From 5bae33544e187ae7e839e6920a60b63b064fecc1 Mon Sep 17 00:00:00 2001 From: Elsa Date: Thu, 10 Oct 2024 15:47:53 -0400 Subject: [PATCH 1/5] Initial work on 3231 --- .env | 1 + Gemfile.lock | 16 +++++ README.md | 58 ++++++++++--------- davinci_dtr_test_kit.gemspec | 1 + lib/davinci_dtr_test_kit.rb | 2 +- .../dtr_light_ehr_suite_description_v201.md | 22 +++++++ .../dtr_light_ehr_suite.rb | 42 +++++--------- lib/davinci_dtr_test_kit/dtr_options.rb | 7 +++ 8 files changed, 95 insertions(+), 54 deletions(-) create mode 100644 lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md create mode 100644 lib/davinci_dtr_test_kit/dtr_options.rb diff --git a/.env b/.env index d3cc9c6..a816d36 100644 --- a/.env +++ b/.env @@ -1 +1,2 @@ JS_HOST="" +INFERNO_HOST="http://localhost:4567" \ No newline at end of file diff --git a/Gemfile.lock b/Gemfile.lock index c8d3ff8..f909878 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -4,6 +4,7 @@ PATH davinci_dtr_test_kit (0.12.0) inferno_core (~> 0.4.42) jwt (~> 2.6) + smart_app_launch_test_kit (~> 0.4.4) GEM remote: https://rubygems.org/ @@ -16,12 +17,14 @@ GEM zeitwerk (~> 2.3) addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) + aes_key_wrap (1.1.0) ast (2.4.2) base62-rb (0.3.1) base64 (0.2.0) bcp47 (0.3.3) i18n bigdecimal (3.1.8) + bindata (2.5.0) blueprinter (0.25.2) builder (3.3.0) byebug (11.1.3) @@ -133,6 +136,7 @@ GEM http-accept (1.7.0) http-cookie (1.0.7) domain_name (~> 0.5) + httpclient (2.8.3) i18n (1.14.6) concurrent-ruby (~> 1.0) inferno_core (0.4.42) @@ -166,6 +170,11 @@ GEM rdoc (>= 4.0.0) reline (>= 0.4.2) json (2.7.2) + json-jwt (1.15.3.1) + activesupport (>= 4.2) + aes_key_wrap + bindata + httpclient jwt (2.9.0) base64 kramdown (2.4.0) @@ -279,6 +288,11 @@ GEM connection_pool (>= 2.3.0) rack (>= 2.2.4) redis-client (>= 0.19.0) + smart_app_launch_test_kit (0.4.4) + inferno_core (>= 0.4.2) + json-jwt (~> 1.15.3) + jwt (~> 2.6) + tls_test_kit (~> 0.2.0) sqlite3 (1.7.3) mini_portile2 (~> 2.8.0) sqlite3 (1.7.3-arm64-darwin) @@ -292,6 +306,8 @@ GEM strings-ansi (0.2.0) thor (1.2.2) tilt (2.4.0) + tls_test_kit (0.2.2) + inferno_core (>= 0.4.2) tty-color (0.6.0) tty-markdown (0.7.2) kramdown (>= 1.16.2, < 3.0) diff --git a/README.md b/README.md index ba2d10f..508f23e 100644 --- a/README.md +++ b/README.md @@ -1,16 +1,16 @@ # Da Vinci Documentation Templates and Rules (DTR) v2.0.1 Test Kit -The Da Vinci Documentation Templates and Rules (DTR) STU 2.0.1 Test Kit validates the -conformance of systems to the -[DTR STU 2.0.1 FHIR IG](https://hl7.org/fhir/us/davinci-dtr/STU2). +The Da Vinci Documentation Templates and Rules (DTR) STU 2.0.1 Test Kit validates the +conformance of systems to the +[DTR STU 2.0.1 FHIR IG](https://hl7.org/fhir/us/davinci-dtr/STU2). The test kit includes suites targeting the following actors from the specification: - **Payer Servers**: Inferno will act as a client and make a series of requests to the server under test requesting questionnaires. -- **DTR SMART App**: Inferno will act as a server implementing the +- **DTR SMART App**: Inferno will act as a server implementing the payer server and light EHR capabilities and responding to requests for questionnaires and clinical data made by the app under test. -- **DTR Full EHR**: Inferno will act as a server implementing the +- **DTR Full EHR**: Inferno will act as a server implementing the payer server responding to requests for questionnaires made by the EHR under test. @@ -27,28 +27,29 @@ FHIR-based data exchange. ## Status -These tests are a **DRAFT** intended to allow DTR implementers to perform -preliminary checks of their implementations against DTR IG requirements and provide -feedback on the tests. Future versions of these tests may validate other +These tests are a **DRAFT** intended to allow DTR implementers to perform +preliminary checks of their implementations against DTR IG requirements and provide +feedback on the tests. Future versions of these tests may validate other requirements and may change how these are tested. ## Test Scope and Limitations The DTR specification is complex and evolving and these tests do not yet -cover the full scope of the specification. In particular, tests have been +cover the full scope of the specification. In particular, tests have been started but not yet released Light DTR EMR actors responsible for launching a DTR SMART App and serving data that the app can use to populate questionnaires. For the implemented actors, see suite-specific documentation on current limitations for the [payer server](lib/davinci_dtr_test_kit/docs/dtr_payer_server_suite_description_v201.md#limitations), -[DTR SMART App](lib/davinci_dtr_test_kit/docs/dtr_smart_app_suite_description_v201.md#limitations), +[DTR SMART App](lib/davinci_dtr_test_kit/docs/dtr_smart_app_suite_description_v201.md#limitations), [DTR Full EHR](lib/davinci_dtr_test_kit/docs/dtr_full_ehr_suite_description_v201.md#limitations) tests +[DTR Light EHR](lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md#limitations) ## How to Run Use either of the following methods to run the suites within this test kit. -If you would like to try out the tests but don’t have a DTR implementation, +If you would like to try out the tests but don’t have a DTR implementation, the test home pages include instructions for trying out the tests, including - For payer server testing: running the tests against the DTR SMART App tests in this Test Kit @@ -56,10 +57,11 @@ the test home pages include instructions for trying out the tests, including - For DTR Full EHR testing: [sample postman collection](config/DTR%20Full%20EHR%20Tests%20Postman%20Demo.postman_collection.json) Detailed instructions can be found in the suite descriptions when the tests -are run or within this repository for the -[payer server](lib/davinci_dtr_test_kit/docs/dtr_payer_server_suite_description_v201.md#running-the-tests), +are run or within this repository for the +[payer server](lib/davinci_dtr_test_kit/docs/dtr_payer_server_suite_description_v201.md#running-the-tests), [DTR SMART App](lib/davinci_dtr_test_kit/docs/dtr_smart_app_suite_description_v201.md#running-the-tests), -and [DTR Full EHR](lib/davinci_dtr_test_kit/docs/dtr_full_ehr_suite_description_v201.md#running-the-tests). +[DTR Full EHR](lib/davinci_dtr_test_kit/docs/dtr_full_ehr_suite_description_v201.md#running-the-tests), +and [DTR Light EHR](lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md#running-the-tests). ### ONC Hosted Instance @@ -68,7 +70,7 @@ You can run the DTR test kit via the [ONC Inferno](https://inferno.healthit.gov/ ### Local Inferno Instance - Download the source code from this repository. -- [Start or identify](#fhir-server-simulation-for-the-client-suite) +- [Start or identify](#fhir-server-simulation-for-the-client-suite) an Inferno Reference Server instance for Inferno to use for simulation (only needed if planning to run the DTR SMART App test suite). - Open a terminal in the directory containing the downloaded code. @@ -79,8 +81,8 @@ You can run the DTR test kit via the [ONC Inferno](https://inferno.healthit.gov/ ## FHIR Server Simulation for the DTR SMART App Suite The DTR SMART App test suite needs to be able to return responses to FHIR read and search APIs. -These responses can be complex and so the suite relies on a full FHIR server to provide -responses for it to provide back to systems under test. The test kit was written to work +These responses can be complex and so the suite relies on a full FHIR server to provide +responses for it to provide back to systems under test. The test kit was written to work with the [Inferno Reference Server](https://github.com/inferno-framework/inferno-reference-server) - loaded with [patient pat015](https://github.com/inferno-framework/inferno-reference-server/blob/main/resources/dtr_bundle_patient_pat015.json) @@ -91,21 +93,22 @@ with the [Inferno Reference Server](https://github.com/inferno-framework/inferno The test kit can be configured to point to either a local instance of the reference server or to a public instance. The location of the The following are valid configuration approaches: -1. Point to a public instance of the Inferno reference server at either +1. Point to a public instance of the Inferno reference server at either `https://inferno.healthit.gov/reference-server/r4/` or `https://inferno-qa.healthit.gov/reference-server/r4/`: update the `FHIR_REFERENCE_SERVER` environment variable in the appropriate environment file (`.evn.production` when running - in docker [as above](#local-inferno-instance), or `env.development` when + in docker [as above](#local-inferno-instance), or `env.development` when [running the test kit in Ruby](#development)). -2. Run a local instance of the Inferno Reference Server, either - [with docker](https://github.com/inferno-framework/inferno-reference-server?tab=readme-ov-file#running-with-docker) - or [without docker](https://github.com/inferno-framework/inferno-reference-server?tab=readme-ov-file#running-without-docker) - (NOTE: this decision can be made independently from whether to run the test kit with +2. Run a local instance of the Inferno Reference Server, either + [with docker](https://github.com/inferno-framework/inferno-reference-server?tab=readme-ov-file#running-with-docker) + or [without docker](https://github.com/inferno-framework/inferno-reference-server?tab=readme-ov-file#running-without-docker) + (NOTE: this decision can be made independently from whether to run the test kit with docker or using Ruby). ## Providing Feedback and Reporting Issues We welcome feedback on the tests, including but not limited to the following areas: + - Validation logic, such as potential bugs, lax checks, and unexpected failures. - Requirements coverage, such as requirements that have been missed and tests that necessitate features that the IG does not require. - User experience, such as confusing or missing information in the test UI. @@ -114,14 +117,15 @@ Please report any issues with this set of tests in the issues section of this re ## Development -To make updates and additions to this test kit, see the +To make updates and additions to this test kit, see the [Inferno Framework Documentation](https://inferno-framework.github.io/docs/), -particularly the instructions on +particularly the instructions on [development with Ruby](https://inferno-framework.github.io/docs/getting-started/#development-with-ruby). ### Client Questionnaire Workflow Test Framework To support testing that clients can fetch, populate, and complete various questionnaires with different features, the test kit includes a framework for building different iterations of these tests. At a high-level, the framework includes the ability to associate a set of fixtures with a group of tests including + - a questionnaire that will be sent back when the client makes a $questionnaire-package request - a questionnaire response that contains expected pre-populated and overriden items. These are indicated by the origin.source extension on items with link ids corresponding to items in the questionnaire with cql expressions for pre-population. When it is `auto` that is the expected answer based on data Inferno has. When it is `override` that is the answer that would be present if the pre-populated answer were used, but Inferno will check that a different value is present since the tester will be expected to override the answer. @@ -140,9 +144,11 @@ them to send requests to Inferno for the purposes of testing. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at + ``` http://www.apache.org/licenses/LICENSE-2.0 ``` + Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the @@ -151,4 +157,4 @@ specific language governing permissions and limitations under the License. ## Trademark Notice HL7, FHIR and the FHIR [FLAME DESIGN] are the registered trademarks of Health -Level Seven International and their use does not constitute endorsement by HL7. \ No newline at end of file +Level Seven International and their use does not constitute endorsement by HL7. diff --git a/davinci_dtr_test_kit.gemspec b/davinci_dtr_test_kit.gemspec index 06ae623..f12307c 100644 --- a/davinci_dtr_test_kit.gemspec +++ b/davinci_dtr_test_kit.gemspec @@ -11,6 +11,7 @@ Gem::Specification.new do |spec| spec.license = 'Apache-2.0' spec.add_dependency 'inferno_core', '~> 0.4.42' spec.add_dependency 'jwt', '~> 2.6' + spec.add_dependency 'smart_app_launch_test_kit', '~> 0.4.4' spec.required_ruby_version = Gem::Requirement.new('>= 3.1.2') spec.metadata['homepage_uri'] = spec.homepage spec.metadata['source_code_uri'] = spec.homepage diff --git a/lib/davinci_dtr_test_kit.rb b/lib/davinci_dtr_test_kit.rb index 22eec4c..8ef6198 100644 --- a/lib/davinci_dtr_test_kit.rb +++ b/lib/davinci_dtr_test_kit.rb @@ -1,4 +1,4 @@ require_relative 'davinci_dtr_test_kit/dtr_payer_server_suite' require_relative 'davinci_dtr_test_kit/dtr_smart_app_suite' require_relative 'davinci_dtr_test_kit/dtr_full_ehr_suite' -# require_relative 'davinci_dtr_test_kit/dtr_light_ehr_suite' +require_relative 'davinci_dtr_test_kit/dtr_light_ehr_suite' diff --git a/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md b/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md new file mode 100644 index 0000000..372574e --- /dev/null +++ b/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md @@ -0,0 +1,22 @@ +The Da Vinci DTR Test Kit Light EHR Suite validates the conformance of SMART apps +to the STU 2 version of the HL7® FHIR® +[Da Vinci Documentation Templates and Rules (DTR) Implementation Guide](https://hl7.org/fhir/us/davinci-dtr/STU2/). + +## Scope + +These tests are a **DRAFT** intended to allow app implementers to perform +preliminary checks of their systems against DTR IG requirements and [provide +feedback](https://github.com/inferno-framework/davinci-dtr-test-kit/issues) +on the tests. Future versions of these tests may validate other requirements and may change the test validation logic. + +## Test Methodology + +TBD. + +## Running the Tests + +## Limitations + +The DTR IG is a complex specification and these tests currently validate conformance to only +a subset of IG requirements. Future versions of the test suite will test further +features. A few specific features of interest are listed below. diff --git a/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb b/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb index a5a610c..153dd83 100644 --- a/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb +++ b/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb @@ -1,18 +1,14 @@ +require 'tls_test_kit' require_relative 'version' +require_relative 'dtr_options' +require 'smart_app_launch/smart_stu1_suite' +require 'smart_app_launch/smart_stu2_suite' module DaVinciDTRTestKit class DTRLightEHRSuite < Inferno::TestSuite id :dtr_light_ehr title 'Da Vinci DTR Light EHR Test Suite' - description %( - # Da Vinci DTR Light EHR Test Suite - - This suite validates that an EMR or other application - can act as a data source for a DTR SMART App. Inferno - will act as a DTR SMART App making requests for data - against the system under test and storing completed - questionnaire responses. - ) + description File.read(File.join(__dir__, 'docs', 'dtr_light_ehr_suite_description_v201.md')) version VERSION @@ -35,28 +31,20 @@ class DTRLightEHRSuite < Inferno::TestSuite } ] - # These inputs will be available to all tests in this suite input :url, - title: 'FHIR Server Base Url' - - input :credentials, - title: 'OAuth Credentials', - type: :oauth_credentials, - optional: true + title: 'FHIR Endpoint', + description: 'URL of the DTR FHIR server' - # All FHIR requests in this suite will use this FHIR client - fhir_client do - url :url - oauth_credentials :credentials - end + group do + title 'Authorization' - # Hl7 Validator Wrapper: - fhir_resource_validator do - igs 'hl7.fhir.us.davinci-dtr#2.0.1' + group from: :smart_ehr_launch_stu2, + required_suite_options: DTROptions::SMART_2_REQUIREMENT, + run_as_group: true - exclude_message do |message| - message.message.match?(/\A\S+: \S+: URL value '.*' does not resolve/) - end + group from: :smart_standalone_launch_stu2, + required_suite_options: DTROptions::SMART_2_REQUIREMENT, + run_as_group: true end end end diff --git a/lib/davinci_dtr_test_kit/dtr_options.rb b/lib/davinci_dtr_test_kit/dtr_options.rb new file mode 100644 index 0000000..cef1ded --- /dev/null +++ b/lib/davinci_dtr_test_kit/dtr_options.rb @@ -0,0 +1,7 @@ +module DaVinciDTRTestKit + module DTROptions + SMART_2 = 'smart_app_launch_2'.freeze + + SMART_2_REQUIREMENT = { smart_app_launch_version: SMART_2 }.freeze + end +end From 86124e40a751cd226d99ea32e13526aac7d6af2b Mon Sep 17 00:00:00 2001 From: Elsa Date: Fri, 11 Oct 2024 13:46:11 -0400 Subject: [PATCH 2/5] Deleted md description file, added smart stu2 discovery, preset --- config/presets/inferno_dtr_server_suite.json | 26 ++++++++ .../dtr_light_ehr_suite_description_v201.md | 22 ------- .../dtr_light_ehr_suite.rb | 61 ++++++++++++++++++- 3 files changed, 86 insertions(+), 23 deletions(-) create mode 100644 config/presets/inferno_dtr_server_suite.json delete mode 100644 lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md diff --git a/config/presets/inferno_dtr_server_suite.json b/config/presets/inferno_dtr_server_suite.json new file mode 100644 index 0000000..d94372c --- /dev/null +++ b/config/presets/inferno_dtr_server_suite.json @@ -0,0 +1,26 @@ +{ + "title": "Inferno Reference Server", + "id": "smart_stu2_reference_server", + "test_suite_id": "dtr_light_ehr", + "inputs": [ + { + "name": "url", + "description": "URL of the FHIR endpoint used by SMART applications", + "title": "FHIR Endpoint", + "type": "text", + "value": "https://inferno-qa.healthit.gov/reference-server/r4" + }, + { + "name": "ehr_client_id", + "description": "Client ID provided during registration of Inferno as an EHR launch application", + "title": "EHR Launch Client ID", + "type": "text", + "value": "SAMPLE_PUBLIC_CLIENT_ID" + }, + { + "name": "standalone_client_id", + "type": "text", + "value": "SAMPLE_PUBLIC_CLIENT_ID" + } + ] +} diff --git a/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md b/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md deleted file mode 100644 index 372574e..0000000 --- a/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md +++ /dev/null @@ -1,22 +0,0 @@ -The Da Vinci DTR Test Kit Light EHR Suite validates the conformance of SMART apps -to the STU 2 version of the HL7® FHIR® -[Da Vinci Documentation Templates and Rules (DTR) Implementation Guide](https://hl7.org/fhir/us/davinci-dtr/STU2/). - -## Scope - -These tests are a **DRAFT** intended to allow app implementers to perform -preliminary checks of their systems against DTR IG requirements and [provide -feedback](https://github.com/inferno-framework/davinci-dtr-test-kit/issues) -on the tests. Future versions of these tests may validate other requirements and may change the test validation logic. - -## Test Methodology - -TBD. - -## Running the Tests - -## Limitations - -The DTR IG is a complex specification and these tests currently validate conformance to only -a subset of IG requirements. Future versions of the test suite will test further -features. A few specific features of interest are listed below. diff --git a/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb b/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb index 153dd83..d43964a 100644 --- a/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb +++ b/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb @@ -8,7 +8,40 @@ module DaVinciDTRTestKit class DTRLightEHRSuite < Inferno::TestSuite id :dtr_light_ehr title 'Da Vinci DTR Light EHR Test Suite' - description File.read(File.join(__dir__, 'docs', 'dtr_light_ehr_suite_description_v201.md')) + description <<~DESCRIPTION + The Da Vinci DTR Test Kit Light EHR Suite validates the conformance of SMART apps + to the STU 2 version of the HL7® FHIR® + [Da Vinci Documentation Templates and Rules (DTR) Implementation Guide](https://hl7.org/fhir/us/davinci-dtr/STU2/). + + ## Scope + + These tests are a **DRAFT** intended to allow app implementers to perform + preliminary checks of their systems against DTR IG requirements and [provide + feedback](https://github.com/inferno-framework/davinci-dtr-test-kit/issues) + on the tests. Future versions of these tests may validate other requirements and may change the test validation logic. + + ## SMART App Launch + + Use this information when registering Inferno as a SMART App: + + * Launch URI: `#{SMARTAppLaunch::AppLaunchTest.config.options[:launch_uri]}` + * Redirect URI: `#{SMARTAppLaunch::AppRedirectTest.config.options[:redirect_uri]}` + + If a client receives a SMART App Launch card in a response and would like + to test their ability to launch Inferno as a SMART App, first run the + SMART on FHIR Discovery and SMART EHR Launch groups under FHIR API > + Authorization. When running the SMART EHR Launch group, Inferno will wait + for the incoming SMART App Launch request, and this is the time to perform + the launch from the client being tested. + + ## Running the Tests + + ## Limitations + + The DTR IG is a complex specification and these tests currently validate conformance to only + a subset of IG requirements. Future versions of the test suite will test further + features. A few specific features of interest are listed below. + DESCRIPTION version VERSION @@ -38,6 +71,32 @@ class DTRLightEHRSuite < Inferno::TestSuite group do title 'Authorization' + group from: :smart_discovery_stu2 do + required_suite_options DTROptions::SMART_2_REQUIREMENT + run_as_group + + test from: :tls_version_test do + title 'DTR FHIR Server is secured by transport layer security' + description <<~DESCRIPTION + Under [Privacy, Security, and Safety](https://hl7.org/fhir/us/davinci-crd/STU2/security.html), + the DTR Implementation Guide imposes the following rule about TLS: + + As per the [DTR Hook specification](https://cds-hooks.hl7.org/2.0/#security-and-safety), + communications between DTR Clients and DTR Servers SHALL + use TLS. Mutual TLS is not required by this specification but is permitted. DTR Servers and + DTR Clients SHOULD enforce a minimum version and other TLS configuration requirements based + on HRex rules for PHI exchange. + + This test verifies that the FHIR server is using TLS 1.2 or higher. + DESCRIPTION + id :dtr_server_tls_version_stu2 + + config( + options: { minimum_allowed_version: OpenSSL::SSL::TLS1_2_VERSION } + ) + end + end + group from: :smart_ehr_launch_stu2, required_suite_options: DTROptions::SMART_2_REQUIREMENT, run_as_group: true From ab16a34870fdc76ef77ec0836e4053b80a179a36 Mon Sep 17 00:00:00 2001 From: Elsa Date: Wed, 16 Oct 2024 17:30:25 -0400 Subject: [PATCH 3/5] Added light ehr doc file, removed old description --- .../dtr_light_ehr_suite_description_v201.md | 23 +++++++++++++++++++ .../dtr_light_ehr_suite.rb | 14 ++--------- 2 files changed, 25 insertions(+), 12 deletions(-) create mode 100644 lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md diff --git a/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md b/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md new file mode 100644 index 0000000..59ad798 --- /dev/null +++ b/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md @@ -0,0 +1,23 @@ +The Da Vinci DTR Test Kit Full EHR Suite validates the conformance of SMART apps +to the STU 2 version of the HL7® FHIR® +[Da Vinci Documentation Templates and Rules (DTR) Implementation Guide](https://hl7.org/fhir/us/davinci-dtr/STU2/). + +## Scope + +These tests are a **DRAFT** intended to allow app implementers to perform +preliminary checks of their systems against DTR IG requirements and [provide +feedback](https://github.com/inferno-framework/davinci-dtr-test-kit/issues) +on the tests. Future versions of these tests may validate other +requirements and may change the test validation logic. + +## Test Methodology + +Inferno will simulate a DTR SMART App that will get launched by the DTR Light EHR System under test. The DTR Light EHR will be expected to properly launch the DTR SMART App. + +Once the connection between the DTR SMART App and the DTR Light EHR is established, tests within this suite check that the DTR Light EHR API is conformant to US Core and any other requirements outlined in the [Light DTR EHR Capability Statement](https://hl7.org/fhir/us/davinci-dtr/STU2/CapabilityStatement-light-dtr-ehr.html#root). + +## Running the Tests + +If you would like to try out the tests but don't have a DTR payer server implementation, you can run these tests against the [public instance of the Inferno Reference Server](https://inferno-qa.healthit.gov/reference-server/r4/) by using the Inferno Reference Server preset in the test suite. + +In order to get the Inferno QA Reference Server to do an EHR launch, navigate to https://inferno-qa.healthit.gov/reference-server/app/app-launch and use http://localhost:4567/custom/smart/launch as the App Launch URL. diff --git a/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb b/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb index d43964a..a907210 100644 --- a/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb +++ b/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb @@ -77,18 +77,8 @@ class DTRLightEHRSuite < Inferno::TestSuite test from: :tls_version_test do title 'DTR FHIR Server is secured by transport layer security' - description <<~DESCRIPTION - Under [Privacy, Security, and Safety](https://hl7.org/fhir/us/davinci-crd/STU2/security.html), - the DTR Implementation Guide imposes the following rule about TLS: - - As per the [DTR Hook specification](https://cds-hooks.hl7.org/2.0/#security-and-safety), - communications between DTR Clients and DTR Servers SHALL - use TLS. Mutual TLS is not required by this specification but is permitted. DTR Servers and - DTR Clients SHOULD enforce a minimum version and other TLS configuration requirements based - on HRex rules for PHI exchange. - - This test verifies that the FHIR server is using TLS 1.2 or higher. - DESCRIPTION + description File.read(File.join(__dir__, 'docs', 'dtr_light_ehr_suite_description_v201.md')) + id :dtr_server_tls_version_stu2 config( From a4d0494e15262b1ffb3937d71e95729e7cde1019 Mon Sep 17 00:00:00 2001 From: Elsa Date: Thu, 17 Oct 2024 10:19:23 -0400 Subject: [PATCH 4/5] Properly added description doc, additional details --- README.md | 2 + .../dtr_light_ehr_suite_description_v201.md | 8 ++-- .../dtr_light_ehr_suite.rb | 46 +++++-------------- 3 files changed, 17 insertions(+), 39 deletions(-) diff --git a/README.md b/README.md index 508f23e..7397028 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,8 @@ The test kit includes suites targeting the following actors from the specificati - **DTR Full EHR**: Inferno will act as a server implementing the payer server responding to requests for questionnaires made by the EHR under test. +- **DTR Light EHR**: Inferno will act as a DTR SMART App that will connect + to the DTR Light EHR system under test and make requests to the Light EHR under test. In each case, content provided by the system under test will be checked individually for conformance and in aggregate to determine that the full set of features is diff --git a/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md b/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md index 59ad798..ab0721b 100644 --- a/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md +++ b/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md @@ -1,4 +1,4 @@ -The Da Vinci DTR Test Kit Full EHR Suite validates the conformance of SMART apps +The Da Vinci DTR Test Kit Light EHR Suite validates the conformance of SMART apps to the STU 2 version of the HL7® FHIR® [Da Vinci Documentation Templates and Rules (DTR) Implementation Guide](https://hl7.org/fhir/us/davinci-dtr/STU2/). @@ -12,12 +12,12 @@ requirements and may change the test validation logic. ## Test Methodology -Inferno will simulate a DTR SMART App that will get launched by the DTR Light EHR System under test. The DTR Light EHR will be expected to properly launch the DTR SMART App. +Inferno will simulate a DTR SMART App that will connect to the DTR Light EHR system under test. The tester will need to launch Inferno using either an EHR launch or a Standalone launch. Once the connection between the DTR SMART App and the DTR Light EHR is established, tests within this suite check that the DTR Light EHR API is conformant to US Core and any other requirements outlined in the [Light DTR EHR Capability Statement](https://hl7.org/fhir/us/davinci-dtr/STU2/CapabilityStatement-light-dtr-ehr.html#root). ## Running the Tests -If you would like to try out the tests but don't have a DTR payer server implementation, you can run these tests against the [public instance of the Inferno Reference Server](https://inferno-qa.healthit.gov/reference-server/r4/) by using the Inferno Reference Server preset in the test suite. +If you would like to try out the tests but don't have a DTR payer server implementation, you can run these tests against the [public instance of the Inferno Reference Server](https://inferno.healthit.gov/reference-server/r4/) by using the Inferno Reference Server preset in the test suite. -In order to get the Inferno QA Reference Server to do an EHR launch, navigate to https://inferno-qa.healthit.gov/reference-server/app/app-launch and use http://localhost:4567/custom/smart/launch as the App Launch URL. +In order to get the Inferno QA Reference Server to do an EHR launch, navigate to https://inferno.healthit.gov/reference-server/app/app-launch and use https://inferno.healthit.gov/custom/smart/launch as the App Launch URL. diff --git a/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb b/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb index a907210..dccccda 100644 --- a/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb +++ b/lib/davinci_dtr_test_kit/dtr_light_ehr_suite.rb @@ -8,40 +8,7 @@ module DaVinciDTRTestKit class DTRLightEHRSuite < Inferno::TestSuite id :dtr_light_ehr title 'Da Vinci DTR Light EHR Test Suite' - description <<~DESCRIPTION - The Da Vinci DTR Test Kit Light EHR Suite validates the conformance of SMART apps - to the STU 2 version of the HL7® FHIR® - [Da Vinci Documentation Templates and Rules (DTR) Implementation Guide](https://hl7.org/fhir/us/davinci-dtr/STU2/). - - ## Scope - - These tests are a **DRAFT** intended to allow app implementers to perform - preliminary checks of their systems against DTR IG requirements and [provide - feedback](https://github.com/inferno-framework/davinci-dtr-test-kit/issues) - on the tests. Future versions of these tests may validate other requirements and may change the test validation logic. - - ## SMART App Launch - - Use this information when registering Inferno as a SMART App: - - * Launch URI: `#{SMARTAppLaunch::AppLaunchTest.config.options[:launch_uri]}` - * Redirect URI: `#{SMARTAppLaunch::AppRedirectTest.config.options[:redirect_uri]}` - - If a client receives a SMART App Launch card in a response and would like - to test their ability to launch Inferno as a SMART App, first run the - SMART on FHIR Discovery and SMART EHR Launch groups under FHIR API > - Authorization. When running the SMART EHR Launch group, Inferno will wait - for the incoming SMART App Launch request, and this is the time to perform - the launch from the client being tested. - - ## Running the Tests - - ## Limitations - - The DTR IG is a complex specification and these tests currently validate conformance to only - a subset of IG requirements. Future versions of the test suite will test further - features. A few specific features of interest are listed below. - DESCRIPTION + description File.read(File.join(__dir__, 'docs', 'dtr_light_ehr_suite_description_v201.md')) version VERSION @@ -77,7 +44,16 @@ class DTRLightEHRSuite < Inferno::TestSuite test from: :tls_version_test do title 'DTR FHIR Server is secured by transport layer security' - description File.read(File.join(__dir__, 'docs', 'dtr_light_ehr_suite_description_v201.md')) + description <<~DESCRIPTION + Under [Privacy, Security, and Safety](https://hl7.org/fhir/us/davinci-crd/STU2/security.html), + the DTR Implementation Guide imposes the following rule about TLS: + As per the [DTR Hook specification](https://cds-hooks.hl7.org/2.0/#security-and-safety), + communications between DTR Clients and DTR Servers SHALL + use TLS. Mutual TLS is not required by this specification but is permitted. DTR Servers and + DTR Clients SHOULD enforce a minimum version and other TLS configuration requirements based + on HRex rules for PHI exchange. + This test verifies that the FHIR server is using TLS 1.2 or higher. + DESCRIPTION id :dtr_server_tls_version_stu2 From 8fdac0ec5222512c364a2231ca5bc35d9aa362bb Mon Sep 17 00:00:00 2001 From: Elsa Date: Thu, 17 Oct 2024 11:37:42 -0400 Subject: [PATCH 5/5] Add limitations section --- .../docs/dtr_light_ehr_suite_description_v201.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md b/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md index ab0721b..37bf5a0 100644 --- a/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md +++ b/lib/davinci_dtr_test_kit/docs/dtr_light_ehr_suite_description_v201.md @@ -21,3 +21,9 @@ Once the connection between the DTR SMART App and the DTR Light EHR is establish If you would like to try out the tests but don't have a DTR payer server implementation, you can run these tests against the [public instance of the Inferno Reference Server](https://inferno.healthit.gov/reference-server/r4/) by using the Inferno Reference Server preset in the test suite. In order to get the Inferno QA Reference Server to do an EHR launch, navigate to https://inferno.healthit.gov/reference-server/app/app-launch and use https://inferno.healthit.gov/custom/smart/launch as the App Launch URL. + +## Limitations + +The DTR IG is a complex specification and these tests currently validate conformance to only +a subset of IG requirements. Future versions of the test suite will test further +features.