davinci_pas_test_kit 0.13.1 → 0.13.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b36c102526c99da6d1220766f4b5213d30497f8369271c68e2b41370296b874c
-  data.tar.gz: 2a8a894dcf8c6fab84e41ffa5f626b0499b6d3aa554f88bfb8b3e41495000e92
+  metadata.gz: eab60793f7ecc9d8f6e629c5c383a1c862944805eea21772dafcbcc45ecd1915
+  data.tar.gz: c657b115fa076a0ed2ca74181725f55591f6814714f0a917d5be557978708790
 SHA512:
-  metadata.gz: '07862eba661759fcae73127b68026deeb106ff203f84ed3a503b641de2d03d1fccd24d05b94a86e5dff88500e5e199b0b1284326b83d4fcbc8407ec7c7c35da5'
-  data.tar.gz: 5f78a7193457b07a74159f37dc2357b48173ffc9a7fbc40474d6c16c3881ce6ed981f1ce496e55d64dfca28609943a5e7ad83a3821dfe6f15622e6ee6a912df5
+  metadata.gz: c35c4998d5dae26f61454695424235bd948ebae145a09f39557b97c31e487dea46b71b7afe0e6fdb65902ae80eebfcbc682606618516fea8ff929aaccd80a53b
+  data.tar.gz: 23f797fc60bcb69395a631d2b05e6d942b9c1179528aa331319c43a5a3e6e81084c96cd1b54a0e92fc562f9f66e843f956d2a805296126b44ac177807cb005f9

data/lib/davinci_pas_test_kit/client_suite.rb

@@ -22,7 +22,44 @@ module DaVinciPASTestKit
     class ClientSuite < Inferno::TestSuite
       id :davinci_pas_client_suite_v201
       title 'Da Vinci PAS Client Suite v2.0.1'
-      description File.read(File.join(__dir__, 'docs', 'client_suite_description_v201.md'))
+      description %(
+        The Da Vinci PAS Test Kit Client Suite validates the conformance of client
+        systems to the STU 2 version of the HL7® FHIR®
+        [Da Vinci Prior Authorization Support Implementation Guide](https://hl7.org/fhir/us/davinci-pas/STU2/).
+
+        These tests are a **DRAFT** intended to allow PAS client implementers to perform
+        preliminary checks of their clients against PAS IG requirements and [provide
+        feedback](https://github.com/inferno-framework/davinci-pas-test-kit/issues)
+        on the tests. Future versions of these tests may validate other
+        requirements and may change the test validation logic.
+
+        The best place to get started is the [Client Testing
+        Walkthrough](https://github.com/inferno-framework/davinci-pas-test-kit/wiki/Client-Walkthrough),
+        which provides a step-by-step guide for running the tests against a client and provides
+        an example client implemented in Postman.  Visit the [Client Testing
+        Details](https://github.com/inferno-framework/davinci-pas-test-kit/wiki/Client-Details)
+        documentation for information about technical implementation and known limitations of these tests.
+
+        In this test suite, Inferno simulates a PAS server for the client under test to
+        interact with. The client will be expected to initiate requests to the server
+        and demonstrate its ability to react to the returned responses. Over the course
+        of these interactions, Inferno will seek to observe conformant handling of PAS
+        requirements, including:
+        - The ability of the client to initiate a prior authorization submission and react to
+            - The approval of the request
+            - The denial of the request
+            - The pending of the request and a subsequent notification that a final decision was made
+        - The ability of the client to provide data covering the full scope of required by PAS, including
+            - The ability to send prior auth requests and inquiries with all PAS
+              profiles and all must support elements on those profiles
+            - The ability to handle responses that contain all PAS profiles and all must support elements on those
+              profiles (not included in the current version of these tests)
+
+        All requests and responses will be checked for conformance to the PAS
+        IG requirements individually and used in aggregate to determine whether
+        required features and functionality are present. HL7® FHIR® resources are
+        validated with the Java validator using `tx.fhir.org` as the terminology server.
+      )
 
       links [
         {

data/lib/davinci_pas_test_kit/generated/v2.0.1/server_suite.rb

@@ -11,7 +11,46 @@ module DaVinciPASTestKit
     class ServerSuite < Inferno::TestSuite
       id :davinci_pas_server_suite_v201
       title 'Da Vinci PAS Server Suite v2.0.1'
-      description File.read(File.join(__dir__, '..', '..', 'docs', 'server_suite_description_v201.md'))
+      description %(
+        The Da Vinci PAS Server Suite validates the conformance of server systems 
+        to the STU 2 version of the HL7® FHIR® 
+        [Da Vinci Prior Authorization Support Implementation Guide](https://hl7.org/fhir/us/davinci-pas/STU2/).
+
+        These tests are a **DRAFT** intended to allow PAS server implementers to perform 
+        preliminary checks of their servers against PAS IG requirements and [provide 
+        feedback](https://github.com/inferno-framework/davinci-pas-test-kit/issues) 
+        on the tests. Future versions of these tests may validate other 
+        requirements and may change the test validation logic.
+
+        The best place to get started is the [Server Testing
+        Walkthrough](https://github.com/inferno-framework/davinci-pas-test-kit/wiki/Server-Walkthrough),
+        which provides a step-by-step guide for running the tests against a client and provides
+        an example client implemented in Postman.  Visit the [Server Testing
+        Details](https://github.com/inferno-framework/davinci-pas-test-kit/wiki/Server-Details)
+        documentation for information about technical implementation and known limitations of these tests.
+
+        Inferno will simulate a client and make a series of prior authorization requests to the 
+        server under test. Over the course of these requests, Inferno will seek to observe
+        conformant handling of PAS requirements, including
+        - The ability of the server to use PAS API interactions to communicate 
+            - Approval of a prior authorization request
+            - Denial of a prior authorization request
+            - Pending of a prior authorization request and a subsequent final decision
+            - Inability to process a prior authorization request
+        - The ability of the server to handle the full scope of data required by PAS, including
+            - Ability to process prior auth requests and inquiries with all PAS profiles and all must support elements on those profiles
+            - Ability to return responses that demonstrate the use of all PAS profiles and all must support elements on those profiles
+
+        Because the business logic that determines decisions and the elements populated in responses
+        Is outside of the PAS specification and will vary between implementers, testers
+        are required to provide the requests that Inferno will make to the server.
+
+        All requests and responses will be checked for conformance to the PAS
+        IG requirements individually and used in aggregate to determine whether
+        required features and functionality are present. HL7® FHIR® resources are 
+        validated with the Java validator using `tx.fhir.org` as the terminology server.
+      
+      %)
 
       links [
         {

data/lib/davinci_pas_test_kit/generator/templates/suite.rb.erb

@@ -8,7 +8,46 @@ module DaVinciPASTestKit
     class <%= class_name %> < Inferno::TestSuite
       id :<%= suite_id %>
       title '<%= title %>'
-      description File.read(File.join(__dir__, '..', '..', 'docs', 'server_suite_description_<%= ig_metadata.reformatted_version %>.md'))
+      description %(
+        The Da Vinci PAS Server Suite validates the conformance of server systems 
+        to the STU 2 version of the HL7® FHIR® 
+        [Da Vinci Prior Authorization Support Implementation Guide](https://hl7.org/fhir/us/davinci-pas/STU2/).
+
+        These tests are a **DRAFT** intended to allow PAS server implementers to perform 
+        preliminary checks of their servers against PAS IG requirements and [provide 
+        feedback](https://github.com/inferno-framework/davinci-pas-test-kit/issues) 
+        on the tests. Future versions of these tests may validate other 
+        requirements and may change the test validation logic.
+
+        The best place to get started is the [Server Testing
+        Walkthrough](https://github.com/inferno-framework/davinci-pas-test-kit/wiki/Server-Walkthrough),
+        which provides a step-by-step guide for running the tests against a client and provides
+        an example client implemented in Postman.  Visit the [Server Testing
+        Details](https://github.com/inferno-framework/davinci-pas-test-kit/wiki/Server-Details)
+        documentation for information about technical implementation and known limitations of these tests.
+
+        Inferno will simulate a client and make a series of prior authorization requests to the 
+        server under test. Over the course of these requests, Inferno will seek to observe
+        conformant handling of PAS requirements, including
+        - The ability of the server to use PAS API interactions to communicate 
+            - Approval of a prior authorization request
+            - Denial of a prior authorization request
+            - Pending of a prior authorization request and a subsequent final decision
+            - Inability to process a prior authorization request
+        - The ability of the server to handle the full scope of data required by PAS, including
+            - Ability to process prior auth requests and inquiries with all PAS profiles and all must support elements on those profiles
+            - Ability to return responses that demonstrate the use of all PAS profiles and all must support elements on those profiles
+
+        Because the business logic that determines decisions and the elements populated in responses
+        Is outside of the PAS specification and will vary between implementers, testers
+        are required to provide the requests that Inferno will make to the server.
+
+        All requests and responses will be checked for conformance to the PAS
+        IG requirements individually and used in aggregate to determine whether
+        required features and functionality are present. HL7® FHIR® resources are 
+        validated with the Java validator using `tx.fhir.org` as the terminology server.
+      
+      %)
 
       links [
         {

data/lib/davinci_pas_test_kit/metadata.rb

@@ -12,6 +12,10 @@ module DaVinciPASTestKit
 
       <!-- break -->
 
+      Please visit the [Da Vinci PAS Test Kit documentation
+      site](https://github.com/inferno-framework/davinci-pas-test-kit/wiki/) for
+      detailed information on how to use and maintain this test kit.
+
       To validate the behavior of a system Inferno will act as the partner to the
       system under test:
       - **When testing a client**: Inferno will act as a server, awaiting requests
@@ -58,16 +62,12 @@ module DaVinciPASTestKit
         e.g., the requirement that clinicians can update details of the prior authorization
         request before submitting them
 
-      For additional details on these and other areas where the tests may not align with
-      the IGs requirements, see documentation in the test kit source code ([client](https://github.com/inferno-framework/davinci-pas-test-kit/blob/main/lib/davinci_pas_test_kit/docs/client_suite_description_v201.md#testing-limitations), [server](https://github.com/inferno-framework/davinci-pas-test-kit/blob/main/lib/davinci_pas_test_kit/docs/server_suite_description_v201.md#testing-limitations)), and [this requirements analysis
-      spreadsheet](https://github.com/inferno-framework/davinci-pas-test-kit/blob/main/lib/davinci_pas_test_kit/docs/PAS%20Requirements%20Interpretation.xlsx).
-
       ### Known IG Issues
 
       Through testing with this test kit, issues have been identified in the version of the PAS
       specification that this test kit tests against which cause false failures. The full list
       of known issues can be found on the [repository's issues page with the 'source ig issue'
-      lable](https://github.com/inferno-framework/davinci-pas-test-kit/labels/source%20ig%20issue).
+      label](https://github.com/inferno-framework/davinci-pas-test-kit/labels/source%20ig%20issue).
 
       ## Reporting Issues
 

data/lib/davinci_pas_test_kit/version.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
 module DaVinciPASTestKit
-  VERSION = '0.13.1'
-  LAST_UPDATED = '2025-05-13'
+  VERSION = '0.13.2'
+  LAST_UPDATED = '2025-05-30'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: davinci_pas_test_kit
 version: !ruby/object:Gem::Version
-  version: 0.13.1
+  version: 0.13.2
 platform: ruby
 authors:
 - Inferno Team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-05-13 00:00:00.000000000 Z
+date: 2025-05-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inferno_core
@@ -181,9 +181,7 @@ files:
 - lib/davinci_pas_test_kit/custom_groups/v2.0.1/pas_server_subscription_setup.rb
 - lib/davinci_pas_test_kit/descriptions.rb
 - lib/davinci_pas_test_kit/docs/PAS Requirements Interpretation.xlsx
-- lib/davinci_pas_test_kit/docs/client_suite_description_v201.md
 - lib/davinci_pas_test_kit/docs/demo/PAS Client Suite Demonstration.postman_collection.json
-- lib/davinci_pas_test_kit/docs/server_suite_description_v201.md
 - lib/davinci_pas_test_kit/endpoints/claim_endpoint.rb
 - lib/davinci_pas_test_kit/endpoints/subscription_create_endpoint.rb
 - lib/davinci_pas_test_kit/endpoints/subscription_status_endpoint.rb

data/lib/davinci_pas_test_kit/docs/client_suite_description_v201.md

@@ -1,444 +0,0 @@
-The Da Vinci PAS Test Kit Client Suite validates the conformance of client
-systems to the STU 2 version of the HL7® FHIR®
-[Da Vinci Prior Authorization Support Implementation Guide](https://hl7.org/fhir/us/davinci-pas/STU2/).
-
-## Scope
-
-These tests are a **DRAFT** intended to allow PAS client implementers to perform
-preliminary checks of their clients against PAS IG requirements and [provide
-feedback](https://github.com/inferno-framework/davinci-pas-test-kit/issues)
-on the tests. Future versions of these tests may validate other
-requirements and may change the test validation logic.
-
-## Test Methodology
-
-Inferno will simulate a PAS server for the client under test to interact with. The client
-will be expected to initiate requests to the server and demonstrate its ability to react
-to the returned responses. Over the course of these interactions,
-Inferno will seek to observe conformant handling of PAS requirements, including
-- The ability of the client to initiate a prior authorization submission and react to
-    - The approval of the request
-    - The denial of the request
-    - The pending of the request and a subsequent notification that a final decision was made
-- The ability of the client to provide data covering the full scope of required by PAS, including
-    - The ability to send prior auth requests and inquiries with all PAS profiles and all must support elements on
-    those profiles
-    - The ability to handle responses that contain all PAS profiles and all must support elements on those
-    profiles (not included in the current version of these tests)
-
-All requests and responses will be checked for conformance to the PAS
-IG requirements individually and used in aggregate to determine whether
-required features and functionality are present. HL7® FHIR® resources are
-validated with the Java validator using `tx.fhir.org` as the terminology server.
-
-### Responses
-
-Inferno contains basic logic to generate approval, denial, and pended responses, along with a
-notification that a final decision was made, as a part of the above workflows.
-These responses are based on examples available in the PAS Implementation Guide
-and are conformant, but may not meet the needs of actual implementations. Thus,
-testers may provide Inferno with specific responses for Inferno to echo. If responses
-are provided, Inferno will check them for conformance to ensure that they demonstrate
-a fully conformant exchange.
-
-### Authentication
-
-The [Privacy and Security section](https://hl7.org/fhir/us/davinci-pas/STU2/privacy.html) of the PAS
-Implementation Guide states that payers must "require that the provider system authenticates"
-itself when making PAS requests against the payer system. However, the specific method of authentication
-is left to the Da Vinci HRex IG, which [provides recommendations and potential 
-approaches](https://hl7.org/fhir/us/davinci-hrex/STU1/security.html#exchange-security) for
-authentication, but does not require a specific one to be used. Inferno requires some
-authentication approach to be used in order for it to be able to identify which incoming
-requests are from the client under test.
-
-Inferno's simulated payer server includes a simulation of two standard authentication approaches:
-- SMART Backend Services
-- UDAP B2B client credentials flow, including dynamic registration
-
-Clients under test can register with the authorization server and request tokens for use
-when making PAS requests. In this case, Inferno will verify that the client's interactions with
-the simulated authorization server are conformant and that the provided tokens are used.
-
-If the client under test does not support either of these standards-based methods of authentication, the tester
-may instead attest to other authentication capabilities. In this case, the client will authenticate
-by sending requests to dedicated PAS endpoints created by Inferno for use during the testing session.
-To reduce configuration burden, the dedicated endpoints can be reused in subsequent sessions.
-
-## Running the Tests
-
-### Quick Start
-
-To execute a simple set of tests with minimal setup and input, perform an approval workflow using
-inferno-generated responses and dedicated session-specific endpoints with the following steps:
-
-1. Create a Da Vinci PAS Client Suite v2.0.1 session using the "Other Authentication" option
-   for the Client Security Type.
-1. Select the "Client Registration" group from the list at the left and and click
-   the "RUN TESTS" button in the upper right.
-1. Optionally provide a value for the **Session-specific URL path extension** input to
-   specify the extra path for the dedicated session endpoint or leave blank to let
-   Inferno generate a value for you. Then click the "SUBMIT" button at the bottom right.
-1. Attest to an alternate authentication approach in the wait dialog that appears and
-   then configure your client to connect to the Inferno FHIR server subsequently displayed
-   and click the link continue.
-1. Select the "Approval Workflow" group from the list at the left and click
-   the "RUN TESTS" button in the upper right.
-1. Click the "SUBMIT" button at the bottom right of the input dialog that appears.
-1. Submit a PAS prior authorization request to the endpoint shown in the wait
-   dialog that appears.
-1. When another wait dialog appears, check your system to see whether Inferno's response
-   was interpreted as an approval or not and click the appropriate link in the dialog.
-1. Review the results including any errors or warnings found when checking the conformance
-   of the request or the generated response.
-
-Group "Denial Workflow" can be run in the same manner. To run the "Pended Workflow" group,
-first run the "Subscription Setup" group, during which the client system will submit a
-Subscription so that Inferno knows how and where to send a notification that a decision has
-been rendered on a pended prior authorization request. Then proceed to execute the 
-"Pended Workflow" group and follow the instructions in the dialogs that appear.
-
-### Postman-based Demonstration
-
-If you do not have a PAS client but would like to try the tests out, you can use
-[this postman collection](https://github.com/inferno-framework/davinci-pas-test-kit/blob/main/lib/davinci_pas_test_kit/docs/demo/PAS%20Client%20Suite%20Demonstration.postman_collection.json)
-to make requests against Inferno and see the mocked responses provided by Inferno. To use, load
-the collection into the [Postman app](https://www.postman.com/downloads/) and follow these steps:
-
-1. Start a Da Vinci PAS Client Suite v2.0.1 session from the [PAS Test Kit page on 
-   inferno.healthit.gov](https://inferno.healthit.gov/test-kits/davinci-pas/),
-   choosing the "Other Authentication" option for the Client Security Type.
-2. Click the *Run All Tests* button in the upper right hand corner of the suite.
-3. Client Registration
-   - In the **Session-specific URL path extension** input, put a short alpha string, such as `demo`
-   - In Postman, select the *PAS Client Suite Demonstration* Collection in postman and go to the "Variables" tab 
-     (see the collection's Overview tab for more details on what the variables control).
-   - In the current value for the **session_url_path** variable, put the same value as in the
-     **Session-specific URL path extension** input, surrounded by `/`, e.g., `/demo/` and
-     save the collection.
-   - Back in Inferno, click the "SUBMIT" button and click the links to continue the tests
-     in the next two wait dialogs until a **Subscription Creation Test** wait dialog appears.
-1. In Postman, select the *Create Subscription Request* in the *Subscription Setup* folder
-   and click the "Send" button in the upper right.
-1. Back in Inferno, the wait dialog should disappear and a new **Approval Workflow Test** wait
-   dialog will appear.
-1. In Postman, select the *Prior Auth Request For Approval* in the *Approval Workflow* folder
-   and click the "Send" button in the upper right.
-1. Back in Inferno, the wait dialog should disappear and a new attestation wait dialog will
-   appear asking to confirm the system's interpretation of the "Approved" response. Check that
-   the response from the last step in Postman contains the string "Certified in total" and respond
-   to the attestation. The wait dialog should disappear and a new **Denial Workflow Test** wait
-   dialog will appear.
-1. In Postman, select the *Prior Auth Request For Denial* in the *Denial Workflow* folder
-   and click the "Send" button in the upper right.
-1. Back in Inferno, the wait dialog should disappear and a new attestation wait dialog will
-   appear asking to confirm the system's interpretation of the "Denied" response. Check that
-   the response from the last step in Postman contains the string "Not Certified" and respond
-   to the attestation. The wait dialog should disappear and a new **Pended Workflow Test** wait
-   dialog will appear.
-1. In Postman, select the *Prior Auth Request For Pended* entry under the *Pended Workflow* folder in the
-   and click the "Send" button in the upper right.
-1. Search in the response returned to Postman for the string "Pending" which indicates the prior
-   auth request was pended and a final decision will be made later. You'll use this information in
-   a later attestation.
-1. Meanwhile, Inferno sent a notification indicating that a final decision was made (5-10 seconds
-   after the prior auth request). If interested in seeing the notification message, it can be found
-   on the [notifications 
-   page](https://subscriptions.argo.run/subscriptions/notifications-received?store=r4) for the 
-   [Argonaut Subscriptions Reference Implementation](https://subscriptions.argo.run/), which
-   hosts a notification endpoint that is used to receive Subscription notifications for this demo.
-   Note that when looking for recent notifications, **Received** timestamps are in UTC which is
-   5 hours ahead of Eastern Standard Time (4 hours ahead of Eastern Daylight Time).
-1. In Postman, select the *Prior Auth Inquiry for Pended* entry under the *Pended Workflow* folder in the
-   and click the "Send" button in the upper right.
-1. Search in the response returned to Postman for the string "Certified in total" which indicates the prior
-   auth request was approved. You'll use this information in a later attestation.
-1. Back in Inferno, scroll down in wait dialog and click the "click here to complete the test"
-   link to allow Inferno to evaluate the pended workflow.
-1. The next two attestations ask whether the system displayed the claim as pended and approved at the
-   appropriate points in the workflow. Attest based on whether the correct strings were found in the
-   responses in the previous steps.
-1. Two additional "User Action" dialogs will appear requesting additional `$submit` and `$inquire`
-   requests to demonstrate must support elements. This demo does not have any additional requests
-   and does not attempt to demonstrate all must support elements, so click the link to indicate
-   you are done submitting requests for each. Note that requests submitted during the workflow section
-   will be evaluated and you can inspect the results under the Demonstrate Element Support test
-   to see both passing and failing tests.
-1. Once Inferno finishes evaluating the requests, the test will complete allowing you to review the
-   results, including warning and error messages as well as requests associated with each test.
-
-The tests are expected to pass with the exception of the Must Support tests.
-
-#### Optional Demo Modification: full-resource Subscription
-
-This demo uses `id-only` notifications for Pended workflow. To see a demonstration of `full-resource`
-notifications, replace the string `id-only` in the "Create Subscription Request" entry under the 
-"Subscription Setup" folder in the collection with the string `full-resource` (found in an extension
-under the `_payload` element).
-
-#### Optional Demo Modification: SMART Backend Services Auth
-
-To use SMART Backend Services with the demo, choose the "SMART Backend Services" Client Security Type
-option and replace the 3. Client Registration steps above with the following:
-
-- In the **SMART JSON Web Key Set (JWKS)** input, put `https://inferno.healthit.gov/suites/custom/smart_stu2_2/.well-known/jwks.json`
-- In the **Client Id** input, put `pas_demo_smart`
-- Click the **SUBMIT** button
-- A wait dialog will display asking the tester to confirm configuration of the client. Note the
-  FHIR endpoint and client id details
-- Start an instance of the SMART App Launch STU2.2 test suite.
-- Select the **3** Backend Services group from the list at the left and the click the "RUN TESTS"
-  button in the upper right.
-- Fill in the following input values and then click "SUBMIT":
-  - **FHIR Endpoint**: from the wait dialog in the PAS Client suite
-  - **Scopes**: any scope string, e.g., `system/*.rs`
-  - **Client Id**: same value as in the corresponding input to the PAS Client tests, also displayed
-    in the wait dialog
-- Find the access token to use for the data access request by opening test **3.2.05** Authorization
-  request succeeds when supplied correct information, click on the "REQUESTS" tab, clicking on the "DETAILS"
-  button, and expanding the "Response Body". Copy the "access_token" value, which will be a ~100 character
-  string of letters and numbers (e.g., eyJjbGllbnRfaWQiOiJzbWFydF9jbGllbnRfdGVzdF9kZW1vIiwiZXhwaXJhdGlvbiI6MTc0MzUxNDk4Mywibm9uY2UiOiJlZDI5MWIwNmZhMTE4OTc4In0)
-- In Postman, select the *PAS Client Suite Demonstration* Collection in postman and go to the "Variables" tab 
-  (see the collection's Overview tab for more details on what the variables control).
-- In the current value for the **access_token** variable, put access token value copied from the SMART tests.
-  Make sure that the **session_url_path** variable has a current value of `/`.
-- Back in Inferno, click link in the wait dialog confirming the configuration to continue the tests.
-- A **Subscription Creation Test** wait dialog will appear.
-
-Continue the tests according to step 4 around Subscription creation in the above instructions.
-
-In this demonstration, the "Verify SMART Token Requests" test will also fail due to invalid
-token requests sent intentionally by the SMART Backend Services server tests.
-
-#### Optional Demo Modification: UDAP Client Credentials Auth
-
-To use the UDAP Client Credentials with the demo, choose the "UDAP B2B Client Credentials" Client
-Security Type option and replace the 3. Client Registration steps above with the following:
-
-- In the **UDAP Client URI** input, put `http://localhost:4567/custom/udap_security/fhir`
-- Click the **SUBMIT** button and a wait dialog will display asking the tester to perform UDAP dynamic
-  registration. Note the FHIR server endpoint displayed in the dialog.
-- Start an instance of the UDAP Security Server test suite.
-- Select the "Demo: Run Against the UDAP Security Client Suite" preset from the dropdown in the upper left.
-- Select the **2** UDAP Client Credentials Flow group from the list at the left and the click the "RUN ALL TESTS"
-  button in the upper right.
-- Update the **FHIR Server Base URL** input value to be the FHIR server endpoint from the wait dialog
-  in the PAS Client suite and then click "SUBMIT"
-- Once the tests have completed, find the access token to use for the data access request by opening
-  test **2.3.01** OAuth token exchange request succeeds when supplied correct information, click
-  on the "REQUESTS" tab, clicking on the "DETAILS" button, and expanding the "Response Body".
-  Copy the "access_token" value, which will be a ~100 character string of letters and numbers (e.g., eyJjbGllbnRfaWQiOiJzbWFydF9jbGllbnRfdGVzdF9kZW1vIiwiZXhwaXJhdGlvbiI6MTc0MzUxNDk4Mywibm9uY2UiOiJlZDI5MWIwNmZhMTE4OTc4In0)
-- In Postman, select the *PAS Client Suite Demonstration* Collection in postman and go to the "Variables" tab 
-  (see the collection's Overview tab for more details on what the variables control).
-- In the current value for the **access_token** variable, put access token value copied from the SMART tests.
-  Make sure that the **session_url_path** variable has a current value of `/`.
-- In the PAS Client suite tab, click the link in the wait dialog to continue the tests. Do the same
-  for the next wait dialog that appears until a **Subscription Creation Test** wait dialog appears.
-
-Continue the tests according to step 4 around Subscription creation in the above instructions.
-
-In this demonstration, the "Verify UDAP Client Credentials Token Requests" test may fail due
-to expired signatures if the test session has taken long enough.
-
-## Auth Configuration Details
-
-When running these tests there are 3 options for authentication, which also allows 
-Inferno to identify which session the requests are for. The choice is made when the
-session is created with the selected Client Security Type option, which determines
-what details the tester needs to provide during the Client Registration tests:
-
-- **SMART Backend Services**: the system under test will manually register
-  with Inferno and request access tokens for use when accessing FHIR endpoints
-  as per the SMART Backend Services specification. It requires the
-  **SMART JSON Web Key Set (JWKS)** input to be populated with either a URL that resolves
-  to a JWKS or a raw JWKS in JSON format. Additionally, testers may provide
-  a **Client Id** if they want their client assigned a specific one.
-- **UDAP B2B Client Credentials**: the system under test will dynamically register
-  with Inferno and request access tokens used to access FHIR endpoints
-  as per the UDAP specification. It requires the **UDAP Client URI** input
-  to be populated with the URI that the client will use when dynamically
-  registering with Inferno. This will be used to generate a client id (each
-  unique UDAP Client URI will always get the same client id).
-- **Other Authentication**: Inferno will create a dedicated set of FHIR endpoints for this session
-  so that the system under test does not need to get access tokens or provide
-  them when interacting with Inferno during these tests. Since PAS requires
-  authentication of client systems, testers will be asked to attest that their
-  system supports another form of authentication, such as mutual authentication TLS.
-  This approach uses the **Session-specific URL path extension** input to create a
-  session-specific URL. This input can be provided for re-use across sessions, or
-  left blank to have Inferno generate a value.
-
-## Response and Notification Content
-
-To assist in testers getting started with the PAS Client tests quickly, Inferno will generate
-conformant mocked `$submit` and `$inquire` operation responses and Subscription notifications.
-However, the simple mocked messages may not drive the workflows of real systems in a way that allows
-them to demonstrate their implementation of the PAS specification. Thus, Inferno also allows each message
-returned or initiated by Inferno to be specified by the tester. These messages must themselves be
-conformant to PAS specification requirements and additional test requirements in order for a test run to
-serve as a demonstration of a conformant implementation.
-
-The rest of this section provides details on how Inferno determines the content to use in responses
-and notifications.
-
-### Inferno Modifications of Tester-provided Responses and Notifications
-
-Requests provided by testers will be modified by Inferno to try and populate details that testers won't
-know ahead of time. These modifications fall into two categories:
-- **Timestamps**: creation timestamps, such as those on Bundles, ClaimResponses, and event notifications,
-  will be updated or populated by Inferno so that they are in sync with the time the message is sent.
-- **Resource Ids**: some resource ids will not be known ahead of time and will be added or updated by Inferno 
-  including
-  - *Claim Id*: if the tester provides a `$submit` or `$inquire` response with `ClaimResponse.request` populated,
-    then Inferno will update it with the fullUrl of the Claim provided in the request. This avoids the need for 
-    testers to know the Claim Id ahead of time which may be difficult for some systems.
-  - *ClaimResponse Id*: if the tester provides a Notification but has Inferno generate the `$submit` response,
-    then Inferno will update the focus to use the ClaimResponse id that it generates.
-
-If the tester provides an input that is malformed in some way such that Inferno cannot get the details
-that it needs to make the modifications, then the raw input will be used.
-
-### Response and Notification Correspondence Requirements
-
-Beyond the minor modifications described above, Inferno does not modify provided content to ensure that
-they are consistent with each other or the time they are executed. For example, in the pended
-workflow, it is up to the tester to ensure that if they provide responses for the `$submit` and `$inquire`
-operations that they share whatever details, such as identifiers, needed to connect them together and drive
-the workflow in their system. Timestamps not associated with messaging time such as when a prior authorization
-response is valid are also not modified by Inferno. Unlike details that Inferno modifies as described above,
-testers should have control over and/or knowledge of the necessary details and values to construct consistent
-and working messages for Inferno to use.
-
-### Tester-provided Response and Notification Inputs
-
-The following test inputs control Inferno messaging behavior:
-- **Claim approved response JSON**: If populated, this is used in the "Approval Workflow" group
-  to respond to `$submit` requests. The response needs to indicate to the system that the prior auth request has
-  been approved.
-- **Claim denied response JSON**: If populated, this used in the "Denial Workflow" group
-  to respond to `$submit` requests. The response needs to indicate to the system that the prior auth request has
-  been denied.
-- **Claim pended response JSON**: If populated, this used in the "Pended Workflow" group
-  to respond to `$submit` requests. The response needs to indicate to the system that the prior auth request has
-  been pended.
-- **Claim updated notification JSON**: If populated, this used in the "Pended Workflow" group
-  as the event notification sent for the Subscription indicating that a decision has been finalized for the
-  pended prior auth request. The content of the notification needs to match the details of the Subscription
-  provided in the "Subscription Setup" group.
-- **Inquire approved response JSON**: If populated, this used in the "Pended Workflow"
-  group to respond to `$inquire` requests. The response needs to indicate to the system that the
-  prior auth request has been approved.
-
-### Generation Logic
-
-When generating responses and notifications, Inferno uses the following logic. These conform to the
-requirements of the PAS specification, but may not make sense in an actual workflow.
-- **`$submit` and `$inquire` responses**: these responses are created mostly from the incoming request, specific details include:
-  - The Patient, insurer Organization, and requestor entity instances are pulled into the response
-    Bundle and referenced in the `patient`, `insurer`, and `requestor` elements respectively.
-    Note that get found by following references found in the submitted Claim instance. If relative
-    references are used in the Claim, the Claim entry `fullUrl` needs to be a absolute reference
-    and not a UUID, else the entries won't get pulled in correctly.
-  - In the ClaimResponse, the `identifier`, `type`, `status`, and `use` elements are pulled
-    in from the Claim in the request.
-  - The `Bundle.timestamp` and `ClaimResponse.created` timestamps are populated using the current time.
-  - The `ClaimResponse.outcome` is hardcoded to `complete`.
-  - For each `item` entry in the request Claim, a `ClaimResponse.item` entry is created with the
-    `itemSequence` value copied over, `itemPreAuthIssueDate` and `itemPreAuthPeriod` extensions 
-    added using the current date and a month starting on the current date respectively,
-    and an adjudication entry with a `category` of `submitted` that contains the `reviewAction` extension with a
-    `reviewActionCode` that matches the current workflow: `A1` ("Certified in total") for approval,
-    `A3` ("Not Certified") for denial, and `A4` ("Pending") for pending.
-- **Notification Bundle**: Inferno supports mocking both `id-only` and `full-resource` notifications.
-  The following details are relevant:
-  - Inferno pulls in details from the Subscription created for the test session to use in
-   creating the Notification, including the `topic` and the `subscription` reference.
-  - Inferno hardcodes the `status` as `active` and the `type` as `event-notification`.
-  - Inferno will always include a single `notification-event` entry with a `timestamp` of the current
-    time and with a `focus` that points to the ClaimResponse returned on the `$submit`.
-    If it cannot find the ClaimResponse reference from the `$submit` response returned
-    by Inferno, it will generate a random UUID (which isn't likely to work correctly when received).
-  - The subscription's `events-since-subscription-start` and the event's `event-number` will always
-    be 1 as Inferno is not able to track notifications across multiple sessions or runs.
-  - When generating a `full-resource` notification, Inferno will include `additional-context`
-    references for each entry in the `$submit` response Bundle other than the ClaimResponse
-    (which is already in the `focus`). Then it will include Notification Bundle entries for
-    each instance in the `$submit` response Bundle, including the ClaimResponse, with `reviewActionCode`
-    extensions updated to indicate approval using code `A1` ("Certified in total") for approval.
-
-## Testing Limitations
-
-### Private X12 details
-
-HIPAA [requires](https://hl7.org/fhir/us/davinci-pas/STU2/regulations.html) electronic prior authorization
-processing to use the X12 278 standard. While recent CMS rule-making suggests that [this requirement
-will not be enforced in the future](https://www.cms.gov/newsroom/fact-sheets/cms-interoperability-and-prior-authorization-final-rule-cms-0057-f),
-the current PAS IG relies heavily on X12.  As the IG authors note at the
-top of the [IG home page](https://hl7.org/fhir/us/davinci-pas/STU2/index.html):
-
-> Note that this implementation guide is intended to support mapping between FHIR and X12 transactions. To respect
-> X12 intellectual property, all mapping and X12-specific terminology information will be solely published by X12
-> and made available in accordance with X12 rules - which may require membership and/or payment. Please see this
-> [Da Vinci External Reference page](https://confluence.hl7.org/display/DVP/Da+Vinci+Reference+to+External+Standards+and+Terminologies)
-> for details on how to get this mapping.
->
-> There are many situationally required fields that are specified in the X12 TRN03 guide that do not have guidance
-> in this Implementation Guide. Implementers need to consult the X12 PAS guides to know the requirements for these
-> fields.
->
-> Several of the profiles will require use of terminologies that are part of X12 which we anticipate being made
-> publicly available. At such time as this occurs, the implementation guide will be updated to bind to these as
-> external terminologies.
-
-The implications of this reliance on proprietary information that is not publicly available means that this test
-kit:
-
-- *Cannot verify the correct usage of X12-based terminology*: terminology requirements for all elements bound to X12
-value sets will not be validated.
-- *Cannot verify the meaning of codes*: validation that a given response conveys something specific, e.g., approval
-or pending, is not performed.
-- *Cannot verify matching semantics on inquiries*: no checking of the identity of the ClaimResponse returned for an
-inquiry, e.g., that it matches the input or the original request.
-
-These limitations may be removed in future versions of these tests. In the meantime, testers should consider these
-requirements to be verified through attestation and should not represent their systems to have passed these tests
-if these requirements are not met.
-
-### Subscription Details
-
-Subscription details in the PAS 2.0.1 specification are relatively underspecified and the
-[published 2.1.0 version of the 
-specification](https://hl7.org/fhir/us/davinci-pas/STU2.1/specification.html#subscription) 
-makes significant changes, including requiring `full-resource` and updating details such as
-the filter criteria.
-
-Based on the immaturity of the 2.0.1 requirements around Subscriptions, these tests implement and check for
-the mechanics of Subscriptions and notifications, but do not look closely at the details. For example,
-`id-only` and `full-resource` are supported and the filter criteria format is not checked. Future versions
-of these tests may be more stringent.
-
-Additionally, to test Subscriptions and pending workflows, a new Subscription must be created for each
-test session, which may require testers to re-initialize previously-created Subscriptions. Future versions
-of these tests may relax this requirement and feedback on whether this would reduce burden and how this
-might look are welcome.
-
-### Future Details
-
-The PAS IG places additional requirements on clients that are not currently tested by this test kit, including
-
-- Prior Authorization update workflows
-- Requests for additional information handled through the CDex framework
-- PDF, CDA, and JPG attachments
-- US Core profile support for supporting information
-- The ability to handle responses containing all PAS-defined profiles and must support elements
-- Most details requiring manual review of the client system, e.g., the requirement that clinicians can update
-  details of the prior authorization request before submitting them
-
-These and any other requirements found in the PAS IG may be tested in future versions of these tests.
-
-### Known Issues
-
-Testing has identified issues with the source IG that result in spurious failures. 
-Tests impacted by these issues have an indication in their documentations. The full
-list of known issues can be found on the [repository's issues page with the 'source ig issue'
-label](https://github.com/inferno-framework/davinci-pas-test-kit/labels/source%20ig%20issue).

data/lib/davinci_pas_test_kit/docs/server_suite_description_v201.md

@@ -1,168 +0,0 @@
-The Da Vinci PAS Server Suite validates the conformance of server systems 
-to the STU 2 version of the HL7® FHIR® 
-[Da Vinci Prior Authorization Support Implementation Guide](https://hl7.org/fhir/us/davinci-pas/STU2/).
-
-## Scope
-
-These tests are a **DRAFT** intended to allow PAS server implementers to perform 
-preliminary checks of their servers against PAS IG requirements and [provide 
-feedback](https://github.com/inferno-framework/davinci-pas-test-kit/issues) 
-on the tests. Future versions of these tests may validate other 
-requirements and may change the test validation logic.
-
-## Test Methodology
-
-Inferno will simulate a client and make a series of prior authorization requests to the 
-server under test. Over the course of these requests, Inferno will seek to observe
-conformant handling of PAS requirements, including
-- The ability of the server to use PAS API interactions to communicate 
-    - Approval of a prior authorization request
-    - Denial of a prior authorization request
-    - Pending of a prior authorization request and a subsequent final decision
-    - Inability to process a prior authorization request
-- The ability of the server to handle the full scope of data required by PAS, including
-    - Ability to process prior auth requests and inquiries with all PAS profiles and all must support elements on those profiles
-    - Ability to return responses that demonstrate the use of all PAS profiles and all must support elements on those profiles
-
-Because the business logic that determines decisions and the elements populated in responses
-Is outside of the PAS specification and will vary between implementers, testers
-are required to provide the requests that Inferno will make to the server.
-
-All requests and responses will be checked for conformance to the PAS
-IG requirements individually and used in aggregate to determine whether
-required features and functionality are present. HL7® FHIR® resources are 
-validated with the Java validator using `tx.fhir.org` as the terminology server.
-
-These tests do not currently test the full scope of the IG. See the *Testing Limitations* section below 
-for more details about the current scope of the tests and the reasons that some details have been left out.
-
-## Running the Tests
-
-### Quick Start
-
-Execution of these tests require a significant amount of tester input in the
-form of requests that Inferno will make against the server under test.
-
-If you would like to try out the tests using examples from the IG against the
-[public reference server endpoint](https://prior-auth.davinci.hl7.org/fhir) ([code on github](https://github.com/HL7-DaVinci/prior-auth)), you can do so by 
-1. Selecting the *Prior Authorization Support Reference Implementation* option from the Preset dropdown in the upper left
-2. Clicking the *Run All Tests* button in the upper right
-3. Clicking the *Submit* button at the bottom of the input dialog
-
-You can run these tests using your own server by updating the "FHIR Server Endpoint URL" and "OAuth Credentials" inputs.
-
-Note that:
-- the inputs for these tests are not complete and systems are not expected to pass the tests based on them.
-- the public reference server has not been updated to reflect the STU2 version that these tests target,
-    so expect some additional failures when testing against it.
-
-## Test Configuration Details
-
-The details provided here supplement the documentation of individual fields in the input dialog
-that appears when initiating a test run.
-
-### Server identification
-
-Requests will be made to the `/Claim/$submit` and `/Claim/$inquire` endpoints under the url provided in the "FHIR Server Endpoint URL" field.
-
-### Authentication
-
-The PAS IG states that 
-
-> "PAS Servers **SHOULD** support server-server OAuth… In a future release of this guide, direction will limit the option to [require] server-server OAuth."
-
-The PAS test kit currently assumes that the handshake has already occurred and requires
-that a bearer token be provided in the “OAuth Credentials / Access Token” configuration
-field. Inferno will submit this token on all requests it makes to the server as a part of 
-executing the tests. A complete backend server authentication handshake may be supported
-in future versions of the test kit.
-
-### Payload
-
-All other inputs are for providing bundles for Inferno to submit as a part of the tests. To avoid placing
-requirements on the business logic, Inferno does not have standard requests to send as a part of the tests
-and instead relies on the tester to provide the requests that Inferno will make.
-
-For single-request fields (e.g., “PAS Submit Request Payload for Approval Response”), the input must be a json-encoded FHIR bundle.
-
-For multiple-request fields (e.g., “Additional PAS Submit Request Payloads”), the input must be a json array of json-encoded FHIR bundles (e.g., [fhir-bundle-1, fhir-bundle-2, …] where each fhir-bundle-n is a full bundle).
-
-### Subscription
-
-To provide updates on prior authorization requests that have been pended because a final answer will take longer than
-the allowed response window, servers need to support FHIR Subscriptions. Subscriptions are made at the level of the
-Organization submitting the prior authorization requests and so is expected to be performed once when a provider
-system registers with a specific payer.
-
-Inferno supports that workflow by splitting out Subscription setup tests into a group that can be run before the
-pended workflow group. Inferno assumes that the Subscriptions API is located under the same FHIR base URL as
-the `Claim/$submit` operation and that it uses the same authentication. Testers will provide the following inputs:
-- **Pended Prior Authorization Subscription**: A Subscription body for Inferno to submit to the server under test. 
-  When submitted to the server under test, it should cause notifications to be generated when pended prior
-  authorization requests submitted by Inferno are updated. Inferno will modify it to ensure that it points to
-  the correct Inferno notification endpoint.
-- **Notification Access Token**: An access token that the server under test will send to Inferno on notifications
-  so that the request gets associated with this test session. The token must be provided as a Bearer token in the
-  Authorization header of HTTP requests sent to Inferno.
-
-During the pended workflow test, testers will demonstrate that an update to the submitted and pended prior authorization
-request causes the Subscription to trigger and send a notification to Inferno.
-
-## Testing Limitations
-
-### Private X12 details
-
-HIPAA [requires](https://hl7.org/fhir/us/davinci-pas/STU2/regulations.html) electronic prior authorization
-processing to use the X12 278 standard. While recent CMS rule-making suggests that [this requirement
-will not be enforced in the future](https://www.cms.gov/newsroom/fact-sheets/cms-interoperability-and-prior-authorization-final-rule-cms-0057-f),
-the current PAS IG relies heavily on X12.  As the IG authors note at the
-top of the [IG home page](https://hl7.org/fhir/us/davinci-pas/STU2/):
-
-> Note that this implementation guide is intended to support mapping between FHIR and X12 transactions. To respect
-> X12 intellectual property, all mapping and X12-specific terminology information will be solely published by X12
-> and made available in accordance with X12 rules - which may require membership and/or payment. Please see this
-> [Da Vinci External Reference page](https://confluence.hl7.org/display/DVP/Da+Vinci+Reference+to+External+Standards+and+Terminologies) 
-> for details on how to get this mapping.
->
-> There are many situationally required fields that are specified in the X12 TRN03 guide that do not have guidance
-> in this Implementation Guide. Implementers need to consult the X12 PAS guides to know the requirements for these
-> fields.
->
-> Several of the profiles will require use of terminologies that are part of X12 which we anticipate being made
-> publicly available. At such time as this occurs, the implementation guide will be updated to bind to these as
-> external terminologies.
-
-The implications of this reliance on proprietary information that is not publicly available means that this test
-kit:
-
-- Cannot verify the correct usage of X12-based terminology: terminology requirements for all elements bound to X12
-    value sets will not be validated.
-- Cannot verify the meaning of codes: validation that a given response conveys something specific, e.g., approval
-    or pending, is not performed.
-- Cannot verify matching semantics on inquiries: no checking of the identity of the ClaimResponse returned for an
-    inquiry, e.g., that it matches the input or the original request.
-
-These limitations may be removed in future versions of these tests. In the meantime, testers should consider these
-requirements to be verified through attestation and should not represent their systems to have passed these tests
-if these requirements are not met.
-
-### Future Details
-
-The PAS IG places additional requirements on servers that are not currently tested by this test kit, including
-
-- Prior Authorization update workflows
-- Requests for additional information handled through the CDex framework
-- PDF, CDA, and JPG attachments
-- US Core profile support for supporting information
-- Inquiry matching and subsetting logic
-- Inquiry requests from non-submitting systems
-- Collection of metrics
-
-These and any other requirements found in the PAS IG may be tested in future versions of these tests.
-
-### Known Issues
-
-Testing has identified issues with the source IG that result in spurious failures. 
-Tests impacted by these issues have an indication in their documentations. The full
-list of known issues can be found on the [repository's issues page with the 'source ig issue'
-label](https://github.com/inferno-framework/davinci-pas-test-kit/labels/source%20ig%20issue).