smart_app_launch_test_kit 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. checksums.yaml +4 -4
  2. data/execution_scripts/README.md +16 -0
  3. data/execution_scripts/client_vs_server/access_data_and_continue_client.rb +37 -0
  4. data/execution_scripts/client_vs_server/smart_v22_backend_services_with_commands.yaml +69 -0
  5. data/execution_scripts/client_vs_server/smart_v22_backend_services_with_commands_client_expected.json +1 -0
  6. data/execution_scripts/client_vs_server/smart_v22_backend_services_with_commands_server_expected.json +478 -0
  7. data/execution_scripts/client_vs_server/smart_v22_backend_services_with_commands_server_no_tls_expected.json +479 -0
  8. data/execution_scripts/client_vs_server/smart_v22_confidential_symmetric_with_commands.yaml +122 -0
  9. data/execution_scripts/client_vs_server/smart_v22_confidential_symmetric_with_commands_client_expected.json +1 -0
  10. data/execution_scripts/client_vs_server/smart_v22_confidential_symmetric_with_commands_client_no_tls_expected.json +1 -0
  11. data/execution_scripts/client_vs_server/smart_v22_confidential_symmetric_with_commands_server_expected.json +1 -0
  12. data/execution_scripts/client_vs_server/smart_v22_confidential_symmetric_with_commands_server_no_tls_expected.json +1 -0
  13. data/execution_scripts/client_vs_server/smart_v22_public_with_commands.yaml +123 -0
  14. data/execution_scripts/client_vs_server/smart_v22_public_with_commands_client_expected.json +1 -0
  15. data/execution_scripts/client_vs_server/smart_v22_public_with_commands_client_no_tls_expected.json +1 -0
  16. data/execution_scripts/client_vs_server/smart_v22_public_with_commands_server_expected.json +1 -0
  17. data/execution_scripts/client_vs_server/smart_v22_public_with_commands_server_no_tls_expected.json +1 -0
  18. data/execution_scripts/client_vs_server/visit_and_wait_to_return_to_inferno.rb +17 -0
  19. data/execution_scripts/reference_server/base_ref_server_authorize.rb +24 -0
  20. data/execution_scripts/reference_server/base_ref_server_ehr_launch.rb +24 -0
  21. data/execution_scripts/reference_server/ref_server_authorize_85_all_scopes.rb +3 -0
  22. data/execution_scripts/reference_server/ref_server_authorize_launched_all_scopes.rb +3 -0
  23. data/execution_scripts/reference_server/ref_server_ehr_launch_85.rb +3 -0
  24. data/execution_scripts/reference_server/smart_v1_vs_reference_server_with_commands.yaml +60 -0
  25. data/execution_scripts/reference_server/smart_v1_vs_reference_server_with_commands_expected.json +1 -0
  26. data/execution_scripts/reference_server/smart_v22_vs_reference_server_with_commands.yaml +93 -0
  27. data/execution_scripts/reference_server/smart_v22_vs_reference_server_with_commands_expected.json +1 -0
  28. data/execution_scripts/reference_server/smart_v22_vs_reference_server_with_commands_same_host_expected.json +4166 -0
  29. data/execution_scripts/reference_server/smart_v2_vs_reference_server_with_commands.yaml +81 -0
  30. data/execution_scripts/reference_server/smart_v2_vs_reference_server_with_commands_expected.json +1 -0
  31. data/lib/smart_app_launch/app_launch_test.rb +4 -0
  32. data/lib/smart_app_launch/app_redirect_test.rb +2 -1
  33. data/lib/smart_app_launch/client_suite/access_alca_interaction_test.rb +5 -1
  34. data/lib/smart_app_launch/client_suite/access_alcs_interaction_test.rb +5 -1
  35. data/lib/smart_app_launch/client_suite/access_alp_interaction_test.rb +6 -2
  36. data/lib/smart_app_launch/client_suite/access_bsca_interaction_test.rb +4 -1
  37. data/lib/smart_app_launch/client_suite/authentication_verification.rb +1 -1
  38. data/lib/smart_app_launch/client_suite/client_descriptions.rb +4 -3
  39. data/lib/smart_app_launch/cors_metadata_request_test.rb +11 -4
  40. data/lib/smart_app_launch/cors_openid_fhir_user_claim_test.rb +8 -4
  41. data/lib/smart_app_launch/cors_token_exchange_test.rb +8 -4
  42. data/lib/smart_app_launch/cors_well_known_endpoint_test.rb +8 -4
  43. data/lib/smart_app_launch/version.rb +2 -2
  44. metadata +34 -6
data/execution_scripts/client_vs_server/smart_v22_backend_services_with_commands_server_expected.json ADDED
@@ -0,0 +1,478 @@
1
+ [
2
+ {
3
+ "id": "b1e2e706-b291-4547-adf0-8b7851d42fef",
4
+ "created_at": "2026-04-03T12:30:57.028-04:00",
5
+ "inputs": [
6
+ {
7
+ "name": "url",
8
+ "value": "http://localhost:4567/custom/smart_client_stu2_2/fhir",
9
+ "type": "text"
10
+ },
11
+ {
12
+ "name": "backend_services_smart_auth_info",
13
+ "value": "{\"auth_type\":\"backend_services\",\"use_discovery\":\"true\",\"requested_scopes\":\"system/*.rs\",\"client_id\":\"smart_client_test_demo\",\"pkce_support\":\"enabled\",\"pkce_code_challenge_method\":\"S256\",\"auth_request_method\":\"GET\",\"encryption_algorithm\":\"ES384\",\"name\":\"backend_services_smart_auth_info\"}",
14
+ "type": "auth_info"
15
+ }
16
+ ],
17
+ "optional": false,
18
+ "outputs": [
19
+ {
20
+ "name": "well_known_introspection_url",
21
+ "type": "text",
22
+ "value": "http://localhost:4567/custom/smart_client_stu2_2/auth/introspect"
23
+ },
24
+ {
25
+ "name": "well_known_configuration",
26
+ "type": "text",
27
+ "value": "{\"token_endpoint_auth_signing_alg_values_supported\":[\"RS384\",\"ES384\"],\"capabilities\":[\"client-confidential-asymmetric\",\"launch-ehr\",\"launch-standalone\",\"authorize-post\",\"client-public\",\"client-confidential-symmetric\",\"permission-offline\",\"permission-online\",\"permission-patient\",\"permission-user\",\"permission-v1\",\"permission-v2\",\"context-ehr-patient\",\"context-ehr-encounter\",\"context-standalone-patient\",\"context-standalone-encounter\",\"context-banner\",\"context-style\"],\"code_challenge_methods_supported\":[\"S256\"],\"token_endpoint_auth_methods_supported\":[\"private_key_jwt\",\"client_secret_basic\",\"client_secret_post\"],\"issuer\":\"http://localhost:4567/custom/smart_client_stu2_2/fhir\",\"grant_types_supported\":[\"client_credentials\",\"authorization_code\"],\"scopes_supported\":[\"system/*.read\",\"user/*.read\",\"patient/*.read\"],\"authorization_endpoint\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/authorization\",\"token_endpoint\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/token\",\"introspection_endpoint\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/introspect\"}"
28
+ },
29
+ {
30
+ "name": "smart_authorization_url",
31
+ "type": "text",
32
+ "value": "http://localhost:4567/custom/smart_client_stu2_2/auth/authorization"
33
+ },
34
+ {
35
+ "name": "well_known_management_url",
36
+ "type": "text",
37
+ "value": ""
38
+ },
39
+ {
40
+ "name": "well_known_registration_url",
41
+ "type": "text",
42
+ "value": ""
43
+ },
44
+ {
45
+ "name": "well_known_revocation_url",
46
+ "type": "text",
47
+ "value": ""
48
+ },
49
+ {
50
+ "name": "smart_token_url",
51
+ "type": "text",
52
+ "value": "http://localhost:4567/custom/smart_client_stu2_2/auth/token"
53
+ },
54
+ {
55
+ "name": "backend_services_smart_auth_info",
56
+ "type": "text",
57
+ "value": "{\"auth_type\":\"backend_services\",\"use_discovery\":\"true\",\"token_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/token\",\"auth_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/authorization\",\"requested_scopes\":\"system/*.rs\",\"client_id\":\"smart_client_test_demo\",\"pkce_support\":\"enabled\",\"pkce_code_challenge_method\":\"S256\",\"auth_request_method\":\"GET\",\"encryption_algorithm\":\"ES384\",\"name\":\"backend_services_smart_auth_info\"}"
58
+ }
59
+ ],
60
+ "requests": [
61
+ {
62
+ "id": "fc08dedc-f24f-4533-93a1-9821401ebd6b",
63
+ "direction": "outgoing",
64
+ "index": 853,
65
+ "result_id": "b1e2e706-b291-4547-adf0-8b7851d42fef",
66
+ "status": 200,
67
+ "timestamp": "2026-04-03T12:30:57.031-04:00",
68
+ "url": "http://localhost:4567/custom/smart_client_stu2_2/fhir/.well-known/smart-configuration",
69
+ "verb": "get"
70
+ }
71
+ ],
72
+ "result": "pass",
73
+ "test_id": "smart_stu2_2-smart_backend_services-smart_discovery_stu2_2-well_known_endpoint",
74
+ "test_run_id": "667e7b0a-a3fc-43f6-997e-1273109c4229",
75
+ "test_session_id": "bqd5CYxzQ0Z",
76
+ "updated_at": "2026-04-03T12:30:57.028-04:00"
77
+ },
78
+ {
79
+ "id": "5671515b-08c0-4997-9a5a-e11fe0684b48",
80
+ "created_at": "2026-04-03T12:30:57.036-04:00",
81
+ "inputs": [
82
+ {
83
+ "name": "well_known_configuration",
84
+ "value": "{\"token_endpoint_auth_signing_alg_values_supported\":[\"RS384\",\"ES384\"],\"capabilities\":[\"client-confidential-asymmetric\",\"launch-ehr\",\"launch-standalone\",\"authorize-post\",\"client-public\",\"client-confidential-symmetric\",\"permission-offline\",\"permission-online\",\"permission-patient\",\"permission-user\",\"permission-v1\",\"permission-v2\",\"context-ehr-patient\",\"context-ehr-encounter\",\"context-standalone-patient\",\"context-standalone-encounter\",\"context-banner\",\"context-style\"],\"code_challenge_methods_supported\":[\"S256\"],\"token_endpoint_auth_methods_supported\":[\"private_key_jwt\",\"client_secret_basic\",\"client_secret_post\"],\"issuer\":\"http://localhost:4567/custom/smart_client_stu2_2/fhir\",\"grant_types_supported\":[\"client_credentials\",\"authorization_code\"],\"scopes_supported\":[\"system/*.read\",\"user/*.read\",\"patient/*.read\"],\"authorization_endpoint\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/authorization\",\"token_endpoint\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/token\",\"introspection_endpoint\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/introspect\"}",
85
+ "type": "text"
86
+ }
87
+ ],
88
+ "messages": [
89
+ {
90
+ "message": "Well-known `issuer` is omitted when server capabilites does not include `sso-openid-connect`",
91
+ "type": "warning"
92
+ }
93
+ ],
94
+ "optional": false,
95
+ "outputs": [],
96
+ "requests": [],
97
+ "result": "pass",
98
+ "test_id": "smart_stu2_2-smart_backend_services-smart_discovery_stu2_2-well_known_capabilities_stu2",
99
+ "test_run_id": "667e7b0a-a3fc-43f6-997e-1273109c4229",
100
+ "test_session_id": "bqd5CYxzQ0Z",
101
+ "updated_at": "2026-04-03T12:30:57.036-04:00"
102
+ },
103
+ {
104
+ "id": "23aade05-b9e5-49c7-bf4e-a8f8e415b82f",
105
+ "created_at": "2026-04-03T12:30:57.042-04:00",
106
+ "inputs": [
107
+ {
108
+ "name": "url",
109
+ "value": "http://localhost:4567/custom/smart_client_stu2_2/fhir",
110
+ "type": "text"
111
+ }
112
+ ],
113
+ "messages": [
114
+ {
115
+ "message": "No CORS headers required: Inferno and the target server are on the same host.",
116
+ "type": "info"
117
+ }
118
+ ],
119
+ "optional": true,
120
+ "outputs": [],
121
+ "requests": [
122
+ {
123
+ "id": "8440e3cf-bf34-4a91-82d0-500a64a6d85d",
124
+ "direction": "outgoing",
125
+ "index": 854,
126
+ "result_id": "23aade05-b9e5-49c7-bf4e-a8f8e415b82f",
127
+ "status": 200,
128
+ "timestamp": "2026-04-03T12:30:57.044-04:00",
129
+ "url": "http://localhost:4567/custom/smart_client_stu2_2/fhir/.well-known/smart-configuration",
130
+ "verb": "get"
131
+ }
132
+ ],
133
+ "result": "pass",
134
+ "test_id": "smart_stu2_2-smart_backend_services-smart_discovery_stu2_2-smart_cors_well_known_endpoint",
135
+ "test_run_id": "667e7b0a-a3fc-43f6-997e-1273109c4229",
136
+ "test_session_id": "bqd5CYxzQ0Z",
137
+ "updated_at": "2026-04-03T12:30:57.042-04:00"
138
+ },
139
+ {
140
+ "id": "55c879d5-cf6d-464e-af46-773f5e22ad7f",
141
+ "created_at": "2026-04-03T12:30:57.061-04:00",
142
+ "inputs": [
143
+ {
144
+ "name": "url",
145
+ "value": "http://localhost:4567/custom/smart_client_stu2_2/fhir",
146
+ "type": "text"
147
+ }
148
+ ],
149
+ "optional": true,
150
+ "outputs": [],
151
+ "requests": [
152
+ {
153
+ "id": "f321cdbd-67b9-4afe-8111-7bfbf83b6941",
154
+ "direction": "outgoing",
155
+ "index": 855,
156
+ "result_id": "55c879d5-cf6d-464e-af46-773f5e22ad7f",
157
+ "status": 500,
158
+ "timestamp": "2026-04-03T12:30:57.062-04:00",
159
+ "url": "http://localhost:4567/custom/smart_client_stu2_2/fhir/metadata",
160
+ "verb": "get"
161
+ }
162
+ ],
163
+ "result": "fail",
164
+ "result_message": "Unexpected response status: expected 200, but received 500",
165
+ "test_id": "smart_stu2_2-smart_backend_services-smart_discovery_stu2_2-smart_cors_metadata_request",
166
+ "test_run_id": "667e7b0a-a3fc-43f6-997e-1273109c4229",
167
+ "test_session_id": "bqd5CYxzQ0Z",
168
+ "updated_at": "2026-04-03T12:30:57.061-04:00"
169
+ },
170
+ {
171
+ "id": "623757d1-642b-41c0-94af-e37059d26ea0",
172
+ "created_at": "2026-04-03T12:30:57.066-04:00",
173
+ "inputs": [
174
+ {
175
+ "name": "url",
176
+ "label": "FHIR Endpoint",
177
+ "description": "URL of the FHIR endpoint used by SMART applications",
178
+ "value": "http://localhost:4567/custom/smart_client_stu2_2/fhir",
179
+ "type": "text"
180
+ },
181
+ {
182
+ "name": "backend_services_smart_auth_info",
183
+ "label": null,
184
+ "description": null,
185
+ "value": "{\"auth_type\":\"backend_services\",\"use_discovery\":\"true\",\"requested_scopes\":\"system/*.rs\",\"client_id\":\"smart_client_test_demo\",\"pkce_support\":\"enabled\",\"pkce_code_challenge_method\":\"S256\",\"auth_request_method\":\"GET\",\"encryption_algorithm\":\"ES384\",\"name\":\"backend_services_smart_auth_info\"}",
186
+ "type": "auth_info"
187
+ }
188
+ ],
189
+ "optional": false,
190
+ "outputs": [],
191
+ "requests": [],
192
+ "result": "pass",
193
+ "test_group_id": "smart_stu2_2-smart_backend_services-smart_discovery_stu2_2",
194
+ "test_run_id": "667e7b0a-a3fc-43f6-997e-1273109c4229",
195
+ "test_session_id": "bqd5CYxzQ0Z",
196
+ "updated_at": "2026-04-03T12:30:57.066-04:00"
197
+ },
198
+ {
199
+ "id": "c85f6156-5fc7-435b-a1e7-84192b7bca09",
200
+ "created_at": "2026-04-03T12:30:57.073-04:00",
201
+ "inputs": [
202
+ {
203
+ "name": "url",
204
+ "value": "http://localhost:4567/custom/smart_client_stu2_2/fhir",
205
+ "type": "text"
206
+ },
207
+ {
208
+ "name": "backend_services_smart_auth_info",
209
+ "value": "{\"auth_type\":\"backend_services\",\"use_discovery\":\"true\",\"token_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/token\",\"auth_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/authorization\",\"requested_scopes\":\"system/*.rs\",\"client_id\":\"smart_client_test_demo\",\"pkce_support\":\"enabled\",\"pkce_code_challenge_method\":\"S256\",\"auth_request_method\":\"GET\",\"encryption_algorithm\":\"ES384\",\"name\":\"backend_services_smart_auth_info\"}",
210
+ "type": "auth_info"
211
+ }
212
+ ],
213
+ "messages": [
214
+ {
215
+ "message": "http://localhost:4567/custom/smart_client_stu2_2/auth/token correctly denied SSL 2.0 connection as required.",
216
+ "type": "info"
217
+ },
218
+ {
219
+ "message": "http://localhost:4567/custom/smart_client_stu2_2/auth/token correctly denied SSL 3.0 connection as required.",
220
+ "type": "info"
221
+ },
222
+ {
223
+ "message": "http://localhost:4567/custom/smart_client_stu2_2/auth/token correctly denied TLS 1.0 connection as required.",
224
+ "type": "info"
225
+ },
226
+ {
227
+ "message": "http://localhost:4567/custom/smart_client_stu2_2/auth/token correctly denied TLS 1.1 connection as required.",
228
+ "type": "info"
229
+ },
230
+ {
231
+ "message": "http://localhost:4567/custom/smart_client_stu2_2/auth/token accepted TLS 1.2 connection.",
232
+ "type": "info"
233
+ },
234
+ {
235
+ "message": "http://localhost:4567/custom/smart_client_stu2_2/auth/token accepted TLS 1.3 connection.",
236
+ "type": "info"
237
+ }
238
+ ],
239
+ "optional": false,
240
+ "outputs": [],
241
+ "requests": [],
242
+ "result": "pass",
243
+ "test_id": "smart_stu2_2-smart_backend_services-backend_services_authorization-smart_backend_services_token_tls_version",
244
+ "test_run_id": "667e7b0a-a3fc-43f6-997e-1273109c4229",
245
+ "test_session_id": "bqd5CYxzQ0Z",
246
+ "updated_at": "2026-04-03T12:30:57.073-04:00"
247
+ },
248
+ {
249
+ "id": "d74c9257-3074-46fc-acf4-fd03e3f7ffdf",
250
+ "created_at": "2026-04-03T12:30:57.081-04:00",
251
+ "inputs": [
252
+ {
253
+ "name": "backend_services_smart_auth_info",
254
+ "value": "{\"auth_type\":\"backend_services\",\"use_discovery\":\"true\",\"token_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/token\",\"auth_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/authorization\",\"requested_scopes\":\"system/*.rs\",\"client_id\":\"smart_client_test_demo\",\"pkce_support\":\"enabled\",\"pkce_code_challenge_method\":\"S256\",\"auth_request_method\":\"GET\",\"encryption_algorithm\":\"ES384\",\"name\":\"backend_services_smart_auth_info\"}",
255
+ "type": "auth_info"
256
+ }
257
+ ],
258
+ "optional": false,
259
+ "outputs": [],
260
+ "requests": [
261
+ {
262
+ "id": "76172d46-5092-4ab0-a8f7-0e3be3ae603d",
263
+ "direction": "outgoing",
264
+ "index": 856,
265
+ "result_id": "d74c9257-3074-46fc-acf4-fd03e3f7ffdf",
266
+ "status": 500,
267
+ "timestamp": "2026-04-03T12:30:57.081-04:00",
268
+ "url": "http://localhost:4567/custom/smart_client_stu2_2/auth/token",
269
+ "verb": "post"
270
+ }
271
+ ],
272
+ "result": "fail",
273
+ "result_message": "Unexpected response status: expected 400, but received 500",
274
+ "test_id": "smart_stu2_2-smart_backend_services-backend_services_authorization-smart_backend_services_invalid_grant_type",
275
+ "test_run_id": "667e7b0a-a3fc-43f6-997e-1273109c4229",
276
+ "test_session_id": "bqd5CYxzQ0Z",
277
+ "updated_at": "2026-04-03T12:30:57.081-04:00"
278
+ },
279
+ {
280
+ "id": "ad74f654-421f-4bda-9ba2-47638b6df3d4",
281
+ "created_at": "2026-04-03T12:30:57.094-04:00",
282
+ "inputs": [
283
+ {
284
+ "name": "backend_services_smart_auth_info",
285
+ "value": "{\"auth_type\":\"backend_services\",\"use_discovery\":\"true\",\"token_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/token\",\"auth_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/authorization\",\"requested_scopes\":\"system/*.rs\",\"client_id\":\"smart_client_test_demo\",\"pkce_support\":\"enabled\",\"pkce_code_challenge_method\":\"S256\",\"auth_request_method\":\"GET\",\"encryption_algorithm\":\"ES384\",\"name\":\"backend_services_smart_auth_info\"}",
286
+ "type": "auth_info"
287
+ }
288
+ ],
289
+ "optional": false,
290
+ "outputs": [],
291
+ "requests": [
292
+ {
293
+ "id": "eb9a2d9c-2f9b-46e4-ad6e-e3c23bac3235",
294
+ "direction": "outgoing",
295
+ "index": 858,
296
+ "result_id": "ad74f654-421f-4bda-9ba2-47638b6df3d4",
297
+ "status": 200,
298
+ "timestamp": "2026-04-03T12:30:57.117-04:00",
299
+ "url": "http://localhost:4567/custom/smart_client_stu2_2/auth/token",
300
+ "verb": "post"
301
+ }
302
+ ],
303
+ "result": "fail",
304
+ "result_message": "Unexpected response status: expected 400, 401, but received 200",
305
+ "test_id": "smart_stu2_2-smart_backend_services-backend_services_authorization-smart_backend_services_invalid_client_assertion",
306
+ "test_run_id": "667e7b0a-a3fc-43f6-997e-1273109c4229",
307
+ "test_session_id": "bqd5CYxzQ0Z",
308
+ "updated_at": "2026-04-03T12:30:57.094-04:00"
309
+ },
310
+ {
311
+ "id": "bc8ad628-d07e-4ff0-8854-a28ff4898d2a",
312
+ "created_at": "2026-04-03T12:30:57.133-04:00",
313
+ "inputs": [
314
+ {
315
+ "name": "backend_services_smart_auth_info",
316
+ "value": "{\"auth_type\":\"backend_services\",\"use_discovery\":\"true\",\"token_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/token\",\"auth_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/authorization\",\"requested_scopes\":\"system/*.rs\",\"client_id\":\"smart_client_test_demo\",\"pkce_support\":\"enabled\",\"pkce_code_challenge_method\":\"S256\",\"auth_request_method\":\"GET\",\"encryption_algorithm\":\"ES384\",\"name\":\"backend_services_smart_auth_info\"}",
317
+ "type": "auth_info"
318
+ }
319
+ ],
320
+ "optional": false,
321
+ "outputs": [],
322
+ "requests": [
323
+ {
324
+ "id": "a63b4de7-2dfe-49ad-963a-10e5df0c8534",
325
+ "direction": "outgoing",
326
+ "index": 860,
327
+ "result_id": "bc8ad628-d07e-4ff0-8854-a28ff4898d2a",
328
+ "status": 200,
329
+ "timestamp": "2026-04-03T12:30:57.135-04:00",
330
+ "url": "http://localhost:4567/custom/smart_client_stu2_2/auth/token",
331
+ "verb": "post"
332
+ }
333
+ ],
334
+ "result": "fail",
335
+ "result_message": "Unexpected response status: expected 400, 401, but received 200",
336
+ "test_id": "smart_stu2_2-smart_backend_services-backend_services_authorization-smart_backend_services_invalid_jwt",
337
+ "test_run_id": "667e7b0a-a3fc-43f6-997e-1273109c4229",
338
+ "test_session_id": "bqd5CYxzQ0Z",
339
+ "updated_at": "2026-04-03T12:30:57.133-04:00"
340
+ },
341
+ {
342
+ "id": "51939a9c-64c3-4eae-a5d8-41c6cb69cb09",
343
+ "created_at": "2026-04-03T12:30:57.159-04:00",
344
+ "inputs": [
345
+ {
346
+ "name": "backend_services_smart_auth_info",
347
+ "value": "{\"auth_type\":\"backend_services\",\"use_discovery\":\"true\",\"token_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/token\",\"auth_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/authorization\",\"requested_scopes\":\"system/*.rs\",\"client_id\":\"smart_client_test_demo\",\"pkce_support\":\"enabled\",\"pkce_code_challenge_method\":\"S256\",\"auth_request_method\":\"GET\",\"encryption_algorithm\":\"ES384\",\"name\":\"backend_services_smart_auth_info\"}",
348
+ "type": "auth_info"
349
+ }
350
+ ],
351
+ "optional": false,
352
+ "outputs": [
353
+ {
354
+ "name": "authentication_response",
355
+ "type": "text",
356
+ "value": "{\"access_token\":\"eyJjbGllbnRfaWQiOiJzbWFydF9jbGllbnRfdGVzdF9kZW1vIiwiZXhwaXJhdGlvbiI6MTc3NTIzNzQ1Nywibm9uY2UiOiI1NDVlNDlmM2U2ZjgxMjQzIn0\",\"token_type\":\"Bearer\",\"expires_in\":3600,\"scope\":\"system/*.rs\"}"
357
+ },
358
+ {
359
+ "name": "backend_services_smart_auth_info",
360
+ "type": "text",
361
+ "value": "{\"auth_type\":\"backend_services\",\"use_discovery\":\"true\",\"token_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/token\",\"auth_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/authorization\",\"requested_scopes\":\"system/*.rs\",\"client_id\":\"smart_client_test_demo\",\"pkce_support\":\"enabled\",\"pkce_code_challenge_method\":\"S256\",\"auth_request_method\":\"GET\",\"encryption_algorithm\":\"ES384\",\"issue_time\":\"2026-04-03T12:30:57-04:00\",\"name\":\"backend_services_smart_auth_info\"}"
362
+ }
363
+ ],
364
+ "requests": [
365
+ {
366
+ "id": "2ae0eeb3-4359-4357-9f9f-07c94a788589",
367
+ "direction": "outgoing",
368
+ "index": 862,
369
+ "result_id": "51939a9c-64c3-4eae-a5d8-41c6cb69cb09",
370
+ "status": 200,
371
+ "timestamp": "2026-04-03T12:30:57.159-04:00",
372
+ "url": "http://localhost:4567/custom/smart_client_stu2_2/auth/token",
373
+ "verb": "post"
374
+ }
375
+ ],
376
+ "result": "pass",
377
+ "test_id": "smart_stu2_2-smart_backend_services-backend_services_authorization-smart_backend_services_auth_request_success",
378
+ "test_run_id": "667e7b0a-a3fc-43f6-997e-1273109c4229",
379
+ "test_session_id": "bqd5CYxzQ0Z",
380
+ "updated_at": "2026-04-03T12:30:57.159-04:00"
381
+ },
382
+ {
383
+ "id": "f18affc0-1d3a-4904-a666-af533cc10d29",
384
+ "created_at": "2026-04-03T12:30:57.168-04:00",
385
+ "inputs": [
386
+ {
387
+ "name": "authentication_response",
388
+ "value": "{\"access_token\":\"eyJjbGllbnRfaWQiOiJzbWFydF9jbGllbnRfdGVzdF9kZW1vIiwiZXhwaXJhdGlvbiI6MTc3NTIzNzQ1Nywibm9uY2UiOiI1NDVlNDlmM2U2ZjgxMjQzIn0\",\"token_type\":\"Bearer\",\"expires_in\":3600,\"scope\":\"system/*.rs\"}",
389
+ "type": "text"
390
+ },
391
+ {
392
+ "name": "backend_services_smart_auth_info",
393
+ "value": "{\"auth_type\":\"backend_services\",\"use_discovery\":\"true\",\"token_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/token\",\"auth_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/authorization\",\"requested_scopes\":\"system/*.rs\",\"client_id\":\"smart_client_test_demo\",\"pkce_support\":\"enabled\",\"pkce_code_challenge_method\":\"S256\",\"auth_request_method\":\"GET\",\"encryption_algorithm\":\"ES384\",\"issue_time\":\"2026-04-03T12:30:57-04:00\",\"name\":\"backend_services_smart_auth_info\"}",
394
+ "type": "auth_info"
395
+ }
396
+ ],
397
+ "optional": false,
398
+ "outputs": [
399
+ {
400
+ "name": "bearer_token",
401
+ "type": "text",
402
+ "value": "eyJjbGllbnRfaWQiOiJzbWFydF9jbGllbnRfdGVzdF9kZW1vIiwiZXhwaXJhdGlvbiI6MTc3NTIzNzQ1Nywibm9uY2UiOiI1NDVlNDlmM2U2ZjgxMjQzIn0"
403
+ },
404
+ {
405
+ "name": "backend_services_smart_auth_info",
406
+ "type": "text",
407
+ "value": "{\"auth_type\":\"backend_services\",\"use_discovery\":\"true\",\"token_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/token\",\"auth_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/authorization\",\"requested_scopes\":\"system/*.rs\",\"client_id\":\"smart_client_test_demo\",\"pkce_support\":\"enabled\",\"pkce_code_challenge_method\":\"S256\",\"auth_request_method\":\"GET\",\"encryption_algorithm\":\"ES384\",\"access_token\":\"eyJjbGllbnRfaWQiOiJzbWFydF9jbGllbnRfdGVzdF9kZW1vIiwiZXhwaXJhdGlvbiI6MTc3NTIzNzQ1Nywibm9uY2UiOiI1NDVlNDlmM2U2ZjgxMjQzIn0\",\"issue_time\":\"2026-04-03T12:30:57-04:00\",\"expires_in\":3600,\"name\":\"backend_services_smart_auth_info\"}"
408
+ },
409
+ {
410
+ "name": "backend_services_received_scopes",
411
+ "type": "text",
412
+ "value": "system/*.rs"
413
+ }
414
+ ],
415
+ "requests": [],
416
+ "result": "pass",
417
+ "test_id": "smart_stu2_2-smart_backend_services-backend_services_authorization-smart_backend_services_auth_response_body",
418
+ "test_run_id": "667e7b0a-a3fc-43f6-997e-1273109c4229",
419
+ "test_session_id": "bqd5CYxzQ0Z",
420
+ "updated_at": "2026-04-03T12:30:57.168-04:00"
421
+ },
422
+ {
423
+ "id": "20599988-2744-4ad6-ae30-436957709ed2",
424
+ "created_at": "2026-04-03T12:30:57.179-04:00",
425
+ "inputs": [
426
+ {
427
+ "name": "url",
428
+ "label": null,
429
+ "description": null,
430
+ "value": "http://localhost:4567/custom/smart_client_stu2_2/fhir",
431
+ "type": "text"
432
+ },
433
+ {
434
+ "name": "backend_services_smart_auth_info",
435
+ "label": "Backend Services Credentials",
436
+ "description": null,
437
+ "value": "{\"auth_type\":\"backend_services\",\"use_discovery\":\"true\",\"token_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/token\",\"auth_url\":\"http://localhost:4567/custom/smart_client_stu2_2/auth/authorization\",\"requested_scopes\":\"system/*.rs\",\"client_id\":\"smart_client_test_demo\",\"pkce_support\":\"enabled\",\"pkce_code_challenge_method\":\"S256\",\"auth_request_method\":\"GET\",\"encryption_algorithm\":\"ES384\",\"name\":\"backend_services_smart_auth_info\"}",
438
+ "type": "auth_info"
439
+ }
440
+ ],
441
+ "optional": false,
442
+ "outputs": [],
443
+ "requests": [],
444
+ "result": "fail",
445
+ "test_group_id": "smart_stu2_2-smart_backend_services-backend_services_authorization",
446
+ "test_run_id": "667e7b0a-a3fc-43f6-997e-1273109c4229",
447
+ "test_session_id": "bqd5CYxzQ0Z",
448
+ "updated_at": "2026-04-03T12:30:57.179-04:00"
449
+ },
450
+ {
451
+ "id": "76e734bc-183c-46a7-8a8e-e26284890e7a",
452
+ "created_at": "2026-04-03T12:30:57.181-04:00",
453
+ "inputs": [
454
+ {
455
+ "name": "url",
456
+ "label": "FHIR Endpoint",
457
+ "description": "URL of the FHIR endpoint used by SMART applications",
458
+ "value": "http://localhost:4567/custom/smart_client_stu2_2/fhir",
459
+ "type": "text"
460
+ },
461
+ {
462
+ "name": "backend_services_smart_auth_info",
463
+ "label": "Backend Services Credentials",
464
+ "description": null,
465
+ "value": "{\"auth_type\":\"backend_services\",\"use_discovery\":\"true\",\"requested_scopes\":\"system/*.rs\",\"client_id\":\"smart_client_test_demo\",\"pkce_support\":\"enabled\",\"pkce_code_challenge_method\":\"S256\",\"auth_request_method\":\"GET\",\"encryption_algorithm\":\"ES384\",\"name\":\"backend_services_smart_auth_info\"}",
466
+ "type": "auth_info"
467
+ }
468
+ ],
469
+ "optional": false,
470
+ "outputs": [],
471
+ "requests": [],
472
+ "result": "fail",
473
+ "test_group_id": "smart_stu2_2-smart_backend_services",
474
+ "test_run_id": "667e7b0a-a3fc-43f6-997e-1273109c4229",
475
+ "test_session_id": "bqd5CYxzQ0Z",
476
+ "updated_at": "2026-04-03T12:30:57.181-04:00"
477
+ }
478
+ ]