onc_certification_g10_test_kit 7.2.3 → 7.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0f1da0ec1a0908ca5619d39a1a089fb1a50e1ef9f769cb0af28a918a5fbc22fb
-  data.tar.gz: be6759a5d57a2f29c2d4c990b322c65f2df04f994ab1fad57ad8a40cc2b0817b
+  metadata.gz: e3a2a44cd79877dcc54e05adbbe2bb3e3e915a7d529f3d9fd28a288969a19a82
+  data.tar.gz: 4e64800d5bee93ae2d74b9f2cd414174e9bb9928b6c2a5c4c0bd33ff49e535e7
 SHA512:
-  metadata.gz: c5f3cc784f55ec2bb77ca0d39bc669026f38b27d19b9be6d140d9ff419613b23b13815b4b76c40ddb062d255bb6e8e971392f1294a3f94934d6bc82a3c750bee
-  data.tar.gz: 76793dca8bcb721e54091c0792f59a1e7d68b6cfc1723138897adc3ddae0cadcc96a2d3043e3ef696f2e02c5fc0937245e59f896a1cf68d11b70403305a1106e
+  metadata.gz: 823703ab44fce50a5242d9661663001e2420b9182c9b93629ca297790d627badb932b83cf4ed21cd45e4e890090cc3936c923e809b3d32a0551a2a59c9d295f6
+  data.tar.gz: 22ec29dc499c97f322d993c3ca6ed3c2aced6cd5af3c29f244f1338ab86ecbafd0bc09073d49f3ac98781b1ce4753c7eb95a8a1f0a118922ce1493280112aa06

data/config/presets/g10_reference_server_preset.json

@@ -449,7 +449,7 @@
     },
     {
       "name": "additional_patient_ids",
-      "value": "85,355",
+      "value": "85,355,907",
       "_title": "Additional Patient IDs",
       "_description": "Comma separated list of Patient IDs that together with the Patient\nID from the SMART App Launch contain all MUST SUPPORT elements.\n",
       "_type": "text",
@@ -479,7 +479,7 @@
     },
     {
       "name": "bulk_patient_ids_in_group",
-      "value": "85,355",
+      "value": "85,355,907",
       "_title": "Patient IDs in exported Group",
       "_description": "Comma separated list of every Patient ID that is in the specified Group. This information is provided by\nthe system under test to verify that data returned matches expectations. Leave blank to not verify Group\ninclusion.\n",
       "_type": "text",

data/lib/onc_certification_g10_test_kit/bulk_data_group_export_validation.rb

@@ -393,6 +393,7 @@ module ONCCertificationG10TestKit
           * http://hl7.org/fhir/us/core/StructureDefinition/us-core-respiratory-rate
 
           For US Core v6.1.0, this test expects evidence of the following US Core profiles
+          * http://hl7.org/fhir/us/core/StructureDefinition/us-core-observation-clinical-result
           * http://hl7.org/fhir/us/core/StructureDefinition/us-core-observation-lab
           * http://hl7.org/fhir/us/core/StructureDefinition/us-core-observation-occupation
           * http://hl7.org/fhir/us/core/StructureDefinition/us-core-observation-pregnancyintent
@@ -413,6 +414,7 @@ module ONCCertificationG10TestKit
           * http://hl7.org/fhir/us/core/StructureDefinition/us-core-respiratory-rate
 
         For US Core v7.0.0, this test expects evidence of the following US Core profiles
+          * http://hl7.org/fhir/us/core/StructureDefinition/us-core-observation-clinical-result
           * http://hl7.org/fhir/us/core/StructureDefinition/us-core-observation-lab
           * http://hl7.org/fhir/us/core/StructureDefinition/us-core-observation-occupation
           * http://hl7.org/fhir/us/core/StructureDefinition/us-core-observation-pregnancyintent

data/lib/onc_certification_g10_test_kit/configuration_checker.rb

@@ -2,7 +2,7 @@ require_relative '../inferno/terminology/tasks/check_built_terminology'
 
 module ONCCertificationG10TestKit
   class ConfigurationChecker
-    EXPECTED_HL7_VALIDATOR_VERSION = '1.0.65'.freeze
+    EXPECTED_HL7_VALIDATOR_VERSION = '1.0.66'.freeze
     HL7_VALIDATOR_VERSION_KEY = 'validatorWrapperVersion'.freeze
 
     def configuration_messages

data/lib/onc_certification_g10_test_kit/g10_certification_suite.rb

@@ -0,0 +1,614 @@
+require_relative 'metadata'
+require_relative 'configuration_checker'
+require_relative 'urls'
+
+require_relative 'feature'
+require_relative 'g10_options'
+require_relative 'multi_patient_api_stu1'
+require_relative 'multi_patient_api_stu2'
+require_relative 'single_patient_api_group'
+require_relative 'single_patient_us_core_4_api_group'
+require_relative 'single_patient_us_core_5_api_group'
+require_relative 'single_patient_us_core_6_api_group'
+require_relative 'single_patient_us_core_7_api_group'
+require_relative 'smart_app_launch_invalid_aud_group'
+require_relative 'smart_asymmetric_launch_group'
+require_relative 'smart_granular_scope_selection_group'
+require_relative 'smart_invalid_token_group'
+require_relative 'smart_invalid_token_group_stu2'
+require_relative 'smart_invalid_pkce_group'
+require_relative 'smart_limited_app_group'
+require_relative 'smart_standalone_patient_app_group'
+require_relative 'smart_public_standalone_launch_group'
+require_relative 'smart_public_standalone_launch_group_stu2'
+require_relative 'smart_public_standalone_launch_group_stu2_2'
+require_relative 'smart_ehr_patient_launch_group'
+require_relative 'smart_ehr_patient_launch_group_stu2'
+require_relative 'smart_ehr_patient_launch_group_stu2_2'
+require_relative 'smart_ehr_practitioner_app_group'
+require_relative 'smart_fine_grained_scopes_group'
+require_relative 'smart_fine_grained_scopes_group_stu2_2'
+require_relative 'smart_fine_grained_scopes_us_core_7_group'
+require_relative 'smart_fine_grained_scopes_us_core_7_group_stu2_2'
+require_relative 'smart_v1_scopes_group'
+require_relative 'terminology_binding_validator'
+require_relative 'token_introspection_group'
+require_relative 'token_introspection_group_stu2_2'
+require_relative 'token_revocation_group'
+require_relative 'visual_inspection_and_attestations_group'
+
+require_relative '../inferno/terminology'
+
+require_relative 'test_procedure_requirements_manager'
+
+Inferno::Terminology::Loader.load_validators
+
+module ONCCertificationG10TestKit
+  class G10CertificationSuite < Inferno::TestSuite
+    title 'ONC Certification (g)(10) Standardized API'
+    short_title '(g)(10) Standardized API'
+    id :g10_certification
+    links [
+      {
+        label: 'Report Issue',
+        url: 'https://github.com/onc-healthit/onc-certification-g10-test-kit/issues/'
+      },
+      {
+        label: 'Open Source',
+        url: 'https://github.com/onc-healthit/onc-certification-g10-test-kit/'
+      },
+      {
+        label: 'Download',
+        url: 'https://github.com/onc-healthit/onc-certification-g10-test-kit/releases'
+      }
+    ]
+
+    requirement_sets(
+      {
+        identifier: '170.315(g)(10)-test-procedure',
+        title: '170.315(g)(10) Standardized API for patient and population services test procedure',
+        actor: 'Server',
+        requirements: 'APP-REG-1,APP-REG-2,SEC-CNN-1,AUT-PAT-1,AUT-PAT-2,AUT-PAT-3,AUT-PAT-4,AUT-PAT-10,AUT-PAT-33,' \
+                      'AUT-PAT-11,AUT-PAT-12,AUT-PAT-37,AUT-PAT-14,AUT-PAT-35,AUT-PAT-17,AUT-PAT-18,AUT-PAT-36,' \
+                      'AUT-PAT-20,AUT-PAT-21,AUT-PAT-22,AUT-PAT-23,PAR-1,AUT-SYS-1,AUT-SYS-2,AUT-SYS-3,' \
+                      'AUT-SYS-4,AUT-SYS-5,AUT-SYS-6,AUT-SYS-7,AUT-SYS-8,AUT-SYS-9,AUT-SYS-10,TOK-INTRO-1,' \
+                      'SH-PAT-1,SH-PAT-2,SH-PAT-3,SH-PAT-4,SH-PAT-5,DAT-PAT-1,DAT-PAT-18,DAT-PAT-2,DAT-PAT-3,' \
+                      'DAT-PAT-4,DAT-PAT-5,DAT-PAT-6,DAT-PAT-7,DAT-PAT-8,DAT-PAT-17,DAT-PAT-9,DAT-PAT-10,DAT-PAT-11,' \
+                      'DAT-PAT-12,DAT-PAT-13,DAT-PAT-14,DAT-PAT-15,API-DOC-1,API-DOC-2,API-DOC-3'
+      },
+      {
+        identifier: '170.315(g)(10)-test-procedure',
+        title: '170.315(g)(10) Standardized API for patient and population services test procedure',
+        actor: 'Server',
+        suite_options: {
+          smart_app_launch_version: G10Options::SMART_1
+        },
+        requirements: 'AUT-PAT-5,AUT-PAT-6,AUT-PAT-7,AUT-PAT-8,AUT-PAT-9,AUT-PAT-13,AUT-PAT-15,AUT-PAT-16,AUT-PAT-19'
+      },
+      {
+        identifier: '170.315(g)(10)-test-procedure',
+        title: '170.315(g)(10) Standardized API for patient and population services test procedure',
+        actor: 'Server',
+        suite_options: {
+          smart_app_launch_version: G10Options::SMART_2
+        },
+        requirements: 'AUT-PAT-24,AUT-PAT-25,AUT-PAT-26,AUT-PAT-27,AUT-PAT-28,AUT-PAT-29,AUT-PAT-30,AUT-PAT-31'
+      },
+      {
+        identifier: '170.315(g)(10)-test-procedure',
+        title: '170.315(g)(10) Standardized API for patient and population services test procedure',
+        actor: 'Server',
+        suite_options: {
+          smart_app_launch_version: G10Options::SMART_2_2
+        },
+        requirements: 'AUT-PAT-24,AUT-PAT-25,AUT-PAT-26,AUT-PAT-27,AUT-PAT-28,AUT-PAT-29,AUT-PAT-30,AUT-PAT-31'
+      },
+      {
+        identifier: '170.315(g)(10)-test-procedure',
+        title: '170.315(g)(10) Standardized API for patient and population services test procedure',
+        actor: 'Server',
+        suite_options: {
+          us_core_version: G10Options::US_CORE_6
+        },
+        requirements: 'AUT-PAT-32,AUT-PAT-34'
+      },
+      {
+        identifier: '170.315(g)(10)-test-procedure',
+        title: '170.315(g)(10) Standardized API for patient and population services test procedure',
+        actor: 'Server',
+        suite_options: {
+          us_core_version: G10Options::US_CORE_7
+        },
+        requirements: 'AUT-PAT-32,AUT-PAT-34'
+      }
+    )
+
+    check_configuration do
+      ConfigurationChecker.new.configuration_messages
+    end
+
+    WARNING_INCLUSION_FILTERS = [
+      /Unknown CodeSystem/,
+      /Unknown ValueSet/
+    ].freeze
+
+    ERROR_FILTERS = [
+      /\A\S+: \S+: Unknown [Cc]ode/,
+      /\A\S+: \S+: None of the codings provided are in the value set/,
+      /\A\S+: \S+: The code provided \(\S*\) is not in the value set/,
+      /\A\S+: \S+: The Coding provided \(\S*\) is not in the value set/,
+      /\A\S+: \S+: The Coding provided \(\S*\) was not found in the value set/,
+      /\A\S+: \S+: A definition for CodeSystem '.*' could not be found, so the code cannot be validated/,
+      /\A\S+: \S+: URL value '.*' does not resolve/,
+      /\A\S+: \S+: .*\[No server available\]/, # Catch-all for certain errors when TX server is disabled
+      %r{\A\S+: \S+: .*\[Error from http://tx.fhir.org/r4:} # Catch-all for TX server errors that slip through
+    ].freeze
+
+    def self.setup_validator(us_core_version_requirement) # rubocop:disable Metrics/CyclomaticComplexity
+      fhir_resource_validator :default, required_suite_options: us_core_version_requirement do
+        cli_context do
+          txServer nil
+          displayWarnings true
+          disableDefaultResourceFetcher true
+        end
+
+        us_core_version_num = G10Options::US_CORE_VERSION_NUMBERS[us_core_version_requirement[:us_core_version]]
+
+        igs("hl7.fhir.us.core##{us_core_version_num}")
+
+        us_core_message_filters =
+          case us_core_version_requirement[:us_core_version]
+          when G10Options::US_CORE_3
+            USCoreTestKit::USCoreV311::USCoreTestSuite::VALIDATION_MESSAGE_FILTERS
+          when G10Options::US_CORE_4
+            USCoreTestKit::USCoreV400::USCoreTestSuite::VALIDATION_MESSAGE_FILTERS
+          when G10Options::US_CORE_5
+            USCoreTestKit::USCoreV501::USCoreTestSuite::VALIDATION_MESSAGE_FILTERS
+          when G10Options::US_CORE_6
+            USCoreTestKit::USCoreV610::USCoreTestSuite::VALIDATION_MESSAGE_FILTERS
+          when G10Options::US_CORE_7
+            USCoreTestKit::USCoreV700::USCoreTestSuite::VALIDATION_MESSAGE_FILTERS
+          end
+
+        exclude_message do |message|
+          if message.type == 'info' ||
+             (message.type == 'warning' && WARNING_INCLUSION_FILTERS.none? do |filter|
+                filter.match? message.message
+              end) ||
+             us_core_message_filters.any? { |filter| filter.match? message.message } ||
+             (message.type == 'error' && ERROR_FILTERS.any? { |filter| message.message.match? filter })
+            true
+          else
+            false
+          end
+        end
+
+        perform_additional_validation do |resource, profile_url|
+          versionless_profile_url, profile_version = profile_url.split('|')
+          profile_version = case profile_version
+                            when '6.1.0'
+                              '610'
+                            when '4.0.0'
+                              '400'
+                            when '5.0.1'
+                              '501'
+                            else
+                              # This open-ended else is primarily for Vital Signs profiles in v3.1.1, which are tagged
+                              # with the base FHIR version (4.0.1).  The profiles were migrated to US Core in later
+                              # versions.
+                              '311'
+                            end
+
+          us_core_suite = USCoreTestKit.const_get("USCoreV#{profile_version}")::USCoreTestSuite
+          metadata = us_core_suite.metadata.find do |metadata_candidate|
+            metadata_candidate.profile_url == versionless_profile_url
+          end
+          next if metadata.nil?
+
+          validation_messages = if resource.instance_of?(FHIR::Provenance)
+                                  USCoreTestKit::ProvenanceValidator.validate(resource)
+                                else
+                                  []
+                                end
+
+          terminology_validation_messages = metadata.bindings
+            .select { |binding_definition| binding_definition[:strength] == 'required' }
+            .flat_map do |binding_definition|
+              TerminologyBindingValidator.validate(resource, binding_definition)
+          rescue Inferno::UnknownValueSetException, Inferno::UnknownCodeSystemException => e
+            { type: 'warning', message: e.message }
+            end.compact
+
+          validation_messages.concat(terminology_validation_messages)
+          validation_messages
+        end
+      end
+    end
+
+    [
+      G10Options::US_CORE_3_REQUIREMENT,
+      G10Options::US_CORE_4_REQUIREMENT,
+      G10Options::US_CORE_5_REQUIREMENT,
+      G10Options::US_CORE_6_REQUIREMENT,
+      G10Options::US_CORE_7_REQUIREMENT
+
+    ].each do |us_core_version_requirement|
+      setup_validator(us_core_version_requirement)
+    end
+
+    def self.jwks_json
+      bulk_data_jwks =
+        JSON.parse(
+          File.read(ENV.fetch('G10_BULK_DATA_JWKS', File.join(__dir__, 'bulk_data_jwks.json')))
+        )
+      @jwks_json ||= JSON.pretty_generate(
+        { keys: bulk_data_jwks['keys'].select { |key| key['key_ops']&.include?('verify') } }
+      )
+    end
+
+    def self.well_known_route_handler
+      ->(_env) { [200, { 'Content-Type' => 'application/json' }, [jwks_json]] }
+    end
+
+    route(
+      :get,
+      '/.well-known/jwks.json',
+      well_known_route_handler
+    )
+
+    suite_option :us_core_version,
+                 title: 'US Core Version',
+                 list_options: [
+                   {
+                     label: 'US Core 3.1.1 / USCDI v1',
+                     value: G10Options::US_CORE_3
+                   },
+                   {
+                     label: 'US Core 4.0.0 / USCDI v1',
+                     value: G10Options::US_CORE_4
+                   },
+                   {
+                     label: 'US Core 6.1.0 / USCDI v3',
+                     value: G10Options::US_CORE_6
+                   },
+                   {
+                     label: 'US Core 7.0.0 / USCDI v4',
+                     value: G10Options::US_CORE_7
+                   }
+                 ]
+
+    suite_option :smart_app_launch_version,
+                 title: 'SMART App Launch Version',
+                 list_options: [
+                   {
+                     label: 'SMART App Launch 1.0.0',
+                     value: G10Options::SMART_1
+                   },
+                   {
+                     label: 'SMART App Launch 2.0.0',
+                     value: G10Options::SMART_2
+                   },
+                   {
+                     label: 'SMART App Launch 2.2.0',
+                     value: G10Options::SMART_2_2
+                   }
+                 ]
+
+    suite_option :multi_patient_version,
+                 title: 'Bulk Data Version',
+                 list_options: [
+                   {
+                     label: 'Bulk Data 1.0.1',
+                     value: G10Options::BULK_DATA_1
+                   },
+                   {
+                     label: 'Bulk Data 2.0.0',
+                     value: G10Options::BULK_DATA_2
+                   }
+                 ]
+
+    config(
+      options: {
+        post_authorization_uri: "#{Inferno::Application['base_url']}/custom/smart_stu2/post_auth",
+        incorrectly_permitted_tls_version_message_type: 'warning'
+      }
+    )
+
+    description %(
+      The ONC Certification (g)(10) Standardized API Test Suite is a testing
+      tool for Health Level 7 (HL7®) Fast Healthcare Interoperability Resources
+      (FHIR®) services seeking to meet the requirements of the Standardized API
+      for Patient and Population Services criterion § 170.315(g)(10) in the ONC
+      Certification Program.
+
+      This test suite is organized into testing scenarios that in sum cover all
+      requirements within the § 170.315(g)(10) certification criterion.  The
+      scenarios are intended to be run in order during certification, but can
+      be run out of order to support testing during development or certification
+      preparation.  Some scenarios depend on data collected during previous
+      scenarios to function.  In these cases, the scenario description describes
+      these dependencies.
+
+      The best way to learn about how to use these tests is the
+      [(g)(10) Standardized API Test Kit walkthrough](https://github.com/onc-healthit/onc-certification-g10-test-kit/wiki/Walkthrough),
+      which demonstrates the tests running against a simulated system.
+
+      The first three scenarios require the system under test to demonstrate
+      basic SMART App Launch functionality.  The fourth uses a valid token
+      provided during earlier tests to verify support for the Single Patient API
+      as described in the criterion.  The fifth verifies support for the Multi
+      Patient API, including Backend Services for authorization.  Not all
+      authorization-related requirements are verified in the first three
+      scenarios, and the 'Additional Authorization Tests' verify these
+      additional requirements.  The last scenario contains a list of
+      'attestations' and 'visual inspections' for requirements that could not
+      be verified through automated testing.
+
+      To get started with the first group of scenarios, please first register the
+      Inferno client as a SMART App with the following information:
+
+      * SMART Launch URI: `#{LAUNCH_URI}`
+      * OAuth Redirect URI: `#{REDIRECT_URI}`
+
+      For the multi-patient API, register Inferno with the following JWK Set
+      Url:
+
+      * `#{Inferno::Application[:base_url]}/custom/g10_certification/.well-known/jwks.json`
+
+      Systems must pass all tests to qualify for ONC certification.
+    )
+
+    suite_summary %(
+      The ONC Certification (g)(10) Standardized API Test Kit is a testing tool
+      for Health Level 7 (HL7®) Fast Healthcare Interoperability Resources
+      (FHIR®) services seeking to meet the requirements of the Standardized API
+      for Patient and Population Services criterion § 170.315(g)(10) in the ONC Certification Program.
+
+      Systems may adopt later versions of standards than those named in the rule
+      as approved by the ONC Standards Version Advancement Process (SVAP).
+      When using US Core v7, the tester must select SMART v2 or above
+      because SMART App Launch granular scopes are required by US Core v7
+      and are not available in SMART v1.  Please select which approved version
+      of each standard to use, and click ‘Start Testing’ to begin testing.
+    )
+
+    input_instructions %(
+        Register Inferno as a SMART app using the following information:
+
+        * Launch URI: `#{LAUNCH_URI}`
+        * Redirect URI: `#{REDIRECT_URI}`
+
+        For the multi-patient API, register Inferno with the following JWK Set
+        Url:
+
+        * `#{Inferno::Application[:base_url]}/custom/g10_certification/.well-known/jwks.json`
+      )
+
+    group from: 'g10_smart_standalone_patient_app'
+
+    group from: 'g10_smart_limited_app' do
+      # This has to be configured here, otherwise the `smart_auth_info` config
+      # will get clobbered and will use `standalone_smart_auth_info` instead of
+      # `limited_smart_auth_info`
+      groups
+        .select { |group| group.id.include? 'smart_standalone_launch' }
+        .flat_map(&:tests)
+        .select { |test| test.id.include? 'g10_patient_context' }
+        .each do |test|
+        test
+          .config(
+            inputs: {
+              patient_id: { name: :limited_patient_id },
+              smart_auth_info: { name: :limited_smart_auth_info }
+            }
+          )
+      end
+    end
+
+    group from: 'g10_smart_ehr_practitioner_app'
+
+    group from: 'g10_single_patient_api',
+          required_suite_options: G10Options::US_CORE_3_REQUIREMENT
+    group from: 'g10_single_patient_us_core_4_api',
+          required_suite_options: G10Options::US_CORE_4_REQUIREMENT
+    group from: 'g10_single_patient_us_core_5_api',
+          required_suite_options: G10Options::US_CORE_5_REQUIREMENT
+    group from: 'g10_single_patient_us_core_6_api',
+          required_suite_options: G10Options::US_CORE_6_REQUIREMENT
+    group from: 'g10_single_patient_us_core_7_api',
+          required_suite_options: G10Options::US_CORE_7_REQUIREMENT
+
+    group from: 'multi_patient_api',
+          required_suite_options: G10Options::BULK_DATA_1_REQUIREMENT
+    group from: 'multi_patient_api_stu2',
+          required_suite_options: G10Options::BULK_DATA_2_REQUIREMENT
+
+    group do
+      title 'Additional Authorization Tests'
+      id 'Group06'
+      description %(
+        The (g)(10) Standardized Test Suite attempts to minimize effort required
+        by testers by creating scenarios that validate as many requirements as
+        possible with just a handful of SMART App Launches.  However, not all
+        SMART App Launch and (g)(10) Standardized API criterion requirements
+        that need to be verified fit within the first few test scenarios in this
+        suite.
+
+        The scenarios contained in this section verify remaining testing
+        requirements for the (g)(10) Standardized API criterion relevant to
+        the SMART App Launch implementation specification. Each of these scenarios
+        need to be run independently.  Please read the instructions for each in
+        the 'About' section, as they may require special setup on the part of
+        the tester.
+      )
+
+      default_redirect_message_proc = lambda do |auth_url|
+        %(
+          ### #{self.class.parent.title}
+
+          [Follow this link to authorize with the SMART server](#{auth_url}).
+
+          Tests will resume once Inferno receives a request at
+          `#{REDIRECT_URI}` with a state of `#{state}`.
+        )
+      end
+
+      group from: :g10_public_standalone_launch,
+            required_suite_options: G10Options::SMART_1_REQUIREMENT,
+            config: { options: { redirect_message_proc: default_redirect_message_proc } }
+      group from: :g10_public_standalone_launch_stu2,
+            required_suite_options: G10Options::SMART_2_REQUIREMENT,
+            config: { options: { redirect_message_proc: default_redirect_message_proc } }
+      group from: :g10_public_standalone_launch_stu2_2, # rubocop:disable Naming/VariableNumber
+            required_suite_options: G10Options::SMART_2_2_REQUIREMENT,
+            config: { options: { redirect_message_proc: default_redirect_message_proc } }
+
+      group from: :g10_token_revocation
+
+      group from: :g10_smart_invalid_aud,
+            config: { options: { redirect_message_proc: default_redirect_message_proc } }
+
+      group from: :g10_smart_invalid_token_request,
+            required_suite_options: G10Options::SMART_1_REQUIREMENT,
+            config: { options: { redirect_message_proc: default_redirect_message_proc } }
+      group from: :g10_smart_invalid_token_request_stu2,
+            required_suite_options: G10Options::SMART_2_REQUIREMENT,
+            config: { options: { redirect_message_proc: default_redirect_message_proc } }
+      group from: :g10_smart_invalid_token_request_stu2,
+            id: :g10_smart_invalid_token_request_stu2_2, # rubocop:disable Naming/VariableNumber
+            required_suite_options: G10Options::SMART_2_2_REQUIREMENT,
+            config: { options: { redirect_message_proc: default_redirect_message_proc } }
+
+      group from: :g10_smart_invalid_pkce_code_verifier_group,
+            required_suite_options: G10Options::SMART_2_REQUIREMENT
+      group from: :g10_smart_invalid_pkce_code_verifier_group,
+            id: :g10_smart_invalid_pkce_code_verifier_group_stu2_2, # rubocop:disable Naming/VariableNumber
+            required_suite_options: G10Options::SMART_2_2_REQUIREMENT
+
+      group from: :g10_ehr_patient_launch,
+            required_suite_options: G10Options::SMART_1_REQUIREMENT
+      group from: :g10_ehr_patient_launch_stu2,
+            required_suite_options: G10Options::SMART_2_REQUIREMENT
+      group from: :g10_ehr_patient_launch_stu2_2, # rubocop:disable Naming/VariableNumber
+            required_suite_options: G10Options::SMART_2_2_REQUIREMENT
+
+      group from: :g10_token_introspection,
+            required_suite_options: G10Options::SMART_2_REQUIREMENT
+      group from: :g10_token_introspection_stu2_2, # rubocop:disable Naming/VariableNumber
+            required_suite_options: G10Options::SMART_2_2_REQUIREMENT
+
+      group from: :g10_asymmetric_launch,
+            required_suite_options: G10Options::SMART_2_REQUIREMENT
+      group from: :g10_asymmetric_launch,
+            id: :g10_asymmetric_launch_stu2_2, # rubocop:disable Naming/VariableNumber
+            required_suite_options: G10Options::SMART_2_2_REQUIREMENT
+
+      group from: :g10_smart_v1_scopes,
+            required_suite_options: G10Options::SMART_2_REQUIREMENT
+      group from: :g10_smart_v1_scopes,
+            id: :g10_smart_v1_scopes_stu2_2, # rubocop:disable Naming/VariableNumber
+            required_suite_options: G10Options::SMART_2_2_REQUIREMENT
+
+      group from: :g10_smart_fine_grained_scopes, exclude_optional: true do
+        required_suite_options G10Options::SMART_2_REQUIREMENT.merge(G10Options::US_CORE_6_REQUIREMENT)
+        groups.first.config(
+          inputs: {
+            smart_auth_info: { name: :granular_scopes_1_auth_info }
+          },
+          outputs: {
+            smart_auth_info: { name: :granular_scopes_1_auth_info }
+          }
+        )
+
+        groups.last.config(
+          inputs: {
+            smart_auth_info: { name: :granular_scopes_2_auth_info }
+          },
+          outputs: {
+            smart_auth_info: { name: :granular_scopes_2_auth_info }
+          }
+        )
+      end
+
+      group from: :g10_smart_fine_grained_scopes_stu2_2, exclude_optional: true do # rubocop:disable Naming/VariableNumber
+        required_suite_options G10Options::SMART_2_2_REQUIREMENT.merge(G10Options::US_CORE_6_REQUIREMENT)
+        groups.first.config(
+          inputs: {
+            smart_auth_info: { name: :granular_scopes_1_auth_info }
+          },
+          outputs: {
+            smart_auth_info: { name: :granular_scopes_1_auth_info }
+          }
+        )
+
+        groups.last.config(
+          inputs: {
+            smart_auth_info: { name: :granular_scopes_2_auth_info }
+          },
+          outputs: {
+            smart_auth_info: { name: :granular_scopes_2_auth_info }
+          }
+        )
+      end
+
+      group from: :g10_us_core_7_smart_fine_grained_scopes, exclude_optional: true do
+        required_suite_options G10Options::SMART_2_REQUIREMENT.merge(G10Options::US_CORE_7_REQUIREMENT)
+        groups.first.config(
+          inputs: {
+            smart_auth_info: { name: :granular_scopes_1_auth_info }
+          },
+          outputs: {
+            smart_auth_info: { name: :granular_scopes_1_auth_info }
+          }
+        )
+
+        groups.last.config(
+          inputs: {
+            smart_auth_info: { name: :granular_scopes_2_auth_info }
+          },
+          outputs: {
+            smart_auth_info: { name: :granular_scopes_2_auth_info }
+          }
+        )
+      end
+
+      group from: :g10_us_core_7_smart_fine_grained_scopes_stu2_2, exclude_optional: true do # rubocop:disable Naming/VariableNumber
+        required_suite_options G10Options::SMART_2_2_REQUIREMENT.merge(G10Options::US_CORE_7_REQUIREMENT)
+        groups.first.config(
+          inputs: {
+            smart_auth_info: { name: :granular_scopes_1_auth_info }
+          },
+          outputs: {
+            smart_auth_info: { name: :granular_scopes_1_auth_info }
+          }
+        )
+
+        groups.last.config(
+          inputs: {
+            smart_auth_info: { name: :granular_scopes_2_auth_info }
+          },
+          outputs: {
+            smart_auth_info: { name: :granular_scopes_2_auth_info }
+          }
+        )
+      end
+
+      group from: :g10_smart_granular_scope_selection,
+            required_suite_options: G10Options::SMART_2_REQUIREMENT.merge(G10Options::US_CORE_6_REQUIREMENT)
+      group from: :g10_smart_granular_scope_selection,
+            id: :g10_smart_granular_scope_selection_stu2_2, # rubocop:disable Naming/VariableNumber
+            required_suite_options: G10Options::SMART_2_2_REQUIREMENT.merge(G10Options::US_CORE_6_REQUIREMENT)
+
+      group from: :g10_smart_granular_scope_selection,
+            id: :g10_us_core_7_smart_granular_scope_selection,
+            required_suite_options: G10Options::SMART_2_REQUIREMENT.merge(G10Options::US_CORE_7_REQUIREMENT)
+      group from: :g10_smart_granular_scope_selection,
+            id: :g10_us_core_7_smart_granular_scope_selection_stu2_2, # rubocop:disable Naming/VariableNumber
+            required_suite_options: G10Options::SMART_2_2_REQUIREMENT.merge(G10Options::US_CORE_7_REQUIREMENT)
+    end
+
+    group from: :g10_visual_inspection_and_attestations
+  end
+end
+
+ONCCertificationG10TestKit::TestProcedureRequirementsManager.assign_test_procedure_requirements