davinci_dtr_test_kit 0.16.0 → 0.16.1

data/lib/davinci_dtr_test_kit/client_groups/payer_registration/configuration_display_smart_test.rb

@@ -0,0 +1,35 @@
+require_relative '../../urls'
+
+module DaVinciDTRTestKit
+  class DTRPayerRegistrationConfigurationSMARTDisplay < Inferno::Test
+    include URLs
+
+    id :dtr_client_payer_reg_smart_config_display
+    title 'Confirm client configuration'
+    description %(
+      This test provides all the information needed for testers to configure
+      the client under test to communicate with Inferno's simulated DTR server
+      including SMART endpoints to obtain access tokens.
+    )
+
+    input :client_id
+
+    run do
+      wait(
+        identifier: client_id,
+        message: %(
+          **Inferno Simulated Server Details**:
+
+          FHIR Base URL: `#{fhir_base_url}`
+
+          Authentication Details:
+          - SMART Client Id: `#{client_id}`
+          - Token endpoint: `#{token_url}`
+
+          [Click here](#{resume_pass_url}?token=#{client_id}) once you have configured
+          the client to connect to Inferno at the above endpoints.
+        )
+      )
+    end
+  end
+end

data/lib/davinci_dtr_test_kit/client_groups/payer_registration/configuration_display_udap_test.rb

@@ -0,0 +1,35 @@
+require_relative '../../urls'
+
+module DaVinciDTRTestKit
+  class DTRPayerRegistrationConfigurationUDAPDisplay < Inferno::Test
+    include URLs
+
+    id :dtr_client_payer_reg_udap_config_display
+    title 'Confirm client configuration'
+    description %(
+      This test provides all the information needed for testers to configure
+      the client under test to communicate with Inferno's simulated PAS server
+      including UDAP endpoints to obtain access tokens.
+    )
+
+    input :client_id
+
+    run do
+      wait(
+        identifier: client_id,
+        message: %(
+          **Inferno Simulated Server Details**:
+
+          FHIR Base URL: `#{fhir_base_url}`
+
+          Authentication Details:
+          - UDAP Client Id: `#{client_id}`
+          - Token endpoint: `#{token_url}`
+
+          [Click here](#{resume_pass_url}?token=#{client_id}) once you have configured
+          the client to connect to Inferno at the above endpoints.
+        )
+      )
+    end
+  end
+end

data/lib/davinci_dtr_test_kit/client_groups/payer_registration/dtr_client_registration_group.rb

@@ -0,0 +1,48 @@
+require 'udap_security_test_kit'
+require 'smart_app_launch_test_kit'
+require_relative '../../dtr_client_options'
+require_relative 'configuration_display_smart_test'
+require_relative 'configuration_display_udap_test'
+
+module DaVinciDTRTestKit
+  class DTRPayerRegistrationGroup < Inferno::TestGroup
+    id :dtr_client_payer_registration
+    title 'Client Registration'
+    description %(
+      Register the client under test with Inferno's simulated DTR Server,
+      including configuration of the system under test to hit the correct endpoints and
+      enable authentication and authorization of DTR requests.
+    )
+    run_as_group
+
+    # smart registration tests
+    test from: :smart_client_registration_bsca_verification,
+         required_suite_options: {
+           client_type: DTRClientOptions::SMART_BACKEND_SERVICES_CONFIDENTIAL_ASYMMETRIC
+         }
+    test from: :dtr_client_payer_reg_smart_config_display,
+         required_suite_options: {
+           client_type: DTRClientOptions::SMART_BACKEND_SERVICES_CONFIDENTIAL_ASYMMETRIC
+         }
+
+    # udap registration tests
+    test from: :udap_client_registration_interaction,
+         required_suite_options: {
+           client_type: DTRClientOptions::UDAP_CLIENT_CREDENTIALS
+         },
+         config: {
+           options: { endpoint_suite_id: :dtr_full_ehr }
+         }
+    test from: :udap_client_registration_cc_verification,
+         required_suite_options: {
+           client_type: DTRClientOptions::UDAP_CLIENT_CREDENTIALS
+         },
+         config: {
+           options: { endpoint_suite_id: :dtr_full_ehr }
+         }
+    test from: :dtr_client_payer_reg_udap_config_display,
+         required_suite_options: {
+           client_type: DTRClientOptions::UDAP_CLIENT_CREDENTIALS
+         }
+  end
+end

data/lib/davinci_dtr_test_kit/client_groups/shared/dtr_custom_questionnaire_expressions_test.rb

@@ -0,0 +1,36 @@
+require_relative '../../cql_test'
+module DaVinciDTRTestKit
+  class DTRCustomQuestionnaireExpressionsTest < Inferno::Test
+    include DaVinciDTRTestKit::CQLTest
+
+    id :dtr_custom_questionnaire_expressions
+    title %(
+      [USER INPUT VERIFICATION] Custom questionnaire(s) contain items with expressions
+      necessary for pre-population
+    )
+    description %(
+      Inferno checks that the custom response has appropriate expressions and that expressions are
+      written in cql.
+    )
+
+    def form_type
+      config.options[:form_type] || 'static'
+    end
+
+    run do
+      questionnaires = nil
+      if form_type == 'static'
+        skip_if scratch[:"#{form_type}_questionnaire_bundles"].blank?,
+                'No questionnaire bundle found in the custom response'
+
+        questionnaires = extract_questionnaires_from_bundles(scratch[:"#{form_type}_questionnaire_bundles"])
+      else
+        assert_valid_json custom_next_question_questionnaires, 'Custom $next-question questionnairee not valid JSON'
+        custom_questionnaires = [JSON.parse(custom_next_question_questionnaires)].flatten.compact
+        questionnaires = custom_questionnaires.map { |q| FHIR.from_contents(q.to_json) }.compact
+      end
+
+      verify_questionnaire_items(questionnaires, final_cql_test: true)
+    end
+  end
+end

data/lib/davinci_dtr_test_kit/client_groups/shared/dtr_custom_questionnaire_extensions_test.rb

@@ -0,0 +1,32 @@
+require_relative '../../cql_test'
+module DaVinciDTRTestKit
+  class DTRCustomQuestionnaireExtensionsTest < Inferno::Test
+    include DaVinciDTRTestKit::CQLTest
+
+    id :dtr_custom_questionnaire_extensions
+    title '[USER INPUT VERIFICATION] Custom questionnaire(s) contain extensions necessary for pre-population'
+    description %(
+      Inferno checks that the custom response has appropriate extensions and references to libraries within
+      those extensions.
+    )
+
+    def form_type
+      config.options[:form_type] || 'static'
+    end
+
+    run do
+      questionnaires = nil
+      if form_type == 'static'
+        skip_if scratch[:"#{form_type}_questionnaire_bundles"].blank?,
+                'No questionnaire bundle found in the custom package response'
+        questionnaires = extract_questionnaires_from_bundles(scratch[:"#{form_type}_questionnaire_bundles"])
+      else
+        assert_valid_json custom_next_question_questionnaires, 'Custom $next-question questionnaires not valid JSON'
+        custom_questionnaires = [JSON.parse(custom_next_question_questionnaires)].flatten.compact
+        questionnaires = custom_questionnaires.map { |q| FHIR.from_contents(q.to_json) }.compact
+      end
+
+      verify_questionnaire_extensions(questionnaires)
+    end
+  end
+end

data/lib/davinci_dtr_test_kit/client_groups/{custom_static → shared}/dtr_custom_questionnaire_libraries_test.rb

@@ -13,9 +13,14 @@ module DaVinciDTRTestKit
       and that libraries contain cql and elm data.
     )
 
+    def form_type
+      config.options[:form_type] || 'static'
+    end
+
     run do
-      skip_if scratch[:static_questionnaire_bundles].blank?, 'No questionnaire bundle found in the custom response'
-      check_libraries(scratch[:static_questionnaire_bundles])
+      skip_if scratch[:"#{form_type}_questionnaire_bundles"].blank?,
+              'No questionnaire bundle found in the custom response'
+      check_libraries(scratch[:"#{form_type}_questionnaire_bundles"])
     end
   end
 end

data/lib/davinci_dtr_test_kit/client_groups/{custom_static → shared}/dtr_custom_questionnaire_package_validation_test.rb

@@ -23,17 +23,21 @@ module DaVinciDTRTestKit
     input :custom_questionnaire_package_response,
           title: 'Custom Questionnaire Package Response JSON',
           description: %(
-            A JSON PackageBundle may be provided here to replace Inferno's response to the
+            A JSON FHIR Bundle may be provided here to replace Inferno's response to the
             $questionnaire-package request.
           ),
           type: 'textarea'
 
+    def form_type
+      config.options[:form_type] || 'static'
+    end
+
     run do
       assert_valid_json custom_questionnaire_package_response, 'Custom questionnaire package response is not valid JSON'
 
       resource = FHIR.from_contents(custom_questionnaire_package_response)
 
-      perform_questionnaire_package_validation(resource, 'static')
+      perform_questionnaire_package_validation(resource, form_type)
     end
   end
 end

data/lib/davinci_dtr_test_kit/client_groups/shared/dtr_questionnaire_package_request_validation_test.rb

@@ -19,12 +19,16 @@ module DaVinciDTRTestKit
     verifies_requirements 'hl7.fhir.us.davinci-dtr_2.0.1@168', 'hl7.fhir.us.davinci-dtr_2.0.1@293',
                           'hl7.fhir.us.davinci-dtr_2.0.1@295'
 
+    def qp_tag
+      config.options[:questionnaire_package_tag] || QUESTIONNAIRE_PACKAGE_TAG
+    end
+
     run do
-      load_tagged_requests QUESTIONNAIRE_PACKAGE_TAG
+      load_tagged_requests qp_tag
       skip_if request.blank?, 'A Questionnaire Package request must be made prior to running this test'
 
       assert request.url == questionnaire_package_url,
-             "Request made to wrong URL: #{request.url}. Should instead be to #{questionnaire_package_url}"
+             "Request made to wrong URL: #{request.url}. Should instead be to #{questionnaire_package_url}."
 
       assert_valid_json(request.request_body)
       input_params = FHIR.from_contents(request.request_body)

data/lib/davinci_dtr_test_kit/client_groups/shared/dtr_questionnaire_response_prepopulation_test.rb

@@ -31,9 +31,15 @@ module DaVinciDTRTestKit
       if config.options[:adaptive]
         questionnaire = questionnaire_response.contained.find { |res| res.resourceType == 'Questionnaire' }
         assert questionnaire, 'Adaptive QuestionnaireResponse must have a contained Questionnaire resource.'
-        check_origin_sources(questionnaire.item, questionnaire_response.item, expected_overrides: ['PBD.2'])
+
+        check_missing_origin_sources(questionnaire_response) if config.options[:custom]
+
+        expected_overrides = config.options[:custom] ? [] : ['PBD.2']
+        check_origin_sources(questionnaire.item, questionnaire_response.item, expected_overrides:)
+
         required_link_ids = extract_required_link_ids(questionnaire.item)
         check_answer_presence(questionnaire_response.item, required_link_ids)
+
         assert(messages.none? { |m| m[:type] == 'error' }, 'QuestionnaireResponse is not correct, see error message(s)')
       else
         questionnaire = Fixtures.questionnaire_for_test(id)

data/lib/davinci_dtr_test_kit/client_groups/smart_app/dtr_smart_app_questionnaire_response_correctness_test.rb

@@ -18,10 +18,11 @@ module DaVinciDTRTestKit
     input :custom_questionnaire_package_response,
           title: 'Custom Questionnaire Package Response JSON',
           description: %(
-            A JSON PackageBundle may be provided here to replace Inferno's response to the
-            $questionnaire-package request.
+            The custom $questionnaire-package response used in the previous tests, if provided.
           ),
-          type: 'textarea'
+          type: 'textarea',
+          optional: true,
+          locked: true
 
     run do
       validate_questionnaire_response_correctness(request.request_body, custom_questionnaire_package_response)

data/lib/davinci_dtr_test_kit/descriptions.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module DaVinciDTRTestKit
+  INPUT_CLIENT_ID_LOCKED =
+    'If this session has been configured for standards-based authentication, this input ' \
+    'contains the client\'s registered Client Id for use in obtaining access tokens. ' \
+    'Run the **1** Client Registration group to configure standards-based auth.'
+end

data/lib/davinci_dtr_test_kit/docs/dtr_full_ehr_suite_description_v201.md

@@ -1,4 +1,4 @@
-The Da Vinci DTR Test Kit Full EHR Suite validates the conformance of SMART apps
+The Da Vinci DTR Test Kit Full EHR Suite validates the conformance of Full EHRs
 to the STU 2 version of the HL7® FHIR®
 [Da Vinci Documentation Templates and Rules (DTR) Implementation Guide](https://hl7.org/fhir/us/davinci-dtr/STU2/).
 
@@ -12,39 +12,49 @@ requirements and may change the test validation logic.
 
 ## Test Methodology
 
-Inferno will simulate a DTR payer server that will response to
+Inferno will simulate a DTR payer server that will respond to
 requests for questionnaires for the EHR under test to interact with.
 The EHR will be expected to initiate requests to Inferno to elicit responses. Over the
 course of these interactions, Inferno will seek to observe conformant handling of
-DTR workflows and requirements around the retrieval, completion, and storage of
-questionnaires.
-
-Tests within this suite are associated with specific questionnaires that the EHR will
-demonstrate completion of. In each case, the EHR under test will initiate a request to
+DTR workflows and requirements around the retrieval and completion of questionnaires
+and the storage of questionnaire responses.
+
+The suite includes two types of tests each with a different source for the response(s)
+that Inferno's simulated payer will return:
+- **Tester-provided Responses**: The tester provides a conformant `$questionnaire-package` response,
+  and `$next-question` responses for adaptive questionnaires, that Inferno will echo
+  back to the system under test. This allows the tester to demonstrate the DTR
+  functionality of the system using questionnaires that they choose.
+- **Inferno-provided Reponses**: This test suite includes several mocked questionnaires
+  that will be returned when specific tests are run.
+
+Regardless of the type, the EHR under test will initiate a request to
 the payer server simulated by Inferno for a questionnaire using the
-`$questionnaire-package` operation. Inferno will always return the specific questionnaire
-for the test being executed regardless of the input provided by the EHR, though Inferno will
-check that the input is conformant. The EHR will then be asked to complete the questionnaire,
-including:
+`$questionnaire-package` operation and Inferno will return the responses based on the type of test.
+Inferno always returns that specific response associated with the test, whether based on a tester
+input or the Inferno responses associated with that test. The request made by the EHR must be conformant,
+but Inferno is not able to verify that its response is appropriate for the request. 
+
+The EHR will then be asked to complete the questionnaire, including:
 
 - Pre-populating answers based on directives in the questionnaire.
 - Rendering the questionnaire for users and allowing them to make additional updates.
-  These tests can include specific directions on details to include in the completed
-  questionnaire.
+  Tests for Inferno-provided responses include specific directions on details to include in the completed
+  questionnaire to allow for validation of the [information origin extension](https://hl7.org/fhir/us/davinci-dtr/STU2/StructureDefinition-information-origin.html).
 - For adaptive questionnaires only, getting additional questions using the `$next-question`
   operation until the questionnaire is complete.
 - Storing the completed questionnaire for future use as a FHIR QuestionnaireResponse.
 
-EHRs will be required to complete all questionnaires in the suite, which in aggregate
-contain all questionnaire features that apps must support. Currently, the suite includes
-one questionnaire:
-
-1. Standard and adaptive styles of a fictitious "dinner" questionnaire created for these tests. 
-   They test basic item rendering, control flow, and pre-population.
+EHRs are currently required to complete 5 questionnaires as a part of these tests, though
+future iterations of this test kit may change this set:
+- Tester-provided static and dynamic questionnaires, for workflow demonstration.
+- Inferno-provided static and dynamic questionnaires, for demonstration of [information origin 
+  extension](https://hl7.org/fhir/us/davinci-dtr/STU2/StructureDefinition-information-origin.html)
+  requirements.
+- A feature-complete tester-provided static questionnaire, for demonstration of all
+  questionnaire features.
 
-Additional questionnaires covering further features will be added in the future.
-
-All requests sent by the app will be checked
+All requests sent by the EHR will be checked
 for conformance to the DTR IG requirements individually and used in aggregate to determine
 whether required features and functionality are present. HL7® FHIR® resources are
 validated with the Java validator using `tx.fhir.org` as the terminology server.
@@ -53,35 +63,41 @@ validated with the Java validator using `tx.fhir.org` as the terminology server.
 
 ### Quick Start
 
-In order to run these tests, EHRs must be configured to interact with Inferno's simulated
-payer server endpoint. The endpoint will be `[URL prefix]/custom/dtr_full_ehr/fhir` where
-`[URL prefix]` can be inferred from the URL of the test session which will be of the form
-`[URL prefix]/dtr_full_ehr/[session id]`.
-
-In order for Inferno to associate requests sent to locations under these base URLs with this session,
-it needs to know the bearer token that the EHR will send on requests, for which
-there are two options.
-
-1. If you want to choose your own bearer token, then
-   1. Select the "2. Basic Workflows" test from the list on the left (or other target test).
-   2. Click the '_Run All Tests_' button on the right.
-   3. In the "access_token" field, enter the bearer token that will be sent by the client
-      under test (as part of the Authorization header - `Bearer <provided value>`).
-   4. Click the '_Submit_' button at the bottom of the dialog.
-2. If you want to use a client_id to obtain an access token, then
-   1. Click the '_Run All Tests_' button on the right.
-   2. Provide the EHR's registered id "client_id" field of the input (NOTE, Inferno
-      doesn't support the registration API, so this must be obtained from another
-      system or configured manually).
-   3. Click the '_Submit_' button at the bottom of the dialog.
-   4. Make a token request that includes the specified client id to the
-      `[URL prefix]/custom/dtr_full_ehr/mock_auth/token` endpoint to get
-      an access token to use on the request of the requests.
-
-In either case, the tests will continue from that point. Further executions of tests under
-this session will also use the selected bearer token.
-
-Note: authentication options for these tests have not been finalized and are subject to change.
+Inferno's simulated payer endpoints require authentication using the OAuth flows
+conforming either to the
+- SMART Backend Services flow, or
+- UDAP Business-to-Business Client Credentials flow
+
+When creating a test session, select the Client Security Type corresponding to an
+authentication approach supported by the EHR. Then start by running the Client Registration
+group which will guide you through the registration process. 
+See the *Auth Configuration Details* section below for details.
+
+Once registration is complete, execute the Dinner Order Static Questionnaire Workflow tests
+using the following steps:
+1. Select group **3.1.1** Retrieving the Static Questionnaire from the list on the left, click
+   "RUN TESTS" in the upper right, and click "SUBMIT" in the input dialog that appears.
+1. A "User Action Required" dialog will appear asking for DTR to be launched for a patient
+   meeting specific criteria. Once you have launched DTR from the EHR, click one of the
+   attestation links to continue the tests. NOTE: Inferno will not respond to `$questionnaire-package`
+   requests during this step.
+1. A new "User Action Required" dialog will appear directing you to make a `$questionnaire-package`
+   request. Take actions in the EHR to trigger this request. Before beginning to fill out the
+   questionnaire, click the link in the dialog to continue the tests.
+1. Select group **3.1.2** Filling Out the Static Questionnaire from the list on the left. A series
+   of "User Action Required" dialogs will appear asking you to confirm details of the rendered
+   questionnaire and actions taken while filling it out. Refer to and complete these attestations
+   as you fill out the questionnaire within the EHR.
+1. Complete the questionnaire, save the response in the EHR, and access the saved response in
+   its FHIR QuestionnaireResponse JSON form, which will be needed in the next step.
+1. Select group **3.1.3** Saving the QuestionnaireResponse from the list on the left and click
+   "RUN TESTS" in the upper right. An input dialog will appear asking for the 
+   **Completed QuestionnaireResponse**. Put the FHIR QuestionnaireResponse JSON obtained
+   in the last step and click "SUBMIT".
+1. Attest that this QuestionnaireResponse was stored in the EHR to complete the tests.
+
+Other workflows can be executed in a similar manner, but will include additional inputs and/or
+different steps.
 
 ### Postman-based Demo
 
@@ -95,42 +111,65 @@ To run the tests using this approach:
 1. Install [postman](https://www.postman.com/downloads/).
 1. Import [this Postman collection](https://github.com/inferno-framework/davinci-dtr-test-kit/blob/main/config/DTR%20Full%20EHR%20Tests%20Postman%20Demo.postman_collection.json).
 
-#### Startup
-1. Start a Da Vinci DTR Full EHR Test Suite Session.
+#### Startup and Client Registration
+1. Start a Da Vinci DTR Full EHR Test suite session choosing SMART Backend Services for the Client Security Type.
+1. Select the "Dinner Order Questionnaire Example (Postman)" preset from the dropdown in the upper left.
+1. Select the Client Registration group from the list at the left, click "RUN TEST" in the upper right,
+   and click "SUBMIT" in the input dialog that appears. A "User Action Required" wait dialog will appear.
+1. In another tab, start a SMART App Launch STU2.2 suite session. Select the Backend Services group,
+   click "RUN TESTS", and provide the following inputs before clicking "SUBMIT":
+   - **FHIR Endpoint**: the "FHIR Base URL" displayed in the wait dialog in the DTR tests.
+   - **Scopes**: `system/*.rs`
+   - **Client ID**: the "SMART Client Id" displayed in the wait dialog in the DTR tests.
+1. Find the access token to use for the data access request by opening test **3.2.05** Authorization
+   request succeeds when supplied correct information, click on the "REQUESTS" tab, clicking on the "DETAILS"
+   button, and expanding the "Response Body". Copy the "access_token" value, which will be a ~100 character
+   string of letters and numbers (e.g., eyJjbGllbnRfaWQiOiJzbWFydF9jbGllbnRfdGVzdF9kZW1vIiwiZXhwaXJhdGlvbiI6MTc0MzUxNDk4Mywibm9uY2UiOiJlZDI5MWIwNmZhMTE4OTc4In0)
 1. Update the postman collection configuration variables found by opening the "DTR Full EHR
    Tests Postman Demo" collection and selecting the "Variables" tab.
    - **base_url**: corresponds to the where the test suite session is running. Defaults to
-     `inferno.healthit.gov`. If running in another location, see guidance on the "Overview" tab
+     `inferno.healthit.gov`. If running on another server, see guidance on the "Overview" tab
      of the postman collection.
-   - **access_token**: note the "Current value" (update if desired) for use later.
+   - **access_token**: the access token extracted in the previous step.
+1. Confirm that registration is complete by clicking the link in the DTR tests to complete the registration tests.
+
+##### UDAP Alternative
+
+To demonstrate the use of UDAP authentication for the DTR EHR, perform the above startup steps with the following changes
+- In step 1 when starting the DTR Full EHR test suite session, choose UDAP B2B Client Credentials for the Client Security Type.
+- In step 4, start a UDAP Security test suite session instead. Select the "Demo: Run Against the UDAP Security Client Suite"
+  preset, then choose the UDAP Client Credentials Flow group, click "RUN TESTS", and update the following inputs before clicking "SUBMIT":
+  - **FHIR Server Base URL**: change to the FHIR server indicated in the wait dialog in the DTR tests.
+- In step 5, the access token (same format as described above) can be found in test **2.3.01** OAuth token exchange request succeeds when supplied correct information.
+- In step 7, there will be two attestations to complete.
+
+All other steps below will be the same.
 
 #### Dinner Questionnaire (Standard)
 
 For the standard (static) questionnaire demo, use the requests in the _Static Dinner_ folder in the 
-Postman collection.
+Postman collection. Follow the quick start instructions above with the following modifications:
+- Use postman to submit the "Questionnaire Package for Dinner (Static)" request when Inferno
+  is waiting for a `$questionnaire-package` request. Note that the response that looks similar
+  to the "Example Working Response" in postman.
+- Copy the contents of the "Sample QuestionnaireResponse for Dinner (Static) ..." postman request,
+  replace the string `{{base_url}}` with the value of the **base_url** postman variable, and enter the result
+  as the **Completed QuestionnaireResponse** input in Inferno.
 
-1. Return to the Inferno test session and in the test list at the left, select _2 Static Questionnaire Workflow_.
-1. Click the "Run All Tests" button in the upper right.
-1. Add the **access_token** configured in postman to the Inferno input with the same name
-1. Click the "Submit" button in Inferno.
-1. Attest that the EHR has launched its DTR workflow in Inferno by clicking the link for the **true** response.
-1. Once the next wait dialog has appeared within Inferno asking for a `$questionnaire-package`
-   request, use postman to submit the "Questionnaire Package for Dinner (Static)" request. Confirm
-   that the response that looks similar to the "Example Working Response" in postman
-   and click the link to continue the tests.
-1. Attest to the remainder of the tests as desired to get a sense for what is involved in testing
-   with an actual EHR implementation. To see what a valid QuestionnaireResponse looks like, see
-   the "Sample QuestionnaireResponse for Dinner (Static) ..." request in postman.
+The "Dinner Order Questionnaire Example (Postman)" preset also populates the same questionnaire as the
+tester-provided questionnaire to use in the Basic Workflows -> Static Questionnaire Workflow group. You
+can execute that group as well in a similar manner to see how tester-provided questionnaire tests are
+different.
+
+These tests are not expected to fully pass due to known issues in the example FHIR instances.
 
 #### Dinner Questionnaire (Adaptive)
 
 For the adaptive questionnaire demo, use the requests in the _Adaptive Dinner_ folder in the 
 Postman collection.
 
-1. Return to the Inferno test session and in the test list at the left, select _3 Adaptive Questionnaire Workflow_.
-1. Click the "Run All Tests" button in the upper right.
-1. Add the **access_token** configured in postman to the Inferno input with the same name (if not already present)
-1. Click the "Submit" button in Inferno.
+1. Return to the Inferno test session and in the test list at the left, select **3.2** Dinner Order Adaptive
+   Questionnaire Workflow, click the "RUN ALL TESTS" button in the upper right, and click "SUBMIT" in the input dialog.
 1. Attest that the EHR has launched its DTR workflow in Inferno by clicking the link for the **true** response.
 1. Once the **Adaptive Questionnaire Retrieval** wait dialog has appeared within Inferno asking 
    for `$questionnaire-package` and `$next-question`
@@ -149,6 +188,40 @@ Postman collection.
    that the response that looks similar to the "Example Response" in postman
    and click the link to continue the tests.
 
+The "Dinner Order Questionnaire Example (Postman)" preset also populates the same questionnaire as the
+tester-provided questionnaire to use in the Basic Workflows -> Adaptive Questionnaire Workflow group. You
+can execute that group as well in a similar manner (note that all `$next-question` requests are made
+within a single wait test) to see how tester-provided questionnaire tests are different.
+
+These tests are not expected to fully pass due to known issues in the example FHIR instances.
+
+#### Review Authentication Interactions
+
+Anytime after executing one of the questionnaire test groups, you can execute the Review Authentication Interactions
+group to verify the conformance of access token requests against the SMART Backend Services flow.
+
+These tests are not expected to fully pass due to invalid token requests purposefully sent by the SMART server tests.
+
+## Auth Configuration Details
+
+When running these tests there are 2 options for authentication, which also allows 
+Inferno to identify which session the requests are for. The choice is made when the
+session is created with the selected Client Security Type option, which determines
+what details the tester needs to provide during the Client Registration tests:
+
+- **SMART Backend Services**: the system under test will manually register
+  with Inferno and request access token used to access FHIR endpoints
+  as per the SMART Backend Services specification. It requires the
+  **SMART JSON Web Key Set (JWKS)** input to be populated with either a URL that resolves
+  to a JWKS or a raw JWKS in JSON format. Additionally, testers may provide
+  a **Client Id** if they want their client assigned a specific one.
+- **UDAP B2B Client Credentials**: the system under test will dynamically register
+  with Inferno and request access tokens used to access FHIR endpoints
+  as per the UDAP specification. It requires the **UDAP Client URI** input
+  to be populated with the URI that the client will use when dynamically
+  registering with Inferno. This will be used to generate a client id (each
+  unique UDAP Client URI will always get the same client id).
+
 ## Limitations
 
 The DTR IG is a complex specification and these tests currently validate conformance to only
@@ -177,9 +250,3 @@ available that are more in-line with expected system capabilities.
 For adaptive questionnaires, the completed QuestionnaireResponse will be present in the
 last `$next-question` invocation by the EHR, so this limitation does not apply to those
 cases.
-
-### Questionnaire Feature Coverage
-
-Not all questionnaire features that are must support within the DTR IG are currently represented
-in questionnaires tested by the IG. Additional questionnaires testing additional features will
-be added in the future.

data/lib/davinci_dtr_test_kit/docs/dtr_smart_app_suite_description_v201.md

@@ -112,12 +112,13 @@ If you do not have a DTR SMART app but would like to try the tests out, you can
 [this Postman collection](https://github.com/inferno-framework/davinci-dtr-test-kit/blob/main/config/DTR%20SMART%20App%20Tests%20Postman%20Demo.postman_collection.json)
 to make requests against Inferno. This does not include the capability to render the complete
 questionnaires, but does have samples of correctly and incorrectly completed QuestionnaireResponses.
-The following is a list of tests with the Postman requests that can be used with them:
+After starting the session, choose the "Dinner Order Questionnaire Example" preset. The following
+is a list of tests with the Postman requests that can be used with them:
 
-- **Standalone launch sequence**: use requests in the `SMART App Launch` folder during
+- **Standalone launch sequence**: optionally use requests in the `SMART App Launch` folder during
   tests **1.1.1.01** or **2.1.1.01** to simulate the SMART Launch flow and obtain an access
   token to use for subsequent requests. See the collection's Overview for details on the
-  access token's generation.
+  access token's generation. You can also skip this step and leave the existing postman variable as is.
 - **1.1** _Static Questionnaire Workflow_: use requests in the `Static Dinner` folder
   - **1.1.1.01** _Invoke the DTR Questionnaire Package operation_: submit request `Questionnaire Package for Dinner (Static)` while this test is waiting.
   - **1.1.3.01** _Save the QuestionnaireResponse after completing it_: submit request `Save QuestionnaireResponse for Dinner (Static)` while this test is waiting. If you want to see a failure, submit request `Save QuestionnaireResponse for Dinner (Static) - missing origin extension` instead.

data/lib/davinci_dtr_test_kit/dtr_client_options.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'smart_app_launch_test_kit'
+require 'udap_security_test_kit'
+
+module DaVinciDTRTestKit
+  module DTRClientOptions
+    SMART_BACKEND_SERVICES_CONFIDENTIAL_ASYMMETRIC =
+      SMARTAppLaunch::SMARTClientOptions::SMART_BACKEND_SERVICES_CONFIDENTIAL_ASYMMETRIC
+    UDAP_CLIENT_CREDENTIALS =
+      UDAPSecurityTestKit::UDAPClientOptions::UDAP_CLIENT_CREDENTIALS
+  end
+end