RubyGems - onc_certification_g10_test_kit - Versions diffs - 2.0.0.rc1 → 2.0.0 - Mend

onc_certification_g10_test_kit 2.0.0.rc1 → 2.0.0

Files changed (19) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 22654319a665e8dec89c10ea77df9f9053ad41655d477ef4911ee70d4eb9dbc4
-  data.tar.gz: 8fdcd85421346c7bee498327c70249efa2c2971199f3ddb3ff455cd02af73bc2
+  metadata.gz: 76c238a8340939555c2dd9b3450dc05a2d00cfa2f2da7e95c8d573e6e15bdfc9
+  data.tar.gz: 3b86e20c0f6b4e5039f9e50ee63cdc7dddd6968723cb02d2e05556add8c52f98
 SHA512:
-  metadata.gz: ee712d726c9fb438607abe8e3d2b2e84983bcb36300ea33fc741a6a89ae9ea1f6b7d9d1c069f688293bf044f963c73a09daac189d279915c4778922723d6f52d
-  data.tar.gz: a713aaa7ac55ed4579bc5ac0dfa6aee7998be80266640d30582fe997454976a0a4dcd03987a451f39be133b68330e250272e47fbb3cbd4b887ae8843e1d7d9d3
+  metadata.gz: cfd506cb46b30d272ca38c7e8cce955a1c2e3216c5b06f398ccc19f50137791b50fd36704eb7b010cc8c8fccc5923bf8ea4e82ae544409f58fbbd3975a860a75
+  data.tar.gz: 1f75ae0d2285fea70386f16a8f49a4ad7c255d5436470978de68b8012245059191b16e0799d915ead8061b1327bbb943f98d7c5110a6636bca1215b54e0cfd37

data/lib/inferno/terminology/tasks/cleanup_precursors.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+require_relative 'temp_dir'
 module Inferno
   module Terminology
     module Tasks

data/lib/onc_certification_g10_test_kit/base_token_refresh_group.rb CHANGED Viewed

@@ -12,7 +12,7 @@ module ONCCertificationG10TestKit
       Token refreshes are accomplished through a `POST` request to the token
       exchange endpoint as described in the [SMART App Launch
-      Framework](http://www.hl7.org/fhir/smart-app-launch/#step-5-later-app-uses-a-refresh-token-to-obtain-a-new-access-token).
+      Framework](http://hl7.org/fhir/smart-app-launch/1.0.0/index.html#step-5-later-app-uses-a-refresh-token-to-obtain-a-new-access-token).
       # Test Methodology
@@ -25,7 +25,7 @@ module ONCCertificationG10TestKit
       * [The OAuth 2.0 Authorization
         Framework](https://tools.ietf.org/html/rfc6749)
       * [Using a refresh token to obtain a new access
-        token](http://hl7.org/fhir/smart-app-launch/#step-5-later-app-uses-a-refresh-token-to-obtain-a-new-access-token)
+        token](http://hl7.org/fhir/smart-app-launch/1.0.0/index.html#step-5-later-app-uses-a-refresh-token-to-obtain-a-new-access-token)
     )
     id :g10_token_refresh

data/lib/onc_certification_g10_test_kit/bulk_data_authorization.rb CHANGED Viewed

@@ -6,7 +6,7 @@ module ONCCertificationG10TestKit
     short_description 'Demonstrate SMART Backend Services Authorization for Bulk Data.'
     description <<~DESCRIPTION
       Bulk Data servers are required to authorize clients using the
-      [Backend Service Authorization](http://hl7.org/fhir/uv/bulkdata/STU1/authorization/)
+      [Backend Service Authorization](http://hl7.org/fhir/uv/bulkdata/STU1/authorization/index.html)
       specification as defined in the [FHIR Bulk Data Access IG v1.0.0](http://hl7.org/fhir/uv/bulkdata/STU1/).
       In this set of tests, Inferno serves as a Bulk Data client that requests authorization
@@ -86,7 +86,7 @@ module ONCCertificationG10TestKit
         error response as described in [Section 5.2](https://tools.ietf.org/html/rfc6749#section-5.2).
         ```
       DESCRIPTION
-      # link 'http://hl7.org/fhir/uv/bulkdata/authorization/index.html#protocol-details'
+      # link 'http://hl7.org/fhir/uv/bulkdata/STU1/authorization/index.html#protocol-details'
       run do
         post_request_content = AuthorizationRequestBuilder.build(encryption_method: bulk_encryption_method,
@@ -117,7 +117,7 @@ module ONCCertificationG10TestKit
         error response as described in [Section 5.2](https://tools.ietf.org/html/rfc6749#section-5.2).
         ```
       DESCRIPTION
-      # link 'http://hl7.org/fhir/uv/bulkdata/authorization/index.html#protocol-details'
+      # link 'http://hl7.org/fhir/uv/bulkdata/STU1/authorization/index.html#protocol-details'
       run do
         post_request_content = AuthorizationRequestBuilder.build(encryption_method: bulk_encryption_method,
@@ -157,7 +157,7 @@ module ONCCertificationG10TestKit
         error response as described in [Section 5.2](https://tools.ietf.org/html/rfc6749#section-5.2).
         ```
       DESCRIPTION
-      # link 'http://hl7.org/fhir/uv/bulkdata/authorization/index.html#protocol-details'
+      # link 'http://hl7.org/fhir/uv/bulkdata/STU1/authorization/index.html#protocol-details'
       run do
         post_request_content = AuthorizationRequestBuilder.build(encryption_method: bulk_encryption_method,
@@ -177,7 +177,7 @@ module ONCCertificationG10TestKit
       description <<~DESCRIPTION
         If the access token request is valid and authorized, the authorization server SHALL issue an access token in response.
       DESCRIPTION
-      # link 'http://hl7.org/fhir/uv/bulkdata/authorization/index.html#issuing-access-tokens'
+      # link 'http://hl7.org/fhir/uv/bulkdata/STU1/authorization/index.html#issuing-access-tokens'
       output :authentication_response
@@ -208,7 +208,7 @@ module ONCCertificationG10TestKit
         | expires_in | required | The lifetime in seconds of the access token. The recommended value is 300, for a five-minute token lifetime. |
         | scope | required | Scope of access authorized. Note that this can be different from the scopes requested by the app. |
       DESCRIPTION
-      # link 'http://hl7.org/fhir/uv/bulkdata/authorization/index.html#issuing-access-tokens'
+      # link 'http://hl7.org/fhir/uv/bulkdata/STU1/authorization/index.html#issuing-access-tokens'
       input :authentication_response
       output :bearer_token

data/lib/onc_certification_g10_test_kit/bulk_data_group_export.rb CHANGED Viewed

@@ -58,7 +58,7 @@ module ONCCertificationG10TestKit
       description <<~DESCRIPTION
         The Bulk Data Server SHALL declare support for Group/[id]/$export operation in its server CapabilityStatement
       DESCRIPTION
-      # link 'http://hl7.org/fhir/uv/bulkdata/OperationDefinition-group-export.html'
+      # link 'http://hl7.org/fhir/uv/bulkdata/STU1/OperationDefinition-group-export.html'
       run do
         fhir_get_capability_statement(client: :bulk_server)
@@ -91,7 +91,7 @@ module ONCCertificationG10TestKit
         [The OAuth 2.0 Authorization Framework: Bearer Token Usage](https://tools.ietf.org/html/rfc6750#section-3.1)
         recommend using HTTP status code 401 for invalid token but also allow the actual result be controlled by policy and context.
       DESCRIPTION
-      # link 'http://hl7.org/fhir/uv/bulkdata/export/index.html#bulk-data-kick-off-request'
+      # link 'http://hl7.org/fhir/uv/bulkdata/STU1/export/index.html#bulk-data-kick-off-request'
       include ExportKickOffPerformer
@@ -111,7 +111,7 @@ module ONCCertificationG10TestKit
         * HTTP Status Code of 202 Accepted
         * Content-Location header with the absolute URL of an endpoint for subsequent status requests (polling location)
       DESCRIPTION
-      # link 'http://hl7.org/fhir/uv/bulkdata/export/index.html#response---success'
+      # link 'http://hl7.org/fhir/uv/bulkdata/STU1/export/index.html#response---success'
       include ExportKickOffPerformer
@@ -140,7 +140,7 @@ module ONCCertificationG10TestKit
         * transactionTime, request, requiresAccessToken, output, and error
       DESCRIPTION
-      # link 'http://hl7.org/fhir/uv/bulkdata/export/index.html#bulk-data-status-request'
+      # link 'http://hl7.org/fhir/uv/bulkdata/STU1/export/index.html#bulk-data-status-request'
       input :polling_url
@@ -205,7 +205,7 @@ module ONCCertificationG10TestKit
         * url - the path to the file. The format of the file SHOULD reflect that requested in the _outputFormat parameter of the initial kick-off request.
       DESCRIPTION
-      # link 'http://hl7.org/fhir/uv/bulkdata/export/index.html#response---complete-status'
+      # link 'http://hl7.org/fhir/uv/bulkdata/STU1/export/index.html#response---complete-status'
       input :status_response
@@ -234,7 +234,7 @@ module ONCCertificationG10TestKit
         After a bulk data request has been started, a client MAY send a delete request to the URL provided in the Content-Location header to cancel the request.
         Bulk Data Server MUST support client's delete request and return HTTP Status Code of "202 Accepted"
       DESCRIPTION
-      # link 'http://hl7.org/fhir/uv/bulkdata/export/index.html#bulk-data-delete-request'
+      # link 'http://hl7.org/fhir/uv/bulkdata/STU1/export/index.html#bulk-data-delete-request'
       include ExportKickOffPerformer

data/lib/onc_certification_g10_test_kit/bulk_data_group_export_validation.rb CHANGED Viewed

@@ -55,7 +55,7 @@ module ONCCertificationG10TestKit
         recommend using HTTP status code 401 for invalid token but also allow the actual result be controlled by policy#{' '}
         and context.
       DESCRIPTION
-      # link 'http://hl7.org/fhir/uv/bulkdata/export/index.html#file-request'
+      # link 'http://hl7.org/fhir/uv/bulkdata/STU1/export/index.html#file-request'
       input :bulk_download_url
@@ -436,9 +436,10 @@ module ONCCertificationG10TestKit
     end
     test do
-      title 'Location resources returned conform to the US Core Location Profile'
+      title 'Location resources returned conform to the HL7 FHIR Specification Location Resource if bulk data export' \
+            ' has Location resources'
       description <<~DESCRIPTION
-        This test verifies that the resources returned from bulk data export conform to the US Core profiles. This includes checking for missing data elements and value set verification.
+        This test verifies that the resources returned from bulk data export conform to the US Core profiles. This includes checking for missing data elements and value set verification. This test is omitted if bulk data export does not return any Location resources.
       DESCRIPTION
       # link 'http://hl7.org/fhir/us/core/StructureDefinition/us-core-location'
@@ -454,9 +455,10 @@ module ONCCertificationG10TestKit
     end
     test do
-      title 'Medication resources returned conform to the US Core Medication Profile'
+      title 'Medication resources returned conform to the US Core Medication Profile if bulk data export has' \
+            ' Medication resources'
       description <<~DESCRIPTION
-        This test verifies that the resources returned from bulk data export conform to the US Core profiles. This includes checking for missing data elements and value set verification.
+        This test verifies that the resources returned from bulk data export conform to the US Core profiles. This includes checking for missing data elements and value set verification. This test is omitted if bulk data export does not return any Medication resources.
       DESCRIPTION
       # link 'http://hl7.org/fhir/us/core/StructureDefinition/us-core-medication'

data/lib/onc_certification_g10_test_kit/bulk_export_validation_tester.rb CHANGED Viewed

@@ -9,6 +9,7 @@ module ONCCertificationG10TestKit
     MAX_NUM_COLLECTED_LINES = 100
     MIN_RESOURCE_COUNT = 2
+    OMIT_KLASS = ['Medication', 'Location'].freeze
     def observation_metadata
       [
@@ -97,6 +98,8 @@ module ONCCertificationG10TestKit
     def validate_conformance(resources)
       metadata_list.each do |meta|
+        next if resource_type == 'Location'
         skip_if resources[meta.profile_url].blank?,
                 "No #{resource_type} resources found that conform to profile: #{meta.profile_url}."
         @metadata = meta
@@ -127,16 +130,18 @@ module ONCCertificationG10TestKit
           skip "Server response at line \"#{line_count}\" is not a processable FHIR resource."
         end
-        skip_if resource.resourceType != resource_type,
-                "Resource type \"#{resource.resourceType}\" at line \"#{line_count}\" does not match type " \
-                "defined in output \"#{resource_type}\""
+        if resource.resourceType != resource_type
+          assert false, "Resource type \"#{resource.resourceType}\" at line \"#{line_count}\" does not match type" \
+                        " defined in output \"#{resource_type}\""
+        end
         profile_url = determine_profile(resource)
         resources[profile_url] << resource
         scratch[:patient_ids_seen] = patient_ids_seen | [resource.id] if resource_type == 'Patient'
-        skip_if !resource_is_valid?(resource: resource, profile_url: profile_url),
-                "Resource at line \"#{line_count}\" does not conform to profile \"#{profile_url}\"."
+        unless resource_is_valid?(resource: resource, profile_url: profile_url)
+          assert false, "Resource at line \"#{line_count}\" does not conform to profile \"#{profile_url}\"."
+        end
       }
       process_headers = proc { |response|
@@ -158,7 +163,11 @@ module ONCCertificationG10TestKit
               'Could not verify this functionality when Bearer Token is required and not provided'
       file_list = JSON.parse(status_output).select { |file| file['type'] == resource_type }
-      skip_if file_list.empty?, "No #{resource_type} resource file item returned by server."
+      if file_list.empty?
+        message = "No #{resource_type} resource file item returned by server."
+        omit_if (OMIT_KLASS.include? resource_type), message
+        skip message
+      end
       success_count = 0
       file_list.each do |file|

data/lib/onc_certification_g10_test_kit/multi_patient_api.rb CHANGED Viewed

@@ -21,8 +21,8 @@ module ONCCertificationG10TestKit
     description %(
       Demonstrate the ability to export clinical data for multiple patients in
       a group using [FHIR Bulk Data Access
-      IG](https://hl7.org/fhir/uv/bulkdata/). This test uses [Backend Services
-      Authorization](https://hl7.org/fhir/uv/bulkdata/authorization/index.html)
+      IG](http://hl7.org/fhir/uv/bulkdata/STU1/). This test uses [Backend Services
+      Authorization](http://hl7.org/fhir/uv/bulkdata/STU1/authorization/index.html)
       to obtain an access token from the server. After authorization, a group
       level bulk data export request is initialized. Finally, this test reads
       exported NDJSON files from the server and validates the resources in

data/lib/onc_certification_g10_test_kit/profile_guesser.rb CHANGED Viewed

@@ -1,10 +1,13 @@
 module ONCCertificationG10TestKit
   module ProfileGuesser
     def extract_profile(profile)
-      if ['Location', 'Medication'].include?(profile)
+      case profile
+      when 'Medication'
         return USCoreTestKit::USCoreTestSuite.metadata.find do |meta|
                  meta.resource == profile
                end.profile_url
+      when 'Location'
+        return 'http://hl7.org/fhir/StructureDefinition/Location'
       end
       "USCoreTestKit::#{profile}Group".constantize.metadata.profile_url
     end

data/lib/onc_certification_g10_test_kit/smart_app_launch_invalid_aud_group.rb CHANGED Viewed

@@ -2,12 +2,17 @@ module ONCCertificationG10TestKit
   class SMARTAppLaunchInvalidAudGroup < Inferno::TestGroup
     title 'SMART App Launch Error: Invalid AUD Parameter'
     short_title 'SMART Invalid AUD Launch'
+    input_instructions %(
+      Register Inferno as a standalone application using the following information:
+      * Redirect URI: `#{SMARTAppLaunch::AppRedirectTest.config.options[:redirect_uri]}`
+    )
     description %(
       # Background
       The Invalid AUD Sequence verifies that a SMART Launch Sequence,
       specifically the [Standalone
-      Launch](http://hl7.org/fhir/smart-app-launch/#standalone-launch-sequence)
+      Launch](http://hl7.org/fhir/smart-app-launch/1.0.0/index.html#standalone-launch-sequence)
       Sequence, does not work in the case where the client sends an invalid FHIR
       server as the `aud` parameter during launch. This must fail to ensure that
       a genuine bearer token is not leaked to a counterfit resource server.
@@ -99,7 +104,8 @@ module ONCCertificationG10TestKit
           window.
           * [Perform Invalid Launch](#{auth_url})
-          * [Attest launch failed](/custom/smart/redirect?state=#{state}&confirm_fail=true)
+          * [Attest launch
+            failed](#{Inferno::Application['base_url']}/custom/smart/redirect?state=#{state}&confirm_fail=true)
         )
       end
     end

data/lib/onc_certification_g10_test_kit/smart_ehr_practitioner_app_group.rb CHANGED Viewed

@@ -24,7 +24,7 @@ module ONCCertificationG10TestKit
     description %(
       Demonstrate the ability to perform an EHR launch to a [SMART on
-      FHIR](http://www.hl7.org/fhir/smart-app-launch/) confidential client with
+      FHIR](https://hl7.org/fhir/smart-app-launch/1.0.0/) confidential client with
       patient context, refresh token, and [OpenID Connect
       (OIDC)](https://openid.net/specs/openid-connect-core-1_0.html) identity
       token. After launch, a simple Patient resource read is performed on the

data/lib/onc_certification_g10_test_kit/smart_invalid_launch_group.rb ADDED Viewed

@@ -0,0 +1,140 @@
+module ONCCertificationG10TestKit
+  class SMARTInvalidLaunchGroup < Inferno::TestGroup
+    title 'SMART App Launch Error: Invalid Launch Parameter'
+    short_title 'SMART Invalid Launch Parameter'
+    input_instructions %(
+      Register Inferno as an EHR-launched application using the following information:
+      * Launch URI: `#{SMARTAppLaunch::AppLaunchTest.config.options[:launch_uri]}`
+      * Redirect URI: `#{SMARTAppLaunch::AppRedirectTest.config.options[:redirect_uri]}`
+    )
+    description %(
+      # Background
+      The Invalid Launch Parameter Sequence verifies that a SMART Launch
+      Sequence, specifically the [EHR
+      Launch](http://www.hl7.org/fhir/smart-app-launch/#ehr-launch-sequence)
+      Sequence, does not work in the case where the client sends an invalid FHIR
+      server as the `launch` parameter during launch. This must fail to ensure
+      that a genuine bearer token is not leaked to a counterfit resource server.
+      This test is not included as part of a regular SMART Launch Sequence
+      because it requires the browser of the user to be redirected to the
+      authorization service, and there is no expectation that the authorization
+      service redirects the user back to Inferno with an error message. The only
+      requirement is that Inferno is not granted a code to exchange for a valid
+      access token. Since this is a special case, it is tested independently in
+      a separate sequence.
+    )
+    id :g10_smart_invalid_launch_param
+    run_as_group
+    input :client_id,
+          :client_secret,
+          :requested_scopes,
+          :url,
+          :smart_authorization_url,
+          :smart_token_url
+    config(
+      inputs: {
+        client_id: {
+          name: :ehr_client_id,
+          title: 'EHR Client ID',
+          description: 'Client ID provided during registration of Inferno as an EHR launch application'
+        },
+        client_secret: {
+          name: :standalone_client_secret,
+          title: 'EHR Client Secret',
+          description: 'Client Secret provided during registration of Inferno as an EHR launch application'
+        },
+        requested_scopes: {
+          name: :ehr_requested_scopes,
+          title: 'EHR Launch Scope',
+          description: 'OAuth 2.0 scope provided by system to enable all required functionality',
+          type: 'textarea',
+          default: %(
+            launch openid fhirUser offline_access user/Medication.read
+            user/AllergyIntolerance.read user/CarePlan.read user/CareTeam.read
+            user/Condition.read user/Device.read user/DiagnosticReport.read
+            user/DocumentReference.read user/Encounter.read user/Goal.read
+            user/Immunization.read user/Location.read
+            user/MedicationRequest.read user/Observation.read
+            user/Organization.read user/Patient.read user/Practitioner.read
+            user/Procedure.read user/Provenance.read user/PractitionerRole.read
+          ).gsub(/\s{2,}/, ' ').strip
+        },
+        url: {
+          title: 'EHR Launch FHIR Endpoint',
+          description: 'URL of the FHIR endpoint used by EHR launched applications'
+        },
+        smart_authorization_url: {
+          title: 'OAuth 2.0 Authorize Endpoint',
+          description: 'OAuth 2.0 Authorize Endpoint provided during an EHR launch'
+        },
+        smart_token_url: {
+          title: 'OAuth 2.0 Token Endpoint',
+          description: 'OAuth 2.0 Token Endpoint provided during an EHR launch'
+        }
+      },
+      outputs: {
+        state: { name: :invalid_launch_state }
+      },
+      requests: {
+        redirect: { name: :invalid_launch_redirect }
+      }
+    )
+    test from: :smart_app_launch
+    test from: :smart_launch_received
+    test from: :smart_app_redirect do
+      config(
+        options: { launch: 'INVALID_LAUNCH_PARAM' }
+      )
+      def wait_message(auth_url)
+        %(
+          Inferno will redirect you to an external website for authorization.
+          **It is expected this will fail**. If the server does not return to
+          Inferno automatically, but does provide an error message, you may
+          return to Inferno and confirm that an error was presented in this
+          window.
+          * [Perform Invalid Launch](#{auth_url})
+          * [Attest launch
+            failed](#{Inferno::Application['base_url']}/custom/smart/redirect?state=#{state}&confirm_fail=true)
+        )
+      end
+    end
+    test do
+      title 'Inferno client app does not receive code parameter redirect URI'
+      description %(
+        Inferno redirected the user to the authorization service with an invalid
+        launch parameter. Inferno expects that the authorization request will
+        not succeed. This can either be from the server explicitely pass an
+        error, or stopping and the tester returns to Inferno to confirm that the
+        server presented them a failure.
+      )
+      uses_request :redirect
+      run do
+        params = request.query_parameters
+        assert params['code'].blank?,
+               'Authorization has incorrectly succeeded because access code provided to Inferno.'
+        pass_message =
+          if params['error'].present?
+            'Server redirected the user back to the app with an error.'
+          elsif params['confirm_fail']
+            'Tester attested that the authorization service did not succeed due to invalid AUD parameter.'
+          else
+            'Server redirected the user back to the app without an access code.'
+          end
+        pass pass_message
+      end
+    end
+  end
+end

data/lib/onc_certification_g10_test_kit/smart_invalid_token_group.rb CHANGED Viewed

@@ -2,12 +2,17 @@ module ONCCertificationG10TestKit
   class SMARTInvalidTokenGroup < Inferno::TestGroup
     title 'SMART App Launch Error: Invalid Access Token Request'
     short_title 'SMART Invalid Token Request'
+    input_instructions %(
+      Register Inferno as a standalone application using the following information:
+      * Redirect URI: `#{SMARTAppLaunch::AppRedirectTest.config.options[:redirect_uri]}`
+    )
     description %(
       # Background
       The Invalid Access Token Request Sequence verifies that a SMART Launch
       Sequence, specifically the [Standalone
-      Launch](http://hl7.org/fhir/smart-app-launch/#standalone-launch-sequence)
+      Launch](http://hl7.org/fhir/smart-app-launch/1.0.0/index.html#standalone-launch-sequence)
       Sequence, does not work in the case where the client sends an invalid
       Authorization code or client ID during the code exchange step. This must
       not result in a successful launch.

data/lib/onc_certification_g10_test_kit/smart_limited_app_group.rb CHANGED Viewed

@@ -17,7 +17,7 @@ module ONCCertificationG10TestKit
     description %(
       This scenario demonstrates the ability to perform a Patient Standalone
-      Launch to a [SMART on FHIR](http://www.hl7.org/fhir/smart-app-launch/)
+      Launch to a [SMART on FHIR](http://hl7.org/fhir/smart-app-launch/1.0.0/)
       confidential client with limited access granted to the app based on user
       input. The tester is expected to grant the application access to a subset
       of desired resource types.
@@ -31,8 +31,8 @@ module ONCCertificationG10TestKit
         # Background
         The [Standalone
-        Launch](http://hl7.org/fhir/smart-app-launch/#standalone-launch-sequence)
-        Sequence allows an app, like Inferno, to be launched independent of an
+        Launch Sequence](http://hl7.org/fhir/smart-app-launch/1.0.0/index.html#standalone-launch-sequence)
+        allows an app, like Inferno, to be launched independent of an
         existing EHR session. It is one of the two launch methods described in
         the SMART App Launch Framework alongside EHR Launch. The app will
         request authorization for the provided scope from the authorization
@@ -49,7 +49,7 @@ module ONCCertificationG10TestKit
         For more information on the #{title}:
         * [Standalone Launch
-          Sequence](http://hl7.org/fhir/smart-app-launch/#standalone-launch-sequence)
+          Sequence](http://hl7.org/fhir/smart-app-launch/1.0.0/index.html#standalone-launch-sequence)
       )
       config(

data/lib/onc_certification_g10_test_kit/smart_public_standalone_launch_group.rb CHANGED Viewed

@@ -2,11 +2,21 @@ module ONCCertificationG10TestKit
   class SMARTPublicStandaloneLaunchGroup < SMARTAppLaunch::StandaloneLaunchGroup
     title 'Public Client Standalone Launch with OpenID Connect'
     short_title 'SMART Public Client Launch'
+    input_instructions %(
+      Register Inferno as a standalone application using the following information:
+      * Redirect URI: `#{SMARTAppLaunch::AppRedirectTest.config.options[:redirect_uri]}`
+      Enter in the appropriate scope to enable patient-level access to all
+      relevant resources. In addition, support for the OpenID Connect (openid
+      fhirUser), refresh tokens (offline_access), and patient context
+      (launch/patient) are required.
+    )
     description %(
       # Background
       The [Standalone
-      Launch](http://hl7.org/fhir/smart-app-launch/#standalone-launch-sequence)
+      Launch](http://hl7.org/fhir/smart-app-launch/1.0.0/index.html#standalone-launch-sequence)
       Sequence allows an app, like Inferno, to be launched independent of an
       existing EHR session. It is one of the two launch methods described in
       the SMART App Launch Framework alongside EHR Launch. The app will
@@ -23,7 +33,7 @@ module ONCCertificationG10TestKit
       For more information on the #{title}:
-      * [Standalone Launch Sequence](http://hl7.org/fhir/smart-app-launch/#standalone-launch-sequence)
+      * [Standalone Launch Sequence](http://hl7.org/fhir/smart-app-launch/1.0.0/index.html#standalone-launch-sequence)
     )
     id :g10_public_standalone_launch
     run_as_group

data/lib/onc_certification_g10_test_kit/smart_standalone_patient_app_group.rb CHANGED Viewed

@@ -24,8 +24,8 @@ module ONCCertificationG10TestKit
     description %(
         This scenario demonstrates the ability of a system to perform a Patient
         Standalone Launch to a [SMART on
-        FHIR](http://www.hl7.org/fhir/smart-app-launch/) confidential client
-        with a patient context, refresh token, 1 1 and [OpenID Connect
+        FHIR](http://www.hl7.org/fhir/smart-app-launch/1.0.0/) confidential client
+        with a patient context, refresh token, and [OpenID Connect
         (OIDC)](https://openid.net/specs/openid-connect-core-1_0.html) identity
         token. After launch, a simple Patient resource read is performed on the
         patient in context. The access token is then refreshed, and the Patient
@@ -55,8 +55,8 @@ module ONCCertificationG10TestKit
         # Background
         The [Standalone
-        Launch](http://hl7.org/fhir/smart-app-launch/#standalone-launch-sequence)
-        Sequence allows an app, like Inferno, to be launched independent of an
+        Launch Sequence](http://hl7.org/fhir/smart-app-launch/1.0.0/index.html#standalone-launch-sequence)
+        allows an app, like Inferno, to be launched independent of an
         existing EHR session. It is one of the two launch methods described in
         the SMART App Launch Framework alongside EHR Launch. The app will
         request authorization for the provided scope from the authorization
@@ -73,7 +73,7 @@ module ONCCertificationG10TestKit
         For more information on the #{title}:
         * [Standalone Launch
-          Sequence](http://hl7.org/fhir/smart-app-launch/#standalone-launch-sequence)
+          Sequence](http://hl7.org/fhir/smart-app-launch/1.0.0/index.html#standalone-launch-sequence)
       )
       test from: :g10_smart_scopes do

data/lib/onc_certification_g10_test_kit/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module ONCCertificationG10TestKit
-  VERSION = '2.0.0.rc1'.freeze
+  VERSION = '2.0.0'.freeze
 end

data/lib/onc_certification_g10_test_kit.rb CHANGED Viewed

@@ -5,6 +5,7 @@ require_relative 'onc_certification_g10_test_kit/configuration_checker'
 require_relative 'onc_certification_g10_test_kit/version'
 require_relative 'onc_certification_g10_test_kit/smart_app_launch_invalid_aud_group'
+require_relative 'onc_certification_g10_test_kit/smart_invalid_launch_group'
 require_relative 'onc_certification_g10_test_kit/smart_invalid_token_group'
 require_relative 'onc_certification_g10_test_kit/smart_limited_app_group'
 require_relative 'onc_certification_g10_test_kit/smart_standalone_patient_app_group'
@@ -190,6 +191,7 @@ module ONCCertificationG10TestKit
       group from: :g10_token_revocation
       group from: :g10_smart_invalid_aud
+      group from: :g10_smart_invalid_launch_param
       group from: :g10_smart_invalid_token_request
       group from: :g10_visual_inspection_and_attestations

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: onc_certification_g10_test_kit
 version: !ruby/object:Gem::Version
-  version: 2.0.0.rc1
+  version: 2.0.0
 platform: ruby
 authors:
 - Stephen MacVicar
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-02-28 00:00:00.000000000 Z
+date: 2022-03-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bloomer
@@ -114,14 +114,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: 0.1.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: 0.1.1
 - !ruby/object:Gem::Dependency
   name: tls_test_kit
   requirement: !ruby/object:Gem::Requirement
@@ -270,6 +270,7 @@ files:
 - lib/onc_certification_g10_test_kit/restricted_resource_type_access_group.rb
 - lib/onc_certification_g10_test_kit/smart_app_launch_invalid_aud_group.rb
 - lib/onc_certification_g10_test_kit/smart_ehr_practitioner_app_group.rb
+- lib/onc_certification_g10_test_kit/smart_invalid_launch_group.rb
 - lib/onc_certification_g10_test_kit/smart_invalid_token_group.rb
 - lib/onc_certification_g10_test_kit/smart_limited_app_group.rb
 - lib/onc_certification_g10_test_kit/smart_public_standalone_launch_group.rb
@@ -299,9 +300,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 2.7.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.1.6
 signing_key: