{"id":24752043,"url":"https://github.com/inferno-framework/smart-app-launch-test-kit","last_synced_at":"2025-10-10T23:30:18.955Z","repository":{"id":37913954,"uuid":"419048411","full_name":"inferno-framework/smart-app-launch-test-kit","owner":"inferno-framework","description":"Conformance Testing for the SMART Application Launch Framework Implementation Guide","archived":false,"fork":false,"pushed_at":"2025-07-29T14:44:09.000Z","size":842,"stargazers_count":9,"open_issues_count":1,"forks_count":4,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-10-09T22:28:52.536Z","etag":null,"topics":["fhir","inferno","smart-on-fhir"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/inferno-framework.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2021-10-19T18:34:45.000Z","updated_at":"2025-09-09T20:21:36.000Z","dependencies_parsed_at":"2023-02-04T08:15:26.038Z","dependency_job_id":"bdf4003a-9fc8-4f97-a27c-8ba7acf7c7bf","html_url":"https://github.com/inferno-framework/smart-app-launch-test-kit","commit_stats":null,"previous_names":[],"tags_count":28,"template":false,"template_full_name":"inferno-framework/inferno-template","purl":"pkg:github/inferno-framework/smart-app-launch-test-kit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inferno-framework%2Fsmart-app-launch-test-kit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inferno-framework%2Fsmart-app-launch-test-kit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inferno-framework%2Fsmart-app-launch-test-kit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inferno-framework%2Fsmart-app-launch-test-kit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/inferno-framework","download_url":"https://codeload.github.com/inferno-framework/smart-app-launch-test-kit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/inferno-framework%2Fsmart-app-launch-test-kit/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279005573,"owners_count":26083919,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-10T02:00:06.843Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fhir","inferno","smart-on-fhir"],"created_at":"2025-01-28T10:34:35.180Z","updated_at":"2025-10-10T23:30:18.947Z","avatar_url":"https://github.com/inferno-framework.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Inferno SMART App Launch Test Kit\n\nThis is a collection of tests for the [SMART Application Launch Framework\nImplementation Guide](http://hl7.org/fhir/smart-app-launch/index.html) using the\n[Inferno Framework](https://inferno-framework.github.io/inferno-core/), verifying\nthat a server can provide authorization and/or authentication services to client \napplications accessing HL7® FHIR® APIs.\n\n## Instructions\n\n- Clone this repo.\n- Run `setup.sh` in this repo.\n- Run `run.sh` in this repo.\n- Navigate to `http://localhost`. The SMART test suite will be available.\n\n## Versions\nThis test kit contains both the SMART App Launch STU1 and SMART App Launch STU2\nsuites. While these suites are generally designed to test implementations of\nthe SMART App Launch Framework, each suite is tailored to the\n[STU1](https://hl7.org/fhir/smart-app-launch/1.0.0/) and\n[STU2](http://hl7.org/fhir/smart-app-launch/STU2/) versions of SMART, respectively.\n\n## Importing tests\n\nTests from this test kit can be imported to perform the SMART App Launch\nworkflow as part of another test suite. The tests are arranged in groups which\ncan be easily reused.\n\nIn order for the redirect and launch urls to be determined correctly, make sure\nthat the `INFERNO_HOST` environment variable is populated in `.env` with the\nscheme and host where inferno will be hosted.\n\n### AuthInfo\n\nThe tests in this test kit rely heavily on the\n[`AuthInfo`](https://inferno-framework.github.io/inferno-core/docs/Inferno/DSL/AuthInfo.html)\ninput type. This is a complex input type which contains the information needed to:\n- Perform a SMART App Launch workflow\n- Access resources using credentials obtained from a SMART App Launch workflow\n- Refresh credentials obtained from a SMART App Launch workflow\n\nWhen a FHIR Client is configured to use `AuthInfo`, it will automatically\nattempt to perform a token refresh when prior to the current access token's\nexpiration.\n\n### Example\n\n```ruby\nrequire 'smart_app_launch_test_kit'\n\nclass MySuite \u003c Inferno::TestSuite\n  id :my_suite\n  title 'My Suite'\n  input :url\n\n  group do\n    title 'Auth'\n\n    config(\n      inputs: {\n        smart_auth_info: { name: :standalone_smart_auth_info }\n      },\n      outputs: {\n        smart_auth_info: { name: :standalone_smart_auth_info }\n      }\n    )\n\n    group from: :smart_discovery\n    group from: :smart_standalone_launch\n  end\n\n  group do\n    title 'Make some HL7® FHIR® requests using SMART credentials'\n\n    input :standalone_smart_auth_info,\n          type: :auth_info,\n          options: { mode: 'access' }\n\n    fhir_client do\n      url :url\n      auth_info :standalone_smart_auth_info # Obtained from the auth group\n    end\n\n    test do\n      title 'Retrieve patient from SMART launch context'\n\n      input :standalone_patient_id\n\n      run do\n        fhir_read(:patient, standalone_patient_id)\n\n        assert_response_status(200)\n        assert_resource_type(:patient)\n      end\n    end\n  end\nend\n```\n\n### Discovery Group\n\nThe Discovery Group ([STU1](https://github.com/inferno-framework/smart-app-launch-test-kit/blob/main/lib/smart_app_launch/discovery_stu1_group.rb)\nand [STU2](https://github.com/inferno-framework/smart-app-launch-test-kit/blob/main/lib/smart_app_launch/discovery_stu2_group.rb))\nexamines a server's CapabilityStatement and `.well-known/smart-configuration`\nendpoint to determine its configuration.\n\n**ids:** `smart_discovery`, `smart_discovery_stu2`\n\n**inputs:** `url`, `smart_auth_info`\n\n**outputs:**\n* `well_known_configuration` - The contents of `.well-known/smart-configuration`\n* `smart_authorization_url`\n* `smart_introspection_url`\n* `smart_management_url`\n* `smart_registration_url`\n* `smart_revocation_url`\n* `smart_token_url`\n* `smart_auth_info` - The `smart_auth_info` input is updated with the\n  authorization and token urls from the discovery endpoint\n\n### Standalone Launch Group\n\nThe Standalone Launch Group ([STU1](https://github.com/inferno-framework/smart-app-launch-test-kit/blob/main/lib/smart_app_launch/standalone_launch_group.rb)\nand [STU2](https://github.com/inferno-framework/smart-app-launch-test-kit/blob/main/lib/smart_app_launch/standalone_launch_group_stu2.rb))\nperforms the entire standalone launch workflow.\n\n**ids:** `smart_standalone_launch`, `smart_standalone_launch_stu2`\n\n**inputs:** `url`, `standalone_smart_auth_info`\n\n**outputs:**\n* `standalone_smart_auth_info` - An\n  [AuthInfo](https://inferno-framework.github.io/inferno-core/docs/Inferno/DSL/AuthInfo.html)\n  object containing the credentials obtained from the launch.\n* `standalone_token_retrieval_time`\n* `standalone_id_token`\n* `standalone_refresh_token`\n* `standalone_access_token`\n* `standalone_expires_in`\n* `standalone_patient_id`\n* `standalone_encounter_id`\n* `standalone_received_scopes`\n* `standalone_intent`\n\n**options:**\n* `redirect_uri`: You should not have to manually set this if the `INFERNO_HOST`\n  environment variable is set.\n* `ignore_missing_scopes_check`: Forego checking that the scopes granted by the\n token match those requested.\n\n### EHR Launch Group\n\nThe EHR Launch Group ([STU1](https://github.com/inferno-framework/smart-app-launch-test-kit/blob/main/lib/smart_app_launch/ehr_launch_group.rb)\nand [STU2](https://github.com/inferno-framework/smart-app-launch-test-kit/blob/main/lib/smart_app_launch/ehr_launch_group_stu2.rb))\nperforms the entire EHR launch workflow.\n\n**ids:** `smart_ehr_launch`, `smart_ehr_launch_stu2`\n\n**inputs:** `url`, `ehr_smart_auth_info`\n\n**outputs:**\n* `ehr_smart_auth_info` - An [AuthInfo](https://inferno-framework.github.io/inferno-core/docs/Inferno/DSL/AuthInfo.html)\n  object containing the credentials obtained from the launch.\n* `ehr_launch` - the value of the `launch` parameter\n* `ehr_token_retrieval_time`\n* `ehr_id_token`\n* `ehr_refresh_token`\n* `ehr_access_token`\n* `ehr_expires_in`\n* `ehr_patient_id`\n* `ehr_encounter_id`\n* `ehr_received_scopes`\n* `ehr_intent`\n\n**options:**\n* `launch`: a hardcoded value to use instead of the `launch` parameter received\n  during the launch\n* `redirect_uri`: You should not have to manually set this if the `INFERNO_HOST`\n  environment variable is set.\n* `launch_uri`: You should not have to manually set this if the `INFERNO_HOST`\n  environment variable is set.\n* `ignore_missing_scopes_check`: Forego checking that the scopes granted by the\n token match those requested.\n\n### OpenID Connect Group\n[The OpenID Connect\nGroup](https://github.com/inferno-framework/smart-app-launch-test-kit/blob/main/lib/smart_app_launch/openid_connect_group.rb)\nvalidates an id token obtained during a SMART launch.\n\n**id:** `smart_openid_connect`\n\n**inputs:** `url`, `id_token`, `smart_auth_info`\n\n**outputs:**\n* `id_token_payload_json`\n* `id_token_header_json`\n* `openid_configuration_json`\n* `openid_issuer`\n* `openid_jwks_uri`\n* `openid_jwks_json`\n* `openid_rsa_keys_json`\n* `id_token_jwk_json`\n* `id_token_fhir_user`\n\n### Token Refresh Group\n\n[The Token Refresh\nGroup](https://github.com/inferno-framework/smart-app-launch-test-kit/blob/main/lib/smart_app_launch/token_refresh_group.rb)\nperforms a token refresh.\n\n**id:** `smart_token_refresh`\n\n**inputs:** `smart_auth_info`, `received_scopes`\n\n**outputs:**\n* `smart_auth_info` - An [AuthInfo](https://inferno-framework.github.io/inferno-core/docs/Inferno/DSL/AuthInfo.html)\n  object containing the credentials obtained from the launch.\n* `token_retrieval_time`\n* `refresh_token`\n* `access_token`\n* `expires_in`\n* `received_scopes`\n\n**options:**\n* `include_scopes`: (`true/false`) Whether to include scopes in the refresh\n  request\n\n### Backend Services Authorization Group\nThe [Backend Services Authorization Group](https://github.com/inferno-framework/smart-app-launch-test-kit/blob/main/lib/smart_app_launch/backend_services_authorization_group.rb)\nis only part of SMART App Launch STU 2.0. It is used when autonomous or\nsemi-autonomous backend services (clients) need to access resources from FHIR\nservers that have pre-authorized, defined scopes of access.  This group appplies\na client credentials flow using confidential client asymmetric\nauthentication and JSON Web Token (JWT) assertions to retrieve an access token\nfor system resources.\n\n**id:** `backend_services_authorization`\n\n**inputs:**  `url`, `smart_auth_info`\n\n**outputs:**\n* `smart_auth_info` - An\n  [AuthInfo](https://inferno-framework.github.io/inferno-core/docs/Inferno/DSL/AuthInfo.html)\n  object containing the credentials obtained from the launch.\n* `bearer_token`\n* `received_scopes`\n\n### Token Introspection Group \nThe [Token Introspection Group](https://github.com/inferno-framework/smart-app-launch-test-kit/blob/main/lib/smart_app_launch/token_introspection_group.rb)\nis only part of SMART App Launch STU 2.0 and is divided into three subgroups that\ncan be run collectively or independently, depending on the constraints of the environment\nunder test. \n\n**id:** `smart_token_introspection`\n\n#### Token Introspection Access Token Group\nThe [Token Introspection Access Token Group](https://github.com/inferno-framework/smart-app-launch-test-kit/blob/main/lib/smart_app_launch/token_introspection_access_token_group.rb) \nreuses tests from the Discovery and Standalone Launch groups to retrieve the\ntoken endpoint and an access token for introspection.  This group is optional.\n\n**id:** `smart_token_introspection_access_token_group`\n\n**inputs:** `url`, `standalone_smart_auth_info`\n\n**outputs:** `standalone_smart_auth_info`\n\n#### Token Introspection Request Group\nThe [Token Introspection Request Group](https://github.com/inferno-framework/smart-app-launch-test-kit/blob/main/lib/smart_app_launch/token_introspection_request_group.rb) \nsends introspection requests for both a valid and invalid access token to the\nauthorization server and ensure the appropriate HTTP response is returned.  This\ngroup is optional but recommended. \n\n**id:** `smart_token_introspection_request_group`\n\n**inputs:** `well_known_introspection_url`, `custom_authorization_header`,\n`optional_introspection_request_params`, `standalone_smart_auth_info` \n\n**outputs:**\n* `active_token_introspection_response_body`\n* `invalid_token_introspection_response_body`\n\n#### Token Introspection Response Group\nThe [Token Introspection Response Group](https://github.com/inferno-framework/smart-app-launch-test-kit/blob/main/lib/smart_app_launch/token_introspection_response_group.rb)\nvalidates the token introspection responses returned from the authorization\nserver.  This group is required to demonstrate token introspection capabilities. \n\n**id:** `smart_token_introspection_response_group`\n\n**inputs:** `standalone_smart_auth_info`, `standalone_received_scopes`,\n`standalone_id_token`, `standalone_patient_id`, `standalone_encounter_id`,\n`active_token_introspection_response_body`,\n`invalid_token_introspection_response_body`\n\n**outputs:** none\n\n\n## License\n\nLicensed under the Apache License, Version 2.0 (the \"License\"); you may not use\nthis file except in compliance with the License. You may obtain a copy of the\nLicense at\n```\nhttp://www.apache.org/licenses/LICENSE-2.0\n```\nUnless required by applicable law or agreed to in writing, software distributed\nunder the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR\nCONDITIONS OF ANY KIND, either express or implied. See the License for the\nspecific language governing permissions and limitations under the License.\n\n## Trademark Notice\n\nHL7, FHIR and the FHIR [FLAME DESIGN] are the registered trademarks of Health\nLevel Seven International and their use does not constitute endorsement by HL7.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finferno-framework%2Fsmart-app-launch-test-kit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Finferno-framework%2Fsmart-app-launch-test-kit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finferno-framework%2Fsmart-app-launch-test-kit/lists"}