smart_app_launch_test_kit 0.1.4 → 0.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fa36db12fcfc122798d91b90db284ba19912e36f0f9086a8fe193ddcead7417d
-  data.tar.gz: a78b8efce897f363156cfcad7bdcf49279b95da08dd26c4c4b2cc15f6ff424dc
+  metadata.gz: 685a8ecce753a4b74d881e6aca85706d7e4890c659957e01a4d416e5b848cd43
+  data.tar.gz: 931481829fde8294374fb9c0c8cd5ac93080eef417cbf6b17348b07cb5e6e85d
 SHA512:
-  metadata.gz: 590164ee28fbcd4d482656268af102328c534315cf55aa193ab55c8b4d4c806bef8735f5abd5ade375f89554849bcf3c6f60fa9206957ee64d6a6d5a491143c0
-  data.tar.gz: 0a779fd7a525a96edb4cc1f0dee37bfe5bc4ca1df772dd07fa92ca95c4f9722c35d81dd63ea4df1d2c038f0b344267be64f5700bf9e80a5f2aedc3514a9c33e9
+  metadata.gz: 3e3dec5a9de9015a9c47c4d1856a7d2116e84969f6cc14cac95328837fd02ae45c8bff9f01940e40d88a04a58eed7de0e6a1e640c42feea54e92962f24ad92b2
+  data.tar.gz: 85e2f0e570e6308b2646f7a781fd34d4296ed04372d836385dccaa53d5552426e5bfaf1e7a3e25721e68d0af0d0ae6136a3ad3732b1d2c0785c3e1a83ee9d40a

data/lib/smart_app_launch/app_redirect_test_stu2.rb

@@ -0,0 +1,45 @@
+require 'uri'
+require_relative 'app_redirect_test'
+
+module SMARTAppLaunch
+  class AppRedirectTestSTU2 < AppRedirectTest
+    id :smart_app_redirect_stu2
+    description %(
+      Client browser redirected from OAuth server to redirect URI of client
+      app as described in SMART authorization sequence.
+
+      Client SHALL use either the HTTP GET or the HTTP POST method to send the
+      Authorization Request to the Authorization Server.
+
+      [Authorization Code
+      Request](http://hl7.org/fhir/smart-app-launch/STU2/app-launch.html#request-4)
+    )
+
+    input :authorization_method,
+          title: 'Authorization Method',
+          type: 'radio',
+          default: 'get',
+          options: {
+            list_options: [
+              {
+                label: 'GET',
+                value: 'get'
+              },
+              {
+                label: 'POST',
+                value: 'post'
+              }
+            ]
+          }
+
+    def authorization_url_builder(url, params)
+      return super if authorization_method == 'get'
+
+      post_params = params.merge(auth_url: url)
+
+      post_url = URI(config.options[:post_authorization_uri])
+      post_url.query = URI.encode_www_form(post_params)
+      post_url.to_s
+    end
+  end
+end

data/lib/smart_app_launch/ehr_launch_group_stu2.rb

@@ -1,3 +1,4 @@
+require_relative 'app_redirect_test_stu2'
 require_relative 'ehr_launch_group'
 
 module SMARTAppLaunch
@@ -38,8 +39,18 @@ module SMARTAppLaunch
         pkce_code_challenge_method: {
           default: 'S256',
           locked: true
+        },
+        requested_scopes: {
+          default: 'launch openid fhirUser offline_access user/*.rs'
         }
       }
     )
+
+    test from: :smart_app_redirect_stu2 do
+      input :launch
+    end
+
+    redirect_index = children.find_index { |child| child.id.to_s.end_with? 'app_redirect' }
+    children[redirect_index] = children.pop
   end
 end

data/lib/smart_app_launch/post_auth.html

@@ -0,0 +1,35 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <!-- Use the highest supported document mode of Internet Explorer -->
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+
+    <meta charset="utf-8" />
+    <title>Inferno POST Authorization Redirect</title>
+  </head>
+  <body>
+    <noscript>You need to enable JavaScript to run this app.</noscript>
+    <form id="form" style="display:none;">
+    </form>
+  </body>
+  <script>
+    const params = Object.fromEntries(new URLSearchParams(window.location.search).entries());
+    const submitUrl = params.auth_url;
+    delete params.auth_url;
+    const form = document.getElementById('form');
+    form.method = 'POST';
+    form.action = submitUrl;
+
+    for (const property in params) {
+      let input = document.createElement('input');
+      input.setAttribute('name', property);
+
+      let value = params[property].replace(/\+/g, ' ');
+      input.setAttribute('value', decodeURIComponent(value));
+
+      form.appendChild(input);
+    }
+
+    form.submit();
+  </script>
+</html>

data/lib/smart_app_launch/smart_stu2_suite.rb

@@ -21,9 +21,15 @@ module SMARTAppLaunch
       request.query_parameters['state']
     end
 
+    @post_auth_page = File.read(File.join(__dir__, 'post_auth.html'))
+    post_auth_handler = proc { [200, {}, [@post_auth_page]] }
+
+    route :get, '/post_auth', post_auth_handler
+
     config options: {
-      redirect_uri: "#{Inferno::Application['base_url']}/custom/smart/redirect",
-      launch_uri: "#{Inferno::Application['base_url']}/custom/smart/launch"
+      redirect_uri: "#{Inferno::Application['base_url']}/custom/smart_stu2/redirect",
+      launch_uri: "#{Inferno::Application['base_url']}/custom/smart_stu2/launch",
+      post_authorization_uri: "#{Inferno::Application['base_url']}/custom/smart_stu2/post_auth"
     }
 
     group do

data/lib/smart_app_launch/standalone_launch_group_stu2.rb

@@ -1,3 +1,4 @@
+require_relative 'app_redirect_test_stu2'
 require_relative 'standalone_launch_group'
 
 module SMARTAppLaunch
@@ -36,8 +37,16 @@ module SMARTAppLaunch
         pkce_code_challenge_method: {
           default: 'S256',
           locked: true
+        },
+        requested_scopes: {
+          default: 'launch/patient openid fhirUser offline_access patient/*.rs'
         }
       }
     )
+
+    test from: :smart_app_redirect_stu2
+
+    redirect_index = children.find_index { |child| child.id.to_s.end_with? 'app_redirect' }
+    children[redirect_index] = children.pop
   end
 end

data/lib/smart_app_launch/token_response_body_test.rb

@@ -43,7 +43,7 @@ module SMARTAppLaunch
       validate_required_fields_present(token_response_body, ['access_token', 'token_type', 'expires_in', 'scope'])
       validate_token_field_types(token_response_body)
       validate_token_type(token_response_body)
-      check_for_missing_scopes(requested_scopes, token_response_body)
+      check_for_missing_scopes(requested_scopes, token_response_body) unless config.options[:ignore_missing_scopes_check]
 
       assert access_token.present?, 'Token response did not contain an access token'
       assert token_response_body['token_type']&.casecmp('Bearer')&.zero?,

data/lib/smart_app_launch/version.rb

@@ -1,3 +1,3 @@
 module SMARTAppLaunch
-  VERSION = '0.1.4'
+  VERSION = '0.1.5'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smart_app_launch_test_kit
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.5
 platform: ruby
 authors:
 - Stephen MacVicar
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-07-07 00:00:00.000000000 Z
+date: 2022-08-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inferno_core
@@ -133,6 +133,7 @@ files:
 - LICENSE
 - lib/smart_app_launch/app_launch_test.rb
 - lib/smart_app_launch/app_redirect_test.rb
+- lib/smart_app_launch/app_redirect_test_stu2.rb
 - lib/smart_app_launch/code_received_test.rb
 - lib/smart_app_launch/discovery_stu1_group.rb
 - lib/smart_app_launch/discovery_stu2_group.rb
@@ -147,6 +148,7 @@ files:
 - lib/smart_app_launch/openid_retrieve_jwks_test.rb
 - lib/smart_app_launch/openid_token_header_test.rb
 - lib/smart_app_launch/openid_token_payload_test.rb
+- lib/smart_app_launch/post_auth.html
 - lib/smart_app_launch/smart_stu1_suite.rb
 - lib/smart_app_launch/smart_stu2_suite.rb
 - lib/smart_app_launch/standalone_launch_group.rb
@@ -169,7 +171,7 @@ licenses:
 metadata:
   homepage_uri: https://github.com/inferno_framework/smart-app-launch-test-kit
   source_code_uri: https://github.com/inferno_framework/smart-app-launch-test-kit
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -185,7 +187,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.6
-signing_key:
+signing_key: 
 specification_version: 4
 summary: Inferno Tests for the SMART Application Launch Framework Implementation Guide
 test_files: []