Closed dwwinters closed 4 years ago
My mistake (too early in the morning). Realized that the profile keys are named in the configuration and that capitalization matters there. I should have paid closer attention to your MongoDB implementation. Thanks for the great work you're contributing to the community!
Do you want to request a feature, report a bug, or improve documentation?
Report a bug
If you are reporting a bug?
What is the current behavior?
Pretty certain there is an issue with this line of the SMART on FHIR scope middleware. Since the profile names are all lowercase, scope checking will fail for the case of resources with more than one capital letter in their name (e.g., AllergyIntolerance). So the current code will convert "foobar" to "Foobar" even though it should be "FooBar".
What is the expected behavior?
Requested scopes for resources with more than one capital letter in their name should pass the scope checker if the resource is within the requested and granted scopes.
What are the steps to reproduce?
Authenticate to server via SMART on FHIR strategy and request scope for a resource with more than one capital letter in its name. Then make a FHIR call for that resource. Scope checking should incorrectly fail.
What OS are you using and what version of node.js and @asymmetrik/node-fhir-server-core are you running?
node.js v13.10 node-fhir-server-core v2.0.4