RubyGems - onc_certification_g10_test_kit - Versions diffs - 7.1.0 → 7.2.0 - Mend

onc_certification_g10_test_kit 7.1.0 → 7.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (54) hide show

data/lib/onc_certification_g10_test_kit/smart_ehr_practitioner_app_group.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 require_relative 'base_token_refresh_group'
+require_relative 'scope_constants'
 require_relative 'smart_invalid_token_refresh_test'
 require_relative 'smart_scopes_test'
 require_relative 'unauthorized_access_test'
@@ -7,6 +8,8 @@ require_relative 'encounter_context_test'
 module ONCCertificationG10TestKit
   class SmartEHRPractitionerAppGroup < Inferno::TestGroup
+    include ScopeConstants
     title 'EHR Practitioner App'
     short_title 'EHR Practitioner App'
     input_instructions %(
@@ -65,29 +68,36 @@ module ONCCertificationG10TestKit
     config(
       inputs: {
-        smart_credentials: {
-          name: :ehr_smart_credentials
-        },
-        client_auth_type: {
-          locked: true,
-          default: 'confidential_symmetric'
+        smart_auth_info: {
+          name: :ehr_smart_auth_info,
+          title: 'EHR Launch Credentials',
+          options: {
+            mode: 'auth',
+            components: [
+              {
+                name: :auth_type,
+                default: 'symmetric',
+                locked: true
+              },
+              {
+                name: :use_discovery,
+                locked: true
+              }
+            ]
+          }
         }
       }
     )
-    input_order :url,
-                :ehr_client_id,
-                :ehr_client_secret,
-                :ehr_requested_scopes,
-                :use_pkce,
-                :pkce_code_challenge_method,
-                :ehr_authorization_method,
-                :client_auth_type,
-                :client_auth_encryption_method
     group from: :smart_discovery do
       required_suite_options(G10Options::SMART_1_REQUIREMENT)
+      config(
+        outputs: {
+          smart_auth_info: { name: :ehr_smart_auth_info }
+        }
+      )
       test from: 'g10_smart_well_known_capabilities',
            config: {
              options: {
@@ -108,6 +118,12 @@ module ONCCertificationG10TestKit
     group from: :smart_discovery_stu2 do
       required_suite_options(G10Options::SMART_2_REQUIREMENT)
+      config(
+        outputs: {
+          smart_auth_info: { name: :ehr_smart_auth_info }
+        }
+      )
       test from: 'g10_smart_well_known_capabilities',
            config: {
              options: {
@@ -132,6 +148,12 @@ module ONCCertificationG10TestKit
     group from: :smart_discovery_stu2_2 do # rubocop:disable Naming/VariableNumber
       required_suite_options(G10Options::SMART_2_2_REQUIREMENT)
+      config(
+        outputs: {
+          smart_auth_info: { name: :ehr_smart_auth_info }
+        }
+      )
       test from: 'g10_smart_well_known_capabilities',
            config: {
              options: {
@@ -157,26 +179,19 @@ module ONCCertificationG10TestKit
       required_suite_options(G10Options::SMART_1_REQUIREMENT)
       title 'EHR Launch With Practitioner Scope'
-      input :client_secret,
-            name: :ehr_client_secret,
-            title: 'EHR Launch Client Secret',
-            description: 'Client Secret provided during registration of Inferno as an EHR launch application',
-            optional: false
       config(
         inputs: {
-          requested_scopes: {
-            default: %(
-              launch openid fhirUser offline_access user/Medication.read
-              user/AllergyIntolerance.read user/CarePlan.read user/CareTeam.read
-              user/Condition.read user/Device.read user/DiagnosticReport.read
-              user/DocumentReference.read user/Encounter.read user/Goal.read
-              user/Immunization.read user/Location.read
-              user/MedicationRequest.read user/Observation.read
-              user/Organization.read user/Patient.read user/Practitioner.read
-              user/Procedure.read user/Provenance.read
-              user/PractitionerRole.read
-            ).gsub(/\s{2,}/, ' ').strip
+          smart_auth_info: {
+            name: :ehr_smart_auth_info,
+            options: {
+              components: [
+                {
+                  name: :requested_scopes,
+                  default: EHR_SMART_1_SCOPES
+                }
+              ]
+            }
           }
         }
       )
@@ -185,7 +200,6 @@ module ONCCertificationG10TestKit
         title 'User-level access with OpenID Connect and Refresh Token scopes used.'
         config(
           inputs: {
-            requested_scopes: { name: :ehr_requested_scopes },
             received_scopes: { name: :ehr_received_scopes }
           },
           options: {
@@ -206,16 +220,14 @@ module ONCCertificationG10TestKit
       test from: :g10_patient_context,
            config: {
              inputs: {
-               patient_id: { name: :ehr_patient_id },
-               access_token: { name: :ehr_access_token }
+               patient_id: { name: :ehr_patient_id }
              }
            }
       test from: :g10_encounter_context,
            config: {
              inputs: {
-               encounter_id: { name: :ehr_encounter_id },
-               access_token: { name: :ehr_access_token }
+               encounter_id: { name: :ehr_encounter_id }
              }
            },
            required_suite_options: G10Options::US_CORE_5_REQUIREMENT
@@ -224,8 +236,7 @@ module ONCCertificationG10TestKit
            id: :g10_encounter_context_us_core_6, # rubocop:disable Naming/VariableNumber
            config: {
              inputs: {
-               encounter_id: { name: :ehr_encounter_id },
-               access_token: { name: :ehr_access_token }
+               encounter_id: { name: :ehr_encounter_id }
              }
            },
            required_suite_options: G10Options::US_CORE_6_REQUIREMENT
@@ -234,8 +245,7 @@ module ONCCertificationG10TestKit
            id: :g10_encounter_context_us_core_7, # rubocop:disable Naming/VariableNumber
            config: {
              inputs: {
-               encounter_id: { name: :ehr_encounter_id },
-               access_token: { name: :ehr_access_token }
+               encounter_id: { name: :ehr_encounter_id }
              }
            },
            required_suite_options: G10Options::US_CORE_7_REQUIREMENT
@@ -304,45 +314,28 @@ module ONCCertificationG10TestKit
       )
     end
-    group from: :smart_ehr_launch_stu2,
-          config: {
-            inputs: {
-              use_pkce: {
-                default: 'true',
-                locked: true
-              },
-              pkce_code_challenge_method: {
-                locked: true
-              },
-              authorization_method: {
-                name: :ehr_authorization_method,
-                default: 'post',
-                locked: true
-              }
-            }
-          } do
+    group from: :smart_ehr_launch_stu2 do
       required_suite_options(G10Options::SMART_2_REQUIREMENT)
       title 'EHR Launch With Practitioner Scope'
-      input :client_secret,
-            name: :ehr_client_secret,
-            title: 'EHR Launch Client Secret',
-            description: 'Client Secret provided during registration of Inferno as an EHR launch application',
-            optional: false
       config(
         inputs: {
-          requested_scopes: {
-            default: %(
-              launch openid fhirUser offline_access user/Medication.rs
-              user/AllergyIntolerance.rs user/CarePlan.rs user/CareTeam.rs
-              user/Condition.rs user/Device.rs user/DiagnosticReport.rs
-              user/DocumentReference.rs user/Encounter.rs user/Goal.rs
-              user/Immunization.rs user/Location.rs user/MedicationRequest.rs
-              user/Observation.rs user/Organization.rs user/Patient.rs
-              user/Practitioner.rs user/Procedure.rs user/Provenance.rs
-              user/PractitionerRole.rs
-            ).gsub(/\s{2,}/, ' ').strip
+          smart_auth_info: {
+            name: :ehr_smart_auth_info,
+            options: {
+              components: [
+                {
+                  name: :requested_scopes,
+                  default: EHR_SMART_2_SCOPES
+                },
+                {
+                  name: :auth_request_method,
+                  default: 'POST',
+                  locked: true
+                }
+              ]
+            }
           }
         }
       )
@@ -351,7 +344,6 @@ module ONCCertificationG10TestKit
         title 'User-level access with OpenID Connect and Refresh Token scopes used.'
         config(
           inputs: {
-            requested_scopes: { name: :ehr_requested_scopes },
             received_scopes: { name: :ehr_received_scopes }
           },
           options: {
@@ -372,16 +364,14 @@ module ONCCertificationG10TestKit
       test from: :g10_patient_context,
            config: {
              inputs: {
-               patient_id: { name: :ehr_patient_id },
-               access_token: { name: :ehr_access_token }
+               patient_id: { name: :ehr_patient_id }
              }
            }
       test from: :g10_encounter_context,
            config: {
              inputs: {
-               encounter_id: { name: :ehr_encounter_id },
-               access_token: { name: :ehr_access_token }
+               encounter_id: { name: :ehr_encounter_id }
              }
            },
            required_suite_options: G10Options::US_CORE_5_REQUIREMENT
@@ -390,8 +380,7 @@ module ONCCertificationG10TestKit
            id: :g10_encounter_context_us_core_6, # rubocop:disable Naming/VariableNumber
            config: {
              inputs: {
-               encounter_id: { name: :ehr_encounter_id },
-               access_token: { name: :ehr_access_token }
+               encounter_id: { name: :ehr_encounter_id }
              }
            },
            required_suite_options: G10Options::US_CORE_6_REQUIREMENT
@@ -400,8 +389,7 @@ module ONCCertificationG10TestKit
            id: :g10_encounter_context_us_core_7, # rubocop:disable Naming/VariableNumber
            config: {
              inputs: {
-               encounter_id: { name: :ehr_encounter_id },
-               access_token: { name: :ehr_access_token }
+               encounter_id: { name: :ehr_encounter_id }
              }
            },
            required_suite_options: G10Options::US_CORE_7_REQUIREMENT
@@ -470,45 +458,28 @@ module ONCCertificationG10TestKit
       )
     end
-    group from: :smart_ehr_launch_stu2_2, # rubocop:disable Naming/VariableNumber
-          config: {
-            inputs: {
-              use_pkce: {
-                default: 'true',
-                locked: true
-              },
-              pkce_code_challenge_method: {
-                locked: true
-              },
-              authorization_method: {
-                name: :ehr_authorization_method,
-                default: 'post',
-                locked: true
-              }
-            }
-          } do
+    group from: :smart_ehr_launch_stu2_2 do # rubocop:disable Naming/VariableNumber
       required_suite_options(G10Options::SMART_2_2_REQUIREMENT)
       title 'EHR Launch With Practitioner Scope'
-      input :client_secret,
-            name: :ehr_client_secret,
-            title: 'EHR Launch Client Secret',
-            description: 'Client Secret provided during registration of Inferno as an EHR launch application',
-            optional: false
       config(
         inputs: {
-          requested_scopes: {
-            default: %(
-              launch openid fhirUser offline_access user/Medication.rs
-              user/AllergyIntolerance.rs user/CarePlan.rs user/CareTeam.rs
-              user/Condition.rs user/Device.rs user/DiagnosticReport.rs
-              user/DocumentReference.rs user/Encounter.rs user/Goal.rs
-              user/Immunization.rs user/Location.rs user/MedicationRequest.rs
-              user/Observation.rs user/Organization.rs user/Patient.rs
-              user/Practitioner.rs user/Procedure.rs user/Provenance.rs
-              user/PractitionerRole.rs
-            ).gsub(/\s{2,}/, ' ').strip
+          smart_auth_info: {
+            name: :ehr_smart_auth_info,
+            options: {
+              components: [
+                {
+                  name: :requested_scopes,
+                  default: EHR_SMART_2_SCOPES
+                },
+                {
+                  name: :auth_request_method,
+                  default: 'POST',
+                  locked: true
+                }
+              ]
+            }
           }
         }
       )
@@ -517,7 +488,6 @@ module ONCCertificationG10TestKit
         title 'User-level access with OpenID Connect and Refresh Token scopes used.'
         config(
           inputs: {
-            requested_scopes: { name: :ehr_requested_scopes },
             received_scopes: { name: :ehr_received_scopes }
           },
           options: {
@@ -538,16 +508,14 @@ module ONCCertificationG10TestKit
       test from: :g10_patient_context,
            config: {
              inputs: {
-               patient_id: { name: :ehr_patient_id },
-               access_token: { name: :ehr_access_token }
+               patient_id: { name: :ehr_patient_id }
              }
            }
       test from: :g10_encounter_context,
            config: {
              inputs: {
-               encounter_id: { name: :ehr_encounter_id },
-               access_token: { name: :ehr_access_token }
+               encounter_id: { name: :ehr_encounter_id }
              }
            },
            required_suite_options: G10Options::US_CORE_5_REQUIREMENT
@@ -556,8 +524,7 @@ module ONCCertificationG10TestKit
            id: :g10_encounter_context_us_core_6, # rubocop:disable Naming/VariableNumber
            config: {
              inputs: {
-               encounter_id: { name: :ehr_encounter_id },
-               access_token: { name: :ehr_access_token }
+               encounter_id: { name: :ehr_encounter_id }
              }
            },
            required_suite_options: G10Options::US_CORE_6_REQUIREMENT
@@ -566,8 +533,7 @@ module ONCCertificationG10TestKit
            id: :g10_encounter_context_us_core_7, # rubocop:disable Naming/VariableNumber
            config: {
              inputs: {
-               encounter_id: { name: :ehr_encounter_id },
-               access_token: { name: :ehr_access_token }
+               encounter_id: { name: :ehr_encounter_id }
              }
            },
            required_suite_options: G10Options::US_CORE_7_REQUIREMENT
@@ -641,9 +607,7 @@ module ONCCertificationG10TestKit
           config: {
             inputs: {
               id_token: { name: :ehr_id_token },
-              client_id: { name: :ehr_client_id },
-              requested_scopes: { name: :ehr_requested_scopes },
-              smart_credentials: { name: :ehr_smart_credentials }
+              smart_auth_info: { name: :ehr_smart_auth_info }
             }
           }
@@ -653,9 +617,7 @@ module ONCCertificationG10TestKit
           config: {
             inputs: {
               id_token: { name: :ehr_id_token },
-              client_id: { name: :ehr_client_id },
-              requested_scopes: { name: :ehr_requested_scopes },
-              smart_credentials: { name: :ehr_smart_credentials }
+              smart_auth_info: { name: :ehr_smart_auth_info }
             }
           }
@@ -664,9 +626,7 @@ module ONCCertificationG10TestKit
           config: {
             inputs: {
               id_token: { name: :ehr_id_token },
-              client_id: { name: :ehr_client_id },
-              requested_scopes: { name: :ehr_requested_scopes },
-              smart_credentials: { name: :ehr_smart_credentials }
+              smart_auth_info: { name: :ehr_smart_auth_info }
             }
           }
@@ -675,9 +635,6 @@ module ONCCertificationG10TestKit
       config(
         inputs: {
-          refresh_token: { name: :ehr_refresh_token },
-          client_id: { name: :ehr_client_id },
-          client_secret: { name: :ehr_client_secret },
           received_scopes: { name: :ehr_received_scopes }
         },
         outputs: {
@@ -686,7 +643,7 @@ module ONCCertificationG10TestKit
           access_token: { name: :ehr_access_token },
           token_retrieval_time: { name: :ehr_token_retrieval_time },
           expires_in: { name: :ehr_expires_in },
-          smart_credentials: { name: :ehr_smart_credentials }
+          smart_auth_info: { name: :ehr_smart_auth_info }
         }
       )
@@ -709,12 +666,12 @@ module ONCCertificationG10TestKit
       id :g10_ehr_credentials_export
       title 'Set SMART Credentials to EHR Launch Credentials'
-      input :ehr_smart_credentials, type: :oauth_credentials
+      input :ehr_smart_auth_info, type: :auth_info
       input :ehr_patient_id
-      output :smart_credentials, :patient_id
+      output :smart_auth_info, :patient_id
       run do
-        output smart_credentials: ehr_smart_credentials.to_s,
+        output smart_auth_info: ehr_smart_auth_info.to_s,
                patient_id: ehr_patient_id
       end
     end

data/lib/onc_certification_g10_test_kit/smart_fine_grained_scopes_group.rb CHANGED Viewed

@@ -92,6 +92,22 @@ module ONCCertificationG10TestKit
     input :url
+    config(
+      inputs: {
+        smart_auth_info: {
+          options: {
+            components: [
+              Inferno::DSL::AuthInfo.default_auth_type_component_without_backend_services,
+              {
+                name: :jwks,
+                locked: true
+              }
+            ]
+          }
+        }
+      }
+    )
     children.each(&:run_as_group)
     # Replace generic finer-grained scope auth group with which allows standalone or
@@ -125,64 +141,10 @@ module ONCCertificationG10TestKit
     config(
       inputs: {
-        authorization_method: {
-          name: :granular_scopes_authorization_method,
-          title: 'Granular Scopes Authorization Request Method'
-        },
-        client_auth_type: {
-          name: :granular_scopes_client_auth_type,
-          title: 'Granular Scopes Client Authentication Type'
-        },
         received_scopes: {
           name: :standalone_received_scopes
         }
       }
     )
-    granular_scopes_group1.config(
-      inputs: {
-        client_id: {
-          name: :granular_scopes1_client_id,
-          title: 'Granular Scopes Group 1 Client ID'
-        },
-        client_secret: {
-          name: :granular_scopes1_client_secret,
-          title: 'Granular Scopes Group 1 Client Secret'
-        },
-        requested_scopes: {
-          title: 'Granular Scopes Group 1 Scopes'
-        }
-      }
-    )
-    granular_scopes_group2.config(
-      inputs: {
-        client_id: {
-          name: :granular_scopes2_client_id,
-          title: 'Granular Scopes Group 2 Client ID'
-        },
-        client_secret: {
-          name: :granular_scopes2_client_secret,
-          title: 'Granular Scopes Group 2 Client Secret'
-        },
-        requested_scopes: {
-          title: 'Granular Scopes Group 2 Scopes'
-        }
-      }
-    )
-    input_order :url,
-                :granular_scopes1_client_id,
-                :requested_scopes_group1,
-                :granular_scopes_authorization_method,
-                :granular_scopes_client_auth_type,
-                :granular_scopes1_client_secret,
-                :client_auth_encryption_method,
-                :granular_scopes2_client_id,
-                :requested_scopes_group2,
-                :granular_scopes2_client_secret,
-                :use_pkce,
-                :pkce_code_challenge_method,
-                :patient_ids
   end
 end

data/lib/onc_certification_g10_test_kit/smart_fine_grained_scopes_group_stu2_2.rb CHANGED Viewed

@@ -92,6 +92,22 @@ module ONCCertificationG10TestKit
     input :url
+    config(
+      inputs: {
+        smart_auth_info: {
+          options: {
+            components: [
+              Inferno::DSL::AuthInfo.default_auth_type_component_without_backend_services,
+              {
+                name: :jwks,
+                locked: true
+              }
+            ]
+          }
+        }
+      }
+    )
     children.each(&:run_as_group)
     # Replace generic finer-grained scope auth group with which allows standalone or
@@ -125,64 +141,10 @@ module ONCCertificationG10TestKit
     config(
       inputs: {
-        authorization_method: {
-          name: :granular_scopes_authorization_method,
-          title: 'Granular Scopes Authorization Request Method'
-        },
-        client_auth_type: {
-          name: :granular_scopes_client_auth_type,
-          title: 'Granular Scopes Client Authentication Type'
-        },
         received_scopes: {
           name: :standalone_received_scopes
         }
       }
     )
-    granular_scopes_group1.config(
-      inputs: {
-        client_id: {
-          name: :granular_scopes1_client_id,
-          title: 'Granular Scopes Group 1 Client ID'
-        },
-        client_secret: {
-          name: :granular_scopes1_client_secret,
-          title: 'Granular Scopes Group 1 Client Secret'
-        },
-        requested_scopes: {
-          title: 'Granular Scopes Group 1 Scopes'
-        }
-      }
-    )
-    granular_scopes_group2.config(
-      inputs: {
-        client_id: {
-          name: :granular_scopes2_client_id,
-          title: 'Granular Scopes Group 2 Client ID'
-        },
-        client_secret: {
-          name: :granular_scopes2_client_secret,
-          title: 'Granular Scopes Group 2 Client Secret'
-        },
-        requested_scopes: {
-          title: 'Granular Scopes Group 2 Scopes'
-        }
-      }
-    )
-    input_order :url,
-                :granular_scopes1_client_id,
-                :requested_scopes_group1,
-                :granular_scopes_authorization_method,
-                :granular_scopes_client_auth_type,
-                :granular_scopes1_client_secret,
-                :client_auth_encryption_method,
-                :granular_scopes2_client_id,
-                :requested_scopes_group2,
-                :granular_scopes2_client_secret,
-                :use_pkce,
-                :pkce_code_challenge_method,
-                :patient_ids
   end
 end