Sha256: e93fbd160436d2a4beb6fc77d0d0a9044f9407f92682898515e6027c85ecee1b
Contents?: true
Size: 1.74 KB
Versions: 6
Compression:
Stored size: 1.74 KB
Contents
require_relative 'backend_services_authorization_request_builder'
module SMARTAppLaunch
class BackendServicesAuthorizationResponseBodyTest < Inferno::Test
id :smart_backend_services_auth_response_body
title 'Authorization request response body contains required information encoded in JSON'
description <<~DESCRIPTION
The [SMART App Launch 2.0.0 IG specification for Backend Services](https://hl7.org/fhir/smart-app-launch/STU2/backend-services.html#issue-access-token)
states The access token response SHALL be a JSON object with the following properties:
| Token Property | Required? | Description |
| --- | --- | --- |
| `access_token` | required | The access token issued by the authorization server. |
| `token_type` | required | Fixed value: `bearer`. |
| `expires_in` | required | The lifetime in seconds of the access token. The recommended value is `300`, for a five-minute token lifetime. |
| `scope` | required | Scope of access authorized. Note that this can be different from the scopes requested by the app. |
DESCRIPTION
input :authentication_response
output :bearer_token
run do
skip_if authentication_response.blank?, 'No authentication response received.'
assert_valid_json(authentication_response)
response_body = JSON.parse(authentication_response)
access_token = response_body['access_token']
assert access_token.present?, 'Token response did not contain access_token as required'
output bearer_token: access_token
required_keys = ['token_type', 'expires_in', 'scope']
required_keys.each do |key|
assert response_body[key].present?, "Token response did not contain #{key} as required"
end
end
end
end
Version data entries
6 entries across 6 versions & 1 rubygems