RubyGems - onc_certification_g10_test_kit - Versions diffs - 3.0.1 → 3.1.0 - Mend

onc_certification_g10_test_kit 3.0.1 → 3.1.0

Files changed (16) hide show

data/lib/onc_certification_g10_test_kit/profile_selector.rb CHANGED Viewed

@@ -64,7 +64,9 @@ module ONCCertificationG10TestKit
           end
         end
-        return extract_profile('HeadCircumference') if observation_contains_code(resource, '9843-4')
+        if observation_contains_code(resource, '9843-4') && suite_options[:us_core_version] != 'us_core_3'
+          return extract_profile('HeadCircumference')
+        end
         # FHIR Vital Signs profiles: https://www.hl7.org/fhir/observation-vitalsigns.html
         # Vital Signs Panel, Oxygen Saturation are not required by USCDI

data/lib/onc_certification_g10_test_kit/single_patient_api_group.rb CHANGED Viewed

@@ -79,6 +79,9 @@ module ONCCertificationG10TestKit
     USCoreTestKit::USCoreV311::USCoreTestSuite.groups.each do |group|
       test_group = group.ancestors[1]
+      next if test_group.optional?
       id = test_group.id
       group_config = {}

data/lib/onc_certification_g10_test_kit/single_patient_us_core_4_api_group.rb CHANGED Viewed

@@ -79,6 +79,9 @@ module ONCCertificationG10TestKit
     USCoreTestKit::USCoreV400::USCoreTestSuite.groups.each do |group|
       test_group = group.ancestors[1]
+      next if test_group.optional?
       id = test_group.id
       group_config = {}

data/lib/onc_certification_g10_test_kit/single_patient_us_core_5_api_group.rb CHANGED Viewed

@@ -6,7 +6,7 @@ module ONCCertificationG10TestKit
       For each of the relevant USCDI data elements provided in the
       CapabilityStatement, this test executes the [required supported
       searches](http://hl7.org/fhir/us/core/STU4/CapabilityStatement-us-core-server.html)
-      as defined by the US Core Implementation Guide v4.0.0.
+      as defined by the US Core Implementation Guide v5.0.1.
       The test begins by searching by one or more patients, with the expectation
       that the Bearer token provided to the test grants access to all USCDI
@@ -14,7 +14,7 @@ module ONCCertificationG10TestKit
       queries and checks that the results are consistent with the provided
       search parameters. It then performs a read on each Resource returned and
       validates the response against the relevant
-      [profile](http://hl7.org/fhir/us/core/STU4/profiles-and-extensions.html)
+      [profile](http://hl7.org/fhir/us/core/STU5.0.1/profiles-and-extensions.html)
       as currently defined in the US Core Implementation Guide.
       All MUST SUPPORT elements must be seen before the test can pass, as well
@@ -79,6 +79,9 @@ module ONCCertificationG10TestKit
     USCoreTestKit::USCoreV501::USCoreTestSuite.groups.each do |group|
       test_group = group.ancestors[1]
+      next if test_group.optional?
       id = test_group.id
       group_config = {}

data/lib/onc_certification_g10_test_kit/smart_ehr_practitioner_app_group.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 require_relative 'base_token_refresh_group'
+require_relative 'smart_invalid_token_refresh_test'
 require_relative 'smart_scopes_test'
 require_relative 'unauthorized_access_test'
 require_relative 'well_known_capabilities_test'
@@ -399,6 +400,8 @@ module ONCCertificationG10TestKit
         )
         uses_request :token_refresh
       end
+      test from: :g10_invalid_token_refresh
     end
     test do

data/lib/onc_certification_g10_test_kit/smart_invalid_token_refresh_test.rb ADDED Viewed

@@ -0,0 +1,37 @@
+module ONCCertificationG10TestKit
+  class SMARTInvalidTokenRefreshTest < Inferno::Test
+    id :g10_invalid_token_refresh
+    title 'Refresh token exchange fails when supplied an invalid refresh token'
+    description %(
+      If the request failed verification or is invalid, the authorization server
+      returns an error response.
+      [OAuth 2.0 RFC (6749)](https://www.rfc-editor.org/rfc/rfc6749#section-6)
+    )
+    input :refresh_token, :smart_token_url, :client_id, :received_scopes
+    input :client_secret, optional: true
+    run do
+      skip_if refresh_token.blank?, 'No refresh token was received'
+      oauth2_params = {
+        'grant_type' => 'refresh_token',
+        'refresh_token' => SecureRandom.uuid
+      }
+      oauth2_headers = { 'Content-Type' => 'application/x-www-form-urlencoded' }
+      oauth2_params['scope'] = received_scopes if config.options[:include_scopes]
+      if client_secret.present?
+        credentials = Base64.strict_encode64("#{client_id}:#{client_secret}")
+        oauth2_headers['Authorization'] = "Basic #{credentials}"
+      else
+        oauth2_params['client_id'] = client_id
+      end
+      post(smart_token_url, body: oauth2_params, headers: oauth2_headers)
+      assert_response_status([400, 401])
+    end
+  end
+end

data/lib/onc_certification_g10_test_kit/smart_standalone_patient_app_group.rb CHANGED Viewed

@@ -1,5 +1,6 @@
 require_relative 'base_token_refresh_group'
 require_relative 'patient_context_test'
+require_relative 'smart_invalid_token_refresh_test'
 require_relative 'smart_scopes_test'
 require_relative 'unauthorized_access_test'
 require_relative 'unrestricted_resource_type_access_group'
@@ -322,6 +323,8 @@ module ONCCertificationG10TestKit
         )
         uses_request :token_refresh
       end
+      test from: :g10_invalid_token_refresh
     end
     group from: :g10_unrestricted_resource_type_access,

data/lib/onc_certification_g10_test_kit/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module ONCCertificationG10TestKit
-  VERSION = '3.0.1'.freeze
+  VERSION = '3.1.0'.freeze
 end

data/lib/onc_certification_g10_test_kit/visual_inspection_and_attestations_group.rb CHANGED Viewed

@@ -486,5 +486,41 @@ module ONCCertificationG10TestKit
         pass native_refresh_notes if native_refresh_notes.present?
       end
     end
+    test do
+      title 'Health IT developer demonstrates the public location of its base URLs'
+      description %(
+        To fulfill the API Maintenance of Certification requirement at §
+        170.404(b)(2), the health IT developer demonstrates the public location
+        of its certified API technology service base URLs.
+      )
+      id :g10_public_url_attestation
+      input :public_url_attestation,
+            title: 'Health IT developer demonstrates the public location of its certified API technology service base URLs', # rubocop:disable Layout/LineLength
+            type: 'radio',
+            default: 'false',
+            options: {
+              list_options: [
+                {
+                  label: 'Yes',
+                  value: 'true'
+                },
+                {
+                  label: 'No',
+                  value: 'false'
+                }
+              ]
+            }
+      input :public_url_attestation_notes,
+            title: 'Notes, if applicable:',
+            type: 'textarea',
+            optional: true
+      run do
+        assert public_url_attestation == 'true',
+               'Health IT developer did not demonstrate the public location of its certified API technology service base URLs.' # rubocop:disable Layout/LineLength
+        pass public_url_attestation_notes if public_url_attestation_notes.present?
+      end
+    end
   end
 end

data/lib/onc_certification_g10_test_kit/well_known_capabilities_test.rb CHANGED Viewed

@@ -22,7 +22,7 @@ module ONCCertificationG10TestKit
       required_capabilities = config.options[:required_capabilities] || []
       if suite_options[:us_core_version] == 'us_core_5' && required_capabilities.include?('launch-ehr')
-        required_capabilities << 'context-ehr-encounter'
+        required_capabilities += ['context-ehr-encounter']
       end
       missing_capabilities = required_capabilities - capabilities

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: onc_certification_g10_test_kit
 version: !ruby/object:Gem::Version
-  version: 3.0.1
+  version: 3.1.0
 platform: ruby
 authors:
 - Stephen MacVicar
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-08-30 00:00:00.000000000 Z
+date: 2022-09-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bloomer
@@ -44,14 +44,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.3.10
+        version: 0.3.11
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.3.10
+        version: 0.3.11
 - !ruby/object:Gem::Dependency
   name: json-jwt
   requirement: !ruby/object:Gem::Requirement
@@ -114,14 +114,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.1.5
+        version: 0.1.7
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.1.5
+        version: 0.1.7
 - !ruby/object:Gem::Dependency
   name: tls_test_kit
   requirement: !ruby/object:Gem::Requirement
@@ -142,14 +142,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.3.0
+        version: 0.3.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.3.0
+        version: 0.3.1
 - !ruby/object:Gem::Dependency
   name: database_cleaner-sequel
   requirement: !ruby/object:Gem::Requirement
@@ -284,6 +284,7 @@ files:
 - lib/onc_certification_g10_test_kit/smart_invalid_pkce_group.rb
 - lib/onc_certification_g10_test_kit/smart_invalid_token_group.rb
 - lib/onc_certification_g10_test_kit/smart_invalid_token_group_stu2.rb
+- lib/onc_certification_g10_test_kit/smart_invalid_token_refresh_test.rb
 - lib/onc_certification_g10_test_kit/smart_limited_app_group.rb
 - lib/onc_certification_g10_test_kit/smart_public_standalone_launch_group.rb
 - lib/onc_certification_g10_test_kit/smart_public_standalone_launch_group_stu2.rb