RubyGems - smart_app_launch_test_kit - Versions diffs - 0.6.0 → 0.6.2 - Mend

smart_app_launch_test_kit 0.6.0 → 0.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (57) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fbce79e8d195045070c2257dc897fa511b981071d366875bf3aa36ccb338dbdd
-  data.tar.gz: 5ea51bb46c93c23186fa620908287f69bab62d42c8f5ecbf0ff70d39ec8523e0
+  metadata.gz: c85e63b5e23ff0a1021d234660b3878bb14887b5ba3b5fce05ee40f3071bcd28
+  data.tar.gz: 962ce6ee409f408ad79093bf424654c0532d741c03666c7902dfb6e5dea93eb8
 SHA512:
-  metadata.gz: 7f6d08a9ea9be426cd26e67fcbfa96bc4051b83aa9d38837f77fda2f9715a84e766182993a8e1f725fa945ea9c0bbf68f32155827482d7100036e20f02fd9e97
-  data.tar.gz: cba999b57e6317c865fc1b98dd56a042b98d2439af5ec8e28ffefd58d52e871513cd7152f640a9d449f1145a870b66ae1fd6d2343376cf0347eb52f8c2373c6d
+  metadata.gz: '0491bd7e512cf0c81953e6f3a536bb6f2a0b9a955e7c451b8d3efe85a3d90b1326b54d5846ef3eaa0db5115c89b47326183a56081b4087c739c9ecb10bc4e291'
+  data.tar.gz: 10c44261afccf1796a06e3add398dbfa3fcca441364bb7f193afebbe60f120eb6c2c44b3dcd146fe4d0c0ba28a2d5c00a822f2999fb25abd4c8eb2844a08e34a

data/config/presets/SMART_RunClientAgainstServer.json.erb ADDED Viewed

@@ -0,0 +1,79 @@
+{
+  "title": "Demo: Run Against the SMART Server Suite",
+  "id": "smart_run_client_against_server_v2_2",
+  "test_suite_id": "smart_client_stu2_2",
+  "inputs": [
+    {
+      "name": "client_id",
+      "description": "If a particular client id is desired, put it here. Otherwise a default of the Inferno session id will be used.",
+      "optional": true,
+      "title": "Client Id",
+      "type": "text",
+      "value": "smart_client_test_demo"
+    },
+    {
+      "name": "smart_launch_urls",
+      "description": "A comma-separated list of zero or more URLs that Inferno can use to launch the app. Not needed if the app does not support EHR launch.",
+      "optional": true,
+      "title": "SMART App Launch URL(s)",
+      "type": "textarea",
+      "value": "http://localhost:4567/custom/smart_stu2_2/launch"
+    },
+    {
+      "name": "smart_redirect_uris",
+      "description": "A comma-separated list of one or more URIs that the app will sepcify as the target of the redirect for Inferno to use when providing the authorization code. These tests can be run without this input, but will not pass without it.",
+      "optional": true,
+      "title": "SMART App Launch Redirect URI(s)",
+      "type": "textarea",
+      "value": "http://localhost:4567/custom/smart_stu2_2/redirect"
+    },
+    {
+      "name": "smart_jwk_set",
+      "description": "For confidential asymmetric clients, provide the JSON Web Key Set that will be used to sign tokens including the key(s) Inferno will need to verify signatures on token requests made by the client. May be provided as either a publicly accessible url containing the JWKS, or the raw JWKS JSON. Leave blank for public and confidential symmetric clients.",
+      "optional": true,
+      "title": "SMART Confidential Asymmetric JSON Web Key Set (JWKS)",
+      "type": "textarea",
+      "value": "http://localhost:4567/custom/smart_stu2_2/.well-known/jwks.json"
+    },
+    {
+      "name": "smart_client_secret",
+      "description": "For confidential symmetric clients, provide the client secret that will be provided during token requests to authenticate the client to Inferno. Leave blank for public and confidential asymmetric clients.",
+      "optional": true,
+      "title": "SMART Confidential Symmetric Client Secret",
+      "type": "text",
+      "value": "SAMPLE_SECRET"
+    },
+    {
+      "name": "launch_context",
+      "description": "Launch context details to be included in access token responses, specified as a JSON array. These contents will be merged into Inferno's token responses.",
+      "optional": true,
+      "title": "Launch Context",
+      "type": "textarea",
+      "value": "{ \"patient\": \"example\" }"
+    },
+    {
+      "name": "fhir_user_relative_reference",
+      "description": "A FHIR relative reference (<resource type>/<id>) for the FHIR user record to return when the openid and fhirUser scopes are requested. Include this resource in the **Available Resources** input so that it can be accessed.",
+      "optional": true,
+      "title": "FHIR User Relative Reference",
+      "type": "text",
+      "value": "Patient/example"
+    },
+    {
+      "name": "fhir_read_resources_bundle",
+      "description": "Resources to make available in Inferno's simulated FHIR server provided as a FHIR bundle. Each entry must contain a resource with the id element populated. Each instance present will be available for retrieval from Inferno at the endpoint: <fhir-base>/<resource type>/<instance id>. These are only available through the read interaction.",
+      "optional": true,
+      "title": "Available Resources",
+      "type": "textarea",
+      "value": "{\n  \"resourceType\": \"Bundle\",\n  \"entry\": [\n    {\n      \"resource\": {\n        \"resourceType\": \"Patient\",\n        \"id\": \"example\",\n        \"name\": [\n          {\n            \"family\": \"Chalmers\",\n            \"given\": [\n              \"Peter\",\n              \"James\"\n            ]\n          }\n        ],\n        \"gender\": \"male\",\n        \"birthDate\": \"1974-12-25\",\n        \"address\": [\n          {\n            \"line\": [\n              \"534 Erewhon St\"\n            ],\n            \"city\": \"Ann Arbor\",\n            \"state\": \"MI\",\n            \"postalCode\": \"48108\"\n          }\n        ]\n      }\n    }\n  ]\n}"
+    },
+    {
+      "name": "echoed_fhir_response",
+      "description": "JSON representation of a default FHIR resource for Inferno to echo when a request is made to the simulated FHIR server. Reads targetting resources in the  **Available Resources** input will return that resource instead of this. Otherwise, the content here will be echoed back exactly and no check will be made that it is appropriate for the request made. If nothing is provided, an OperationOutcome will be returned.",
+      "optional": true,
+      "title": "Default FHIR Response",
+      "type": "textarea",
+      "value": ""
+    }
+  ]
+}

data/config/presets/SMART_RunServerAgainstClient_ConfidentialAsymmetric.json.erb ADDED Viewed

@@ -0,0 +1,183 @@
+{
+  "title": "Demo: Run Against the SMART Client Suite (Confidential Asymmetric)",
+  "id": "smart_run_server_against_ca_client_v2_2",
+  "test_suite_id": "smart_stu2_2",
+  "inputs": [
+    {
+      "name": "url",
+      "description": "URL of the FHIR endpoint used by SMART applications",
+      "title": "FHIR Endpoint",
+      "type": "text",
+      "value": "<%= Inferno::Application['base_url'] %>/custom/smart_client_stu2_2/fhir"
+    },
+    {
+      "name": "standalone_smart_auth_info",
+      "options": {
+        "mode": "auth",
+        "components": [
+          {
+            "name": "requested_scopes",
+            "default": "launch/patient openid fhirUser offline_access patient/*.rs"
+          },
+          {
+            "name": "pkce_support",
+            "default": "enabled",
+            "locked": true
+          },
+          {
+            "name": "pkce_code_challenge_method",
+            "default": "S256",
+            "locked": true
+          },
+          {
+            "name": "auth_type",
+            "options": {
+              "list_options": [
+                {
+                  "label": "Public",
+                  "value": "public"
+                },
+                {
+                  "label": "Confidential Symmetric",
+                  "value": "symmetric"
+                },
+                {
+                  "label": "Confidential Asymmetric",
+                  "value": "asymmetric"
+                }
+              ]
+            }
+          },
+          {
+            "name": "use_discovery",
+            "locked": true
+          },
+          {
+            "name": "auth_request_method",
+            "default": "GET",
+            "locked": true
+          }
+        ]
+      },
+      "title": "Standalone Launch Credentials",
+      "type": "auth_info",
+      "value": {
+        "pkce_support": "enabled",
+        "pkce_code_challenge_method": "S256",
+        "auth_request_method": "GET",
+        "auth_type": "asymmetric",
+        "use_discovery": "true",
+        "requested_scopes": "launch/patient openid fhirUser offline_access patient/*.rs",
+        "client_id": "smart_client_test_demo",
+        "encryption_algorithm": "ES384"
+      },
+      "default": {}
+    },
+    {
+      "name": "ehr_smart_auth_info",
+      "options": {
+        "mode": "auth",
+        "components": [
+          {
+            "name": "requested_scopes",
+            "default": "launch openid fhirUser offline_access patient/*.rs"
+          },
+          {
+            "name": "pkce_support",
+            "default": "enabled",
+            "locked": true
+          },
+          {
+            "name": "pkce_code_challenge_method",
+            "default": "S256",
+            "locked": true
+          },
+          {
+            "name": "auth_type",
+            "options": {
+              "list_options": [
+                {
+                  "label": "Public",
+                  "value": "public"
+                },
+                {
+                  "label": "Confidential Symmetric",
+                  "value": "symmetric"
+                },
+                {
+                  "label": "Confidential Asymmetric",
+                  "value": "asymmetric"
+                }
+              ]
+            }
+          },
+          {
+            "name": "use_discovery",
+            "locked": true
+          },
+          {
+            "name": "auth_request_method",
+            "default": "GET",
+            "locked": true
+          }
+        ]
+      },
+      "title": "EHR Launch Credentials",
+      "type": "auth_info",
+      "value": {
+        "pkce_support": "enabled",
+        "pkce_code_challenge_method": "S256",
+        "auth_request_method": "GET",
+        "encryption_algorithm": "ES384",
+        "auth_type": "asymmetric",
+        "use_discovery": "true",
+        "requested_scopes": "launch openid fhirUser offline_access patient/*.rs",
+        "client_id": "smart_client_test_demo"
+      },
+      "default": {}
+    },
+    {
+      "name": "backend_services_smart_auth_info",
+      "options": {
+        "mode": "auth",
+        "components": [
+          {
+            "name": "auth_type",
+            "default": "backend_services",
+            "locked": "true"
+          },
+          {
+            "name": "use_discovery",
+            "locked": true
+          }
+        ]
+      },
+      "title": "Backend Services Credentials",
+      "type": "auth_info",
+      "value": {
+        "encryption_algorithm": "ES384",
+        "auth_type": "backend_services",
+        "use_discovery": "true",
+        "requested_scopes": "system/*.rs",
+        "client_id": "smart_client_test_demo"
+      },
+      "default": {}
+    },
+    {
+      "name": "custom_authorization_header",
+      "description": "Add custom headers for the introspection request by adding each header's name and value with a new line between each header. Ex:   <Header 1 Name>: <Value 1>",
+      "optional": true,
+      "title": "Custom HTTP Headers for Introspection Request",
+      "type": "textarea",
+      "value": ""
+    },
+    {
+      "name": "optional_introspection_request_params",
+      "description": "Any additional parameters to append to the request body, separated by &. Example: 'param1=abc&param2=def'",
+      "optional": true,
+      "title": "Additional Introspection Request Parameters",
+      "type": "textarea",
+      "value": ""
+    }
+  ]
+}

data/config/presets/SMART_RunServerAgainstClient_ConfidentialSymmetric.json.erb ADDED Viewed

@@ -0,0 +1,157 @@
+{
+  "title": "Demo: Run Against the SMART Client Suite (Confidential Symmetric)",
+  "id": "smart_run_server_against_cs_client_v2_2",
+  "test_suite_id": "smart_stu2_2",
+  "inputs": [
+    {
+      "name": "url",
+      "description": "URL of the FHIR endpoint used by SMART applications",
+      "title": "FHIR Endpoint",
+      "type": "text",
+      "value": "<%= Inferno::Application['base_url'] %>/custom/smart_client_stu2_2/fhir"
+    },
+    {
+      "name": "standalone_smart_auth_info",
+      "options": {
+        "mode": "auth",
+        "components": [
+          {
+            "name": "requested_scopes",
+            "default": "launch/patient openid fhirUser offline_access patient/*.rs"
+          },
+          {
+            "name": "pkce_support",
+            "default": "enabled",
+            "locked": true
+          },
+          {
+            "name": "pkce_code_challenge_method",
+            "default": "S256",
+            "locked": true
+          },
+          {
+            "name": "auth_type",
+            "options": {
+              "list_options": [
+                {
+                  "label": "Public",
+                  "value": "public"
+                },
+                {
+                  "label": "Confidential Symmetric",
+                  "value": "symmetric"
+                },
+                {
+                  "label": "Confidential Asymmetric",
+                  "value": "asymmetric"
+                }
+              ]
+            }
+          },
+          {
+            "name": "use_discovery",
+            "locked": true
+          },
+          {
+            "name": "auth_request_method",
+            "default": "GET",
+            "locked": true
+          }
+        ]
+      },
+      "title": "Standalone Launch Credentials",
+      "type": "auth_info",
+      "value": {
+        "pkce_support": "enabled",
+        "pkce_code_challenge_method": "S256",
+        "auth_request_method": "GET",
+        "auth_type": "symmetric",
+        "use_discovery": "true",
+        "requested_scopes": "launch/patient openid fhirUser offline_access patient/*.rs",
+        "client_id": "smart_client_test_demo",
+        "client_secret": "SAMPLE_SECRET"
+      },
+      "default": {}
+    },
+    {
+      "name": "ehr_smart_auth_info",
+      "options": {
+        "mode": "auth",
+        "components": [
+          {
+            "name": "requested_scopes",
+            "default": "launch openid fhirUser offline_access patient/*.rs"
+          },
+          {
+            "name": "pkce_support",
+            "default": "enabled",
+            "locked": true
+          },
+          {
+            "name": "pkce_code_challenge_method",
+            "default": "S256",
+            "locked": true
+          },
+          {
+            "name": "auth_type",
+            "options": {
+              "list_options": [
+                {
+                  "label": "Public",
+                  "value": "public"
+                },
+                {
+                  "label": "Confidential Symmetric",
+                  "value": "symmetric"
+                },
+                {
+                  "label": "Confidential Asymmetric",
+                  "value": "asymmetric"
+                }
+              ]
+            }
+          },
+          {
+            "name": "use_discovery",
+            "locked": true
+          },
+          {
+            "name": "auth_request_method",
+            "default": "GET",
+            "locked": true
+          }
+        ]
+      },
+      "title": "EHR Launch Credentials",
+      "type": "auth_info",
+      "value": {
+        "pkce_support": "enabled",
+        "pkce_code_challenge_method": "S256",
+        "auth_request_method": "GET",
+        "encryption_algorithm": "ES384",
+        "auth_type": "symmetric",
+        "use_discovery": "true",
+        "requested_scopes": "launch openid fhirUser offline_access patient/*.rs",
+        "client_id": "smart_client_test_demo",
+        "client_secret": "SAMPLE_SECRET"
+      },
+      "default": {}
+    },
+    {
+      "name": "custom_authorization_header",
+      "description": "Add custom headers for the introspection request by adding each header's name and value with a new line between each header. Ex:   <Header 1 Name>: <Value 1>",
+      "optional": true,
+      "title": "Custom HTTP Headers for Introspection Request",
+      "type": "textarea",
+      "value": ""
+    },
+    {
+      "name": "optional_introspection_request_params",
+      "description": "Any additional parameters to append to the request body, separated by &. Example: 'param1=abc&param2=def'",
+      "optional": true,
+      "title": "Additional Introspection Request Parameters",
+      "type": "textarea",
+      "value": ""
+    }
+]
+}

data/config/presets/SMART_RunServerAgainstClient_Public.json.erb ADDED Viewed

@@ -0,0 +1,155 @@
+{
+  "title": "Demo: Run Against the SMART Client Suite (Public)",
+  "id": "smart_run_server_against_p_client_v2_2",
+  "test_suite_id": "smart_stu2_2",
+  "inputs": [
+    {
+      "name": "url",
+      "description": "URL of the FHIR endpoint used by SMART applications",
+      "title": "FHIR Endpoint",
+      "type": "text",
+      "value": "<%= Inferno::Application['base_url'] %>/custom/smart_client_stu2_2/fhir"
+    },
+    {
+      "name": "standalone_smart_auth_info",
+      "options": {
+        "mode": "auth",
+        "components": [
+          {
+            "name": "requested_scopes",
+            "default": "launch/patient openid fhirUser offline_access patient/*.rs"
+          },
+          {
+            "name": "pkce_support",
+            "default": "enabled",
+            "locked": true
+          },
+          {
+            "name": "pkce_code_challenge_method",
+            "default": "S256",
+            "locked": true
+          },
+          {
+            "name": "auth_type",
+            "options": {
+              "list_options": [
+                {
+                  "label": "Public",
+                  "value": "public"
+                },
+                {
+                  "label": "Confidential Symmetric",
+                  "value": "symmetric"
+                },
+                {
+                  "label": "Confidential Asymmetric",
+                  "value": "asymmetric"
+                }
+              ]
+            }
+          },
+          {
+            "name": "use_discovery",
+            "locked": true
+          },
+          {
+            "name": "auth_request_method",
+            "default": "GET",
+            "locked": true
+          }
+        ]
+      },
+      "title": "Standalone Launch Credentials",
+      "type": "auth_info",
+      "value": {
+        "pkce_support": "enabled",
+        "pkce_code_challenge_method": "S256",
+        "auth_request_method": "GET",
+        "auth_type": "public",
+        "use_discovery": "true",
+        "requested_scopes": "launch/patient openid fhirUser offline_access patient/*.rs",
+        "client_id": "smart_client_test_demo"
+      },
+      "default": {}
+    },
+    {
+      "name": "ehr_smart_auth_info",
+      "options": {
+        "mode": "auth",
+        "components": [
+          {
+            "name": "requested_scopes",
+            "default": "launch openid fhirUser offline_access patient/*.rs"
+          },
+          {
+            "name": "pkce_support",
+            "default": "enabled",
+            "locked": true
+          },
+          {
+            "name": "pkce_code_challenge_method",
+            "default": "S256",
+            "locked": true
+          },
+          {
+            "name": "auth_type",
+            "options": {
+              "list_options": [
+                {
+                  "label": "Public",
+                  "value": "public"
+                },
+                {
+                  "label": "Confidential Symmetric",
+                  "value": "symmetric"
+                },
+                {
+                  "label": "Confidential Asymmetric",
+                  "value": "asymmetric"
+                }
+              ]
+            }
+          },
+          {
+            "name": "use_discovery",
+            "locked": true
+          },
+          {
+            "name": "auth_request_method",
+            "default": "GET",
+            "locked": true
+          }
+        ]
+      },
+      "title": "EHR Launch Credentials",
+      "type": "auth_info",
+      "value": {
+        "pkce_support": "enabled",
+        "pkce_code_challenge_method": "S256",
+        "auth_request_method": "GET",
+        "encryption_algorithm": "ES384",
+        "auth_type": "public",
+        "use_discovery": "true",
+        "requested_scopes": "launch openid fhirUser offline_access patient/*.rs",
+        "client_id": "smart_client_test_demo"
+      },
+      "default": {}
+    },
+    {
+      "name": "custom_authorization_header",
+      "description": "Add custom headers for the introspection request by adding each header's name and value with a new line between each header. Ex:   <Header 1 Name>: <Value 1>",
+      "optional": true,
+      "title": "Custom HTTP Headers for Introspection Request",
+      "type": "textarea",
+      "value": ""
+    },
+    {
+      "name": "optional_introspection_request_params",
+      "description": "Any additional parameters to append to the request body, separated by &. Example: 'param1=abc&param2=def'",
+      "optional": true,
+      "title": "Additional Introspection Request Parameters",
+      "type": "textarea",
+      "value": ""
+    }
+  ]
+}

data/lib/smart_app_launch/backend_services_authorization_group.rb CHANGED Viewed

@@ -31,8 +31,6 @@ module SMARTAppLaunch
             ]
           }
-    output :bearer_token
     test from: :smart_tls,
          id: :smart_backend_services_token_tls_version,
          title: 'Authorization service token endpoint secured by transport layer security',

data/lib/smart_app_launch/backend_services_authorization_request_success_test.rb CHANGED Viewed

@@ -23,7 +23,7 @@ module SMARTAppLaunch
             ]
           }
-    output :authentication_response
+    output :authentication_response, :smart_auth_info
     run do
       post_request_content = BackendServicesAuthorizationRequestBuilder.build(
@@ -40,7 +40,10 @@ module SMARTAppLaunch
       assert_response_status([200, 201])
-      output authentication_response: authentication_response.response_body
+      smart_auth_info.issue_time = Time.now
+      output authentication_response: authentication_response.response_body,
+             smart_auth_info: smart_auth_info
     end
   end
 end

data/lib/smart_app_launch/backend_services_authorization_response_body_test.rb CHANGED Viewed

@@ -29,7 +29,7 @@ module SMARTAppLaunch
               }
             ]
           }
-    output :bearer_token, :smart_auth_info
+    output :bearer_token, :smart_auth_info, :received_scopes
     run do
       skip_if authentication_response.blank?, 'No authentication response received.'
@@ -38,11 +38,15 @@ module SMARTAppLaunch
       response_body = JSON.parse(authentication_response)
       access_token = response_body['access_token']
+      received_scopes = response_body['scope']
+      expires_in = response_body['expires_in']
       assert access_token.present?, 'Token response did not contain access_token as required'
       smart_auth_info.access_token = access_token
+      smart_auth_info.expires_in = expires_in
-      output bearer_token: access_token, smart_auth_info: smart_auth_info
+      output bearer_token: access_token, smart_auth_info: smart_auth_info, received_scopes: received_scopes
       required_keys = ['token_type', 'expires_in', 'scope']

data/lib/smart_app_launch/backend_services_invalid_client_assertion_test.rb CHANGED Viewed

@@ -44,7 +44,7 @@ module SMARTAppLaunch
       post(smart_auth_info.token_url, **post_request_content)
-      assert_response_status(400)
+      assert_response_status([400, 401])
     end
   end
 end

data/lib/smart_app_launch/backend_services_invalid_jwt_test.rb CHANGED Viewed

@@ -55,7 +55,7 @@ module SMARTAppLaunch
       post(smart_auth_info.token_url, **post_request_content)
-      assert_response_status(400)
+      assert_response_status([400, 401])
     end
   end
 end