FI-3222: DTR Client Tests: Use Random Number for Attestation Continuation Links

lib/davinci_dtr_test_kit/client_groups/dinner_static/dtr_full_ehr_launch_attestation_test.rb

@@ -1,3 +1,4 @@
+require 'securerandom'
 require_relative '../../urls'
 
 module DaVinciDTRTestKit
@@ -9,18 +10,18 @@ class DTRFullEHRStaticDinnerLaunchAttestationTest < Inferno::Test
     description %(
       Attest that DTR has been launched for a patient with data that will be used for prepopulation.
     )
-    input :access_token
 
     run do
+      random_id = SecureRandom.uuid
       wait(
-        identifier: access_token,
+        identifier: random_id,
         message: %(
           I attest that DTR has been launched in the context of a patient with an official name, including
           first and last.
 
-          [Click here](#{resume_pass_url}?token=#{access_token}) if the above statement is **true**.
+          [Click here](#{resume_pass_url}?token=#{random_id}) if the above statement is **true**.
 
-          [Click here](#{resume_fail_url}?token=#{access_token}) if the above statement is **false**.
+          [Click here](#{resume_fail_url}?token=#{random_id}) if the above statement is **false**.
         )
       )
     end

lib/davinci_dtr_test_kit/client_groups/dinner_static/dtr_full_ehr_prepopulation_attestation_test.rb

@@ -1,3 +1,4 @@
+require 'securerandom'
 require_relative '../../urls'
 
 module DaVinciDTRTestKit
@@ -9,20 +10,19 @@ class DTRFullEHRStaticDinnerPrepopulationAttestationTest < Inferno::Test
     description %(
       Validate that pre-population of patient name information occurs as expected.
     )
-    input :access_token
-
     run do
+      random_id = SecureRandom.uuid
       wait(
-        identifier: access_token,
+        identifier: random_id,
         message: %(
           I attest that the DTR application pre-populates the following questions with the respective
           value for the official name of the patient:
           - Last Name
           - First Name
 
-          [Click here](#{resume_pass_url}?token=#{access_token}) if the above statement is **true**.
+          [Click here](#{resume_pass_url}?token=#{random_id}) if the above statement is **true**.
 
-          [Click here](#{resume_fail_url}?token=#{access_token}) if the above statement is **false**.
+          [Click here](#{resume_fail_url}?token=#{random_id}) if the above statement is **false**.
         )
       )
     end

lib/davinci_dtr_test_kit/client_groups/dinner_static/dtr_full_ehr_prepopulation_override_attestation_test.rb

@@ -1,3 +1,4 @@
+require 'securerandom'
 require_relative '../../urls'
 
 module DaVinciDTRTestKit
@@ -9,17 +10,16 @@ class DTRFullEHRStaticDinnerPrepopulationOverrideAttestationTest < Inferno::Test
     description %(
       Validate that the user can edit a pre-populated item and replace it with another value.
     )
-    input :access_token
-
     run do
+      random_id = SecureRandom.uuid
       wait(
-        identifier: access_token,
+        identifier: random_id,
         message: %(
           I attest that I have changed the prepopulated value in the First Name field to a new value.
 
-          [Click here](#{resume_pass_url}?token=#{access_token}) if the above statement is **true**.
+          [Click here](#{resume_pass_url}?token=#{random_id}) if the above statement is **true**.
 
-          [Click here](#{resume_fail_url}?token=#{access_token}) if the above statement is **false**.
+          [Click here](#{resume_fail_url}?token=#{random_id}) if the above statement is **false**.
         )
       )
     end

lib/davinci_dtr_test_kit/client_groups/dinner_static/dtr_full_ehr_rendering_enabled_questions_attestation_test.rb

@@ -1,3 +1,4 @@
+require 'securerandom'
 require_relative '../../urls'
 
 module DaVinciDTRTestKit
@@ -10,19 +11,18 @@ class DTRFullEHRStaticDinnerRenderingAttestationTest < Inferno::Test
       Validate that the rendering of the questionnaire includes only the "What would you like on..."
       question appropriate for the dinner selection, if made.
     )
-    input :access_token
-
     run do
+      random_id = SecureRandom.uuid
       wait(
-        identifier: access_token,
+        identifier: random_id,
         message: %(
           I attest that the client application does not display any "What would you like on..."
           questions until I have selected a dinner choice and then only displays the
           "What would you like on..." question relevant for the dinner request:
 
-          [Click here](#{resume_pass_url}?token=#{access_token}) if the above statement is **true**.
+          [Click here](#{resume_pass_url}?token=#{random_id}) if the above statement is **true**.
 
-          [Click here](#{resume_fail_url}?token=#{access_token}) if the above statement is **false**.
+          [Click here](#{resume_fail_url}?token=#{random_id}) if the above statement is **false**.
         )
       )
     end

lib/davinci_dtr_test_kit/client_groups/dinner_static/dtr_full_ehr_store_attestation_test.rb

@@ -1,3 +1,4 @@
+require 'securerandom'
 require_relative '../../urls'
 
 module DaVinciDTRTestKit
@@ -10,18 +11,17 @@ class DTRFullEHRStaticDinnerStoreAttestationTest < Inferno::Test
       Attest that the questionnaire has been completed and the response has been persisted
       and can be exported as a FHIR QuestionnaireResponse instance.
     )
-    input :access_token
-
     run do
+      random_id = SecureRandom.uuid
       wait(
-        identifier: access_token,
+        identifier: random_id,
         message: %(
           I attest that the questionnaire has been completed and stored within the EHR for future
           use and export as a FHIR QuestionnaireResponse instance.
 
-          [Click here](#{resume_pass_url}?token=#{access_token}) if the above statement is **true**.
+          [Click here](#{resume_pass_url}?token=#{random_id}) if the above statement is **true**.
 
-          [Click here](#{resume_fail_url}?token=#{access_token}) if the above statement is **false**.
+          [Click here](#{resume_fail_url}?token=#{random_id}) if the above statement is **false**.
         )
       )
     end

lib/davinci_dtr_test_kit/client_groups/dinner_static/dtr_smart_app_prepopulation_attestation_test.rb

@@ -1,3 +1,4 @@
+require 'securerandom'
 require_relative '../../urls'
 
 module DaVinciDTRTestKit
@@ -9,19 +10,18 @@ class DTRSmartAppStaticDinnerPrepopulationAttestationTest < Inferno::Test
     description %(
       Validate that pre-population of patient name information occurs as expected.
     )
-    input :client_id
-
     run do
+      random_id = SecureRandom.uuid
       wait(
-        identifier: client_id,
+        identifier: random_id,
         message: %(
           I attest that the client application pre-populates the following questions with the respective values:
           - Last Name: Oster
           - First Name: William
 
-          [Click here](#{resume_pass_url}?client_id=#{client_id}) if the above statement is **true**.
+          [Click here](#{resume_pass_url}?client_id=#{random_id}) if the above statement is **true**.
 
-          [Click here](#{resume_fail_url}?client_id=#{client_id}) if the above statement is **false**.
+          [Click here](#{resume_fail_url}?client_id=#{random_id}) if the above statement is **false**.
         )
       )
     end

lib/davinci_dtr_test_kit/client_groups/dinner_static/dtr_smart_app_prepopulation_override_attestation_test.rb

@@ -1,3 +1,4 @@
+require 'securerandom'
 require_relative '../../urls'
 
 module DaVinciDTRTestKit
@@ -9,20 +10,20 @@ class DTRSmartAppStaticDinnerPrepopulationOverrideAttestationTest < Inferno::Tes
     description %(
       Validate that the user can edit a pre-populated item and replace it with another value.
     )
-    input :client_id
 
     run do
+      random_id = SecureRandom.uuid
       wait(
-        identifier: client_id,
+        identifier: random_id,
         message: %(
           I attest that
 
           1. The client pre-populated an answer for question 'Location'.
           2. I have changed the answer to a different value.
 
-          [Click here](#{resume_pass_url}?client_id=#{client_id}) if the above statement is **true**.
+          [Click here](#{resume_pass_url}?client_id=#{random_id}) if the above statement is **true**.
 
-          [Click here](#{resume_fail_url}?client_id=#{client_id}) if the above statement is **false**.
+          [Click here](#{resume_fail_url}?client_id=#{random_id}) if the above statement is **false**.
         )
       )
     end

lib/davinci_dtr_test_kit/client_groups/dinner_static/dtr_smart_app_rendering_enabled_questions_attestation_test.rb

@@ -1,3 +1,4 @@
+require 'securerandom'
 require_relative '../../urls'
 
 module DaVinciDTRTestKit
@@ -10,19 +11,18 @@ class DTRSmartAppStaticDinnerRenderingAttestationTest < Inferno::Test
       Validate that the rendering of the questionnaire includes only the "What would you like on..."
       question appropriate for the dinner selection, if made.
     )
-    input :client_id
-
     run do
+      random_id = SecureRandom.uuid
       wait(
-        identifier: client_id,
+        identifier: random_id,
         message: %(
           I attest that the client application does not display any "What would you like on..."
           questions until I have selected a dinner choice and then only displays the
           "What would you like on..." question relevant for the dinner request:
 
-          [Click here](#{resume_pass_url}?client_id=#{client_id}) if the above statement is **true**.
+          [Click here](#{resume_pass_url}?client_id=#{random_id}) if the above statement is **true**.
 
-          [Click here](#{resume_fail_url}?client_id=#{client_id}) if the above statement is **false**.
+          [Click here](#{resume_fail_url}?client_id=#{random_id}) if the above statement is **false**.
         )
       )
     end

lib/davinci_dtr_test_kit/client_groups/resp_assist_device/dtr_questionnaire_rendering_attestation_test.rb

@@ -1,3 +1,4 @@
+require 'securerandom'
 require_relative '../../urls'
 
 module DaVinciDTRTestKit
@@ -7,24 +8,24 @@ class DTRQuestionnaireRenderingAttestationTest < Inferno::Test
     id :dtr_questionnaire_rendering_attestation
     title 'Check that the client renders the questionnaire (Attestation)'
     description %(
-      Thist test provides the tester an opportunity to observe their client application following the receipt of the
-      questionnaire pacakage and attest that the application renders the questionnaire.
+      This test provides the tester an opportunity to observe their client application following the receipt of the
+      questionnaire package and attest that the application renders the questionnaire.
     )
-    input :client_id
 
     run do
       load_tagged_requests QUESTIONNAIRE_PACKAGE_TAG
       skip_if request.blank?, 'A Questionnaire Package request must be made prior to running this test'
+      token = SecureRandom.uuid
 
       wait(
-        identifier: client_id,
+        identifier: token,
         message: %(
           I attest that the client application displays the questionnaire and respects the following rendering style:
           - The "Signature" field label is rendered with green text
 
-          [Click here](#{resume_pass_url}?client_id=#{client_id}) if the above statement is **true**.
+          [Click here](#{resume_pass_url}?token=#{token}) if the above statement is **true**.
 
-          [Click here](#{resume_fail_url}?client_id=#{client_id}) if the above statement is **false**.
+          [Click here](#{resume_fail_url}?token=#{token}) if the above statement is **false**.
         )
       )
     end

lib/davinci_dtr_test_kit/dtr_smart_app_suite.rb

@@ -100,11 +100,11 @@ class DTRSmartAppSuite < Inferno::TestSuite
     end
 
     resume_test_route :get, RESUME_PASS_PATH do |request|
-      DTRSmartAppSuite.extract_client_id_from_query_params(request)
+      DTRSmartAppSuite.extract_query_param_value(request)
     end
 
     resume_test_route :get, RESUME_FAIL_PATH, result: 'fail' do |request|
-      DTRSmartAppSuite.extract_client_id_from_query_params(request)
+      DTRSmartAppSuite.extract_query_param_value(request)
     end
 
     # TODO: Update based on SMART Launch changes. Do we even want to have this group now?

lib/davinci_dtr_test_kit/mock_auth_server.rb

@@ -166,6 +166,11 @@ def extract_client_id_from_query_params(request)
       request.query_parameters['client_id']
     end
 
+    def extract_query_param_value(request)
+      extract_client_id_from_query_params(request) ||
+        extract_token_from_query_params(request)
+    end
+
     def extract_client_id_from_bearer_token(request)
       token = extract_bearer_token(request)
       jwt =

spec/davinci_dtr_test_kit/dtr_questionnaire_package_group_spec.rb

@@ -47,7 +47,6 @@ def run(runnable, test_session, inputs = {})
              "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.#{encoded_client_id}"
       post(questionnaire_package_url, request_body)
       expect(last_response.ok?).to be(true)
-
       get(resume_pass_url)
 
       result = results_repo.find(result.id)

spec/davinci_dtr_test_kit/dtr_questionnaire_rendering_group_spec.rb

@@ -11,6 +11,7 @@ def app
   let(:resume_fail_url) { "/custom/#{suite_id}/resume_fail" }
   let(:session_data_repo) { Inferno::Repositories::SessionData.new }
   let(:test_session) { repo_create(:test_session, test_suite_id: suite_id) }
+  let(:test_runs_repo) { Inferno::Repositories::TestRuns.new }
 
   def run(runnable, test_session, inputs = {})
     test_run_params = { test_session_id: test_session.id }.merge(runnable.reference_hash)
@@ -20,7 +21,7 @@ def run(runnable, test_session, inputs = {})
         test_session_id: test_session.id,
         name:,
         value:,
-        type: runnable.config.input_type(name)
+        type: runnable.config.input_type(name) || :text
       )
     end
     Inferno::TestRunner.new(test_session:, test_run:).run(runnable)
@@ -29,7 +30,6 @@ def run(runnable, test_session, inputs = {})
   describe 'Behavior of questionnaire rendering attestation test' do
     let(:runnable) { group.tests.find { |test| test.id.to_s.end_with? 'dtr_questionnaire_rendering_attestation' } }
     let(:results_repo) { Inferno::Repositories::Results.new }
-    let(:client_id) { '1234' }
 
     it 'passes if affirmative attestation is given' do
       # For some reason it seems to completely ignore an allow...receive for resume_pass_url, so do this instead
@@ -41,10 +41,11 @@ def run(runnable, test_session, inputs = {})
       repo_create(:request, result_id: result.id, name: 'questionnaire_package', request_body: nil,
                             test_session_id: test_session.id, tags: [DaVinciDTRTestKit::QUESTIONNAIRE_PACKAGE_TAG])
 
-      result = run(runnable, test_session, client_id:)
+      result = run(runnable, test_session)
       expect(result.result).to eq('wait')
 
-      get("#{resume_pass_url}?client_id=#{client_id}")
+      token = test_runs_repo.last_test_run(test_session.id).identifier
+      get("#{resume_pass_url}?token=#{token}")
 
       result = results_repo.find(result.id)
       expect(result.result).to eq('pass')
@@ -60,10 +61,11 @@ def run(runnable, test_session, inputs = {})
       repo_create(:request, result_id: result.id, name: 'questionnaire_package', request_body: nil,
                             test_session_id: test_session.id, tags: [DaVinciDTRTestKit::QUESTIONNAIRE_PACKAGE_TAG])
 
-      result = run(runnable, test_session, client_id:)
+      result = run(runnable, test_session)
       expect(result.result).to eq('wait')
 
-      get("#{resume_fail_url}?client_id=#{client_id}")
+      token = test_runs_repo.last_test_run(test_session.id).identifier
+      get("#{resume_fail_url}?token=#{token}")
 
       result = results_repo.find(result.id)
       expect(result.result).to eq('fail')