generated from inferno-framework/inferno-template
-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathtoken_refresh_group.rb
46 lines (38 loc) · 1.77 KB
/
token_refresh_group.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
require_relative 'token_refresh_test'
require_relative 'token_refresh_body_test'
require_relative 'token_response_headers_test'
module SMARTAppLaunch
class TokenRefreshGroup < Inferno::TestGroup
id :smart_token_refresh
title 'SMART Token Refresh'
short_description 'Demonstrate the ability to exchange a refresh token for an access token.'
description %(
# Background
The #{title} Sequence tests the ability of the system to successfully
exchange a refresh token for an access token. Refresh tokens are typically
longer lived than access tokens and allow client applications to obtain a
new access token Refresh tokens themselves cannot provide access to
resources on the server.
Token refreshes are accomplished through a `POST` request to the token
exchange endpoint as described in the [SMART App Launch
Framework](https://www.hl7.org/fhir/smart-app-launch/1.0.0/index.html#step-5-later-app-uses-a-refresh-token-to-obtain-a-new-access-token).
# Test Methodology
This test attempts to exchange the refresh token for a new access token
and verify that the information returned contains the required fields and
uses the proper headers.
For more information see:
* [The OAuth 2.0 Authorization
Framework](https://tools.ietf.org/html/rfc6749)
* [Using a refresh token to obtain a new access
token](https://www.hl7.org/fhir/smart-app-launch/1.0.0/index.html#step-5-later-app-uses-a-refresh-token-to-obtain-a-new-access-token)
)
test from: :smart_token_refresh
test from: :smart_token_refresh_body
test from: :smart_token_response_headers,
config: {
requests: {
token: { name: :token_refresh }
}
}
end
end