onc_certification_g10_test_kit 7.0.3 → 7.2.0

data/lib/onc_certification_g10_test_kit/smart_fine_grained_scopes_group.rb

@@ -6,7 +6,7 @@ module ONCCertificationG10TestKit
     input_instructions %(
       If necessary, register Inferno as a standalone application using the following information:
 
-      * Redirect URI: `#{SMARTAppLaunch::AppRedirectTest.config.options[:redirect_uri]}`
+      * Redirect URI: `#{REDIRECT_URI}`
 
       Inferno may be registered multiple times with different `client_ids`, or this
       may reuse a single registration of Inferno.`
@@ -92,6 +92,22 @@ module ONCCertificationG10TestKit
 
     input :url
 
+    config(
+      inputs: {
+        smart_auth_info: {
+          options: {
+            components: [
+              Inferno::DSL::AuthInfo.default_auth_type_component_without_backend_services,
+              {
+                name: :jwks,
+                locked: true
+              }
+            ]
+          }
+        }
+      }
+    )
+
     children.each(&:run_as_group)
 
     # Replace generic finer-grained scope auth group with which allows standalone or
@@ -125,64 +141,10 @@ module ONCCertificationG10TestKit
 
     config(
       inputs: {
-        authorization_method: {
-          name: :granular_scopes_authorization_method,
-          title: 'Granular Scopes Authorization Request Method'
-        },
-        client_auth_type: {
-          name: :granular_scopes_client_auth_type,
-          title: 'Granular Scopes Client Authentication Type'
-        },
         received_scopes: {
           name: :standalone_received_scopes
         }
       }
     )
-
-    granular_scopes_group1.config(
-      inputs: {
-        client_id: {
-          name: :granular_scopes1_client_id,
-          title: 'Granular Scopes Group 1 Client ID'
-        },
-        client_secret: {
-          name: :granular_scopes1_client_secret,
-          title: 'Granular Scopes Group 1 Client Secret'
-        },
-        requested_scopes: {
-          title: 'Granular Scopes Group 1 Scopes'
-        }
-      }
-    )
-
-    granular_scopes_group2.config(
-      inputs: {
-        client_id: {
-          name: :granular_scopes2_client_id,
-          title: 'Granular Scopes Group 2 Client ID'
-        },
-        client_secret: {
-          name: :granular_scopes2_client_secret,
-          title: 'Granular Scopes Group 2 Client Secret'
-        },
-        requested_scopes: {
-          title: 'Granular Scopes Group 2 Scopes'
-        }
-      }
-    )
-
-    input_order :url,
-                :granular_scopes1_client_id,
-                :requested_scopes_group1,
-                :granular_scopes_authorization_method,
-                :granular_scopes_client_auth_type,
-                :granular_scopes1_client_secret,
-                :client_auth_encryption_method,
-                :granular_scopes2_client_id,
-                :requested_scopes_group2,
-                :granular_scopes2_client_secret,
-                :use_pkce,
-                :pkce_code_challenge_method,
-                :patient_ids
   end
 end

data/lib/onc_certification_g10_test_kit/smart_fine_grained_scopes_group_stu2_2.rb

@@ -6,7 +6,7 @@ module ONCCertificationG10TestKit
     input_instructions %(
       If necessary, register Inferno as a standalone application using the following information:
 
-      * Redirect URI: `#{SMARTAppLaunch::AppRedirectTest.config.options[:redirect_uri]}`
+      * Redirect URI: `#{REDIRECT_URI}`
 
       Inferno may be registered multiple times with different `client_ids`, or this
       may reuse a single registration of Inferno.`
@@ -92,6 +92,22 @@ module ONCCertificationG10TestKit
 
     input :url
 
+    config(
+      inputs: {
+        smart_auth_info: {
+          options: {
+            components: [
+              Inferno::DSL::AuthInfo.default_auth_type_component_without_backend_services,
+              {
+                name: :jwks,
+                locked: true
+              }
+            ]
+          }
+        }
+      }
+    )
+
     children.each(&:run_as_group)
 
     # Replace generic finer-grained scope auth group with which allows standalone or
@@ -125,64 +141,10 @@ module ONCCertificationG10TestKit
 
     config(
       inputs: {
-        authorization_method: {
-          name: :granular_scopes_authorization_method,
-          title: 'Granular Scopes Authorization Request Method'
-        },
-        client_auth_type: {
-          name: :granular_scopes_client_auth_type,
-          title: 'Granular Scopes Client Authentication Type'
-        },
         received_scopes: {
           name: :standalone_received_scopes
         }
       }
     )
-
-    granular_scopes_group1.config(
-      inputs: {
-        client_id: {
-          name: :granular_scopes1_client_id,
-          title: 'Granular Scopes Group 1 Client ID'
-        },
-        client_secret: {
-          name: :granular_scopes1_client_secret,
-          title: 'Granular Scopes Group 1 Client Secret'
-        },
-        requested_scopes: {
-          title: 'Granular Scopes Group 1 Scopes'
-        }
-      }
-    )
-
-    granular_scopes_group2.config(
-      inputs: {
-        client_id: {
-          name: :granular_scopes2_client_id,
-          title: 'Granular Scopes Group 2 Client ID'
-        },
-        client_secret: {
-          name: :granular_scopes2_client_secret,
-          title: 'Granular Scopes Group 2 Client Secret'
-        },
-        requested_scopes: {
-          title: 'Granular Scopes Group 2 Scopes'
-        }
-      }
-    )
-
-    input_order :url,
-                :granular_scopes1_client_id,
-                :requested_scopes_group1,
-                :granular_scopes_authorization_method,
-                :granular_scopes_client_auth_type,
-                :granular_scopes1_client_secret,
-                :client_auth_encryption_method,
-                :granular_scopes2_client_id,
-                :requested_scopes_group2,
-                :granular_scopes2_client_secret,
-                :use_pkce,
-                :pkce_code_challenge_method,
-                :patient_ids
   end
 end

data/lib/onc_certification_g10_test_kit/smart_fine_grained_scopes_us_core_7_group.rb

@@ -6,7 +6,7 @@ module ONCCertificationG10TestKit
     input_instructions %(
       If necessary, register Inferno as a standalone application using the following information:
 
-      * Redirect URI: `#{SMARTAppLaunch::AppRedirectTest.config.options[:redirect_uri]}`
+      * Redirect URI: `#{REDIRECT_URI}`
 
       Inferno may be registered multiple times with different `client_ids`, or this
       may reuse a single registration of Inferno.`
@@ -92,6 +92,22 @@ module ONCCertificationG10TestKit
 
     input :url
 
+    config(
+      inputs: {
+        smart_auth_info: {
+          options: {
+            components: [
+              Inferno::DSL::AuthInfo.default_auth_type_component_without_backend_services,
+              {
+                name: :jwks,
+                locked: true
+              }
+            ]
+          }
+        }
+      }
+    )
+
     children.each(&:run_as_group)
 
     # Replace generic finer-grained scope auth group with which allows standalone or
@@ -125,64 +141,10 @@ module ONCCertificationG10TestKit
 
     config(
       inputs: {
-        authorization_method: {
-          name: :granular_scopes_authorization_method,
-          title: 'Granular Scopes Authorization Request Method'
-        },
-        client_auth_type: {
-          name: :granular_scopes_client_auth_type,
-          title: 'Granular Scopes Client Authentication Type'
-        },
         received_scopes: {
           name: :standalone_received_scopes
         }
       }
     )
-
-    granular_scopes_group1.config(
-      inputs: {
-        client_id: {
-          name: :granular_scopes1_client_id,
-          title: 'Granular Scopes Group 1 Client ID'
-        },
-        client_secret: {
-          name: :granular_scopes1_client_secret,
-          title: 'Granular Scopes Group 1 Client Secret'
-        },
-        requested_scopes: {
-          title: 'Granular Scopes Group 1 Scopes'
-        }
-      }
-    )
-
-    granular_scopes_group2.config(
-      inputs: {
-        client_id: {
-          name: :granular_scopes2_client_id,
-          title: 'Granular Scopes Group 2 Client ID'
-        },
-        client_secret: {
-          name: :granular_scopes2_client_secret,
-          title: 'Granular Scopes Group 2 Client Secret'
-        },
-        requested_scopes: {
-          title: 'Granular Scopes Group 2 Scopes'
-        }
-      }
-    )
-
-    input_order :url,
-                :granular_scopes1_client_id,
-                :requested_scopes_group1,
-                :granular_scopes_authorization_method,
-                :granular_scopes_client_auth_type,
-                :granular_scopes1_client_secret,
-                :client_auth_encryption_method,
-                :granular_scopes2_client_id,
-                :requested_scopes_group2,
-                :granular_scopes2_client_secret,
-                :use_pkce,
-                :pkce_code_challenge_method,
-                :patient_ids
   end
 end

data/lib/onc_certification_g10_test_kit/smart_fine_grained_scopes_us_core_7_group_stu2_2.rb

@@ -6,7 +6,7 @@ module ONCCertificationG10TestKit
     input_instructions %(
       If necessary, register Inferno as a standalone application using the following information:
 
-      * Redirect URI: `#{SMARTAppLaunch::AppRedirectTest.config.options[:redirect_uri]}`
+      * Redirect URI: `#{REDIRECT_URI}`
 
       Inferno may be registered multiple times with different `client_ids`, or this
       may reuse a single registration of Inferno.`
@@ -92,6 +92,22 @@ module ONCCertificationG10TestKit
 
     input :url
 
+    config(
+      inputs: {
+        smart_auth_info: {
+          options: {
+            components: [
+              Inferno::DSL::AuthInfo.default_auth_type_component_without_backend_services,
+              {
+                name: :jwks,
+                locked: true
+              }
+            ]
+          }
+        }
+      }
+    )
+
     children.each(&:run_as_group)
 
     # Replace generic finer-grained scope auth group with which allows standalone or
@@ -125,64 +141,10 @@ module ONCCertificationG10TestKit
 
     config(
       inputs: {
-        authorization_method: {
-          name: :granular_scopes_authorization_method,
-          title: 'Granular Scopes Authorization Request Method'
-        },
-        client_auth_type: {
-          name: :granular_scopes_client_auth_type,
-          title: 'Granular Scopes Client Authentication Type'
-        },
         received_scopes: {
           name: :standalone_received_scopes
         }
       }
     )
-
-    granular_scopes_group1.config(
-      inputs: {
-        client_id: {
-          name: :granular_scopes1_client_id,
-          title: 'Granular Scopes Group 1 Client ID'
-        },
-        client_secret: {
-          name: :granular_scopes1_client_secret,
-          title: 'Granular Scopes Group 1 Client Secret'
-        },
-        requested_scopes: {
-          title: 'Granular Scopes Group 1 Scopes'
-        }
-      }
-    )
-
-    granular_scopes_group2.config(
-      inputs: {
-        client_id: {
-          name: :granular_scopes2_client_id,
-          title: 'Granular Scopes Group 2 Client ID'
-        },
-        client_secret: {
-          name: :granular_scopes2_client_secret,
-          title: 'Granular Scopes Group 2 Client Secret'
-        },
-        requested_scopes: {
-          title: 'Granular Scopes Group 2 Scopes'
-        }
-      }
-    )
-
-    input_order :url,
-                :granular_scopes1_client_id,
-                :requested_scopes_group1,
-                :granular_scopes_authorization_method,
-                :granular_scopes_client_auth_type,
-                :granular_scopes1_client_secret,
-                :client_auth_encryption_method,
-                :granular_scopes2_client_id,
-                :requested_scopes_group2,
-                :granular_scopes2_client_secret,
-                :use_pkce,
-                :pkce_code_challenge_method,
-                :patient_ids
   end
 end

data/lib/onc_certification_g10_test_kit/smart_granular_scope_selection_group.rb

@@ -10,10 +10,10 @@ module ONCCertificationG10TestKit
     input_instructions %(
       If necessary, register Inferno as a standalone application using the following information:
 
-      * Redirect URI: `#{SMARTAppLaunch::AppRedirectTest.config.options[:redirect_uri]}`
+      * Redirect URI: `#{REDIRECT_URI}`
 
       Once the test is running, Inferno will perform a launch.  The tester must grant
-      a sub-resource scope for each Conditoin and Observation, instead of granting
+      a sub-resource scope for each Condition and Observation, instead of granting
       access to all Condition and Observation resources:
 
       * “Condition” sub-resource scopes “Encounter Diagnosis”, “Problem List”,
@@ -66,21 +66,36 @@ module ONCCertificationG10TestKit
 
     config(
       inputs: {
-        use_pkce: {
-          default: 'true',
-          locked: true
-        },
-        pkce_code_challenge_method: {
-          locked: true
-        },
-        granular_scope_selection_authorization_method: {
-          name: :granular_scope_selection_authorization_method,
-          default: 'get'
-        },
-        client_auth_type: {
-          name: :granular_scope_selection_client_auth_type,
-          default: 'confidential_asymmetric'
+        received_scopes: { name: :granular_scope_selection_v2_received_scopes },
+        smart_auth_info: {
+          name: :granular_scopes_selection_smart_auth_info,
+          title: 'Granular Scope Selection Credentials',
+          options: {
+            mode: 'auth',
+            components: [
+              Inferno::DSL::AuthInfo.default_auth_type_component_without_backend_services,
+              {
+                name: :use_discovery,
+                locked: true
+              },
+              {
+                name: :requested_scopes,
+                default: %(
+                  launch/patient openid fhirUser offline_access patient/Condition.rs
+                  patient/Observation.rs patient/Patient.rs
+                ).gsub(/\s{2,}/, ' ').strip
+              },
+              {
+                name: :jwks,
+                locked: true
+              }
+            ]
+          }
         }
+      },
+      outputs: {
+        smart_auth_info: { name: :granular_scopes_selection_smart_auth_info },
+        received_scopes: { name: :granular_scope_selection_v2_received_scopes }
       }
     )
 
@@ -95,31 +110,6 @@ module ONCCertificationG10TestKit
       title 'Granular Scope Selection with v2 Scopes'
 
       config(
-        inputs: {
-          client_id: {
-            name: :granular_scope_selection_v2_client_id,
-            title: 'Granular Scope Selection w/v2 Scopes Client ID'
-          },
-          client_secret: {
-            name: :granular_scope_selection_v2_client_secret,
-            title: 'Granular Scope Selection w/v2 Scopes Client Secret',
-            default: nil,
-            optional: true
-          },
-          requested_scopes: {
-            name: :granular_scope_selection_v2_requested_scopes,
-            title: 'Granular Scope Selection v2 Scopes',
-            default: %(
-              launch/patient openid fhirUser offline_access patient/Condition.rs
-              patient/Observation.rs patient/Patient.rs
-            ).gsub(/\s{2,}/, ' ').strip
-          },
-          received_scopes: { name: :granular_scope_selection_v2_received_scopes }
-        },
-        outputs: {
-          requested_scopes: { name: :granular_scope_selection_v2_requested_scopes },
-          received_scopes: { name: :granular_scope_selection_v2_received_scopes }
-        },
         options: {
           redirect_message_proc: proc do |auth_url|
             %(
@@ -128,7 +118,7 @@ module ONCCertificationG10TestKit
               [Follow this link to authorize with the SMART server](#{auth_url}).
 
               Tests will resume once Inferno receives a request at
-              `#{config.options[:redirect_uri]}` with a state of `#{state}`.
+              `#{REDIRECT_URI}` with a state of `#{state}`.
             )
           end,
           ignore_missing_scopes_check: true
@@ -157,31 +147,6 @@ module ONCCertificationG10TestKit
       title 'Granular Scope Selection with v2 Scopes'
 
       config(
-        inputs: {
-          client_id: {
-            name: :granular_scope_selection_v2_client_id,
-            title: 'Granular Scope Selection w/v2 Scopes Client ID'
-          },
-          client_secret: {
-            name: :granular_scope_selection_v2_client_secret,
-            title: 'Granular Scope Selection w/v2 Scopes Client Secret',
-            default: nil,
-            optional: true
-          },
-          requested_scopes: {
-            name: :granular_scope_selection_v2_requested_scopes,
-            title: 'Granular Scope Selection v2 Scopes',
-            default: %(
-              launch/patient openid fhirUser offline_access patient/Condition.rs
-              patient/Observation.rs patient/Patient.rs
-            ).gsub(/\s{2,}/, ' ').strip
-          },
-          received_scopes: { name: :granular_scope_selection_v2_received_scopes }
-        },
-        outputs: {
-          requested_scopes: { name: :granular_scope_selection_v2_requested_scopes },
-          received_scopes: { name: :granular_scope_selection_v2_received_scopes }
-        },
         options: {
           redirect_message_proc: proc do |auth_url|
             %(
@@ -190,7 +155,7 @@ module ONCCertificationG10TestKit
               [Follow this link to authorize with the SMART server](#{auth_url}).
 
               Tests will resume once Inferno receives a request at
-              `#{config.options[:redirect_uri]}` with a state of `#{state}`.
+              `#{REDIRECT_URI}` with a state of `#{state}`.
             )
           end,
           ignore_missing_scopes_check: true

data/lib/onc_certification_g10_test_kit/smart_granular_scope_selection_test.rb

@@ -7,7 +7,8 @@ module ONCCertificationG10TestKit
       Patient resource.
     )
     id :g10_smart_granular_scope_selection
-    input :requested_scopes, :received_scopes
+    input :received_scopes
+    input :smart_auth_info, type: :auth_info
 
     def resources_with_granular_scopes
       ['Condition', 'Observation']
@@ -26,8 +27,8 @@ module ONCCertificationG10TestKit
     end
 
     run do
-      assert requested_scopes.present?
-      requested_scopes = self.requested_scopes.split
+      assert smart_auth_info.requested_scopes.present?
+      requested_scopes = smart_auth_info.requested_scopes.split
       (resources_with_granular_scopes + ['Patient']).each do |resource_type|
         assert requested_scopes.any? { |scope| scope.match(resource_level_scope_regex(resource_type)) },
                "No resource-level scope was requested for #{resource_type}"