onc_certification_g10_test_kit 3.7.2 → 3.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/onc_certification_g10_test_kit/configuration_checker.rb +13 -2
- data/lib/onc_certification_g10_test_kit/smart_ehr_patient_launch_group.rb +4 -2
- data/lib/onc_certification_g10_test_kit/smart_ehr_patient_launch_group_stu2.rb +12 -2
- data/lib/onc_certification_g10_test_kit/smart_ehr_practitioner_app_group.rb +13 -1
- data/lib/onc_certification_g10_test_kit/smart_invalid_pkce_group.rb +4 -0
- data/lib/onc_certification_g10_test_kit/smart_invalid_token_group_stu2.rb +4 -0
- data/lib/onc_certification_g10_test_kit/smart_limited_app_group.rb +11 -3
- data/lib/onc_certification_g10_test_kit/smart_public_standalone_launch_group.rb +1 -1
- data/lib/onc_certification_g10_test_kit/smart_public_standalone_launch_group_stu2.rb +10 -2
- data/lib/onc_certification_g10_test_kit/smart_standalone_patient_app_group.rb +13 -1
- data/lib/onc_certification_g10_test_kit/version.rb +1 -1
- data/lib/onc_certification_g10_test_kit.rb +8 -1
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5dcbb170a4f891db5446afabc93f46fdfa3111fca67b9d91640b1e484c8a3c16
|
|
4
|
+
data.tar.gz: fe76ab8bffb6e1efda0ffa1951c7f5fb1d0e3500a6690bc5bb653cc8e4c3f26c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5f02a16a753db8331405c2942cca14e70279625442fa84127a17ba0e22f4be10c3229de8dbae71dbd254318ad98d6abbbf3de732ee01be66e669cb540bc190b9
|
|
7
|
+
data.tar.gz: 8819b33b6da17d093cf15b91d14e92ca0a138cc7cc3eb01f39e3aec9506fb9850db974b4347f859c05e14ce08e2b9368c34a69c786839d598fb3609badd3ba62
|
|
@@ -2,7 +2,7 @@ require_relative '../inferno/terminology/tasks/check_built_terminology'
|
|
|
2
2
|
|
|
3
3
|
module ONCCertificationG10TestKit
|
|
4
4
|
class ConfigurationChecker
|
|
5
|
-
EXPECTED_VALIDATOR_VERSION = '2.
|
|
5
|
+
EXPECTED_VALIDATOR_VERSION = '2.3.1'.freeze
|
|
6
6
|
|
|
7
7
|
def configuration_messages
|
|
8
8
|
validator_version_message + terminology_messages + version_message
|
|
@@ -22,7 +22,13 @@ module ONCCertificationG10TestKit
|
|
|
22
22
|
|
|
23
23
|
def validator_version_message
|
|
24
24
|
response = Faraday.get "#{validator_url}/version"
|
|
25
|
-
|
|
25
|
+
|
|
26
|
+
if response.body.starts_with? '{'
|
|
27
|
+
version_json = JSON.parse(response.body)
|
|
28
|
+
version = version_json['inferno-framework/fhir-validator-wrapper']
|
|
29
|
+
else
|
|
30
|
+
version = response.body
|
|
31
|
+
end
|
|
26
32
|
|
|
27
33
|
if version == EXPECTED_VALIDATOR_VERSION
|
|
28
34
|
[{
|
|
@@ -35,6 +41,11 @@ module ONCCertificationG10TestKit
|
|
|
35
41
|
message: "Expected FHIR validator version `#{EXPECTED_VALIDATOR_VERSION}`, but found `#{version}`"
|
|
36
42
|
}]
|
|
37
43
|
end
|
|
44
|
+
rescue JSON::ParserError => e
|
|
45
|
+
[{
|
|
46
|
+
type: 'error',
|
|
47
|
+
message: "Unable to parse Validator version '`#{response.body}`'. Parser error: `#{e.message}`"
|
|
48
|
+
}]
|
|
38
49
|
rescue StandardError => e
|
|
39
50
|
[{
|
|
40
51
|
type: 'error',
|
|
@@ -39,7 +39,8 @@ module ONCCertificationG10TestKit
|
|
|
39
39
|
name: :ehr_patient_client_id
|
|
40
40
|
},
|
|
41
41
|
client_secret: {
|
|
42
|
-
name: :ehr_patient_client_secret
|
|
42
|
+
name: :ehr_patient_client_secret,
|
|
43
|
+
optional: false
|
|
43
44
|
},
|
|
44
45
|
requested_scopes: {
|
|
45
46
|
name: :ehr_patient_requested_scopes,
|
|
@@ -96,7 +97,8 @@ module ONCCertificationG10TestKit
|
|
|
96
97
|
:ehr_patient_client_id,
|
|
97
98
|
:ehr_patient_client_secret,
|
|
98
99
|
:smart_authorization_url,
|
|
99
|
-
:smart_token_url
|
|
100
|
+
:smart_token_url,
|
|
101
|
+
:ehr_patient_requested_scopes
|
|
100
102
|
|
|
101
103
|
test from: :g10_patient_context,
|
|
102
104
|
config: {
|
|
@@ -39,7 +39,8 @@ module ONCCertificationG10TestKit
|
|
|
39
39
|
name: :ehr_patient_client_id
|
|
40
40
|
},
|
|
41
41
|
client_secret: {
|
|
42
|
-
name: :ehr_patient_client_secret
|
|
42
|
+
name: :ehr_patient_client_secret,
|
|
43
|
+
optional: false
|
|
43
44
|
},
|
|
44
45
|
requested_scopes: {
|
|
45
46
|
name: :ehr_patient_requested_scopes,
|
|
@@ -68,6 +69,10 @@ module ONCCertificationG10TestKit
|
|
|
68
69
|
smart_token_url: {
|
|
69
70
|
title: 'OAuth 2.0 Token Endpoint',
|
|
70
71
|
description: 'OAuth 2.0 Token Endpoint provided during the EHR launch'
|
|
72
|
+
},
|
|
73
|
+
client_auth_type: {
|
|
74
|
+
locked: true,
|
|
75
|
+
default: 'confidential_symmetric'
|
|
71
76
|
}
|
|
72
77
|
},
|
|
73
78
|
outputs: {
|
|
@@ -97,7 +102,12 @@ module ONCCertificationG10TestKit
|
|
|
97
102
|
:ehr_patient_client_secret,
|
|
98
103
|
:smart_authorization_url,
|
|
99
104
|
:smart_token_url,
|
|
100
|
-
:
|
|
105
|
+
:ehr_patient_requested_scopes,
|
|
106
|
+
:authorization_method,
|
|
107
|
+
:use_pkce,
|
|
108
|
+
:pkce_code_challenge_method,
|
|
109
|
+
:client_auth_type,
|
|
110
|
+
:client_auth_encryption_method
|
|
101
111
|
|
|
102
112
|
test from: :g10_patient_context,
|
|
103
113
|
config: {
|
|
@@ -53,11 +53,23 @@ module ONCCertificationG10TestKit
|
|
|
53
53
|
inputs: {
|
|
54
54
|
smart_credentials: {
|
|
55
55
|
name: :ehr_smart_credentials
|
|
56
|
+
},
|
|
57
|
+
client_auth_type: {
|
|
58
|
+
locked: true,
|
|
59
|
+
default: 'confidential_symmetric'
|
|
56
60
|
}
|
|
57
61
|
}
|
|
58
62
|
)
|
|
59
63
|
|
|
60
|
-
input_order :url,
|
|
64
|
+
input_order :url,
|
|
65
|
+
:ehr_client_id,
|
|
66
|
+
:ehr_client_secret,
|
|
67
|
+
:ehr_requested_scopes,
|
|
68
|
+
:use_pkce,
|
|
69
|
+
:pkce_code_challenge_method,
|
|
70
|
+
:ehr_authorization_method,
|
|
71
|
+
:client_auth_type,
|
|
72
|
+
:client_auth_encryption_method
|
|
61
73
|
|
|
62
74
|
group from: :smart_discovery do
|
|
63
75
|
required_suite_options(G10Options::SMART_1_REQUIREMENT)
|
|
@@ -25,7 +25,7 @@ module ONCCertificationG10TestKit
|
|
|
25
25
|
to the app based on user input. The tester is expected to grant the
|
|
26
26
|
application access to a subset of desired resource types. The launch is
|
|
27
27
|
performed using the same app configuration as in the Standalone Patient
|
|
28
|
-
App test, demonstrating that the user
|
|
28
|
+
App test, demonstrating that the user has control over what scopes are
|
|
29
29
|
granted to the app as required in the (g)(10) Standardized API criterion.
|
|
30
30
|
|
|
31
31
|
* [SMART on FHIR
|
|
@@ -43,7 +43,11 @@ module ONCCertificationG10TestKit
|
|
|
43
43
|
:standalone_client_id,
|
|
44
44
|
:standalone_client_secret,
|
|
45
45
|
:smart_authorization_url,
|
|
46
|
-
:smart_token_url
|
|
46
|
+
:smart_token_url,
|
|
47
|
+
:standalone_requested_scopes,
|
|
48
|
+
:authorization_method,
|
|
49
|
+
:client_auth_type,
|
|
50
|
+
:client_auth_encryption_method
|
|
47
51
|
|
|
48
52
|
group from: :smart_standalone_launch do
|
|
49
53
|
title 'Standalone Launch With Limited Scope'
|
|
@@ -220,7 +224,11 @@ module ONCCertificationG10TestKit
|
|
|
220
224
|
smart_authorization_url: { locked: true, title: 'SMART Authorization Url' },
|
|
221
225
|
smart_token_url: { locked: true, title: 'SMART Token Url' },
|
|
222
226
|
received_scopes: { name: :limited_received_scopes },
|
|
223
|
-
smart_credentials: { name: :limited_smart_credentials }
|
|
227
|
+
smart_credentials: { name: :limited_smart_credentials },
|
|
228
|
+
client_auth_type: {
|
|
229
|
+
locked: true,
|
|
230
|
+
default: 'confidential_symmetric'
|
|
231
|
+
}
|
|
224
232
|
},
|
|
225
233
|
outputs: {
|
|
226
234
|
code: { name: :limited_code },
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
module ONCCertificationG10TestKit
|
|
2
2
|
class SMARTPublicStandaloneLaunchGroup < SMARTAppLaunch::StandaloneLaunchGroup
|
|
3
|
-
title 'Public Client Standalone Launch with OpenID Connect'
|
|
3
|
+
title 'SMART Public Client Standalone Launch with OpenID Connect'
|
|
4
4
|
short_title 'SMART Public Client Launch'
|
|
5
5
|
input_instructions %(
|
|
6
6
|
Register Inferno as a standalone application using the following information:
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
module ONCCertificationG10TestKit
|
|
2
2
|
class SMARTPublicStandaloneLaunchGroupSTU2 < SMARTAppLaunch::StandaloneLaunchGroupSTU2
|
|
3
|
-
title 'Public Client Standalone Launch with OpenID Connect'
|
|
3
|
+
title 'SMART Public Client Standalone Launch with OpenID Connect'
|
|
4
4
|
short_title 'SMART Public Client Launch'
|
|
5
5
|
input_instructions %(
|
|
6
6
|
Register Inferno as a standalone application using the following information:
|
|
@@ -70,6 +70,11 @@ module ONCCertificationG10TestKit
|
|
|
70
70
|
},
|
|
71
71
|
pkce_code_challenge_method: {
|
|
72
72
|
locked: true
|
|
73
|
+
},
|
|
74
|
+
client_auth_type: {
|
|
75
|
+
name: :public_client_auth_type,
|
|
76
|
+
locked: true,
|
|
77
|
+
default: 'public'
|
|
73
78
|
}
|
|
74
79
|
},
|
|
75
80
|
outputs: {
|
|
@@ -99,7 +104,10 @@ module ONCCertificationG10TestKit
|
|
|
99
104
|
:use_pkce,
|
|
100
105
|
:pkce_code_challenge_method,
|
|
101
106
|
:smart_authorization_url,
|
|
102
|
-
:smart_token_url
|
|
107
|
+
:smart_token_url,
|
|
108
|
+
:authorization_method,
|
|
109
|
+
:public_client_auth_type,
|
|
110
|
+
:client_auth_encryption_method
|
|
103
111
|
|
|
104
112
|
test from: :g10_patient_context,
|
|
105
113
|
config: {
|
|
@@ -54,7 +54,15 @@ module ONCCertificationG10TestKit
|
|
|
54
54
|
}
|
|
55
55
|
)
|
|
56
56
|
|
|
57
|
-
input_order :url,
|
|
57
|
+
input_order :url,
|
|
58
|
+
:standalone_client_id,
|
|
59
|
+
:standalone_client_secret,
|
|
60
|
+
:standalone_requested_scopes,
|
|
61
|
+
:use_pkce,
|
|
62
|
+
:pkce_code_challenge_method,
|
|
63
|
+
:standalone_authorization_method,
|
|
64
|
+
:client_auth_type,
|
|
65
|
+
:client_auth_encryption_method
|
|
58
66
|
|
|
59
67
|
group from: :smart_discovery do
|
|
60
68
|
required_suite_options(G10Options::SMART_1_REQUIREMENT)
|
|
@@ -204,6 +212,10 @@ module ONCCertificationG10TestKit
|
|
|
204
212
|
name: :standalone_authorization_method,
|
|
205
213
|
default: 'get',
|
|
206
214
|
locked: true
|
|
215
|
+
},
|
|
216
|
+
client_auth_type: {
|
|
217
|
+
locked: true,
|
|
218
|
+
default: 'confidential_symmetric'
|
|
207
219
|
}
|
|
208
220
|
}
|
|
209
221
|
} do
|
|
@@ -89,6 +89,7 @@ module ONCCertificationG10TestKit
|
|
|
89
89
|
message.type == 'error' && (
|
|
90
90
|
message.message.match?(/\A\S+: \S+: Unknown Code/) ||
|
|
91
91
|
message.message.match?(/\A\S+: \S+: None of the codings provided are in the value set/) ||
|
|
92
|
+
message.message.match?(/\A\S+: \S+: The code provided \(\S*\) is not in the value set/) ||
|
|
92
93
|
message.message.match?(/\A\S+: \S+: The Coding provided \(\S*\) is not in the value set/)
|
|
93
94
|
)
|
|
94
95
|
)
|
|
@@ -203,6 +204,12 @@ module ONCCertificationG10TestKit
|
|
|
203
204
|
]
|
|
204
205
|
|
|
205
206
|
config(
|
|
207
|
+
inputs: {
|
|
208
|
+
client_auth_encryption_method: {
|
|
209
|
+
title: 'Client Authentication Encryption Method',
|
|
210
|
+
locked: true
|
|
211
|
+
}
|
|
212
|
+
},
|
|
206
213
|
options: {
|
|
207
214
|
post_authorization_uri: "#{Inferno::Application['base_url']}/custom/smart_stu2/post_auth",
|
|
208
215
|
incorrectly_permitted_tls_version_message_type: 'warning'
|
|
@@ -240,7 +247,7 @@ module ONCCertificationG10TestKit
|
|
|
240
247
|
Systems may adopt later versions of standards than those named in the rule
|
|
241
248
|
as approved by the ONC Standards Version Advancement Process (SVAP).
|
|
242
249
|
Please select which approved version of each standard to use, and click
|
|
243
|
-
‘
|
|
250
|
+
‘Start Testing’ to begin testing.
|
|
244
251
|
)
|
|
245
252
|
|
|
246
253
|
input_instructions %(
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: onc_certification_g10_test_kit
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.8.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Stephen MacVicar
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-08-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bloomer
|
|
@@ -44,14 +44,14 @@ dependencies:
|
|
|
44
44
|
requirements:
|
|
45
45
|
- - ">="
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: 0.4.
|
|
47
|
+
version: 0.4.18
|
|
48
48
|
type: :runtime
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - ">="
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: 0.4.
|
|
54
|
+
version: 0.4.18
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: json-jwt
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -114,14 +114,14 @@ dependencies:
|
|
|
114
114
|
requirements:
|
|
115
115
|
- - '='
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: 0.
|
|
117
|
+
version: 0.3.0
|
|
118
118
|
type: :runtime
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - '='
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 0.
|
|
124
|
+
version: 0.3.0
|
|
125
125
|
- !ruby/object:Gem::Dependency
|
|
126
126
|
name: tls_test_kit
|
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|