fix selenium tests

JAMES FUQIAN · JAMES FUQIAN · commit 25617bbfbc96 · 2022-11-24T16:11:45.000-08:00
diff --git a/README.md b/README.md
@@ -26,6 +26,10 @@ Once you have Docker and Node installed and setup then do the following:
 
     cp server/sample-bluebutton-config.json -> server/.bluebutton-config.json
 
+or (if running a docker compose selenium tests)
+
+    cp server/sample-bluebutton-selenium-config.json -> server/.bluebutton-config.json
+
 Make sure to replace the clientId and clientSecret variables within the config file with
 the ones you were provided, for your application, when you created your Blue Button Sandbox account.
 
@@ -75,20 +79,6 @@ Both ways of starting the sample are running the sample in foreground, logging a
 
 For client and server started separately in their command window, type Ctrl C respectively
 
-## Run selenium tests in docker
-
-Configure the remote target BB2 instance where the tested app is registered (as described above "Running the Back-end & Front-end")
-
-Go to local repo base directory, from there run:
-
-docker-compose -f docker-compose.selenium.yml up --abort-on-container-exit
-
-Note: --abort-on-container-exit will abort client and server containers when selenium tests ends
-
-## Visual trouble shoot
-
-Install VNC viewer and point browser to http://localhost:5900 to monitor web UI interactions
-
 ## Error Responses and handling:
 
 [See ErrorResponses.md](./ErrorResponses.md)
diff --git a/selenium_tests/src/test_node_sample.py b/selenium_tests/src/test_node_sample.py
@@ -1,10 +1,11 @@
-# Generated by Selenium IDE
 import time
 from selenium import webdriver
 from selenium.webdriver.common.by import By
 from selenium.webdriver.support import expected_conditions as EC
 from selenium.webdriver.support.wait import WebDriverWait
 
+CSS_SEL_FE_ERR_MSG_CONTENT = "tbody .ds-c-table__cell--align-left:nth-child(2)"
+
 
 class TestNodeSampleApp():
     driver_ready = False
@@ -73,6 +74,13 @@ def _assert_EOB_table_records_present(self, cnt):
         elements = self._find_elem_xpath(xpath)
         assert len(elements) == cnt
 
+    def _assert_EOB_table_error_present(self):
+        element = self._find_and_return(30,
+                                        By.CSS_SELECTOR,
+                                        CSS_SEL_FE_ERR_MSG_CONTENT)
+        assert element is not None
+        print(element.text)
+
     def _input_user_and_passwd_and_login(self):
         self._find_and_sendkey(30, By.ID, "username-textbox", "BBUser10000")
         self._find_and_sendkey(30, By.ID, "password-textbox", "PW10000!")
@@ -85,6 +93,7 @@ def test_node_sample_app_grant_access(self):
         assert elem is not None
         self._input_user_and_passwd_and_login()
         self._find_and_click(30, By.ID, "approve")
+        time.sleep(5)
         self._assert_EOB_table_header_present()
         self._assert_EOB_table_records_present(10)
 
@@ -97,6 +106,7 @@ def test_node_sample_app_grant_access_no_demographic(self):
         # select radio button "No Demographic Data"
         self._find_and_click(30, By.CSS_SELECTOR, "label:nth-child(5)")
         self._find_and_click(30, By.ID, "approve")
+        time.sleep(5)
         self._assert_EOB_table_header_present()
         self._assert_EOB_table_records_present(10)
 
@@ -107,5 +117,27 @@ def test_node_sample_app_deny_access(self):
         assert elem is not None
         self._input_user_and_passwd_and_login()
         self._find_and_click(30, By.ID, "deny")
-        self._assert_EOB_table_header_present()
-        self._assert_EOB_table_records_present(0)
+        time.sleep(5)
+        self._assert_EOB_table_error_present()
+
+    def test_node_sample_app_grant_followed_by_deny_access(self):
+        '''
+        this is to verify that the cached result from previous
+        authorized eob query is clean up (should not see cached claims)
+        '''
+        self.driver.get("http://client:3000/")
+        self.driver.set_window_size(1500, 1800)
+        elem = self._find_and_click(30, By.ID, "auth_btn")
+        assert elem is not None
+        self._input_user_and_passwd_and_login()
+        self._find_and_click(30, By.ID, "approve")
+        time.sleep(5)
+        self._assert_EOB_table_records_present(10)
+        # go again
+        elem = self._find_and_click(30, By.ID, "auth_btn")
+        assert elem is not None
+        self._input_user_and_passwd_and_login()
+        self._find_and_click(30, By.ID, "deny")
+        time.sleep(5)
+        # should see error message
+        self._assert_EOB_table_error_present()
diff --git a/server/index.ts b/server/index.ts
@@ -7,6 +7,12 @@ interface User {
     errors?: string[]
 }
 
+const BENE_DENIED_ACCESS = "access_denied"
+const FE_MSG_ACCESS_DENIED = "Beneficiary denied app access to their data"
+const ERR_QUERY_EOB = "Error when querying the patient's EOB!"
+const ERR_MISSING_AUTH_CODE = "Response was missing access code!"
+const ERR_MISSING_STATE = "State is required when using PKCE"
+
 const app = express();
 
 const bb = new BlueButton();
@@ -20,6 +26,12 @@ const authData = bb.generateAuthData();
 const loggedInUser: User = {
 };
 
+// helper to clean up cached eob data
+function clearBB2Data() {
+    loggedInUser.authToken = undefined;
+    loggedInUser.eobData = {};
+}
+  
 // AuthorizationToken holds access grant info:
 // access token, expire in, expire at, token type, scope, refreh token, etc.
 // it is associated with current logged in user in real app,
@@ -35,13 +47,20 @@ app.get("/api/authorize/authurl", (req: Request, res: Response) => {
 // auth flow: oauth2 call back
 app.get("/api/bluebutton/callback", async (req: Request, res: Response) => {
   if (typeof req.query.error === "string") {
-    res.json({ message: req.query.error });
+    // clear all cached claims eob data since the bene has denied access
+    // for the application
+    clearBB2Data();
+    let errMsg = req.query.error;
+    if (req.query.error === BENE_DENIED_ACCESS) {
+        errMsg = FE_MSG_ACCESS_DENIED;
+    }
+    loggedInUser.eobData = {"message": errMsg};
+    process.stdout.write(errMsg + '\n');
   } else {
     if (
       typeof req.query.code === "string" &&
       typeof req.query.state === "string"
     ) {
-    //   let results;
       try {
         authToken = await bb.getAuthorizationToken(
           authData,
@@ -54,64 +73,22 @@ app.get("/api/bluebutton/callback", async (req: Request, res: Response) => {
         // access token can expire, SDK automatically refresh access token when that happens.
         const eobResults = await bb.getExplanationOfBenefitData(authToken);
         authToken = eobResults.token; // in case authToken got refreshed during fhir call
-        // const patientResults = await bb.getPatientData(authToken);
-        // authToken = patientResults.token;
-        // const coverageResults = await bb.getCoverageData(authToken);
-        // authToken = coverageResults.token;
-        // const profileResults = await bb.getProfileData(authToken);
-        // authToken = profileResults.token;
-
-        // nav pages if needed for eob, patient, coverage
-        // client code can preemptively refresh tokens by calling refreshAuthToken(authToken)
-        // console.log(
-        //   "============= preemptively do oauth token refresh before fetch EOB ================="
-        // );
-
-        // console.log("============= authToken =================");
-
-        // authToken = await bb.refreshAuthToken(authToken);
-
-        // console.log(authToken);
 
         loggedInUser.authToken = authToken;
-        // console.log("============= EOB PAGES =================");
 
         loggedInUser.eobData = eobResults.response?.data;
-        // const eobs = await bb.getPages(eobbundle, authToken);
-        // for (let i = 0; i < eobs.pages.length; i++) {
-        //   fs.writeFileSync(`eob_p${i}.json`, JSON.stringify(eobs.pages[i]));
-        // }
-
-        // authToken = eobs.token;
-
-        // console.log("=============PATIENT=================");
-        // const ptbundle = patientResults.response?.data;
-        // const pts = await bb.getPages(ptbundle, authToken);
-        // authToken = pts.token;
-
-        // console.log("=============COVERAGE=================");
-        // const coveragebundle = coverageResults.response?.data;
-        // const coverages = await bb.getPages(coveragebundle, authToken);
-        // authToken = coverages.token;
-
-        // console.log("=============PROFILE=================");
-        // const pfbundle = profileResults.response?.data;
-        // const pfs = await bb.getPages(pfbundle, authToken);
-        // authToken = pfs.token;
-
-        // results = {
-        //   eob: eobs.pages,
-        //   patient: pts.pages,
-        //   coverage: coverages.pages,
-        //   profile: pfs.pages,
-        // };
       } catch (e) {
-        console.log(e);
+        loggedInUser.eobData = {};
+        process.stdout.write(ERR_QUERY_EOB + '\n');
+        process.stdout.write("Exception: " + e + '\n');
       }
-    //   res.json(results);
     } else {
-      //res.json({ message: "Missing AC in callback." });
-      console.log("Missing AC in callback.");
+      clearBB2Data();
+      process.stdout.write(ERR_MISSING_AUTH_CODE + '\n');
+      process.stdout.write("OR" + '\n');
+      process.stdout.write(ERR_MISSING_STATE + '\n');
+      process.stdout.write("AUTH CODE: " + req.query.code + '\n');
+      process.stdout.write("STATE: " + req.query.state + '\n');
     }
   }
   const fe_redirect_url = 
