Remove patient requirement in test eob function (#792)

- update callback to get patient info from token as a fallback. - Patch test client userinfo with patient_id Before this the EOB endpoint would return a 403 if demographic info was restricted by the patient. BLUEBUTTON-1647
CMSgov · Mar 16, 2020 · bab44fc · bab44fc
1 parent 6056bd8
commit bab44fc
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/apps/testclient/views.py b/apps/testclient/views.py
@@ -48,9 +48,9 @@ def callback(request):
     except Exception:
         userinfo = {'patient': token.get('patient', None)}
 
-    request.session['patient'] = userinfo.get('patient', None)
+    request.session['patient'] = userinfo.get('patient', token.get('patient', None))
 
-    response['userinfo'] = userinfo
+    response['userinfo'] = {'patient': request.session.get('patient', None)}
 
     response['oidc_discovery_uri'] = host + \
         reverse('openid-configuration')
@@ -109,8 +109,8 @@ def test_eob(request):
         return HttpResponseRedirect(reverse('testclient_error_page'))
     oas = OAuth2Session(
         request.session['client_id'], token=request.session['token'])
-    eob_uri = "%s/v1/fhir/ExplanationOfBenefit/?patient=%s&_format=json" % (
-        request.session['resource_uri'], request.session['patient'])
+    eob_uri = "%s/v1/fhir/ExplanationOfBenefit/?_format=json" % (
+        request.session['resource_uri'])
     eob = oas.get(eob_uri).json()
     return JsonResponse(eob)