Class: SMART_UDAP_HarmonizationTestKit::SMART_UDAP_TokenRefreshWithScopesGroup

Inherits:
Inferno::TestGroup
  • Object
show all
Defined in:
lib/smart_udap_harmonization_test_kit/smart_udap_token_refresh_with_scopes_group.rb

Overview

rubocop:disable Naming/ClassAndModuleCamelCase

Class Method Summary collapse

Class Method Details

.token_refresh_group_descriptionObject 



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
# File 'lib/smart_udap_harmonization_test_kit/smart_udap_token_refresh_with_scopes_group.rb', line 11

def self.token_refresh_group_description
  %(
  This group tests the ability of the system to successfully
  exchange a refresh token for an access token. Refresh tokens are typically
  longer lived than access tokens and allow client applications to obtain a
  new access token Refresh tokens themselves cannot provide access to
  resources on the server.

  Per the [HL7 UDAP STU1.0 IG Section on Refresh Tokens](https://hl7.org/fhir/us/udap-security/STU1/consumer.html#refresh-tokens)
  authorization server support for refresh tokens is optional:
  >This guide supports the use of refresh tokens, as described in [Section 1.5 of RFC 6749](https://datatracker.ietf.org/doc/html/rfc6749#section-1.5).
  >Authorization Servers **MAY** issue refresh tokens to consumer-facing client applications as per
  >[Section 5 of RFC 6749](https://datatracker.ietf.org/doc/html/rfc6749#section-5).
  >Client apps that have been issued refresh tokens **MAY** make refresh requests to the token endpoint as per
  >[Section 6 of RFC 6749](https://datatracker.ietf.org/doc/html/rfc6749#section-6).

  These tests will execute if the authorization server granted a refresh token during the authorization and
  authentication tests. They will attempt to exchange the refresh token for a new access token via a POST request
  to the token exchange endpoint and then verify the information returned as done in Section 1.3 tests 4-6.
)
end