Class: SMARTAppLaunch::SMARTClientAppLaunchAuthorizationRequestVerification

Inherits:
Inferno::Test
  • Object
show all
Includes:
URLs
Defined in:
lib/smart_app_launch/client_suite/authorization_request_verification_test.rb

Instance Method Summary collapse

Methods included from URLs

#client_authorization_url, #client_base_url, #client_fhir_base_url, #client_introspection_url, #client_resume_fail_url, #client_resume_pass_url, #client_smart_discovery_url, #client_token_url

Instance Method Details

#check_request_params(params, request_num) ⇒ Object 



60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
 
# File 'lib/smart_app_launch/client_suite/authorization_request_verification_test.rb', line 60

def check_request_params(params, request_num)
  if params['response_type'] != 'code'
    add_message('error',
                "Authorization request #{request_num} had an incorrect `response_type`: expected 'code', " \
                "but got '#{params['response_type']}'")
  end
  if params['client_id'] != client_id
    add_message('error',
                "Authorization request #{request_num} had an incorrect `client_id`: expected #{client_id}, " \
                "but got '#{params['client_id']}'")
  end
  if params['redirect_uri'].blank?
    add_message('error',
                "Authorization request #{request_num} is missing the `redirect_uri` element")
  else
    if smart_redirect_uris.blank?
      add_message('error',
                  'No redirect URIs registered to check against the `redirect_uri` element ' \
                  "in authorization request #{request_num} is missing the `redirect_uri` element")
    elsif !smart_redirect_uris.split(',').include?(params['redirect_uri'])
      add_message('error',
                  "Authorization request #{request_num} had an unregistered `redirect_uri`: " \
                  "got #{params['redirect_uri']}, but expected one of '#{smart_redirect_uris}'")
    end
  end
  # for ehr launch, `launch` value must be the one Inferno generated
  # but can't know if this was intended to be ehr or standalone if `launch` isn't there
  # and currently the tests allow either standalone or ehr launch
  if launch_key.present? && params['launch'].present? && params['launch'] != launch_key
    add_message('error',
                "Authorization request #{request_num} had an incorrect `launch`: expected #{launch_key}, " \
                "but got '#{params['launch']}'")
  end
 
  if params['state'].blank?
    add_message('error',
                "Authorization request #{request_num} is missing the `state` element")
  end
  if params['aud'] != client_fhir_base_url
    add_message('error',
                "Authorization request #{request_num} had an incorrect `aud`: " \
                "expected '#{client_fhir_base_url}', but got '#{params['aud']}'")
  end
  if params['code_challenge'].blank?
    add_message('error',
                "Authorization request #{request_num} is missing the `code_challenge` element")
  end
  if params['code_challenge_method'] != 'S256'
    add_message('error',
                "Authorization request #{request_num} had an incorrect `code_challenge_method`: " \
                "expected 'S256', but got '#{params['code_challenge_method']}'")
  end
  if params['scope'].blank?
    add_message('error', "Token request #{request_num} did not include the requested `scope`")
  end

  nil
end

#client_suite_idObject 



40
41
42
43
44
 
# File 'lib/smart_app_launch/client_suite/authorization_request_verification_test.rb', line 40

def client_suite_id
  return config.options[:endpoint_suite_id] if config.options[:endpoint_suite_id].present?

  SMARTAppLaunch::SMARTClientSTU22Suite.id
end