adding smart on fhir configuration endpoint

apps/wellknown/views/__init__.py

@@ -1,3 +1,3 @@
-from .openid import openid_configuration, base_issuer, build_endpoint_info  # NOQA
+from .openid import openid_configuration, smart_configuration, base_issuer, build_endpoint_info  # NOQA
 from .application import ApplicationListView, ApplicationLabelView  # NOQA
 from .public_applications import ApplicationListView as PublicApplicationListView  # NOQA

apps/wellknown/views/openid.py

@@ -9,6 +9,17 @@
 import apps.logging.request_logger as bb2logging
 
 logger = logging.getLogger(bb2logging.HHS_SERVER_LOGNAME_FMT.format(__name__))
+SCOPES_SUPPORTED = ["profile", "patient/Patient.read", "patient/ExplanationOfBenefit.read", "patient/Coverage.read"]
+CODE_CHALLENGE_METHODS_SUPPORTED = ["S256"]
+CAPABILITIES = [
+    "client-confidential-symmetric",
+    "sso-openid-connect",
+    "launch-standalone",
+    "permission-offline",
+    "permission-patient",
+    "permission-v1",
+    "authorize-post"
+]
 
 
 @require_GET
@@ -18,8 +29,18 @@ def openid_configuration(request):
     """
     data = OrderedDict()
     issuer = base_issuer(request)
-    v2 = request.path.endswith('openid-configuration-v2') or request.path.endswith('openidConfigV2')
-    data = build_endpoint_info(data, issuer=issuer, v2=v2)
+    data = build_endpoint_info(data, issuer=issuer)
+    return JsonResponse(data)
+
+
+@require_GET
+def smart_configuration(request):
+    """
+    Views that returns smart_configuration.
+    """
+    data = OrderedDict()
+    issuer = base_issuer(request)
+    data = build_smart_config_endpoint(data, issuer=issuer)
     return JsonResponse(data)
 
 
@@ -50,7 +71,7 @@ def base_issuer(request):
     return issuer
 
 
-def build_endpoint_info(data=OrderedDict(), v2=False, issuer=""):
+def build_endpoint_info(data=OrderedDict(), issuer=""):
     """
     construct the data package
     issuer should be http: or https:// prefixed url.
@@ -60,12 +81,12 @@ def build_endpoint_info(data=OrderedDict(), v2=False, issuer=""):
     """
     data["issuer"] = issuer
     data["authorization_endpoint"] = issuer + \
-        reverse('oauth2_provider:authorize' if not v2 else 'oauth2_provider_v2:authorize-v2')
+        reverse('oauth2_provider_v2:authorize-v2')
     data["revocation_endpoint"] = issuer + reverse('oauth2_provider:revoke')
     data["token_endpoint"] = issuer + \
-        reverse('oauth2_provider:token' if not v2 else 'oauth2_provider_v2:token-v2')
+        reverse('oauth2_provider_v2:token-v2')
     data["userinfo_endpoint"] = issuer + \
-        reverse('openid_connect_userinfo' if not v2 else 'openid_connect_userinfo_v2')
+        reverse('openid_connect_userinfo_v2')
     data["ui_locales_supported"] = ["en-US", ]
     data["service_documentation"] = getattr(settings,
                                             'DEVELOPER_DOCS_URI',
@@ -82,5 +103,28 @@ def build_endpoint_info(data=OrderedDict(), v2=False, issuer=""):
 
     data["response_types_supported"] = ["code", "token"]
     data["fhir_metadata_uri"] = issuer + \
-        reverse('fhir_conformance_metadata' if not v2 else 'fhir_conformance_metadata_v2')
+        reverse('fhir_conformance_metadata_v2')
+    return data
+
+
+def build_smart_config_endpoint(data=OrderedDict(), issuer=""):
+    """
+    construct the smart config endpoint response. Takes in output of build_endpoint_info since they share many fields
+    issuer should be http: or https:// prefixed url.
+
+    :param data:
+    :return:
+    """
+
+    data = build_endpoint_info(data, issuer=issuer)
+    del (data["userinfo_endpoint"])
+    del (data["ui_locales_supported"])
+    del (data["service_documentation"])
+    del (data["op_tos_uri"])
+    del (data["fhir_metadata_uri"])
+
+    data["scopes_supported"] = SCOPES_SUPPORTED
+    data["code_challenge_methods_supported"] = CODE_CHALLENGE_METHODS_SUPPORTED
+    data["capabilities"] = CAPABILITIES
+
     return data

hhs_oauth_server/urls.py

@@ -6,6 +6,7 @@
 from django.contrib import admin
 from apps.accounts.views.oauth2_profile import openidconnect_userinfo
 from apps.fhir.bluebutton.views.home import fhir_conformance, fhir_conformance_v2
+from apps.wellknown.views.openid import smart_configuration
 from hhs_oauth_server.hhs_oauth_server_context import IsAppInstalled
 
 admin.autodiscover()
@@ -17,6 +18,7 @@
 urlpatterns = [
     path("health", include("apps.health.urls")),
     re_path(r"^.well-known/", include("apps.wellknown.urls")),
+    path("v1/fhir/.wellknown/smart-configuration", smart_configuration, name="smart_configuration"),
     path("forms/", include("apps.forms.urls")),
     path("v1/accounts/", include("apps.accounts.urls")),
     re_path(
@@ -32,6 +34,7 @@
         openidconnect_userinfo,
         name="openid_connect_userinfo_v2",
     ),
+    path("v2/fhir/.wellknown/smart-configuration", smart_configuration, name="smart_configuration"),
     path("v2/fhir/metadata", fhir_conformance_v2, name="fhir_conformance_metadata_v2"),
     path("v2/fhir/", include("apps.fhir.bluebutton.v2.urls")),
     path("v2/o/", include("apps.dot_ext.v2.urls")),