This is the Version 1.5.0 Release of the Touchstone Testing Implementation Guide, based on FHIR Version 4.0.1. See the Directory of published versions
OAuth2StandaloneLaunch
Generated Narrative
Resource "oauth2-standalone-launch"
url: http://touchstone.aegis.net/touchstone/fhir/testing/TestScript/oauth2-standalone-launch
version: 1.5.0
name: OAuth2StandaloneLaunch
status: active
date: 2020-08-27
publisher: AEGIS.net, Inc.
contact: Touchstone Support: Touchstone_Support@aegis.net
description: Demonstrate the use of the oauth2-authorize operation and the new extensions variable-paramField, operation-oauth2AuthzRequestId, operation-oauth2AuthzRedirectId, assert-variable and assert-stopTestOnFail.
jurisdiction: US (unknown#US)
copyright: (c) AEGIS.net, Inc. 2015+
variable
AEGIS Touchstone Testing TestScript Variable ParamField Extension: state
name: oauth2AuthzRequest1StateParam
sourceId: oauth2AuthzRequest1
variable
AEGIS Touchstone Testing TestScript Variable ParamField Extension: redirect_uri
name: oauth2AuthzRequest1RedirectUri
sourceId: oauth2AuthzRequest1
variable
AEGIS Touchstone Testing TestScript Variable ParamField Extension: code
name: oauth2AuthzRedirect1AuthCode
sourceId: oauth2AuthzRedirect1
variable
name: authorizeEndpoint
defaultValue: https://oauth2.aegis.net/auth
variable
name: oauth2AuthzRequestedScopes
defaultValue: launch/patient openid fhirUser offline_access patient/Patient.read
test
AEGIS Touchstone Testing TestScript Test Manual Completion Extension: pass
name: Standalone Launch With Patient Scope
description: Perform Standalone SMART launch sequence and test OpenID Connect and token refresh functionality.
action
Operations
- Extension Type Description EncodeRequestUrl Url * , , OAuth2 Authorize (Details: http://touchstone.aegis.net/touchstone/fhir/testing/CodeSystem/codesystem-testscript-operation-codes code oauth2-authorize = 'OAuth2 Authorize', stated as 'null') Redirect user to the authorize endpoint for target test system specified in smart configuration false ${authorizeEndpoint}?client_id=clientId&scope=${oauth2AuthzRequestedScopes} action
Asserts
- Extension Description Direction Operator RequestURL SourceId WarningOnly * OAuth server redirects client browser to app redirect URI. Client browser redirected from OAuth server to redirect URI of client app as described in SMART authorization sequence. request contains /oauth2/authcode/redirect oauth2AuthzRedirect1 false action
Asserts
- Extension Description Direction Operator Value WarningOnly * , Direct comparison example. request equals ${authorizeEndpoint} false
