smart_app_launch_test_kit 0.6.1 → 0.6.2

data/lib/smart_app_launch/metadata.rb

@@ -5,9 +5,9 @@ module SMARTAppLaunch
     id :smart_app_launch_test_kit
     title 'SMART App Launch Test Kit'
     description <<~DESCRIPTION
-      The SMART App Launch Test Kit primarily validates the conformance of an
-      authorization server implementation to a specified version of the [SMART
-      Application Launch Framework Implementation
+      The SMART App Launch Test Kit validates the conformance of authorization server
+      implementations and clients that interact with them to a specified version of the
+      [SMART Application Launch Framework Implementation
       Guide](http://hl7.org/fhir/smart-app-launch/index.html).  This Test Kit also
       provides Brand Bundle Publisher testing for the User-access Brands and Endpoints
       specification.  This Test Kit supports following versions of the SMART App
@@ -25,21 +25,26 @@ module SMARTAppLaunch
       kits for any FHIR-based data exchange.
 
       To run tests for a SMART App Launch authorization server, select one of the
-      "SMART App Launch" suites.  To run tests for a Brand Bundle Publisher, select
+      "SMART App Launch" suites.  To run tests for a SMART App Launch or backend
+      services client, select the "SMART App Launch STU2.2 Client" suite and choose
+      the type of client. To run tests for a Brand Bundle Publisher, select
       the "SMART User-access Brands and Endpoints" suite.
 
       ## Status
 
-      The SMART App Launch Test Kit primarily verifies that systems correctly
-      implement the SMART App Launch IG for providing authorization and/or
-      authentication services to client applications accessing HL7 FHIR APIs.
-
-      The test kit currently tests the following requirements:
-      - Standalone Launch
-      - EHR Launch
-
-      It also tests the ability of a Brand Bundle Publisher to publish a valid brand
-      bundle as described in the User-access Brands and Endpoints specification.
+      The SMART App Launch Test Kit provides five suites that verify that systems
+      correctly implement different aspects and versions of the SMART App Launch IG.
+      - Three server suites (SMART App Launch STU1, STU2, and STU2.2) verifying that SMART server implementations
+        can provide authorization and/or authentication services to
+        client applications accessing HL7 FHIR APIs. Thes
+        - Standalone Launch
+        - EHR Launch
+        - Backend Services (STU2 and STU2.2 only)
+        - Token Introspection (STU2 and STU2.2 only)
+      - A client suite (SMART App Launch STU2.2 Client) verifying that a SMART STU2.2
+        client can obtain and use an access token using the SMART flows and authentication options.
+      - A suite verifying a server's compliance with the User-access Brands and Endpoints
+        specification.
 
       See the test descriptions within the test kit for detail on the specific
       validations performed as part of testing these requirements.

data/lib/smart_app_launch/tags.rb

@@ -2,6 +2,14 @@
 
 module SMARTAppLaunch
   TOKEN_TAG = 'token'
-  SMART_TAG = 'smart'
+  AUTHORIZATION_TAG = 'authorization'
+  INTROSPECTION_TAG = 'introspection'
+  SMART_TAG = 'SMART'
   ACCESS_TAG = 'access'
+  CLIENT_CREDENTIALS_TAG = 'client_credentials'
+  AUTHORIZATION_CODE_TAG = 'authorization_code'
+  REFRESH_TOKEN_TAG = 'refresh_token'
+  PUBLIC_TAG = 'public'
+  CONFIDENTIAL_SYMMETRIC_TAG = 'confidential_symmetric'
+  CONFIDENTIAL_ASYMMETRIC_TAG = 'confidential_asymmetric'
 end

data/lib/smart_app_launch/token_payload_validation.rb

@@ -78,8 +78,8 @@ module SMARTAppLaunch
     end
 
     def check_for_missing_scopes(requested_scopes, body)
-      expected_scopes = requested_scopes.split
-      new_scopes = body['scope'].split
+      expected_scopes = requested_scopes&.split || []
+      new_scopes = body['scope']&.split || []
       missing_scopes = expected_scopes - new_scopes
 
       warning do

data/lib/smart_app_launch/urls.rb

@@ -6,7 +6,11 @@ module SMARTAppLaunch
   RESUME_FAIL_PATH = '/resume_fail'
   AUTH_SERVER_PATH = '/auth'
   SMART_DISCOVERY_PATH = "#{FHIR_PATH}/.well-known/smart-configuration".freeze
+  OIDC_DISCOVERY_PATH = "#{FHIR_PATH}/.well-known/openid-configuration".freeze
+  OIDC_JWKS_PATH = "#{FHIR_PATH}/.well-known/jwks.json".freeze
   TOKEN_PATH = "#{AUTH_SERVER_PATH}/token".freeze
+  AUTHORIZATION_PATH = "#{AUTH_SERVER_PATH}/authorization".freeze
+  INTROSPECTION_PATH = "#{AUTH_SERVER_PATH}/introspect".freeze
 
   module URLs
     def client_base_url
@@ -33,6 +37,14 @@ module SMARTAppLaunch
       @client_token_url ||= client_base_url + TOKEN_PATH
     end
 
+    def client_authorization_url
+      @client_authorization_url ||= client_base_url + AUTHORIZATION_PATH
+    end
+
+    def client_introspection_url
+      @client_introspection_url ||= client_base_url + INTROSPECTION_PATH
+    end
+
     def client_suite_id
       SMARTAppLaunch::SMARTClientSTU22Suite.id
     end

data/lib/smart_app_launch/version.rb

@@ -1,4 +1,4 @@
 module SMARTAppLaunch
-  VERSION = '0.6.1'.freeze
-  LAST_UPDATED = '2025-04-07'.freeze
+  VERSION = '0.6.2'.freeze
+  LAST_UPDATED = '2025-05-02'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smart_app_launch_test_kit
 version: !ruby/object:Gem::Version
-  version: 0.6.1
+  version: 0.6.2
 platform: ruby
 authors:
 - Stephen MacVicar
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-04-07 00:00:00.000000000 Z
+date: 2025-05-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inferno_core
@@ -146,7 +146,9 @@ extra_rdoc_files: []
 files:
 - LICENSE
 - config/presets/SMART_RunClientAgainstServer.json.erb
-- config/presets/SMART_RunServerAgainstClient.json.erb
+- config/presets/SMART_RunServerAgainstClient_ConfidentialAsymmetric.json.erb
+- config/presets/SMART_RunServerAgainstClient_ConfidentialSymmetric.json.erb
+- config/presets/SMART_RunServerAgainstClient_Public.json.erb
 - config/presets/inferno_reference_server_preset.json
 - config/presets/inferno_reference_server_stu2_2_preset.json
 - config/presets/inferno_reference_server_stu2_preset.json
@@ -167,12 +169,32 @@ files:
 - lib/smart_app_launch/backend_services_invalid_jwt_test.rb
 - lib/smart_app_launch/client_assertion_builder.rb
 - lib/smart_app_launch/client_stu2_2_suite.rb
-- lib/smart_app_launch/client_suite/client_access_group.rb
-- lib/smart_app_launch/client_suite/client_access_interaction_test.rb
-- lib/smart_app_launch/client_suite/client_registration_group.rb
-- lib/smart_app_launch/client_suite/client_registration_verification_test.rb
-- lib/smart_app_launch/client_suite/client_token_request_verification_test.rb
-- lib/smart_app_launch/client_suite/client_token_use_verification_test.rb
+- lib/smart_app_launch/client_suite/access_alca_interaction_test.rb
+- lib/smart_app_launch/client_suite/access_alcs_interaction_test.rb
+- lib/smart_app_launch/client_suite/access_alp_interaction_test.rb
+- lib/smart_app_launch/client_suite/access_bsca_interaction_test.rb
+- lib/smart_app_launch/client_suite/access_group.rb
+- lib/smart_app_launch/client_suite/authentication_verification.rb
+- lib/smart_app_launch/client_suite/authorization_request_verification_test.rb
+- lib/smart_app_launch/client_suite/client_descriptions.rb
+- lib/smart_app_launch/client_suite/client_options.rb
+- lib/smart_app_launch/client_suite/oidc_jwks.json
+- lib/smart_app_launch/client_suite/oidc_jwks.rb
+- lib/smart_app_launch/client_suite/registration_alca_group.rb
+- lib/smart_app_launch/client_suite/registration_alca_verification_test.rb
+- lib/smart_app_launch/client_suite/registration_alcs_group.rb
+- lib/smart_app_launch/client_suite/registration_alcs_verification_test.rb
+- lib/smart_app_launch/client_suite/registration_alp_group.rb
+- lib/smart_app_launch/client_suite/registration_alp_verification_test.rb
+- lib/smart_app_launch/client_suite/registration_bsca_group.rb
+- lib/smart_app_launch/client_suite/registration_bsca_verification_test.rb
+- lib/smart_app_launch/client_suite/registration_verification.rb
+- lib/smart_app_launch/client_suite/token_request_alca_verification_test.rb
+- lib/smart_app_launch/client_suite/token_request_alcs_verification_test.rb
+- lib/smart_app_launch/client_suite/token_request_alp_verification_test.rb
+- lib/smart_app_launch/client_suite/token_request_bsca_verification_test.rb
+- lib/smart_app_launch/client_suite/token_request_verification.rb
+- lib/smart_app_launch/client_suite/token_use_verification_test.rb
 - lib/smart_app_launch/code_received_test.rb
 - lib/smart_app_launch/cors_metadata_request_test.rb
 - lib/smart_app_launch/cors_openid_fhir_user_claim_test.rb
@@ -186,9 +208,14 @@ files:
 - lib/smart_app_launch/ehr_launch_group.rb
 - lib/smart_app_launch/ehr_launch_group_stu2.rb
 - lib/smart_app_launch/ehr_launch_group_stu2_2.rb
-- lib/smart_app_launch/endpoints/echoing_fhir_responder.rb
+- lib/smart_app_launch/endpoints/echoing_fhir_responder_endpoint.rb
 - lib/smart_app_launch/endpoints/mock_smart_server.rb
-- lib/smart_app_launch/endpoints/mock_smart_server/token.rb
+- lib/smart_app_launch/endpoints/mock_smart_server/authorization_endpoint.rb
+- lib/smart_app_launch/endpoints/mock_smart_server/introspection_endpoint.rb
+- lib/smart_app_launch/endpoints/mock_smart_server/smart_authorization_response_creation.rb
+- lib/smart_app_launch/endpoints/mock_smart_server/smart_introspection_response_creation.rb
+- lib/smart_app_launch/endpoints/mock_smart_server/smart_token_response_creation.rb
+- lib/smart_app_launch/endpoints/mock_smart_server/token_endpoint.rb
 - lib/smart_app_launch/jwks.rb
 - lib/smart_app_launch/launch_received_test.rb
 - lib/smart_app_launch/metadata.rb

data/config/presets/SMART_RunServerAgainstClient.json.erb

@@ -1,42 +0,0 @@
-{
-  "title": "Demo: Run Against the SMART Client Suite",
-  "id": "smart_run_server_against_client_v2_2",
-  "test_suite_id": "smart_stu2_2",
-  "inputs": [
-    {
-      "name": "url",
-      "description": "URL of the FHIR endpoint used by SMART applications",
-      "title": "FHIR Endpoint",
-      "type": "text",
-      "value": "<%= Inferno::Application['base_url'] %>/custom/smart_client_stu2_2/fhir"
-    },
-    {
-      "name": "backend_services_smart_auth_info",
-      "options": {
-        "mode": "auth",
-        "components": [
-          {
-            "name": "auth_type",
-            "default": "backend_services",
-            "locked": "true"
-          },
-          {
-            "name": "use_discovery",
-            "locked": true
-          }
-        ]
-      },
-      "title": "Backend Services Credentials",
-      "type": "auth_info",
-      "value": {
-        "encryption_algorithm": "ES384",
-        "auth_type": "backend_services",
-        "use_discovery": "true",
-        "token_url": "<%= Inferno::Application['base_url'] %>/custom/smart_client_stu2_2/auth/token",
-        "requested_scopes": "system/*.rs",
-        "client_id": "smart_client_test_demo"
-      },
-      "default": {}
-    }
-  ]
-}

data/lib/smart_app_launch/client_suite/client_access_group.rb

@@ -1,26 +0,0 @@
-require_relative 'client_access_interaction_test'
-require_relative 'client_token_request_verification_test'
-require_relative 'client_token_use_verification_test'
-
-module SMARTAppLaunch
-  class SMARTClientAccess < Inferno::TestGroup
-    id :smart_client_access
-    title 'Client Access'
-    description %(
-      During these tests, the client system will access Inferno's simulated
-      FHIR server by requesting an access token and making a FHIR request.
-      Inferno will then verify that any token requests made were conformant
-      and that a token returned from a token request was used on an access request.
-    )
-
-    run_as_group
-
-    input :smart_jwk_set,
-          optional: true,
-          locked: true
-
-    test from: :smart_client_access_interaction
-    test from: :smart_client_token_request_verification
-    test from: :smart_client_token_use_verification
-  end
-end

data/lib/smart_app_launch/client_suite/client_access_interaction_test.rb

@@ -1,64 +0,0 @@
-require_relative '../urls'
-require_relative '../endpoints/mock_smart_server'
-
-module SMARTAppLaunch
-  class SMARTClientAccessInteraction < Inferno::Test
-    include URLs
-
-    id :smart_client_access_interaction
-    title 'Perform SMART-secured Access'
-    description %(
-      During this test, Inferno will wait for the client to access data
-      using a SMART token obtained during earlier tests.
-    )
-    input :client_id,
-          title: 'Client Id',
-          type: 'text',
-          locked: true,
-          description: %(
-            The registered Client Id for use in obtaining access tokens.
-            Create a new session if you need to change this value.
-          )
-    input :smart_jwk_set,
-          title: 'JSON Web Key Set (JWKS)',
-          type: 'textarea',
-          optional: true,
-          locked: true,
-          description: %(
-            The SMART client's JSON Web Key Set in the form of either a publicly accessible url
-            containing the JWKS, or the raw JWKS JSON. Must include the key(s) Inferno will need to
-            verify signatures on token requests made by the client.
-            Create a new session if you need to change this value.
-          )
-    input :echoed_fhir_response,
-          title: 'FHIR Response to Echo',
-          type: 'textarea',
-          description: %(
-            JSON representation of a FHIR resource for Inferno to echo when a request
-            is made to the simulated FHIR server. The provided content will be echoed
-            back exactly and no check will be made that it is appropriate for the request
-            made. If nothing is provided, an OperationOutcome will be returned.
-          ),
-          optional: true
-
-    run do
-      wait(
-        identifier: client_id,
-        message: %(
-            **Access**
-
-            Use the registered client id (#{client_id}) to obtain an access
-            token using SMART Backend Services
-            and use that token to access a FHIR endpoint under the simulated server's base URL
-
-            `#{client_fhir_base_url}`
-
-            Inferno will echo the response provided in the **FHIR Response to Echo** input.
-
-            [Click here](#{client_resume_pass_url}?token=#{client_id}) once you performed
-            the access.
-          )
-      )
-    end
-  end
-end

data/lib/smart_app_launch/client_suite/client_registration_group.rb

@@ -1,15 +0,0 @@
-require_relative 'client_registration_verification_test'
-
-module SMARTAppLaunch
-  class SMARTClientRegistration < Inferno::TestGroup
-    id :smart_client_registration
-    title 'Client Registration'
-    description %(
-      During these tests, Inferno will verify the registration details provided as inputs,
-      including the client's JSON Web Key Set.
-    )
-    run_as_group
-
-    test from: :smart_client_registration_verification
-  end
-end

data/lib/smart_app_launch/client_suite/client_registration_verification_test.rb

@@ -1,52 +0,0 @@
-require_relative '../tags'
-require_relative '../endpoints/mock_smart_server'
-
-module SMARTAppLaunch
-  class SMARTClientRegistrationVerification < Inferno::Test
-
-    id :smart_client_registration_verification
-    title 'Verify SMART Registration'
-    description %(
-      During this test, Inferno will verify that the SMART registration details
-      provided are conformant.
-    )
-    input :smart_jwk_set,
-          title: 'SMART JSON Web Key Set (JWKS)',
-          type: 'textarea',
-          description: %(
-            The SMART client's JSON Web Key Set including the key(s) Inferno will need to
-            verify signatures on token requests made by the client. May be provided as either
-            a publicly accessible url containing the JWKS, or the raw JWKS JSON.
-          )
-    input :client_id,
-          title: 'Client Id',
-          type: 'text',
-          optional: true,
-          description: %(
-            If a particular client id is desired, put it here. Otherwise a
-            default of the Inferno session id will be used.
-          )
-
-    output :client_id
-
-    run do
-      omit_if smart_jwk_set.blank?, # for re-use: mark the smart_jwk_set input as optional when importing to enable
-        'Not configured for SMART authentication.'
-
-      if client_id.blank?
-        client_id = test_session_id
-        output(client_id:)
-      end
-
-      jwks_warnings = []
-      parsed_smart_jwk_set = MockSMARTServer.jwk_set(smart_jwk_set, jwks_warnings)
-      jwks_warnings.each { |warning| add_message('warning', warning) }
-
-      assert parsed_smart_jwk_set.length.positive?, 'JWKS content does not include any valid keys.'
-
-      # TODO: add key-specific verification per end of https://build.fhir.org/ig/HL7/smart-app-launch/client-confidential-asymmetric.html#registering-a-client-communicating-public-keys
-
-      assert messages.none? { |msg| msg[:type] == 'error' }, 'Invalid key set provided. See messages for details'
-    end
-  end
-end

data/lib/smart_app_launch/client_suite/client_token_request_verification_test.rb

@@ -1,146 +0,0 @@
-require_relative '../tags'
-require_relative '../urls'
-require_relative '../endpoints/mock_smart_server'
-
-module SMARTAppLaunch
-  class SMARTClientTokenRequestVerification < Inferno::Test
-    include URLs
-
-    id :smart_client_token_request_verification
-    title 'Verify SMART Token Requests'
-    description %(
-        Check that SMART token requests are conformant.
-      )
-
-    input :client_id,
-          title: 'Client Id',
-          type: 'text',
-          optional: false,
-          locked: true,
-          description: %(
-            The registered Client Id for use in obtaining access tokens.
-            Create a new session if you need to change this value.
-          )
-    input :smart_jwk_set,
-          title: 'JSON Web Key Set (JWKS)',
-          type: 'textarea',
-          optional: false,
-          locked: true,
-          description: %(
-            The SMART client's JSON Web Key Set in the form of either a publicly accessible url
-            containing the JWKS, or the raw JWKS JSON. Must include the key(s) Inferno will need to
-            verify signatures on token requests made by the client.
-            Create a new session if you need to change this value.
-          )
-    output :smart_tokens
-
-    run do
-      omit_if smart_jwk_set.blank?, # for re-use: mark the smart_jwk_set input as optional when importing to enable
-              'SMART Backend Services authentication not demonstrated as a part of this test session.'
-
-      load_tagged_requests(TOKEN_TAG, SMART_TAG)
-      skip_if requests.blank?, 'No SMART token requests made.'
-
-      jti_list = []
-      token_list = []
-      requests.each_with_index do |token_request, index|
-        request_params = URI.decode_www_form(token_request.request_body).to_h
-        check_request_params(request_params, index + 1)
-        check_client_assertion(request_params['client_assertion'], index + 1, jti_list)
-        token_list << extract_token_from_response(token_request)
-      end
-
-      output smart_tokens: token_list.compact.join("\n")
-
-      assert messages.none? { |msg|
-        msg[:type] == 'error'
-      }, 'Invalid token requests detected. See messages for details.'
-    end
-
-    def check_request_params(params, request_num)
-      if params['grant_type'] != 'client_credentials'
-        add_message('error',
-                    "Token request #{request_num} had an incorrect `grant_type`: expected 'client_credentials', " \
-                    "but got '#{params['grant_type']}'")
-      end
-      if params['client_assertion_type'] != 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer'
-        add_message('error',
-                    "Token request #{request_num} had an incorrect `client_assertion_type`: " \
-                    "expected 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer', " \
-                    "but got '#{params['client_assertion_type']}'")
-      end
-      return unless params['scope'].blank?
-
-      add_message('error', "Token request #{request_num} did not include the requested `scope`")
-    end
-
-    def check_client_assertion(assertion, request_num, jti_list)
-      decoded_token =
-        begin
-          JWT::EncodedToken.new(assertion)
-        rescue StandardError => e
-          add_message('error', "Token request #{request_num} contained an invalid client assertion jwt: #{e}")
-          nil
-        end
-
-      return unless decoded_token.present?
-
-      check_jwt_header(decoded_token.header, request_num)
-      check_jwt_payload(decoded_token.payload, request_num, jti_list)
-      check_jwt_signature(decoded_token, request_num)
-    end
-
-    def check_jwt_header(header, request_num)
-      return unless header['typ'] != 'JWT'
-
-      add_message('error', "client assertion jwt on token request #{request_num} has an incorrect `typ` header: " \
-                           "expected 'JWT', got '#{header['typ']}'")
-    end
-
-    def check_jwt_payload(claims, request_num, jti_list)
-      if claims['iss'] != client_id
-        add_message('error', "client assertion jwt on token request #{request_num} has an incorrect `iss` claim: " \
-                             "expected '#{client_id}', got '#{claims['iss']}'")
-      end
-
-      if claims['sub'] != client_id
-        add_message('error', "client assertion jwt on token request #{request_num} has an incorrect `sub` claim: " \
-                             "expected '#{client_id}', got '#{claims['sub']}'")
-      end
-
-      if claims['aud'] != client_token_url
-        add_message('error', "client assertion jwt on token request #{request_num} has an incorrect `aud` claim: " \
-                             "expected '#{client_token_url}', got '#{claims['aud']}'")
-      end
-
-      if claims['exp'].blank?
-        add_message('error', "client assertion jwt on token request #{request_num} is missing the `exp` claim.")
-      end
-
-      if claims['jti'].blank?
-        add_message('error', "client assertion jwt on token request #{request_num} is missing the `jti` claim.")
-      elsif jti_list.include?(claims['jti'])
-        add_message('error', "client assertion jwt on token request #{request_num} has a `jti` claim that was " \
-                             "previouly used: '#{claims['jti']}'.")
-      else
-        jti_list << claims['jti']
-      end
-    end
-
-    def check_jwt_signature(encoded_token, request_num)
-      error = MockSMARTServer.smart_assertion_signature_verification(encoded_token, smart_jwk_set)
-
-      return unless error.present?
-
-      add_message('error', "Signature validation failed on token request #{request_num}: #{error}")
-    end
-
-    def extract_token_from_response(request)
-      return unless request.status == 200
-
-      JSON.parse(request.response_body)&.dig('access_token')
-    rescue
-      nil
-    end
-  end
-end

data/lib/smart_app_launch/endpoints/echoing_fhir_responder.rb

@@ -1,52 +0,0 @@
-# frozen_string_literal: true
-
-require_relative '../urls'
-require_relative '../tags'
-require_relative 'mock_smart_server'
-
-module SMARTAppLaunch
-  class EchoingFHIRResponderEndpoint < Inferno::DSL::SuiteEndpoint
-    def test_run_identifier
-      MockSMARTServer.token_to_client_id(request.headers['authorization']&.delete_prefix('Bearer '))
-    end
-
-    def make_response
-      return if response.status == 401 # set in update_result (expired token handling there)
-
-      response.content_type = 'application/fhir+json'
-
-      # If the tester provided a response, echo it
-      # otherwise, operation outcome
-      echo_response = JSON.parse(result.input_json)
-        .find { |input| input['name'].include?('echoed_fhir_response') }
-        &.dig('value')
-
-      unless echo_response.present?
-        response.status = 400
-        response.body = FHIR::OperationOutcome.new(
-          issue: FHIR::OperationOutcome::Issue.new(
-            severity: 'fatal', code: 'required',
-            details: FHIR::CodeableConcept.new(text: 'No response provided to echo.')
-          )
-        ).to_json
-        return
-      end
-
-      response.status = 200
-      response.body = echo_response
-    end
-
-    def update_result
-      if MockSMARTServer.request_has_expired_token?(request)
-        MockSMARTServer.update_response_for_expired_token(response)
-        return
-      end
-
-      nil # never update for now
-    end
-
-    def tags
-      [ACCESS_TAG]
-    end
-  end
-end

data/lib/smart_app_launch/endpoints/mock_smart_server/token.rb

@@ -1,27 +0,0 @@
-# frozen_string_literal: true
-
-require_relative '../../urls'
-require_relative '../../tags'
-require_relative '../mock_smart_server'
-
-module SMARTAppLaunch
-  module MockSMARTServer
-    class TokenEndpoint < Inferno::DSL::SuiteEndpoint
-      def test_run_identifier
-        MockSMARTServer.client_id_from_client_assertion(request.params[:client_assertion])
-      end
-
-      def make_response
-        MockSMARTServer.make_smart_token_response(request, response, result)
-      end
-
-      def update_result
-        nil # never update for now
-      end
-
-      def tags
-        [TOKEN_TAG, SMART_TAG]
-      end
-    end
-  end
-end