changing capabilities and scope for smart config (#1324)

* changing capabilities and scope for smart config

* added smart config test

Author: bwang-icf

apps/wellknown/views/openid.py

@@ -16,25 +16,19 @@
     "patient/Patient.read",
     "patient/ExplanationOfBenefit.read",
     "patient/Coverage.read",
-    "patient/Patient.r",
-    "patient/ExplanationOfBenefit.r",
-    "patient/Coverage.r",
-    "patient/Patient.s",
-    "patient/ExplanationOfBenefit.s",
-    "patient/Coverage.s",
     "patient/Patient.rs",
     "patient/ExplanationOfBenefit.rs",
     "patient/Coverage.rs",
 ]
 CODE_CHALLENGE_METHODS_SUPPORTED = ["S256"]
 CAPABILITIES = [
     "client-confidential-symmetric",
-    "client-confidential-asymmetric",
     "context-standalone-patient",
     "launch-standalone",
     "permission-offline",
     "permission-patient",
     "permission-v1",
+    "permission-v2",
     "authorize-post"
 ]
 

hhs_oauth_server/tests.py

@@ -7,7 +7,9 @@
 """
 
 from django.test import TestCase
-
+from django.test.client import Client
+from django.urls import reverse
+import json
 from apps.logging.sensitive_logging_filters import mask_mbi
 
 
@@ -314,3 +316,42 @@ def test_mbi_match(self):
                 self.assertNotIn('***MBI***', masked_mbi_lowercase_text)
                 self.assertIn(mbi_value, masked_uppercase_text)
                 self.assertIn(mbi_value.lower(), masked_mbi_lowercase_text)
+
+
+class SmartConfigurationTestCase(TestCase):
+
+    def setUp(self):
+        self.client = Client()
+        self.smart_url = reverse('smart_configuration')
+
+    def test_valid_smart_config_response(self):
+        CAPABILITIES = [
+            "client-confidential-symmetric",
+            "context-standalone-patient",
+            "launch-standalone",
+            "permission-offline",
+            "permission-patient",
+            "permission-v1",
+            "permission-v2",
+            "authorize-post"
+        ]
+
+        SCOPES_SUPPORTED = [
+            "openid",
+            "profile",
+            "launch/patient",
+            "patient/Patient.read",
+            "patient/ExplanationOfBenefit.read",
+            "patient/Coverage.read",
+            "patient/Patient.rs",
+            "patient/ExplanationOfBenefit.rs",
+            "patient/Coverage.rs",
+        ]
+        response = self.client.get(self.smart_url)
+        response_json = response.json()
+        response_content = response.content
+        response_content = str(response_content, encoding='utf8')
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(type(json.loads(response_content)), type({}))
+        self.assertCountEqual(response_json['capabilities'], CAPABILITIES)
+        self.assertCountEqual(response_json['scopes_supported'], SCOPES_SUPPORTED)