onc_certification_g10_test_kit 2.0.0 → 2.1.1

data/lib/onc_certification_g10_test_kit/profile_guesser.rb

@@ -3,13 +3,13 @@ module ONCCertificationG10TestKit
     def extract_profile(profile)
       case profile
       when 'Medication'
-        return USCoreTestKit::USCoreTestSuite.metadata.find do |meta|
+        return USCoreTestKit::USCoreV311::USCoreTestSuite.metadata.find do |meta|
                  meta.resource == profile
                end.profile_url
       when 'Location'
         return 'http://hl7.org/fhir/StructureDefinition/Location'
       end
-      "USCoreTestKit::#{profile}Group".constantize.metadata.profile_url
+      "USCoreTestKit::USCoreV311::#{profile}Group".constantize.metadata.profile_url
     end
 
     def observation_contains_code(observation_resource, code)

data/lib/onc_certification_g10_test_kit/restricted_resource_type_access_group.rb

@@ -80,7 +80,7 @@ module ONCCertificationG10TestKit
       id :g10_patient_restricted_access
 
       def resource_group
-        USCoreTestKit::PatientGroup
+        USCoreTestKit::USCoreV311::PatientGroup
       end
     end
 
@@ -98,7 +98,7 @@ module ONCCertificationG10TestKit
       id :g10_allergy_intolerance_restricted_access
 
       def resource_group
-        USCoreTestKit::AllergyIntoleranceGroup
+        USCoreTestKit::USCoreV311::AllergyIntoleranceGroup
       end
     end
 
@@ -116,7 +116,7 @@ module ONCCertificationG10TestKit
       id :g10_care_plan_restricted_access
 
       def resource_group
-        USCoreTestKit::CarePlanGroup
+        USCoreTestKit::USCoreV311::CarePlanGroup
       end
     end
 
@@ -134,7 +134,7 @@ module ONCCertificationG10TestKit
       id :g10_care_team_restricted_access
 
       def resource_group
-        USCoreTestKit::CareTeamGroup
+        USCoreTestKit::USCoreV311::CareTeamGroup
       end
     end
 
@@ -152,7 +152,7 @@ module ONCCertificationG10TestKit
       id :g10_condition_restricted_access
 
       def resource_group
-        USCoreTestKit::ConditionGroup
+        USCoreTestKit::USCoreV311::ConditionGroup
       end
     end
 
@@ -170,7 +170,7 @@ module ONCCertificationG10TestKit
       id :g10_device_restricted_access
 
       def resource_group
-        USCoreTestKit::DeviceGroup
+        USCoreTestKit::USCoreV311::DeviceGroup
       end
     end
 
@@ -188,7 +188,7 @@ module ONCCertificationG10TestKit
       id :g10_diagnostic_report_restricted_access
 
       def resource_group
-        USCoreTestKit::DiagnosticReportLabGroup
+        USCoreTestKit::USCoreV311::DiagnosticReportLabGroup
       end
     end
 
@@ -206,7 +206,7 @@ module ONCCertificationG10TestKit
       id :g10_document_reference_restricted_access
 
       def resource_group
-        USCoreTestKit::DocumentReferenceGroup
+        USCoreTestKit::USCoreV311::DocumentReferenceGroup
       end
     end
 
@@ -224,7 +224,7 @@ module ONCCertificationG10TestKit
       id :g10_goal_restricted_access
 
       def resource_group
-        USCoreTestKit::GoalGroup
+        USCoreTestKit::USCoreV311::GoalGroup
       end
     end
 
@@ -242,7 +242,7 @@ module ONCCertificationG10TestKit
       id :g10_immunization_restricted_access
 
       def resource_group
-        USCoreTestKit::ImmunizationGroup
+        USCoreTestKit::USCoreV311::ImmunizationGroup
       end
     end
 
@@ -260,7 +260,7 @@ module ONCCertificationG10TestKit
       id :g10_medication_request_access
 
       def resource_group
-        USCoreTestKit::MedicationRequestGroup
+        USCoreTestKit::USCoreV311::MedicationRequestGroup
       end
     end
 
@@ -278,7 +278,7 @@ module ONCCertificationG10TestKit
       id :g10_observation_restricted_access
 
       def resource_group
-        USCoreTestKit::PulseOximetryGroup
+        USCoreTestKit::USCoreV311::PulseOximetryGroup
       end
     end
 
@@ -296,7 +296,7 @@ module ONCCertificationG10TestKit
       id :g10_procedure_restricted_access
 
       def resource_group
-        USCoreTestKit::ProcedureGroup
+        USCoreTestKit::USCoreV311::ProcedureGroup
       end
     end
   end

data/lib/onc_certification_g10_test_kit/single_patient_api_group.rb

@@ -0,0 +1,93 @@
+module ONCCertificationG10TestKit
+  class SinglePatientAPIGroup < Inferno::TestGroup
+    id :g10_single_patient_api
+    title 'Single Patient API'
+    description %(
+      For each of the relevant USCDI data elements provided in the
+      CapabilityStatement, this test executes the [required supported
+      searches](http://www.hl7.org/fhir/us/core/STU3.1.1/CapabilityStatement-us-core-server.html)
+      as defined by the US Core Implementation Guide v3.1.1.
+
+      The test begins by searching by one or more patients, with the expectation
+      that the Bearer token provided to the test grants access to all USCDI
+      resources. It uses results returned from that query to generate other
+      queries and checks that the results are consistent with the provided
+      search parameters. It then performs a read on each Resource returned and
+      validates the response against the relevant
+      [profile](http://www.hl7.org/fhir/us/core/STU3.1.1/profiles.html) as
+      currently defined in the US Core Implementation Guide.
+
+      All MUST SUPPORT elements must be seen before the test can pass, as well
+      as Data Absent Reason to demonstrate that the server can properly handle
+      missing data. Note that Encounter, Organization and Practitioner resources
+      must be accessible as references in some US Core profiles to satisfy must
+      support requirements, and those references will be validated to their US
+      Core profile. These resources will not be tested for FHIR search support.
+    )
+    run_as_group
+
+    input :url,
+          title: 'FHIR Endpoint',
+          description: 'URL of the FHIR endpoint used by SMART applications'
+    input :patient_id,
+          title: 'Patient ID from SMART App Launch',
+          locked: true
+    input :additional_patient_ids,
+          title: 'Additional Patient IDs',
+          description: <<~DESCRIPTION,
+            Comma separated list of Patient IDs that together with the Patient
+            ID from the SMART App Launch contain all MUST SUPPORT elements.
+          DESCRIPTION
+          optional: true
+    input :smart_credentials,
+          title: 'SMART App Launch Credentials',
+          type: :oauth_credentials,
+          locked: true
+
+    fhir_client do
+      url :url
+      oauth_credentials :smart_credentials
+    end
+
+    input_order :url, :patient_id, :additional_patient_ids, :implantable_device_codes, :smart_credentials
+
+    test do
+      id :g10_patient_id_setup
+      title 'Manage patient id list'
+
+      input :patient_id, :additional_patient_ids
+      output :patient_ids
+
+      run do
+        smart_app_launch_patient_id = patient_id.presence
+        additional_patient_ids_list =
+          if additional_patient_ids.present?
+            additional_patient_ids
+              .split(',')
+              .map(&:strip)
+              .map(&:presence)
+              .compact
+          else
+            []
+          end
+
+        all_patient_ids = ([smart_app_launch_patient_id] + additional_patient_ids_list).compact.uniq
+
+        output patient_ids: all_patient_ids.join(',')
+      end
+    end
+
+    USCoreTestKit::USCoreV311::USCoreTestSuite.groups.each do |group|
+      test_group = group.ancestors[1]
+      id = test_group.id
+
+      group_config = {}
+      if test_group.respond_to?(:metadata) && test_group.metadata.delayed?
+        test_group.children.reject! { |child| child.include? USCoreTestKit::SearchTest }
+        group_config[:options] = { read_all_resources: true }
+      end
+
+      group(from: id, exclude_optional: true, config: group_config)
+    end
+  end
+end

data/lib/onc_certification_g10_test_kit/smart_app_launch_invalid_aud_group.rb

@@ -32,13 +32,6 @@ module ONCCertificationG10TestKit
     id :g10_smart_invalid_aud
     run_as_group
 
-    input :client_id,
-          :client_secret,
-          :requested_scopes,
-          :url,
-          :smart_authorization_url,
-          :smart_token_url
-
     config(
       inputs: {
         client_id: {
@@ -46,11 +39,6 @@ module ONCCertificationG10TestKit
           title: 'Standalone Client ID',
           description: 'Client ID provided during registration of Inferno as a standalone application'
         },
-        client_secret: {
-          name: :standalone_client_secret,
-          title: 'Standalone Client Secret',
-          description: 'Client Secret provided during registration of Inferno as a standalone application'
-        },
         requested_scopes: {
           name: :standalone_requested_scopes,
           title: 'Standalone Scope',
@@ -90,7 +78,20 @@ module ONCCertificationG10TestKit
       }
     )
 
+    input_order :url,
+                :standalone_client_id,
+                :standalone_client_secret,
+                :standalone_requested_scopes,
+                :use_pkce,
+                :pkce_code_challenge_method,
+                :smart_authorization_url
+
     test from: :smart_app_redirect do
+      input :client_secret,
+            name: :standalone_client_secret,
+            title: 'Standalone Client Secret',
+            description: 'Client Secret provided during registration of Inferno as a standalone application'
+
       def aud
         'https://inferno.healthit.gov/invalid_aud'
       end

data/lib/onc_certification_g10_test_kit/smart_ehr_practitioner_app_group.rb

@@ -38,21 +38,25 @@ module ONCCertificationG10TestKit
 
     config(
       inputs: {
-        client_secret: {
-          optional: false
-        },
         smart_credentials: {
           name: :ehr_smart_credentials
         }
       }
     )
 
+    input_order :url, :ehr_client_id, :ehr_client_secret
+
     group from: :smart_discovery do
       test from: 'g10_smart_well_known_capabilities'
     end
 
     group from: :smart_ehr_launch do
       title 'EHR Launch With Practitioner Scope'
+      input :client_secret,
+            name: :ehr_client_secret,
+            title: 'EHR Launch Client Secret',
+            description: 'Client Secret provided during registration of Inferno as an EHR launch application',
+            optional: false
 
       config(
         inputs: {
@@ -199,10 +203,12 @@ module ONCCertificationG10TestKit
       title 'Set SMART Credentials to EHR Launch Credentials'
 
       input :ehr_smart_credentials, type: :oauth_credentials
-      output :smart_credentials
+      input :ehr_patient_id
+      output :smart_credentials, :patient_id
 
       run do
-        output smart_credentials: ehr_smart_credentials.to_s
+        output smart_credentials: ehr_smart_credentials.to_s,
+               patient_id: ehr_patient_id
       end
     end
   end

data/lib/onc_certification_g10_test_kit/smart_invalid_launch_group.rb

@@ -29,13 +29,6 @@ module ONCCertificationG10TestKit
     id :g10_smart_invalid_launch_param
     run_as_group
 
-    input :client_id,
-          :client_secret,
-          :requested_scopes,
-          :url,
-          :smart_authorization_url,
-          :smart_token_url
-
     config(
       inputs: {
         client_id: {
@@ -43,11 +36,6 @@ module ONCCertificationG10TestKit
           title: 'EHR Client ID',
           description: 'Client ID provided during registration of Inferno as an EHR launch application'
         },
-        client_secret: {
-          name: :standalone_client_secret,
-          title: 'EHR Client Secret',
-          description: 'Client Secret provided during registration of Inferno as an EHR launch application'
-        },
         requested_scopes: {
           name: :ehr_requested_scopes,
           title: 'EHR Launch Scope',
@@ -71,10 +59,6 @@ module ONCCertificationG10TestKit
         smart_authorization_url: {
           title: 'OAuth 2.0 Authorize Endpoint',
           description: 'OAuth 2.0 Authorize Endpoint provided during an EHR launch'
-        },
-        smart_token_url: {
-          title: 'OAuth 2.0 Token Endpoint',
-          description: 'OAuth 2.0 Token Endpoint provided during an EHR launch'
         }
       },
       outputs: {
@@ -85,9 +69,22 @@ module ONCCertificationG10TestKit
       }
     )
 
+    input_order :url,
+                :ehr_client_id,
+                :ehr_client_secret,
+                :ehr_requested_scopes,
+                :use_pkce,
+                :pkce_code_challenge_method,
+                :smart_authorization_url
+
     test from: :smart_app_launch
     test from: :smart_launch_received
     test from: :smart_app_redirect do
+      input :client_secret,
+            name: :ehr_client_secret,
+            title: 'EHR Client Secret',
+            description: 'Client Secret provided during registration of Inferno as an EHR launch application'
+
       config(
         options: { launch: 'INVALID_LAUNCH_PARAM' }
       )

data/lib/onc_certification_g10_test_kit/smart_invalid_token_group.rb

@@ -24,8 +24,6 @@ module ONCCertificationG10TestKit
     id :g10_smart_invalid_token_request
     run_as_group
 
-    input :client_id, :client_secret, :requested_scopes, :url, :smart_authorization_url, :smart_token_url
-
     input :use_pkce,
           title: 'Proof Key for Code Exchange (PKCE)',
           type: 'radio',
@@ -60,6 +58,15 @@ module ONCCertificationG10TestKit
             ]
           }
 
+    input_order :url,
+                :standalone_client_id,
+                :standalone_client_secret,
+                :standalone_requested_scopes,
+                :use_pkce,
+                :pkce_code_challenge_method,
+                :smart_authorization_url,
+                :smart_token_url
+
     config(
       inputs: {
         client_id: {
@@ -135,7 +142,7 @@ module ONCCertificationG10TestKit
       )
       uses_request :redirect
 
-      input :use_pkce, :pkce_code_verifier
+      input :use_pkce, :pkce_code_verifier, :client_id, :client_secret, :smart_token_url
 
       run do
         skip_if request.query_parameters['error'].present?, 'Error during authorization request'
@@ -170,7 +177,7 @@ module ONCCertificationG10TestKit
       )
       uses_request :redirect
 
-      input :use_pkce, :pkce_code_verifier, :code
+      input :use_pkce, :pkce_code_verifier, :code, :smart_token_url, :client_secret
 
       run do
         skip_if request.query_parameters['error'].present?, 'Error during authorization request'

data/lib/onc_certification_g10_test_kit/smart_limited_app_group.rb

@@ -25,6 +25,16 @@ module ONCCertificationG10TestKit
     id :g10_smart_limited_app
     run_as_group
 
+    input_order :expected_resources,
+                :limited_requested_scopes,
+                :use_pkce,
+                :pkce_code_challenge_method,
+                :url,
+                :standalone_client_id,
+                :standalone_client_secret,
+                :smart_authorization_url,
+                :smart_token_url
+
     group from: :smart_standalone_launch do
       title 'Standalone Launch With Limited Scope'
       description %(
@@ -61,9 +71,13 @@ module ONCCertificationG10TestKit
           state: { name: :limited_state },
           patient_id: { name: :limited_patient_id },
           access_token: { name: :limited_access_token },
-          requested_scopes: { name: :limited_requested_scopes },
-          smart_authorization_url: { locked: true }, # TODO: separate standalone/ehr discovery outputs
-          smart_token_url: { locked: true }, # TODO: separate standalone/ehr discovery outputs
+          requested_scopes: {
+            name: :limited_requested_scopes,
+            title: 'Limited Access Scope'
+          },
+          # TODO: separate standalone/ehr discovery outputs
+          smart_authorization_url: { locked: true, title: 'SMART Authorization Url' },
+          smart_token_url: { locked: true, title: 'SMART Token Url' },
           received_scopes: { name: :limited_received_scopes },
           smart_credentials: { name: :limited_smart_credentials }
         },
@@ -88,7 +102,7 @@ module ONCCertificationG10TestKit
       )
 
       input :expected_resources,
-            title: 'Expected Resource Grant',
+            title: 'Expected Resource Grant for Limited Access Launch',
             description: 'The user will only grant access to the following resources during authorization.',
             default: 'Patient, Condition, Observation'
 

data/lib/onc_certification_g10_test_kit/smart_public_standalone_launch_group.rb

@@ -41,19 +41,22 @@ module ONCCertificationG10TestKit
     config(
       inputs: {
         client_id: {
-          name: :public_client_id
+          name: :public_client_id,
+          title: 'Public Launch Client ID'
         },
         client_secret: {
           name: :public_client_secret,
+          title: 'Public Launch Client Secret',
           default: nil,
           optional: true,
           locked: true
         },
         requested_scopes: {
-          name: :public_requested_scopes
+          name: :public_requested_scopes,
+          title: 'Public Launch Scope'
         },
         url: {
-          title: 'Standalone FHIR Endpoint',
+          title: 'Public Launch FHIR Endpoint',
           description: 'URL of the FHIR endpoint used by standalone applications'
         },
         code: {
@@ -94,6 +97,15 @@ module ONCCertificationG10TestKit
       }
     )
 
+    input_order :url,
+                :public_client_id,
+                :public_client_secret,
+                :public_requested_scopes,
+                :use_pkce,
+                :pkce_code_challenge_method,
+                :smart_authorization_url,
+                :smart_token_url
+
     test from: :g10_patient_context,
          config: {
            inputs: {

data/lib/onc_certification_g10_test_kit/smart_standalone_patient_app_group.rb

@@ -40,11 +40,14 @@ module ONCCertificationG10TestKit
     config(
       inputs: {
         client_secret: {
-          optional: false
+          optional: false,
+          name: :standalone_client_secret
         }
       }
     )
 
+    input_order :url, :standalone_client_id, :standalone_client_secret
+
     group from: :smart_discovery do
       test from: 'g10_smart_well_known_capabilities'
     end
@@ -167,10 +170,12 @@ module ONCCertificationG10TestKit
       title 'Set SMART Credentials to Standalone Launch Credentials'
 
       input :standalone_smart_credentials, type: :oauth_credentials
-      output :smart_credentials
+      input :standalone_patient_id
+      output :smart_credentials, :patient_id
 
       run do
-        output smart_credentials: standalone_smart_credentials.to_s
+        output smart_credentials: standalone_smart_credentials.to_s,
+               patient_id: standalone_patient_id
       end
     end
   end