RubyGems - onc_certification_g10_test_kit - Versions diffs - 7.1.0 → 7.2.0 - Mend

onc_certification_g10_test_kit 7.1.0 → 7.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (54) hide show

data/lib/onc_certification_g10_test_kit/single_patient_us_core_4_api_group.rb CHANGED Viewed

@@ -47,17 +47,17 @@ module ONCCertificationG10TestKit
             ID from the SMART App Launch contain all MUST SUPPORT elements.
           DESCRIPTION
           optional: true
-    input :smart_credentials,
+    input :smart_auth_info,
           title: 'SMART App Launch Credentials',
-          type: :oauth_credentials,
+          type: :auth_info,
           locked: true
     fhir_client do
       url :url
-      oauth_credentials :smart_credentials
+      auth_info :smart_auth_info
     end
-    input_order :url, :patient_id, :additional_patient_ids, :implantable_device_codes, :smart_credentials
+    input_order :url, :patient_id, :additional_patient_ids, :implantable_device_codes, :smart_auth_info
     config(
       options: {

data/lib/onc_certification_g10_test_kit/single_patient_us_core_5_api_group.rb CHANGED Viewed

@@ -48,14 +48,14 @@ module ONCCertificationG10TestKit
             ID from the SMART App Launch contain all MUST SUPPORT elements.
           DESCRIPTION
           optional: true
-    input :smart_credentials,
+    input :smart_auth_info,
           title: 'SMART App Launch Credentials',
-          type: :oauth_credentials,
+          type: :auth_info,
           locked: true
     fhir_client do
       url :url
-      oauth_credentials :smart_credentials
+      auth_info :smart_auth_info
     end
     # These tests can still be run if the user runs the entire suite at once
@@ -63,7 +63,7 @@ module ONCCertificationG10TestKit
       false
     end
-    input_order :url, :patient_id, :additional_patient_ids, :implantable_device_codes, :smart_credentials
+    input_order :url, :patient_id, :additional_patient_ids, :implantable_device_codes, :smart_auth_info
     config(
       options: {

data/lib/onc_certification_g10_test_kit/single_patient_us_core_6_api_group.rb CHANGED Viewed

@@ -48,17 +48,17 @@ module ONCCertificationG10TestKit
             ID from the SMART App Launch contain all MUST SUPPORT elements.
           DESCRIPTION
           optional: true
-    input :smart_credentials,
+    input :smart_auth_info,
           title: 'SMART App Launch Credentials',
-          type: :oauth_credentials,
+          type: :auth_info,
           locked: true
     fhir_client do
       url :url
-      oauth_credentials :smart_credentials
+      auth_info :smart_auth_info
     end
-    input_order :url, :patient_id, :additional_patient_ids, :implantable_device_codes, :smart_credentials
+    input_order :url, :patient_id, :additional_patient_ids, :implantable_device_codes, :smart_auth_info
     config(
       options: {

data/lib/onc_certification_g10_test_kit/single_patient_us_core_7_api_group.rb CHANGED Viewed

@@ -48,17 +48,17 @@ module ONCCertificationG10TestKit
             ID from the SMART App Launch contain all MUST SUPPORT elements.
           DESCRIPTION
           optional: true
-    input :smart_credentials,
+    input :smart_auth_info,
           title: 'SMART App Launch Credentials',
-          type: :oauth_credentials,
+          type: :auth_info,
           locked: true
     fhir_client do
       url :url
-      oauth_credentials :smart_credentials
+      auth_info :smart_auth_info
     end
-    input_order :url, :patient_id, :additional_patient_ids, :implantable_device_codes, :smart_credentials
+    input_order :url, :patient_id, :additional_patient_ids, :implantable_device_codes, :smart_auth_info
     config(
       options: {

data/lib/onc_certification_g10_test_kit/smart_app_launch_invalid_aud_group.rb CHANGED Viewed

@@ -1,5 +1,9 @@
+require_relative 'scope_constants'
 module ONCCertificationG10TestKit
   class SMARTAppLaunchInvalidAudGroup < Inferno::TestGroup
+    include ScopeConstants
     title 'Invalid AUD Parameter'
     short_title 'Invalid AUD Launch'
     input_instructions %(
@@ -37,40 +41,16 @@ module ONCCertificationG10TestKit
     config(
       inputs: {
-        client_id: {
-          name: :standalone_client_id,
-          title: 'Standalone Client ID',
-          description: 'Client ID provided during registration of Inferno as a standalone application'
-        },
-        requested_scopes: {
-          name: :standalone_requested_scopes,
-          title: 'Standalone Scope',
-          description: 'OAuth 2.0 scope provided by system to enable all required functionality',
-          type: 'textarea',
-          default: %(
-            launch/patient openid fhirUser offline_access
-            patient/Medication.read patient/AllergyIntolerance.read
-            patient/CarePlan.read patient/CareTeam.read patient/Condition.read
-            patient/Device.read patient/DiagnosticReport.read
-            patient/DocumentReference.read patient/Encounter.read
-            patient/Goal.read patient/Immunization.read patient/Location.read
-            patient/MedicationRequest.read patient/Observation.read
-            patient/Organization.read patient/Patient.read
-            patient/Practitioner.read patient/Procedure.read
-            patient/Provenance.read patient/PractitionerRole.read
-          ).gsub(/\s{2,}/, ' ').strip
+        smart_auth_info: {
+          name: :standalone_smart_auth_info,
+          title: 'Standalone Launch Credentials',
+          options: {
+            mode: 'auth'
+          }
         },
         url: {
           title: 'Standalone FHIR Endpoint',
           description: 'URL of the FHIR endpoint used by standalone applications'
-        },
-        smart_authorization_url: {
-          title: 'OAuth 2.0 Authorize Endpoint',
-          description: 'OAuth 2.0 Authorize Endpoint provided during the patient standalone launch'
-        },
-        smart_token_url: {
-          title: 'OAuth 2.0 Token Endpoint',
-          description: 'OAuth 2.0 Token Endpoint provided during the patient standalone launch'
         }
       },
       outputs: {
@@ -81,21 +61,38 @@ module ONCCertificationG10TestKit
       }
     )
-    input_order :url,
-                :standalone_client_id,
-                :standalone_client_secret,
-                :standalone_requested_scopes,
-                :use_pkce,
-                :pkce_code_challenge_method,
-                :smart_authorization_url
     test from: :smart_app_redirect do
       required_suite_options G10Options::SMART_1_REQUIREMENT
-      input :client_secret,
-            name: :standalone_client_secret,
-            title: 'Standalone Client Secret',
-            description: 'Client Secret provided during registration of Inferno as a standalone application'
+      config(
+        inputs: {
+          smart_auth_info: {
+            name: :standalone_smart_auth_info,
+            options: {
+              components: [
+                {
+                  name: :auth_type,
+                  default: 'symmetric',
+                  locked: true
+                },
+                {
+                  name: :auth_request_method,
+                  default: 'GET',
+                  locked: true
+                },
+                {
+                  name: :use_discovery,
+                  locked: true
+                },
+                {
+                  name: :requested_scopes,
+                  default: STANDALONE_SMART_1_SCOPES
+                }
+              ]
+            }
+          }
+        }
+      )
       def aud
         'https://inferno.healthit.gov/invalid_aud'
@@ -122,21 +119,44 @@ module ONCCertificationG10TestKit
       config(
         inputs: {
-          use_pkce: {
-            default: 'true',
-            locked: true
-          },
-          pkce_code_challenge_method: {
-            locked: true
+          smart_auth_info: {
+            name: :standalone_smart_auth_info,
+            options: {
+              components: [
+                {
+                  name: :auth_type,
+                  default: 'symmetric',
+                  locked: true
+                },
+                {
+                  name: :auth_request_method,
+                  default: 'GET',
+                  locked: true
+                },
+                {
+                  name: :use_discovery,
+                  locked: true
+                },
+                {
+                  name: :requested_scopes,
+                  default: STANDALONE_SMART_2_SCOPES
+                },
+                {
+                  name: :pkce_support,
+                  default: 'enabled',
+                  locked: true
+                },
+                {
+                  name: :pkce_code_challenge_method,
+                  default: 'S256',
+                  locked: true
+                }
+              ]
+            }
           }
         }
       )
-      input :client_secret,
-            name: :standalone_client_secret,
-            title: 'Standalone Client Secret',
-            description: 'Client Secret provided during registration of Inferno as a standalone application'
       def aud
         'https://inferno.healthit.gov/invalid_aud'
       end
@@ -161,21 +181,44 @@ module ONCCertificationG10TestKit
       config(
         inputs: {
-          use_pkce: {
-            default: 'true',
-            locked: true
-          },
-          pkce_code_challenge_method: {
-            locked: true
+          smart_auth_info: {
+            name: :standalone_smart_auth_info,
+            options: {
+              components: [
+                {
+                  name: :auth_type,
+                  default: 'symmetric',
+                  locked: true
+                },
+                {
+                  name: :auth_request_method,
+                  default: 'GET',
+                  locked: true
+                },
+                {
+                  name: :use_discovery,
+                  locked: true
+                },
+                {
+                  name: :requested_scopes,
+                  default: STANDALONE_SMART_2_SCOPES
+                },
+                {
+                  name: :pkce_support,
+                  default: 'enabled',
+                  locked: true
+                },
+                {
+                  name: :pkce_code_challenge_method,
+                  default: 'S256',
+                  locked: true
+                }
+              ]
+            }
           }
         }
       )
-      input :client_secret,
-            name: :standalone_client_secret,
-            title: 'Standalone Client Secret',
-            description: 'Client Secret provided during registration of Inferno as a standalone application'
       def aud
         'https://inferno.healthit.gov/invalid_aud'
       end

data/lib/onc_certification_g10_test_kit/smart_asymmetric_launch_group.rb CHANGED Viewed

@@ -1,8 +1,11 @@
 require_relative 'base_token_refresh_stu2_group'
 require_relative 'patient_context_test'
+require_relative 'scope_constants'
 module ONCCertificationG10TestKit
   class SMARTAsymmetricLaunchGroup < Inferno::TestGroup
+    include ScopeConstants
     title 'Asymmetric Client Standalone Launch'
     short_title 'Asymmetric Client Launch'
     description %(
@@ -46,35 +49,37 @@ module ONCCertificationG10TestKit
     config(
       inputs: {
-        client_id: {
-          name: :asymmetric_client_id,
-          title: 'Asymmetric Launch Client ID'
-        },
-        client_secret: {
-          name: :asymmetric_client_secret,
-          title: 'Asymmetric Launch Client Secret',
-          default: nil,
-          optional: true,
-          locked: true
-        },
-        requested_scopes: {
-          name: :asymmetric_requested_scopes,
-          title: 'Asymmetric Launch Scope',
-          default: %(
-            launch/patient openid fhirUser offline_access patient/Medication.rs
-            patient/AllergyIntolerance.rs patient/CarePlan.rs
-            patient/CareTeam.rs patient/Condition.rs patient/Device.rs
-            patient/DiagnosticReport.rs patient/DocumentReference.rs
-            patient/Encounter.rs patient/Goal.rs patient/Immunization.rs
-            patient/Location.rs patient/MedicationRequest.rs
-            patient/Observation.rs patient/Organization.rs patient/Patient.rs
-            patient/Practitioner.rs patient/Procedure.rs patient/Provenance.rs
-            patient/PractitionerRole.rs
-          ).gsub(/\s{2,}/, ' ').strip
-        },
-        url: {
-          title: 'Asymmetric Launch FHIR Endpoint',
-          description: 'URL of the FHIR endpoint used by standalone applications'
+        smart_auth_info: {
+          name: :asymmetric_smart_auth_info,
+          title: 'Asymmetric Launch Credentials',
+          options: {
+            mode: 'auth',
+            components: [
+              {
+                name: :auth_type,
+                default: 'asymmetric',
+                locked: true
+              },
+              {
+                name: :requested_scopes,
+                default: STANDALONE_SMART_2_SCOPES
+              },
+              {
+                name: :pkce_support,
+                default: 'enabled',
+                locked: true
+              },
+              {
+                name: :pkce_code_challenge_method,
+                default: 'S256',
+                locked: true
+              },
+              {
+                name: :jwks,
+                locked: true
+              }
+            ]
+          }
         },
         code: {
           name: :asymmetric_code
@@ -82,49 +87,22 @@ module ONCCertificationG10TestKit
         state: {
           name: :asymmetric_state
         },
-        smart_authorization_url: {
-          title: 'OAuth 2.0 Authorize Endpoint',
-          description: 'OAuth 2.0 Authorize Endpoint provided during the patient standalone launch'
-        },
-        smart_credentials: {
-          name: :asymmetric_smart_credentials
-        },
-        use_pkce: {
-          default: 'true',
-          locked: true
-        },
-        pkce_code_challenge_method: {
-          locked: true
-        },
-        client_auth_type: {
-          name: :asymmetric_client_auth_type,
-          locked: true,
-          default: 'confidential_asymmetric'
-        },
-        refresh_token: {
-          name: :asymmetric_refresh_token
-        },
         received_scopes: {
           name: :asymmetric_received_scopes
         },
-        client_auth_encryption_method: {
-          name: :asymmetric_client_auth_encryption_method,
-          locked: false
+        patient_id: {
+          name: :asymmetric_patient_id
         }
       },
       outputs: {
-        access_token: { name: :asymmetric_access_token },
         code: { name: :asymmetric_code },
         encounter_id: { name: :asymmetric_encounter_id },
-        expires_in: { name: :asymmetric_expires_in },
         id_token: { name: :asymmetric_id_token },
         intent: { name: :asymmetric_intent },
         patient_id: { name: :asymmetric_patient_id },
         received_scopes: { name: :asymmetric_received_scopes },
-        refresh_token: { name: :asymmetric_refresh_token },
-        smart_credentials: { name: :asymmetric_smart_credentials },
-        state: { name: :asymmetric_state },
-        token_retrieval_time: { name: :asymmetric_token_retrieval_time }
+        smart_auth_info: { name: :asymmetric_smart_auth_info },
+        state: { name: :asymmetric_state }
       },
       requests: {
         redirect: { name: :asymmetric_redirect },
@@ -132,16 +110,6 @@ module ONCCertificationG10TestKit
       }
     )
-    input_order :url,
-                :asymmetric_client_id,
-                :asymmetric_client_secret,
-                :asymmetric_requested_scopes,
-                :use_pkce,
-                :pkce_code_challenge_method,
-                :authorization_method,
-                :asymmetric_client_auth_type,
-                :client_auth_encryption_method
     group from: :smart_discovery_stu2,
           required_suite_options: G10Options::SMART_2_REQUIREMENT
     group from: :smart_discovery_stu2_2, # rubocop:disable Naming/VariableNumber
@@ -149,13 +117,7 @@ module ONCCertificationG10TestKit
     group from: :smart_standalone_launch_stu2 do
       required_suite_options(G10Options::SMART_2_REQUIREMENT)
-      test from: :g10_patient_context,
-           config: {
-             inputs: {
-               patient_id: { name: :asymmetric_patient_id },
-               smart_credentials: { name: :asymmetric_smart_credentials }
-             }
-           }
+      test from: :g10_patient_context
       test do
         title 'OAuth token exchange response contains OpenID Connect id_token'
@@ -175,15 +137,10 @@ module ONCCertificationG10TestKit
         end
       end
     end
     group from: :smart_standalone_launch_stu2_2 do # rubocop:disable Naming/VariableNumber
       required_suite_options(G10Options::SMART_2_2_REQUIREMENT)
-      test from: :g10_patient_context,
-           config: {
-             inputs: {
-               patient_id: { name: :asymmetric_patient_id },
-               smart_credentials: { name: :asymmetric_smart_credentials }
-             }
-           }
+      test from: :g10_patient_context
       test do
         title 'OAuth token exchange response contains OpenID Connect id_token'
@@ -209,10 +166,6 @@ module ONCCertificationG10TestKit
       test from: :g10_patient_context do
         config(
-          inputs: {
-            patient_id: { name: :asymmetric_patient_id },
-            smart_credentials: { name: :asymmetric_smart_credentials }
-          },
           options: {
             refresh_test: true
           }

data/lib/onc_certification_g10_test_kit/smart_ehr_patient_launch_group.rb CHANGED Viewed

@@ -33,17 +33,28 @@ module ONCCertificationG10TestKit
     config(
       inputs: {
-        client_id: {
-          name: :ehr_patient_client_id
-        },
-        client_secret: {
-          name: :ehr_patient_client_secret,
-          optional: false
-        },
-        requested_scopes: {
-          name: :ehr_patient_requested_scopes,
-          default: 'launch openid fhirUser offline_access patient/Patient.read',
-          locked: true
+        smart_auth_info: {
+          name: :ehr_patient_smart_auth_info,
+          title: 'EHR Launch with Patient Scopes Credentials',
+          options: {
+            mode: 'auth',
+            components: [
+              {
+                name: :auth_type,
+                default: 'symmetric',
+                locked: true
+              },
+              {
+                name: :requested_scopes,
+                default: 'launch openid fhirUser offline_access patient/Patient.read',
+                locked: true
+              },
+              {
+                name: :use_discovery,
+                locked: true
+              }
+            ]
+          }
         },
         code: {
           name: :ehr_patient_code
@@ -57,33 +68,20 @@ module ONCCertificationG10TestKit
         received_scopes: {
           name: :ehr_patient_received_scopes
         },
-        smart_credentials: {
-          name: :ehr_patient_smart_credentials
-        },
-        smart_authorization_url: {
-          title: 'OAuth 2.0 Authorize Endpoint',
-          description: 'OAuth 2.0 Authorize Endpoint provided during the EHR launch'
-        },
-        smart_token_url: {
-          title: 'OAuth 2.0 Token Endpoint',
-          description: 'OAuth 2.0 Token Endpoint provided during the EHR launch'
+        patient_id: {
+          name: :ehr_patient_patient_id
         }
       },
       outputs: {
         launch: { name: :ehr_patient_launch },
         code: { name: :ehr_patient_code },
-        token_retrieval_time: { name: :ehr_patient_token_retrieval_time },
         state: { name: :ehr_patient_state },
         id_token: { name: :ehr_patient_id_token },
-        refresh_token: { name: :ehr_patient_refresh_token },
-        access_token: { name: :ehr_patient_access_token },
-        expires_in: { name: :ehr_patient_expires_in },
         patient_id: { name: :ehr_patient_patient_id },
         encounter_id: { name: :ehr_patient_encounter_id },
         received_scopes: { name: :ehr_patient_received_scopes },
-        requested_scopes: { name: :ehr_patient_requested_scopes },
         intent: { name: :ehr_patient_intent },
-        smart_credentials: { name: :ehr_patient_smart_credentials }
+        smart_auth_info: { name: :ehr_patient_smart_auth_info }
       },
       requests: {
         redirect: { name: :ehr_patient_redirect },
@@ -91,20 +89,7 @@ module ONCCertificationG10TestKit
       }
     )
-    input_order :url,
-                :ehr_patient_client_id,
-                :ehr_patient_client_secret,
-                :smart_authorization_url,
-                :smart_token_url,
-                :ehr_patient_requested_scopes
-    test from: :g10_patient_context,
-         config: {
-           inputs: {
-             patient_id: { name: :ehr_patient_patient_id },
-             smart_credentials: { name: :ehr_patient_smart_credentials }
-           }
-         }
+    test from: :g10_patient_context
     test from: :g10_patient_scope,
          config: {
@@ -112,5 +97,10 @@ module ONCCertificationG10TestKit
              scope_version: :v1
            }
          }
+    test from: :well_known_endpoint
+    # Move the well-known endpoint test to the beginning
+    children.prepend(children.pop)
   end
 end