Module: DaVinciDTRTestKit::MockAuthorization

Defined in:
lib/davinci_dtr_test_kit/endpoints/mock_authorization.rb,
lib/davinci_dtr_test_kit/endpoints/mock_authorization/token_endpoint.rb,
lib/davinci_dtr_test_kit/endpoints/mock_authorization/authorize_endpoint.rb,
lib/davinci_dtr_test_kit/endpoints/mock_authorization/simple_token_endpoint.rb

Defined Under Namespace

Classes: AuthorizeEndpoint, SimpleTokenEndpoint, TokenEndpoint

Constant Summary collapse

RSA_PRIVATE_KEY = 
OpenSSL::PKey::RSA.generate(2048)
RSA_PUBLIC_KEY = 
RSA_PRIVATE_KEY.public_key
SUPPORTED_SCOPES = 
['launch', 'patient/*.rs', 'user/*.rs', 'offline_access', 'openid', 'fhirUser'].freeze
AUTHORIZED_PRACTITIONER_ID =

Must exist on the FHIR_REFERENCE_SERVER (env var)

'pra1234'

Class Method Summary collapse

Class Method Details

.authorization_endpoint(base_url) ⇒ Object 



83
84
85
 
# File 'lib/davinci_dtr_test_kit/endpoints/mock_authorization.rb', line 83

def authorization_endpoint(base_url)
  base_url + EHR_AUTHORIZE_PATH
end

.ehr_openid_config(env) ⇒ Object 



61
62
63
64
65
66
67
68
69
70
71
72
73
 
# File 'lib/davinci_dtr_test_kit/endpoints/mock_authorization.rb', line 61

def ehr_openid_config(env)
  base_url = env_base_url(env, OPENID_CONFIG_PATH)
  response_body = {
    issuer: base_url + FHIR_BASE_PATH,
    authorization_endpoint: authorization_endpoint(base_url),
    token_endpoint: token_endpoint(base_url),
    jwks_uri: base_url + JKWS_PATH,
    response_types_supported: ['id_token'],
    subject_types_supported: ['public'],
    id_token_signing_alg_values_supported: ['RS256']
  }.to_json
  [200, { 'Content-Type' => 'application/json', 'Access-Control-Allow-Origin' => '*' }, [response_body]]
end

.ehr_smart_config(env) ⇒ Object 



36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
# File 'lib/davinci_dtr_test_kit/endpoints/mock_authorization.rb', line 36

def ehr_smart_config(env)
  base_url = env_base_url(env, SMART_CONFIG_PATH)
  response_body =
    {
      authorization_endpoint: base_url + EHR_AUTHORIZE_PATH,
      token_endpoint: base_url + EHR_TOKEN_PATH,
      token_endpoint_auth_methods_supported: ['private_key_jwt'],
      token_endpoint_auth_signing_alg_values_supported: ['RS256'],
      grant_types_supported: ['authorization_code'],
      scopes_supported: SUPPORTED_SCOPES,
      response_types_supported: ['code'],
      code_challenge_methods_supported: ['S256'],
      capabilities: [
        'launch-ehr',
        'permission-patient',
        'permission-user',
        'client-public',
        'client-confidential-symmetric',
        'client-confidential-asymmetric'
      ]
    }.to_json

  [200, { 'Content-Type' => 'application/json', 'Access-Control-Allow-Origin' => '*' }, [response_body]]
end

.env_base_url(env, endpoint_path) ⇒ Object 



75
76
77
78
79
80
81
 
# File 'lib/davinci_dtr_test_kit/endpoints/mock_authorization.rb', line 75

def env_base_url(env, endpoint_path)
  protocol = env['rack.url_scheme']
  host = env['HTTP_HOST']
  path = env['REQUEST_PATH'] || env['PATH_INFO']
  path.gsub!(%r{#{endpoint_path}(/)?}, '')
  "#{protocol}://#{host + path}"
end

.extract_client_id_from_bearer_token(request) ⇒ Object 



9
10
11
12
13
14
15
16
17
18
 
# File 'lib/davinci_dtr_test_kit/endpoints/mock_authorization.rb', line 9

def extract_client_id_from_bearer_token(request)
  token = request.headers['authorization']&.delete_prefix('Bearer ')
  jwt =
    begin
      JWT.decode(token, nil, false)
    rescue StandardError
      nil
    end
  jwt&.first&.dig('inferno_client_id')
end

.jwks(_env) ⇒ Object 



20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
# File 'lib/davinci_dtr_test_kit/endpoints/mock_authorization.rb', line 20

def jwks(_env)
  response_body = {
    keys: [
      {
        kty: 'RSA',
        alg: 'RS256',
        n: Base64.urlsafe_encode64(RSA_PUBLIC_KEY.n.to_s(2), padding: false),
        e: Base64.urlsafe_encode64(RSA_PUBLIC_KEY.e.to_s(2), padding: false),
        use: 'sig'
      }
    ]
  }.to_json

  [200, { 'Content-Type' => 'application/json', 'Access-Control-Allow-Origin' => '*' }, [response_body]]
end

.token_endpoint(base_url) ⇒ Object 



87
88
89
 
# File 'lib/davinci_dtr_test_kit/endpoints/mock_authorization.rb', line 87

def token_endpoint(base_url)
  base_url + EHR_TOKEN_PATH
end