+      def reference_search_result_check(bundle, reference_id, reference_type)
+        warning do
+          assert bundle.entry.any?, %(
+               Search result bundle is empty for #{resource_type} #{reference_type} search with a #{reference_type} id
+               `#{reference_id}`
+        )
+        end
+        return if bundle.entry.empty?
+
+        self.successful_search = true
+
+        bundle.entry
+          .reject { |entry| entry&.resource&.resourceType == 'OperationOutcome' }
+          .map(&:resource)
+          .each do |resource|
+            assert_resource_type(resource_type, resource:)
+
+            entry_reference_field = get_reference_field(reference_type, resource)
+            assert(
+              entry_reference_field.present?,
+              %(
+              #{resource_type} resource with id #{resource.id} did not include the field that references
+              a #{reference_type} resource
+            )
+            )
+
+            entry_reference_id = entry_reference_field.reference_id
+            assert(
+              entry_reference_id == reference_id,
+              %(
+              The #{resource_type} resource in search result bundle with id #{resource.id} should have a
+              #{reference_type} reference with an id of `#{reference_id}`, instead got: `#{entry_reference_id}`
+            )
+            )
+          end
+      end
+
+      run do
+        if search_type == 'status'
+          coverage_status = ['active', 'cancelled', 'draft', 'entered-in-error']
+          coverage_status.each do |status|
+            bundle = perform_fhir_search({ status: }, [resource_type, 'status_search'])
+            status_search_result_check(bundle, status)
+          end
+        else
+          skip_if search_param_values.blank?, 'No search parameters passed in, skipping test.'
+
+          search_id_list = search_param_values.split(',').map(&:strip)
+          search_id_list.each do |search_id|
+            if search_type == '_id'
+              bundle = perform_fhir_search({ _id: search_id }, [resource_type, 'id_search'])
+              id_search_result_check(bundle, search_id)
+            elsif reference_search_parameters.include?(search_type)
+              search_params = {}
+              search_params[search_type] = "#{search_type.capitalize}/#{search_id}"
+              bundle = perform_fhir_search(search_params, [resource_type, "#{search_type}_search"])
+              reference_search_result_check(bundle, search_id, search_type)
+            elsif include_searches.include?(search_type)
+              include_resource_type = search_type.gsub('_include', '')
+              bundle = perform_fhir_search({ _id: search_id, _include: "#{resource_type}:#{include_resource_type}" },
+                                           [resource_type, "include_#{include_resource_type}_search"])
+              include_search_result_check(bundle, search_id, include_resource_type)
+            else
+              raise StandardError,
+                    'Passed in search_type does not match to any of the search types handled by this search test.'
+            end
+          end
+        end
+        skip_if !successful_search,
+                'No resources returned in any of the search result bundles.'
+      end
+    end
+  end
+end

data/lib/davinci_crd_test_kit/client/v2.0.1/api/client_fhir_api_update_test.rb

@@ -0,0 +1,43 @@
+module DaVinciCRDTestKit
+  module V201
+    class ClientFHIRApiUpdateTest < Inferno::Test
+      id :crd_v201_client_fhir_api_update_test
+      title 'Update Interaction'
+      description %(
+        Verify that the CRD client supports the update interaction for the given resource. The capabilities required by
+        each resource can be found here: https://hl7.org/fhir/us/davinci-crd/CapabilityStatement-crd-client.html#resourcesSummary1
+      )
+
+      input :update_resources,
+            type: 'textarea',
+            description: 'Provide a list of resources to update. e.g., [json_resource_1, json_resource_2]',
+            optional: true
+
+      def resource_type
+        config.options[:resource_type]
+      end
+
+      run do
+        skip_if update_resources.blank?, 'Provide a list of resources to update to run this test.'
+        assert_valid_json(update_resources)
+        update_resources_list = JSON.parse(update_resources)
+        skip_if(!update_resources_list.is_a?(Array), 'Resources to update not inputted in list format, skipping test.')
+
+        valid_update_resources =
+          update_resources_list
+            .compact_blank
+            .map { |resource| FHIR.from_contents(resource.to_json) }
+            .select { |resource| resource.resourceType == resource_type }
+            .select { |resource| resource_is_valid?(resource:) }
+
+        skip_if(valid_update_resources.blank?,
+                %(No valid #{resource_type} resources were provided to send in Update requests, skipping test.))
+
+        valid_update_resources.each do |update_resource|
+          fhir_update(update_resource, update_resource.id)
+          assert_response_status([200, 201])
+        end
+      end
+    end
+  end
+end

data/lib/davinci_crd_test_kit/client/v2.0.1/api/client_fhir_api_validation_test.rb

@@ -0,0 +1,63 @@
+module DaVinciCRDTestKit
+  module V201
+    class ClientFHIRApiValidationTest < Inferno::Test
+      id :crd_v201_client_fhir_api_validation_test
+      title 'FHIR Resource Validation'
+      description %(
+        Verify that the given resources returned from the previous client API interactions are valid resources. Each
+        resource is validated against its corresponding [CRD resource profile](https://hl7.org/fhir/us/davinci-crd/STU2/artifacts.html).
+      )
+
+      def resource_type
+        config.options[:resource_type]
+      end
+
+      def structure_definition_map
+        {
+          'Practitioner' => 'http://hl7.org/fhir/us/davinci-crd/StructureDefinition/profile-practitioner',
+          'PractitionerRole' => 'http://hl7.org/fhir/us/core/StructureDefinition/us-core-practitionerrole',
+          'Patient' => 'http://hl7.org/fhir/us/davinci-crd/StructureDefinition/profile-patient',
+          'Encounter' => 'http://hl7.org/fhir/us/davinci-crd/StructureDefinition/profile-encounter',
+          'Coverage' => 'http://hl7.org/fhir/us/davinci-crd/StructureDefinition/profile-coverage',
+          'Device' => 'http://hl7.org/fhir/us/davinci-crd/StructureDefinition/profile-device',
+          'Location' => 'http://hl7.org/fhir/us/davinci-crd/StructureDefinition/profile-location',
+          'Organization' => 'http://hl7.org/fhir/us/davinci-crd/StructureDefinition/profile-organization'
+        }.freeze
+      end
+
+      def profile_url
+        structure_definition_map[resource_type]
+      end
+
+      run do
+        load_tagged_requests(resource_type)
+        skip_if requests.empty?, 'No FHIR api requests were made'
+
+        requests.keep_if { |req| req.status == 200 }
+        skip_if(requests.blank?,
+                'There were no successful FHIR API requests made in previous tests to use in validation.')
+
+        validated_resources =
+          requests
+            .map(&:resource)
+            .compact
+            .flat_map { |resource| resource.is_a?(FHIR::Bundle) ? resource.entry.map(&:resource) : resource }
+            .select { |resource| resource.resourceType == resource_type }
+            .uniq { |resource| resource.to_reference.reference }
+            .map { |resource| resource_is_valid?(resource:, profile_url:) }
+
+        skip_if(validated_resources.blank?,
+                %(No #{resource_type} resources were returned from any of the FHIR API requests made in previous tests
+              that could be validated.))
+
+        validation_error_count = messages.count { |msg| msg[:type] == 'error' }
+        invalid_resource_count = validated_resources.reject { |valid| valid }.count
+        assert(validation_error_count.zero?,
+               %(#{invalid_resource_count}/#{validated_resources.length} #{resource_type} resources returned from
+             previous test's FHIR API requests failed validation.))
+
+        skip_if validated_resources.blank?, 'No FHIR resources were made in previous tests that could be validated.'
+      end
+    end
+  end
+end

data/lib/davinci_crd_test_kit/client/v2.0.1/auth/decode_auth_token_test.rb

@@ -0,0 +1,65 @@
+require_relative '../../client_hook_request_validation'
+
+module DaVinciCRDTestKit
+  module V201
+    class DecodeAuthTokenTest < Inferno::Test
+      include ClientHookRequestValidation
+
+      id :crd_v201_decode_auth_token
+      title 'Bearer token can be decoded'
+      description %(
+        Verify that the Bearer token is a properly constructed JWT. As per the [CDS hooks specification](https://cds-hooks.hl7.org/2.0#trusting-cds-clients),
+        each time a CDS client transmits a request to a CDS Service which requires authentication, the request MUST
+        include an Authorization header presenting the JWT as a "Bearer" token.
+      )
+
+      verifies_requirements 'cds-hooks_2.0@178'
+
+      output :auth_tokens, :auth_token_payloads_json, :auth_token_headers_json
+
+      def hook_name
+        config.options[:hook_name]
+      end
+
+      run do
+        load_tagged_requests(hook_name)
+        skip_if requests.empty?, "No #{hook_name} requests were made in a previous test as expected."
+        auth_tokens = []
+        auth_token_payloads_json = []
+        auth_token_headers_json = []
+
+        requests.each_with_index do |request, index|
+          @request_number = index + 1
+
+          authorization_header = request.request_header('Authorization')&.value
+
+          unless authorization_header.start_with?('Bearer ')
+            add_message('error', "#{request_number}Authorization token must be a JWT presented as a `Bearer` token")
+          end
+
+          auth_token = authorization_header.delete_prefix('Bearer ')
+          auth_tokens << auth_token
+
+          begin
+            payload, header =
+              JWT.decode(
+                auth_token,
+                nil,
+                false
+              )
+
+            auth_token_payloads_json << payload.to_json
+            auth_token_headers_json << header.to_json
+          rescue StandardError => e
+            add_message('error', "#{request_number}Token is not a properly constructed JWT: #{e.message}")
+          end
+        end
+        output auth_tokens: auth_tokens.to_json,
+               auth_token_payloads_json: auth_token_payloads_json.to_json,
+               auth_token_headers_json: auth_token_headers_json.to_json
+
+        no_error_validation('Decoding Authorization header Bearer tokens failed.')
+      end
+    end
+  end
+end

data/lib/davinci_crd_test_kit/client/v2.0.1/auth/retrieve_jwks_test.rb

@@ -0,0 +1,109 @@
+require_relative '../../client_hook_request_validation'
+
+module DaVinciCRDTestKit
+  module V201
+    class RetrieveJWKSTest < Inferno::Test
+      include ClientHookRequestValidation
+
+      id :crd_v201_retrieve_jwks
+      title 'JWKS can be retrieved'
+      description %(
+        Verify that the JWKS can be retrieved from the JWKS uri if it is present in the `jku` field within the JWT token
+        header. As per the [CDS hooks specification](https://cds-hooks.hl7.org/2.0#trusting-cds-clients), if the jku
+        header field is omitted, the CDS client and CDS service SHALL communicate the JWK Set out-of-band. Therefore,
+        if the client does not make their keys publicly available via a uri in the `jku` field, the user must
+        submit the jwk_set as an input to the test.
+      )
+
+      verifies_requirements 'cds-hooks_2.0@183', 'cds-hooks_2.0@185', 'cds-hooks_2.0@197', 'cds-hooks_2.0@199'
+
+      input :auth_token_headers_json
+      input :cds_jwk_set,
+            title: 'CRD JSON Web Key Set (JWKS)',
+            type: 'textarea',
+            description: %(
+            The client's registered JWK Set containing it's public key, either
+            as a publicly accessible url containing the JWKS, or the raw JWKS.
+            Run or re-run the **Client Registration** group to set or
+            change this value. Used if the `jku` header is not found in the auth token jwt.
+          ),
+            locked: true,
+            optional: true
+      output :crd_jwks_json, :crd_jwks_keys_json
+
+      run do
+        auth_token_headers = JSON.parse(auth_token_headers_json)
+        skip_if auth_token_headers.empty?, 'No Authorization tokens produced from the previous test.'
+
+        crd_jwks_json = []
+        crd_jwks_keys_json = []
+        auth_token_headers.each_with_index do |token_header, index|
+          @request_number = index + 1
+
+          jku = JSON.parse(token_header)['jku']
+          if jku.present?
+            get(jku)
+
+            if response[:status] != 200
+              add_message('error', %(
+                        #{request_number}Unexpected response status: expected 200, but received
+                        #{response[:status]}))
+              next
+            end
+
+            @request_number = index + 1
+            jwks = json_parse(response[:body])
+            next if jwks.blank?
+
+            crd_jwks_json << response[:body]
+
+            jwks = JSON.parse(response[:body])
+          else
+            skip_if cds_jwk_set.blank?,
+                    %(#{request_number}JWK Set must be inputted if the client's JWK Set is not available via a URL
+                  identified by the jku header field)
+
+            jwks = JSON.parse(cds_jwk_set)
+          end
+
+          keys = jwks['keys']
+          unless keys.is_a?(Array)
+            add_message('error', "#{request_number}JWKS `keys` field must be an array")
+            next
+          end
+
+          if keys.blank?
+            add_message('error', "#{request_number}The JWK set returned contains no public keys")
+            next
+          end
+
+          keys.each do |jwk|
+            JWT::JWK.import(jwk.deep_symbolize_keys)
+          rescue StandardError
+            add_message('error', "#{request_number}Invalid JWK: #{jwk.to_json}")
+          end
+
+          kid_presence = keys.all? { |key| key['kid'].present? }
+          if kid_presence.blank?
+            add_message('error',
+                        "#{request_number}`kid` field must be present in each key if JWKS contains multiple keys")
+            next
+          end
+
+          kid_uniqueness = keys.map { |key| key['kid'] }.uniq.length == keys.length
+          if kid_uniqueness.blank?
+            add_message('error', "#{request_number}`kid` must be unique within the client's JWK Set.")
+            next
+          end
+
+          crd_jwks_keys_json << keys.to_json
+        end
+
+        output crd_jwks_json: crd_jwks_json.to_json,
+               crd_jwks_keys_json: crd_jwks_keys_json.to_json
+
+        no_error_validation('Retrieving JWKS failed.')
+      end
+    end
+  end
+end

data/lib/davinci_crd_test_kit/client/v2.0.1/auth/token_header_test.rb

@@ -0,0 +1,70 @@
+require_relative '../../client_hook_request_validation'
+
+module DaVinciCRDTestKit
+  module V201
+    class TokenHeaderTest < Inferno::Test
+      include ClientHookRequestValidation
+
+      id :crd_v201_token_header
+      title 'Authorization token header contains required information'
+      description %(
+        Verify that the JWT header contains the header fields required by the
+        [CDS hooks spec](https://cds-hooks.hl7.org/2.0#trusting-cds-clients).
+        The `alg`, `kid`, and `typ` fields are required. This test also verifies that the `typ` field is set to
+        `JWT` and that the key used to sign the token can be identified in the JWKS.
+      )
+
+      verifies_requirements 'cds-hooks_2.0@182', 'cds-hooks_2.0@184', 'cds-hooks_2.0@202'
+
+      input :auth_token_headers_json, :crd_jwks_keys_json
+      output :auth_tokens_jwk_json
+
+      run do
+        auth_token_headers = JSON.parse(auth_token_headers_json)
+        crd_jwks_keys = JSON.parse(crd_jwks_keys_json)
+        skip_if auth_token_headers.empty?, 'No Authorization tokens produced from the previous tests.'
+        skip_if crd_jwks_keys.empty?, 'No JWKS keys produced from the previous test.'
+
+        auth_tokens_jwk_json = []
+        auth_token_headers.each_with_index do |token_header, index|
+          @request_number = index + 1
+
+          header = JSON.parse(token_header)
+          algorithm = header['alg']
+
+          add_message('error', "#{request_number}Token header must have the `alg` field") if algorithm.blank?
+
+          add_message('error', "#{request_number}Token header `alg` field cannot be set to none") if algorithm == 'none'
+
+          if header['typ'].blank?
+            add_message('error', "#{request_number}Token header must have the `typ` field")
+          elsif header['typ'] != 'JWT'
+            add_message('error', %(
+                      #{request_number}Token header `typ` field must be set to 'JWT', instead was
+                      #{header['typ']}))
+          end
+
+          if header['kid'].blank?
+            add_message('error', "#{request_number}Token header must have the `kid` field")
+            next
+          end
+
+          kid = header['kid']
+          keys = JSON.parse(crd_jwks_keys[index])
+
+          jwk = keys.find { |key| key['kid'] == kid }
+          if jwk.blank?
+            add_message('error', "#{request_number}JWKS did not contain a public key with an id of `#{kid}`")
+            next
+          end
+
+          auth_tokens_jwk_json << jwk.to_json
+        end
+
+        output auth_tokens_jwk_json: auth_tokens_jwk_json.to_json
+
+        no_error_validation('Token headers missing required information.')
+      end
+    end
+  end
+end