Class: CarinForBlueButtonTestKit::CARIN4BBV200DEVNONFINANCIAL::SmartScopesTest

Inherits:
Inferno::Test
  • Object
show all
Defined in:
lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0-dev-nonfinancial/c4bb_smart_launch/smart_scopes_test.rb

Constant Summary collapse

PATIENT_COMPARTMENT_RESOURCE_TYPES = 
%w[
  Patient
  ExplanationOfBenefit
  Coverage
  Organization
  Practitioner
].freeze

Instance Method Summary collapse

Instance Method Details

#access_level_regexObject 



44
45
46
 
# File 'lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0-dev-nonfinancial/c4bb_smart_launch/smart_scopes_test.rb', line 44

def access_level_regex
  /\A(\*|\b(read|c?ru?d?s?)\b)/
end

#patient_compartment_resource_typesObject 



36
37
38
 
# File 'lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0-dev-nonfinancial/c4bb_smart_launch/smart_scopes_test.rb', line 36

def patient_compartment_resource_types
  PATIENT_COMPARTMENT_RESOURCE_TYPES
end

#received_scope_test(scopes) ⇒ Object 



48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
 
# File 'lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0-dev-nonfinancial/c4bb_smart_launch/smart_scopes_test.rb', line 48

def received_scope_test(scopes)
  # check if openid, fhirUser, & launch/patient was granted
  scope_subset = scopes - ['openid', 'fhirUser', 'launch/patient']
  assert scope_subset.length == scopes.length - 3,
         'openid, fhirUser, & launch/patient scopes must be supported. Received scopes: ' \
         "#{scope_subset.join(', ')}."

  granted_patient_level_resource_types = []
  granted_user_level_resource_types = []

  scope_subset.each do |scope|
    scope_pieces = scope.split('/')
    next unless scope_pieces.length == 2

    scope_type, resource_scope = scope_pieces
    next unless %w[patient user].include?(scope_type)

    resource_scope_parts = resource_scope.split('.')
    next unless resource_scope_parts.length == 2

    resource_type, access_level = resource_scope_parts
    next unless access_level =~ access_level_regex

    if scope_type == 'patient'
      granted_patient_level_resource_types << resource_type
    else
      granted_user_level_resource_types << resource_type
    end
  end

  # Check if the required patient and user level scopes are granted
  missing_patient_level_resource_types = patient_compartment_resource_types - granted_patient_level_resource_types
  missing_patient_level_resource_types = [] if granted_patient_level_resource_types.include?('*')

  assert missing_patient_level_resource_types.empty?,
         "Requested patient-level scopes #{missing_patient_level_resource_types.join(', ')} " \
          'were not granted by authorization server.'

  missing_user_level_resource_types = patient_compartment_resource_types - granted_user_level_resource_types
  missing_user_level_resource_types = [] if granted_user_level_resource_types.include?('*')
  assert missing_user_level_resource_types.empty?,
         "Requested user-level scopes #{missing_user_level_resource_types.join(', ')} " \
          'were not granted by authorization server.'
end

#required_scopesObject 



40
41
42
 
# File 'lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0-dev-nonfinancial/c4bb_smart_launch/smart_scopes_test.rb', line 40

def required_scopes
  config.options[:required_scopes]
end