Class: CarinForBlueButtonTestKit::CARIN4BBV200DEVNONFINANCIAL::SmartScopesTest

Inherits:
Inferno::Test
  • Object
show all
Defined in:
lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0-dev-nonfinancial/c4bb_smart_launch/smart_scopes_test.rb

Constant Summary collapse

PATIENT_COMPARTMENT_RESOURCE_TYPES = 
%w[
  Patient
  ExplanationOfBenefit
  Coverage
  Organization
  Practitioner
].freeze

Instance Method Summary collapse

Instance Method Details

#access_level_regexObject 



49
50
51
 
# File 'lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0-dev-nonfinancial/c4bb_smart_launch/smart_scopes_test.rb', line 49

def access_level_regex
  /\A(\*|\b(read|c?ru?d?s?)\b)/
end

#patient_compartment_resource_typesObject 



37
38
39
 
# File 'lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0-dev-nonfinancial/c4bb_smart_launch/smart_scopes_test.rb', line 37

def patient_compartment_resource_types
  PATIENT_COMPARTMENT_RESOURCE_TYPES
end

#received_scope_test(scopes) ⇒ Object 



53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
 
# File 'lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0-dev-nonfinancial/c4bb_smart_launch/smart_scopes_test.rb', line 53

def received_scope_test(scopes)
  # check if openid, fhirUser, & launch/patient was granted
  scope_subset = scopes - ['openid', 'fhirUser', 'launch/patient']
  assert scope_subset.length == scopes.length - 3,
         'openid, fhirUser, & launch/patient scopes must be supported. Received scopes: ' \
         "#{scope_subset.join(', ')}."

  granted_patient_level_resource_types = []
  granted_user_level_resource_types = []

  scope_subset.each do |scope|
    scope_pieces = scope.split('/')
    next unless scope_pieces.length == 2

    scope_type, resource_scope = scope_pieces
    next unless %w[patient user].include?(scope_type)

    resource_scope_parts = resource_scope.split('.')
    next unless resource_scope_parts.length == 2

    resource_type, access_level = resource_scope_parts
    next unless access_level =~ access_level_regex

    if scope_type == 'patient'
      granted_patient_level_resource_types << resource_type
    else
      granted_user_level_resource_types << resource_type
    end
  end

  # Check if the required patient and user level scopes are granted
  missing_patient_level_resource_types = patient_compartment_resource_types - granted_patient_level_resource_types
  missing_patient_level_resource_types = [] if granted_patient_level_resource_types.include?('*')

  assert missing_patient_level_resource_types.empty?,
         "Requested patient-level scopes #{missing_patient_level_resource_types.join(', ')} " \
          'were not granted by authorization server.'

  missing_user_level_resource_types = patient_compartment_resource_types - granted_user_level_resource_types
  missing_user_level_resource_types = [] if granted_user_level_resource_types.include?('*')
  assert missing_user_level_resource_types.empty?,
         "Requested user-level scopes #{missing_user_level_resource_types.join(', ')} " \
          'were not granted by authorization server.'
end

#requested_scopesObject 



45
46
47
 
# File 'lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0-dev-nonfinancial/c4bb_smart_launch/smart_scopes_test.rb', line 45

def requested_scopes
  smart_auth_info.requested_scopes
end

#required_scopesObject 



41
42
43
 
# File 'lib/carin_for_blue_button_test_kit/custom_groups/v2.0.0-dev-nonfinancial/c4bb_smart_launch/smart_scopes_test.rb', line 41

def required_scopes
  config.options[:required_scopes]
end