inferno_core 0.4.37 → 0.4.39

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5fad068333ba8fce867afba323937728da89231ded560129675318866059975a
-  data.tar.gz: d231cf80975b781b0584c5bb2b4677e1493eaba2fa6469ffca490e113d46ba08
+  metadata.gz: 1c569fc01e07576cb3aa512c37a69d730bc7b9848bd24ed95935b23a0d52759c
+  data.tar.gz: 41165f4f56dcf7c7e552ec0c391b868e5020feed0957f12d508489835a91d140
 SHA512:
-  metadata.gz: 34c983546c7ea05443d9edde97e59d9c9dab2e1848271eefb4f888ff58cafc1219541de91634250ae4831162689cdd9e1e8f043735bc0fe6e495c86eb3a1bf41
-  data.tar.gz: 2208622633268affb624426a91f4d6b7feed45cd7eac97dbad7c750c22169d7c08c5297fa96f8be86d13785faccf9966ad328b700528bcce0d2b8c6ba9cf97d1
+  metadata.gz: 03cb4fec0a859ba0967d891b62d4741b6a241839bce017ac0a9f212c06cabbec45e3d8c9464d8a75421c697c6e547af19e5bdbe8055ab7ea630344a781dfdf5e
+  data.tar.gz: ad2fc2e5f42777535e912e4bc8217f48d9d90babb074b071b7437fb3b987f4f8470f505f9e1bd29b1b893f7b6ccc36800145ad62fe82664188e0eab965b71cf5

data/lib/inferno/apps/cli/console.rb

@@ -4,6 +4,9 @@ module Inferno
       def run
         require_relative '../../../inferno'
 
+        ENV['ASYNC_JOBS'] = 'false'
+        ENV['INITIALIZE_VALIDATOR_SESSIONS'] = 'false'
+
         Inferno::Application.finalize!
         Pry.start
       end

data/lib/inferno/apps/cli/main.rb

@@ -11,6 +11,7 @@ module Inferno
     class Main < Thor
       desc 'console', 'Start an interactive console session with Inferno'
       def console
+        Migration.new.run(Logger::INFO)
         Console.new.run
       end
 
@@ -25,20 +26,25 @@ module Inferno
              type: :boolean,
              desc: 'Automatically restart Inferno when a file is changed.'
       def start
-        command = 'foreman start --env=/dev/null'
-        if `gem list -i foreman`.chomp == 'false'
-          puts "You must install foreman with 'gem install foreman' prior to running Inferno."
-        end
+        Migration.new.run(Logger::INFO)
+
+        without_bundler do
+          command = 'foreman start --env=/dev/null'
 
-        if options[:watch]
-          if `gem list -i rerun`.chomp == 'false'
-            puts "You must install 'rerun' with 'gem install rerun' to restart on file changes."
+          if `gem list -i foreman`.chomp == 'false'
+            puts "You must install foreman with 'gem install foreman' prior to running Inferno."
           end
 
-          command = "rerun \"#{command}\" --background"
-        end
+          if options[:watch]
+            if `gem list -i rerun`.chomp == 'false'
+              puts "You must install 'rerun' with 'gem install rerun' to restart on file changes."
+            end
+
+            command = "rerun \"#{command}\" --background"
+          end
 
-        exec command
+          exec command
+        end
       end
 
       desc 'suites', 'List available test suites'
@@ -58,6 +64,19 @@ module Inferno
       def version
         puts "Inferno Core v#{Inferno::VERSION}"
       end
+
+      private
+
+      # https://github.com/rubocop/rubocop/issues/12571 - still affects Ruby 3.1 upto Rubocop 1.63
+      # rubocop:disable Naming/BlockForwarding
+      def without_bundler(&block)
+        if defined?(Bundler) && ENV['BUNDLE_GEMFILE']
+          Bundler.with_unbundled_env(&block)
+        else
+          yield
+        end
+      end
+      # rubocop:enable Naming/BlockForwarding
     end
   end
 end

data/lib/inferno/apps/cli/migration.rb

@@ -3,9 +3,9 @@ require_relative '../../utils/migration'
 module Inferno
   module CLI
     class Migration
-      def run
+      def run(log_level = Logger::DEBUG)
         Inferno::Application.start(:logging)
-        Inferno::Application['logger'].level = Logger::DEBUG
+        Inferno::Application['logger'].level = log_level
 
         Utils::Migration.new.run
       end

data/lib/inferno/apps/cli/templates/.env.development

@@ -1,2 +1,2 @@
-VALIDATOR_URL=http://localhost/validatorapi
+FHIR_RESOURCE_VALIDATOR_URL=http://localhost/hl7validatorapi
 REDIS_URL=redis://localhost:6379/0

data/lib/inferno/apps/cli/templates/.env.production

@@ -1,2 +1,2 @@
 REDIS_URL=redis://redis:6379/0
-VALIDATOR_URL=http://validator_service:4567
+FHIR_RESOURCE_VALIDATOR_URL=http://hl7_validator_service:3500

data/lib/inferno/apps/cli/templates/.env.test

@@ -1,2 +1,2 @@
-VALIDATOR_URL=https://example.com/validatorapi
+FHIR_RESOURCE_VALIDATOR_URL=https://example.com/validatorapi
 ASYNC_JOBS=false

data/lib/inferno/apps/cli/templates/config/nginx.background.conf.tt

@@ -82,5 +82,21 @@ http {
 
       proxy_pass http://validator_service:4567/;
     }
+
+    location /hl7validatorapi/ {
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header Host $http_host;
+      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_set_header X-Forwarded-Port $server_port;
+      proxy_redirect off;
+      proxy_set_header Connection '';
+      proxy_http_version 1.1;
+      chunked_transfer_encoding off;
+      proxy_buffering off;
+      proxy_cache off;
+      proxy_read_timeout 600s;
+
+      proxy_pass http://hl7_validator_service:3500/;
+    }
   }
 }

data/lib/inferno/apps/cli/templates/config/nginx.conf.tt

@@ -97,5 +97,21 @@ http {
 
       proxy_pass http://validator_service:4567/;
     }
+
+    location /hl7validatorapi/ {
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header Host $http_host;
+      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_set_header X-Forwarded-Port $server_port;
+      proxy_redirect off;
+      proxy_set_header Connection '';
+      proxy_http_version 1.1;
+      chunked_transfer_encoding off;
+      proxy_buffering off;
+      proxy_cache off;
+      proxy_read_timeout 600s;
+
+      proxy_pass http://hl7_validator_service:3500/;
+    }
   }
 }

data/lib/inferno/apps/cli/templates/docker-compose.background.yml.tt

@@ -1,5 +1,16 @@
 version: '3'
 services:
+  hl7_validator_service:
+    image: infernocommunity/inferno-resource-validator
+    environment:
+      # Defines how long validator sessions last if unused, in minutes:
+      # Negative values mean sessions never expire, 0 means sessions immediately expire
+      SESSION_CACHE_DURATION: -1
+    volumes:
+      - ./<%= ig_path %>:/app/igs
+      # To let the service share your local FHIR package cache,
+      # uncomment the below line
+      # - ~/.fhir:/home/ktor/.fhir
   validator_service:
     image: infernocommunity/fhir-validator-service
     # Update this path to match your directory structure

data/lib/inferno/apps/cli/templates/docker-compose.yml.tt

@@ -15,6 +15,10 @@ services:
     command: bundle exec sidekiq -r ./worker.rb
     depends_on:
       - redis
+  hl7_validator_service:
+    extends:
+      file: docker-compose.background.yml
+      service: hl7_validator_service
   validator_service:
     extends:
       file: docker-compose.background.yml

data/lib/inferno/apps/cli/templates/lib/%library_name%/igs/README.md

@@ -0,0 +1,21 @@
+# Note on this IGs folder
+
+There are three reasons why it would be necessary to put an IG package.tgz in this folder. If none of these apply, you do not need to put any files here, or can consider removing any existing files to make it clear they are unused.
+
+## 1. Generated Test Suites
+Some test kits use a "generator" to automatically generate the contents of a test suite for an IG. The IG files are required every time the test suites need to be regenerated. Examples of test kits that use this approach are the US Core Test Kit and CARIN IG for Blue Button® Test Kit.
+
+
+## 2. Non-published IG
+If your IG, or the specific version of the IG you want to test against, is not published, then the validator service needs to load the IG from file in order to be able to validate resources with it. The IG must be referenced in the `fhir_resource_validator` block in the test suite definition by filename, ie:
+
+```ruby
+      fhir_resource_validator do
+        igs 'igs/filename.tgz'
+
+        ...
+      end
+```
+
+## 3. Inferno Validator UI
+The Inferno Validator UI is configured to auto-load any IGs present in the igs folder and include them in all validations. In general, the Inferno team is currently leaving IGs in this folder even if not otherwise necessary to make it easy to re-enable the validator UI.

data/lib/inferno/apps/cli/templates/lib/%library_name%.rb.tt

@@ -21,9 +21,14 @@ module <%= module_name %>
       oauth_credentials :credentials
     end
 
-    # All FHIR validation requsets will use this FHIR validator
-    validator do
-      url ENV.fetch('VALIDATOR_URL')
+    # All FHIR validation requests will use this FHIR validator
+    fhir_resource_validator do
+      # igs 'identifier#version' # Use this method for published IGs/versions
+      # igs 'igs/filename.tgz'   # Use this otherwise
+
+      exclude_message do |message|
+        message.message.match?(/\A\S+: \S+: URL value '.*' does not resolve/)
+      end
     end
 
     # Tests and TestGroups can be defined inline

data/lib/inferno/apps/cli/templates/spec/%library_name%/patient_group_spec.rb.tt

@@ -4,7 +4,26 @@ RSpec.describe <%= module_name %>::PatientGroup do
   let(:session_data_repo) { Inferno::Repositories::SessionData.new }
   let(:test_session) { repo_create(:test_session, test_suite_id: '<%= test_suite_id %>') }
   let(:url) { 'http://example.com/fhir' }
-  let(:error_outcome) { FHIR::OperationOutcome.new(issue: [{ severity: 'error' }]) }
+  let(:success_outcome) do
+    {
+      outcomes: [{
+        issues: []
+      }],
+      sessionId: ''
+    }
+  end
+  let(:error_outcome) do
+    {
+      outcomes: [{
+        issues: [{
+          location: 'Patient.identifier[0]',
+          message: 'Identifier.system must be an absolute reference, not a local reference',
+          level: 'ERROR'
+        }]
+      }],
+      sessionId: ''
+    }
+  end
 
   def run(runnable, inputs = {})
     test_run_params = { test_session_id: test_session.id }.merge(runnable.reference_hash)
@@ -67,9 +86,9 @@ RSpec.describe <%= module_name %>::PatientGroup do
     let(:test) { group.tests.last }
 
     it 'passes if the resource is valid' do
-      stub_request(:post, "#{ENV.fetch('VALIDATOR_URL')}/validate")
+      stub_request(:post, "#{ENV.fetch('FHIR_RESOURCE_VALIDATOR_URL')}/validate")
         .with(query: hash_including({}))
-        .to_return(status: 200, body: FHIR::OperationOutcome.new.to_json)
+        .to_return(status: 200, body: success_outcome.to_json)
 
       resource = FHIR::Patient.new
       repo_create(
@@ -79,13 +98,13 @@ RSpec.describe <%= module_name %>::PatientGroup do
         response_body: resource.to_json
       )
 
-      result = run(test)
+      result = run(test, url: url)
 
       expect(result.result).to eq('pass')
     end
 
     it 'fails if the resource is not valid' do
-      stub_request(:post, "#{ENV.fetch('VALIDATOR_URL')}/validate")
+      stub_request(:post, "#{ENV.fetch('FHIR_RESOURCE_VALIDATOR_URL')}/validate")
         .with(query: hash_including({}))
         .to_return(status: 200, body: error_outcome.to_json)
 
@@ -97,7 +116,7 @@ RSpec.describe <%= module_name %>::PatientGroup do
         response_body: resource.to_json
       )
 
-      result = run(test)
+      result = run(test, url: url)
 
       expect(result.result).to eq('fail')
     end

data/lib/inferno/config/boot/sidekiq.rb

@@ -5,6 +5,11 @@ Inferno::Application.register_provider(:sidekiq) do
     if Inferno::Application['async_jobs']
       Sidekiq.configure_server do |config|
         config.redis = { url: ENV.fetch('REDIS_URL', 'redis://127.0.0.1:6379/0') }
+
+        config.capsule('validator_sessions') do |cap|
+          cap.concurrency = ENV.fetch('VALIDATOR_SESSIONS_CONCURRENCY', '1').to_i
+          cap.queues = ['validator_sessions']
+        end
       end
     end
   end

data/lib/inferno/config/boot/validator.rb

@@ -8,6 +8,8 @@ Inferno::Application.register_provider(:validator) do
 
     next if ENV['APP_ENV'] == 'test'
 
+    next if ENV.fetch('INITIALIZE_VALIDATOR_SESSIONS', 'true').casecmp?('false')
+
     Inferno::Repositories::TestSuites.new.all.each do |suite|
       suite.fhir_validators.each do |name, validators|
         validators.each_with_index do |validator, index|

data/lib/inferno/dsl/auth_info.rb

@@ -0,0 +1,174 @@
+require_relative '../entities/attributes'
+
+module Inferno
+  module DSL
+    # AuthInfo provide a user with a single input which contains the information
+    # needed for a fhir client to perform authorization and refresh an access
+    # token when necessary.
+    #
+    # AuthInfo supports the following `auth_type`:
+    # - `public` - client id only
+    # - `symmetric` - Symmetric confidential (i.e., with a static client id and
+    #   secret)
+    # - `asymmetric` - Symmetric confidential (i.e., a client id with a signed
+    #   JWT rather than a client secret)
+    # - `backend_services`
+    #
+    # When configuring an AuthInfo input, the invdidual fields are exposed as
+    # `components` in the input's options, and can be configured there similar
+    # to normal inputs.
+    #
+    # The AuthInfo input type supports two different modes in the UI. Different
+    # fields will be presented to the user dependengi on which mode is selected.
+    # - `auth` - This presents the inputs needed to perform authorization, and
+    #   is appropriate to use as an input to test groups which perform
+    #   authorization
+    # - `access` - This presents the inputs needed to access resources assuming
+    #   that authorization has already happened, and is appropriate to use as an
+    #   input to test groups which access resources using previously granted
+    #   authorization
+    #
+    # @example
+    # class AuthInfoExampleSuite < Inferno::TestSuite
+    #   input :url,
+    #         title: 'Base FHIR url'
+    #
+    #   group do
+    #     title 'Perform public authorization'
+    #     input :fhir_auth,
+    #           type: :auth_info,
+    #           options: {
+    #             mode: 'auth',
+    #             components: [
+    #               {
+    #                 name: :auth_type,
+    #                 default: 'public',
+    #                 locked: true
+    #               }
+    #             ]
+    #           }
+    #
+    #     # Some tests here to perform authorization
+    #   end
+    #
+    #   group do
+    #     title 'FHIR API Tests'
+    #     input :fhir_auth,
+    #           type: :auth_info,
+    #           options: {
+    #             mode: 'access'
+    #           }
+    #
+    #     fhir_client do
+    #       url :url
+    #       auth_info :fhir_auth # NOT YET IMPLEMENTED
+    #     end
+    #
+    #     # Some tests here to access FHIR API
+    #   end
+    # end
+    class AuthInfo
+      ATTRIBUTES = [
+        :auth_type,
+        :use_discovery,
+        :token_url,
+        :auth_url,
+        :requested_scopes,
+        :client_id,
+        :client_secret,
+        :redirect_url, # TODO: does this belong here?
+        :pkce_support,
+        :pkce_code_challenge_method,
+        :auth_request_method,
+        :encryption_algorithm,
+        :kid,
+        :jwks,
+        :access_token,
+        :refresh_token,
+        :issue_time,
+        :expires_in,
+        :name
+      ].freeze
+
+      include Entities::Attributes
+
+      attr_accessor :client
+
+      # @!attribute [rw] auth_type The type of authorization to be performed.
+      #   One of `public`, `symmetric`, `asymmetric`, or `backend_services`
+      # @!attribute [rw] token_url The url of the auth server's token endpoint
+      # @!attribute [rw] auth_url The url of the authorization endpoint
+      # @!attribute [rw] requested_scopes The scopes which will be requested
+      #   during authorization
+      # @!attribute [rw] client_id
+      # @!attribute [rw] client_secret
+      # @!attribute [rw] redirect_url
+      # @!attribute [rw] pkce_support Whether PKCE will be used during
+      #   authorization. Either `enabled` or `disabled`.
+      # @!attribute [rw] pkce_code_challenge_method Either `S256` (default) or
+      #   `plain`
+      # @!attribute [rw] auth_request_method The http method which will be used
+      #   to perform the request to the authorization endpoint. Either `get`
+      #   (default) or `post`
+      # @!attribute [rw] encryption_algorithm The encryption algorithm which
+      #   will be used to sign the JWT client credentials. Either `es384`
+      #   (default) or `rs384`
+      # @!attribute [rw] kid The key id for the keys to be used to sign the JWT
+      #   client credentials. When blank, the first key for the selected
+      #   encryption algorithm will be used
+      # @!attribute [rw] jwks A JWKS (including private keys) which will be used
+      #   instead of Inferno's default JWKS if provided
+      # @!attribute [rw] access_token
+      # @!attribute [rw] refresh_token
+      # @!attribute [rw] issue_time An iso8601 formatted string representing the
+      #   time the access token was issued
+      # @!attribute [rw] expires_in The lifetime of the access token in seconds
+      # @!attribute [rw] name
+
+      # @private
+      def initialize(raw_attributes_hash)
+        attributes_hash = raw_attributes_hash.symbolize_keys
+
+        invalid_keys = attributes_hash.keys - ATTRIBUTES
+
+        raise Exceptions::UnknownAttributeException.new(invalid_keys, self.class) if invalid_keys.present?
+
+        attributes_hash.each do |name, value|
+          value = DateTime.parse(value) if name == :issue_time && value.is_a?(String)
+
+          instance_variable_set(:"@#{name}", value)
+        end
+
+        self.issue_time = DateTime.now if access_token.present? && issue_time.blank?
+      end
+
+      # @private
+      def to_hash
+        self.class::ATTRIBUTES.each_with_object({}) do |attribute, hash|
+          value = send(attribute)
+          next if value.nil?
+
+          value = issue_time.iso8601 if attribute == :issue_time
+
+          hash[attribute] = value
+        end
+      end
+
+      # @private
+      def to_s
+        JSON.generate(to_hash)
+      end
+
+      # @private
+      def add_to_client(client)
+        # TODO
+        # client.auth = self
+        # self.client = client
+
+        # return unless access_token.present?
+
+        # client.set_bearer_token(access_token)
+      end
+    end
+  end
+end

data/lib/inferno/dsl/resume_test_route.rb

@@ -1,4 +1,4 @@
-require_relative 'suite_endpoint'
+require 'hanami/controller'
 
 module Inferno
   module DSL
@@ -6,47 +6,58 @@ module Inferno
     # an incoming request.
     # @private
     # @see Inferno::DSL::Runnable#resume_test_route
-    class ResumeTestRoute < SuiteEndpoint
-      # The incoming request
-      #
-      # @return [Inferno::Entities::Request]
-      def request
-        @request ||= Inferno::Entities::Request.from_hanami_request(req)
+    class ResumeTestRoute < Hanami::Action
+      include Import[
+                requests_repo: 'inferno.repositories.requests',
+                results_repo: 'inferno.repositories.results',
+                test_runs_repo: 'inferno.repositories.test_runs',
+                tests_repo: 'inferno.repositories.tests'
+              ]
+
+      def self.call(...)
+        new.call(...)
       end
 
       # @private
-      def test_run_identifier
-        @test_run_identifier ||= instance_exec(request, &test_run_identifier_block)
+      def test_run_identifier_block
+        self.class.singleton_class.instance_variable_get(:@test_run_identifier_block)
       end
 
       # @private
       def tags
-        self.class.singleton_class.instance_variable_get(:@tags) || []
+        self.class.singleton_class.instance_variable_get(:@tags)
       end
 
       # @private
-      def update_result
-        results_repo.update_result(result.id, new_result)
+      def result
+        self.class.singleton_class.instance_variable_get(:@result)
       end
 
       # @private
-      def make_response
-        res.redirect_to redirect_route(test_run, test)
+      def find_test_run(test_run_identifier)
+        test_runs_repo.find_latest_waiting_by_identifier(test_run_identifier)
       end
 
       # @private
-      def name
-        test.config.request_name(test.incoming_request_name)
+      def find_waiting_result(test_run)
+        results_repo.find_waiting_result(test_run_id: test_run.id)
       end
 
       # @private
-      def test_run_identifier_block
-        self.class.singleton_class.instance_variable_get(:@test_run_identifier_block)
+      def update_result(waiting_result)
+        results_repo.update_result(waiting_result.id, result)
       end
 
       # @private
-      def new_result
-        self.class.singleton_class.instance_variable_get(:@new_result)
+      def persist_request(request, test_run, waiting_result, test)
+        requests_repo.create(
+          request.to_hash.merge(
+            test_session_id: test_run.test_session_id,
+            result_id: waiting_result.id,
+            name: test.config.request_name(test.incoming_request_name),
+            tags:
+          )
+        )
       end
 
       # @private
@@ -54,10 +65,38 @@ module Inferno
         "#{Application['base_url']}/test_sessions/#{test_run.test_session_id}##{resume_ui_at_id(test_run, test)}"
       end
 
+      # @private
+      def find_test(waiting_result)
+        tests_repo.find(waiting_result.test_id)
+      end
+
       # @private
       def resume_ui_at_id(test_run, test)
         test_run.test_suite_id || test_run.test_group_id || test.parent.id
       end
+
+      # @private
+      def handle(req, res)
+        request = Inferno::Entities::Request.from_hanami_request(req)
+
+        test_run_identifier = instance_exec(request, &test_run_identifier_block)
+
+        test_run = find_test_run(test_run_identifier)
+
+        halt 500, "Unable to find test run with identifier '#{test_run_identifier}'." if test_run.nil?
+
+        test_runs_repo.mark_as_no_longer_waiting(test_run.id)
+
+        waiting_result = find_waiting_result(test_run)
+        test = find_test(waiting_result)
+
+        update_result(waiting_result)
+        persist_request(request, test_run, waiting_result, test)
+
+        Jobs.perform(Jobs::ResumeTestRun, test_run.id)
+
+        res.redirect_to redirect_route(test_run, test)
+      end
     end
   end
 end

data/lib/inferno/dsl/runnable.rb

@@ -343,7 +343,7 @@ module Inferno
         route_class = Class.new(ResumeTestRoute) do |klass|
           klass.singleton_class.instance_variable_set(:@test_run_identifier_block, block)
           klass.singleton_class.instance_variable_set(:@tags, tags)
-          klass.singleton_class.instance_variable_set(:@new_result, result)
+          klass.singleton_class.instance_variable_set(:@result, result)
         end
 
         route(method, path, route_class)

data/lib/inferno/dsl/suite_endpoint.rb

@@ -244,7 +244,7 @@ module Inferno
 
       # @private
       def resume_test_run?
-        find_result&.result != 'waiting'
+        find_result&.result != 'wait'
       end
 
       # @private
@@ -289,7 +289,6 @@ module Inferno
           uri.query = env['rack.request.query_string'] if env['rack.request.query_string'].present?
           url = uri&.to_s
           verb = env['REQUEST_METHOD']
-          logger.info('get body')
           request_body = env['rack.input']
           request_body.rewind if env['rack.input'].respond_to? :rewind
           request_body = request_body.instance_of?(Puma::NullIO) ? nil : request_body.string

data/lib/inferno/jobs/invoke_validator_session.rb

@@ -2,6 +2,7 @@ module Inferno
   module Jobs
     class InvokeValidatorSession
       include Sidekiq::Worker
+      sidekiq_options queue: 'validator_sessions'
 
       def perform(suite_id, validator_name, validator_index)
         suite = Inferno::Repositories::TestSuites.new.find suite_id