AEGIS Touchstone Testing Implementation Guide

This is the Version 1.1.0 Release of the Touchstone Testing Implementation Guide, based on FHIR Version 4.0.1. See the Directory of published versions

XML Format: TestScript-oauth2-standalone-launch

Raw xml



<TestScript xmlns="http://hl7.org/fhir">
  <id value="oauth2-standalone-launch"/>
  <meta>
    <profile
             value="http://touchstone.aegis.net/touchstone/fhir/testing/StructureDefinition/testscript"/>
  </meta>
  <text>
    <status value="extensions"/>
    <div xmlns="http://www.w3.org/1999/xhtml"><p><b>Generated Narrative</b></p><h3>Ids</h3><table class="grid"><tr><td>-</td></tr><tr><td>*</td></tr></table><h3>Meta</h3><table class="grid"><tr><td>-</td></tr><tr><td>*</td></tr></table><p><b>url</b>: <a href="http://touchstone.aegis.net/touchstone/fhir/testing/TestScript/oauth2-standalone-launch">http://touchstone.aegis.net/touchstone/fhir/testing/TestScript/oauth2-standalone-launch</a></p><p><b>version</b>: 1.1.0</p><p><b>name</b>: OAuth2StandaloneLaunch</p><p><b>status</b>: active</p><p><b>date</b>: 2020-08-27</p><p><b>publisher</b>: AEGIS.net, Inc.</p><p><b>contact</b>: Touchstone Support: <a href="mailto:Touchstone_Support@aegis.net">Touchstone_Support@aegis.net</a></p><p><b>description</b>: Demonstrate the use of the oauth2-authorize operation and the new extensions variable-paramField, operation-oauth2AuthzRequestId, operation-oauth2AuthzRedirectId, assert-variable and assert-stopTestOnFail.</p><p><b>jurisdiction</b>: <span title="Codes: {urn:iso:std:iso:3166 US}">United States of America</span></p><p><b>copyright</b>: (c) AEGIS.net, Inc. 2015+</p><blockquote><p><b>variable</b></p><p><b>AEGIS Touchstone Testing TestScript Variable ParamField Extension</b>: </p><p><b>name</b>: oauth2AuthzRequest1StateParam</p><p><b>sourceId</b>: oauth2AuthzRequest1</p></blockquote><blockquote><p><b>variable</b></p><p><b>AEGIS Touchstone Testing TestScript Variable ParamField Extension</b>: </p><p><b>name</b>: oauth2AuthzRequest1RedirectUri</p><p><b>sourceId</b>: oauth2AuthzRequest1</p></blockquote><blockquote><p><b>variable</b></p><p><b>AEGIS Touchstone Testing TestScript Variable ParamField Extension</b>: </p><p><b>name</b>: oauth2AuthzRedirect1AuthCode</p><p><b>sourceId</b>: oauth2AuthzRedirect1</p></blockquote><blockquote><p><b>variable</b></p><p><b>name</b>: authorizeEndpoint</p><p><b>defaultValue</b>: https://oauth2.aegis.net/auth</p></blockquote><blockquote><p><b>variable</b></p><p><b>name</b>: oauth2AuthzRequestedScopes</p><p><b>defaultValue</b>: launch/patient openid fhirUser offline_access patient/Patient.read</p></blockquote><blockquote><p><b>test</b></p><h3>Ids</h3><table class="grid"><tr><td>-</td></tr><tr><td>*</td></tr></table><p><b>name</b>: Standalone Launch With Patient Scope</p><p><b>description</b>: Perform Standalone SMART launch sequence and test OpenID Connect and token refresh functionality.</p><blockquote><p><b>action</b></p><h3>Operations</h3><table class="grid"><tr><td>-</td><td><b>Extension</b></td><td><b>Type</b></td><td><b>Description</b></td><td><b>EncodeRequestUrl</b></td><td><b>Url</b></td></tr><tr><td>*</td><td></td><td><span title="{http://touchstone.aegis.net/touchstone/fhir/testing/CodeSystem/codesystem-testscript-operation-codes oauth2-authorize}">OAuth2 Authorize</span></td><td>Redirect user to the authorize endpoint for target test system specified in smart configuration</td><td>false</td><td>${authorizeEndpoint}?client_id=clientId&amp;scope=${oauth2AuthzRequestedScopes}</td></tr></table></blockquote><blockquote><p><b>action</b></p><h3>Asserts</h3><table class="grid"><tr><td>-</td><td><b>Extension</b></td><td><b>Description</b></td><td><b>Direction</b></td><td><b>Operator</b></td><td><b>RequestURL</b></td><td><b>SourceId</b></td><td><b>WarningOnly</b></td></tr><tr><td>*</td><td></td><td>OAuth server redirects client browser to app redirect URI. Client browser redirected from OAuth server to redirect URI of client app as described in SMART authorization sequence.</td><td>request</td><td>contains</td><td>/oauth2/authcode/redirect</td><td>oauth2AuthzRedirect1</td><td>false</td></tr></table></blockquote><blockquote><p><b>action</b></p><h3>Asserts</h3><table class="grid"><tr><td>-</td><td><b>Extension</b></td><td><b>Description</b></td><td><b>Direction</b></td><td><b>Operator</b></td><td><b>Value</b></td><td><b>WarningOnly</b></td></tr><tr><td>*</td><td></td><td>Direct comparison example.</td><td>request</td><td>equals</td><td>${authorizeEndpoint}</td><td>false</td></tr></table></blockquote></blockquote></div>
  </text>
  <url
       value="http://touchstone.aegis.net/touchstone/fhir/testing/TestScript/oauth2-standalone-launch"/>
  <version value="1.1.0"/>
  <name value="OAuth2StandaloneLaunch"/>
  <status value="active"/>
  <date value="2020-08-27"/>
  <publisher value="AEGIS.net, Inc."/>
  <contact>
    <name value="Touchstone Support"/>
    <telecom>
      <system value="email"/>
      <value value="Touchstone_Support@aegis.net"/>
      <use value="work"/>
    </telecom>
  </contact>
  <description
               value="Demonstrate the use of the oauth2-authorize operation and the new extensions variable-paramField, operation-oauth2AuthzRequestId, operation-oauth2AuthzRedirectId, assert-variable and assert-stopTestOnFail."/>
  <jurisdiction>
    <coding>
      <system value="urn:iso:std:iso:3166"/>
      <code value="US"/>
      <display value="United States of America"/>
    </coding>
  </jurisdiction>
  <copyright value="(c) AEGIS.net, Inc. 2015+"/>
  <variable>
    <extension
               url="http://touchstone.aegis.net/touchstone/fhir/testing/StructureDefinition/testscript-variable-paramField">
      <valueString value="state"/>
    </extension>
    <name value="oauth2AuthzRequest1StateParam"/>
    <sourceId value="oauth2AuthzRequest1"/>
  </variable>
  <variable>
    <extension
               url="http://touchstone.aegis.net/touchstone/fhir/testing/StructureDefinition/testscript-variable-paramField">
      <valueString value="redirect_uri"/>
    </extension>
    <name value="oauth2AuthzRequest1RedirectUri"/>
    <sourceId value="oauth2AuthzRequest1"/>
  </variable>
  <variable>
    <extension
               url="http://touchstone.aegis.net/touchstone/fhir/testing/StructureDefinition/testscript-variable-paramField">
      <valueString value="code"/>
    </extension>
    <name value="oauth2AuthzRedirect1AuthCode"/>
    <sourceId value="oauth2AuthzRedirect1"/>
  </variable>
  <variable>
    <name value="authorizeEndpoint"/>
    <defaultValue value="https://oauth2.aegis.net/auth"/>
  </variable>
  <variable>
    <name value="oauth2AuthzRequestedScopes"/>
    <defaultValue
                  value="launch/patient openid fhirUser offline_access patient/Patient.read"/>
  </variable>
  <test id="StandaloneLaunchWithPatientScope">
    <name value="Standalone Launch With Patient Scope"/>
    <description
                 value="Perform Standalone SMART launch sequence and test OpenID Connect and token refresh functionality."/>
    <action>
      <operation>
        <extension
                   url="http://touchstone.aegis.net/touchstone/fhir/testing/StructureDefinition/testscript-operation-oauth2AuthzRequestId">
          <valueId value="oauth2AuthzRequest1"/>
        </extension>
        <extension
                   url="http://touchstone.aegis.net/touchstone/fhir/testing/StructureDefinition/testscript-operation-oauth2AuthzRedirectId">
          <valueId value="oauth2AuthzRedirect1"/>
        </extension>
        <type>
          <system
                  value="http://touchstone.aegis.net/touchstone/fhir/testing/CodeSystem/codesystem-testscript-operation-codes"/>
          <code value="oauth2-authorize"/>
        </type>
        <description
                     value="Redirect user to the authorize endpoint for target test system specified in smart configuration"/>
        <encodeRequestUrl value="false"/>
        <url
             value="${authorizeEndpoint}?client_id=clientId&amp;scope=${oauth2AuthzRequestedScopes}"/>
      </operation>
    </action>
    <action>
      <assert>
        <extension
                   url="http://touchstone.aegis.net/touchstone/fhir/testing/StructureDefinition/testscript-assert-stopTestOnFail">
          <valueBoolean value="false"/>
        </extension>
        <description
                     value="OAuth server redirects client browser to app redirect URI. Client browser redirected from OAuth server to redirect URI of client app as described in SMART authorization sequence."/>
        <direction value="request"/>
        <operator value="contains"/>
        <requestURL value="/oauth2/authcode/redirect"/>
        <sourceId value="oauth2AuthzRedirect1"/>
        <warningOnly value="false"/>
      </assert>
    </action>
    <action>
      <assert>
        <extension
                   url="http://touchstone.aegis.net/touchstone/fhir/testing/StructureDefinition/testscript-assert-variable">
          <valueString value="https://oauth2.aegis.net/auth"/>
        </extension>
        <extension
                   url="http://touchstone.aegis.net/touchstone/fhir/testing/StructureDefinition/testscript-assert-stopTestOnFail">
          <valueBoolean value="false"/>
        </extension>
        <description value="Direct comparison example."/>
        <direction value="request"/>
        <operator value="equals"/>
        <value value="${authorizeEndpoint}"/>
        <warningOnly value="false"/>
      </assert>
    </action>
  </test>
</TestScript>