health_cards 0.0.1 → 0.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f299c1c4dec501f53d77e64007a9805316974ea5e649b1918f413e52ffc0dbf4
-  data.tar.gz: 118a46c61178a67461d0ee3fbeedab15ea4b0f93433ece7add27aceb1f398e0c
+  metadata.gz: c6e94c49814ad651b6377277252fef1276ca99fa3b0704171f31571a986da62e
+  data.tar.gz: 9a3a9b0e599a196d70d498089b23efb2479cece350f3bd1cb430ffbe4f22a32b
 SHA512:
-  metadata.gz: d9765d939d22cd01ff11b5c20a29d413af83124970ecb06cf89abc0b7cff393080ae12a908e22de411b991aa05ecaaddeb2023a9192aaab741379ecffd9a5c4a
-  data.tar.gz: 1102f68ec1d832766ecd37c15fd790ff3ab0e7d8505468dcf210d3b97d516900d5876a2aa7e5de963bad9667b4c48d654b5fcec733f3b3a141dd4f84b9d19097
+  metadata.gz: 39f9f579182341ec4124c991962ab8c7fcd8a09e5ced6e456a7f61248bc53c4a80b4b65a8eed2ba7756ecb29f8a68c8c8625017aad43a4cf38baa62ff3334194
+  data.tar.gz: c9c486b517e6c4e07299662700c50e53be4286b870abeccc1114d042f216ba0489069770a1c574cdae3b6e852a07738749901109c84644ebba42869baf150b3f

data/lib/health_cards.rb

@@ -9,8 +9,12 @@ require 'health_cards/key_set'
 require 'health_cards/private_key'
 require 'health_cards/public_key'
 require 'health_cards/health_card'
-require 'health_cards/chunking'
-require 'health_cards/exceptions'
+require 'health_cards/attribute_filters'
+require 'health_cards/card_types'
+require 'health_cards/chunking_utils'
+require 'health_cards/errors'
+require 'health_cards/qr_codes'
+require 'health_cards/chunk'
 require 'health_cards/verifier'
 require 'health_cards/importer'
 require 'health_cards/covid_health_card'

data/lib/health_cards/attribute_filters.rb

@@ -0,0 +1,92 @@
+# frozen_string_literal: true
+
+module HealthCards
+  # Handles behavior related to removing disallowed attributes from FHIR Resources
+  module AttributeFilters
+    ALL_FHIR_RESOURCES = :fhir_resource
+
+    def self.included(base)
+      base.extend ClassMethods
+    end
+
+    # Class level methods for HealthCard class specific settings
+    module ClassMethods
+      # Define allowed attributes for this HealthCard class
+      # @param type [Class] Scopes the attributes to a spefic class. Must be a subclass of FHIR::Model
+      # @param attributes [Array] An array of string with the attribute names that will be passed through
+      #  when data is minimized
+      def allow(type:, attributes: [])
+        allowable[type] = attributes
+      end
+
+      # Define disallowed attributes for this HealthCard class
+      # @param type [Class] Scopes the attributes to a spefic class. If not used will default to all FHIR resources.
+      # To apply a rule to all FHIR types (resources and types), use FHIR::Model as the type
+      # @param attributes [Array] An array of string with the attribute names that will be passed through
+      #  when data is minimized
+      def disallow(type: ALL_FHIR_RESOURCES, attributes: [])
+        disallowable[type] ||= []
+        disallowable[type].concat(attributes)
+      end
+
+      # Define disallowed attributes for this HealthCard class
+      # @return [Hash] A hash of FHIR::Model subclasses and attributes that will pass through minimization
+      def disallowable
+        return @disallowable if @disallowable
+
+        @disallowable = parent_disallowables
+      end
+
+      # Define allowed attributes for this HealthCard class
+      # @return [Hash] A hash of FHIR::Model subclasses and attributes that will pass through minimization
+      def allowable
+        return @allowable if @allowable
+
+        @allowable = parent_allowables
+      end
+
+      protected
+
+      def parent_allowables(base = {})
+        self < HealthCards::HealthCard ? base.merge(superclass.allowable) : base
+      end
+
+      def parent_disallowables(base = {})
+        self < HealthCards::HealthCard ? base.merge(superclass.disallowable) : base
+      end
+    end
+
+    def handle_allowable(resource)
+      class_allowables = self.class.allowable[resource.class]
+
+      return unless class_allowables
+
+      allowed = resource.to_hash.select! { |att| class_allowables.include?(att) }
+
+      resource.from_hash(allowed)
+    end
+
+    def handle_disallowable(resource)
+      class_disallowable = find_subclass_keys(self.class.disallowable, resource)
+
+      return if class_disallowable.empty?
+
+      all_disallowed = class_disallowable.map do |disallowed_class|
+        self.class.disallowable[disallowed_class]
+      end.flatten.uniq
+
+      allowed = resource.to_hash.delete_if { |att| all_disallowed.include?(att) }
+
+      resource.from_hash(allowed)
+    end
+
+    protected
+
+    def find_subclass_keys(hash, resource)
+      subclasses = hash.keys.filter { |class_key| class_key.is_a?(Class) && resource.class <= class_key }
+      # No great way to determine if this is an actual FHIR resource
+      subclasses << ALL_FHIR_RESOURCES if resource.respond_to?(:resourceType)
+      subclasses
+    end
+  end
+end

data/lib/health_cards/card_types.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+module HealthCards
+  # Handles behavior related to support types by Healthcard subclasses
+  module CardTypes
+    VC_TYPE = [
+      'https://smarthealth.cards#health-card'
+    ].freeze
+
+    # Additional type claims this HealthCard class supports
+    # @param types [String, Array] A string or array of string representing the additional type claims or nil
+    # if used as a getter
+    # @return [Array] the additional types added by this classes
+    def additional_types(*add_types)
+      types.concat(add_types) unless add_types.nil?
+      types - VC_TYPE
+    end
+
+    # Type claims supported by this HealthCard subclass
+    # @return [Array] an array of Strings with all the supported type claims
+    def types
+      @types ||= VC_TYPE.dup
+    end
+
+    # Check if this class supports the given type claim(s)
+    # @param type [Array, String] A type as defined by the SMART Health Cards framework
+    # @return [Boolean] Whether or not the type param is included in the types supported by the HealthCard (sub)class
+    def supports_type?(*type)
+      !types.intersection(type.flatten).empty?
+    end
+  end
+end

data/lib/health_cards/chunk.rb

@@ -0,0 +1,92 @@
+# frozen_string_literal: true
+
+# rubocop:disable Lint/MissingSuper
+module HealthCards
+  # Represents a single QRCode in a sequence. This class is a shim to the RQRCode library
+  # to enable multimode encoding
+  class Chunk < RQRCode::QRCode
+    attr_reader :ordinal
+
+    def data
+      @qrcode.data
+    end
+
+    def initialize(ordinal: 1, input: nil)
+      @ordinal = ordinal
+      @qrcode = ChunkCore.new(input)
+    end
+
+    def image
+      as_png(
+        border_modules: 1,
+        module_px_size: 2
+      )
+    end
+  end
+
+  # RQRCodeCore shim for to enable multimode encoding
+  class ChunkCore < RQRCodeCore::QRCode
+    attr_accessor :data
+
+    def initialize(input)
+      @data = input
+      @error_correct_level = 1
+      @version = 22
+      @module_count = @version * 4 + RQRCodeCore::QRPOSITIONPATTERNLENGTH
+      @modules = Array.new(@module_count)
+      @data_list = SHCQRCode.new(@data)
+      @data_cache = nil
+      make
+    end
+
+    # RQRCodeCore data shim for multimode encoding
+    class SHCQRCode
+      SINGLE_REGEX = %r{shc:/}.freeze
+      MULTI_REGEX = %r{shc:/[0-9]*/[0-9]*/}.freeze
+
+      def initialize(data)
+        @data = data
+      end
+
+      def write(buffer)
+        multi = MULTI_REGEX.match(@data)
+        prefix = multi ? multi.to_s : SINGLE_REGEX.match(@data).to_s
+
+        buffer.byte_encoding_start(prefix.length)
+
+        prefix.each_byte do |b|
+          buffer.put(b, 8)
+        end
+
+        num_content = @data.delete_prefix(prefix)
+
+        buffer.numeric_encoding_start(num_content.length)
+
+        num_content.size.times do |i|
+          next unless (i % 3).zero?
+
+          chars = num_content[i, 3]
+          bit_length = get_bit_length(chars.length)
+          buffer.put(get_code(chars), bit_length)
+        end
+      end
+
+      private
+
+      NUMBER_LENGTH = {
+        3 => 10,
+        2 => 7,
+        1 => 4
+      }.freeze
+
+      def get_bit_length(length)
+        NUMBER_LENGTH[length]
+      end
+
+      def get_code(chars)
+        chars.to_i
+      end
+    end
+  end
+end
+# rubocop:enable Lint/MissingSuper

data/lib/health_cards/{chunking.rb → chunking_utils.rb}

@@ -2,12 +2,12 @@
 
 module HealthCards
   # Split up a JWS into chunks if encoded size is above QR Code Size constraint
-  module Chunking
+  module ChunkingUtils
     extend self
     MAX_SINGLE_JWS_SIZE = 1195
     MAX_CHUNK_SIZE = 1191
 
-    def split_bundle(jws)
+    def split_jws(jws)
       if jws.length <= MAX_SINGLE_JWS_SIZE
         [jws]
       else
@@ -18,13 +18,21 @@ module HealthCards
     end
 
     # Splits jws into chunks and converts each string into numeric
-    def generate_qr_chunks(jws)
-      jws_chunks = split_bundle jws.to_s
-      jws_chunks.map { |c| convert_jws_to_numeric(c) }
+    def jws_to_qr_chunks(jws)
+      chunks = split_jws(jws.to_s).map { |c| convert_jws_to_numeric(c) }
+
+      # if 1 chunk, attach prefix shc:/
+      # if multiple chunks, attach prefix shc:/$orderNumber/$totalChunkCount
+      if chunks.length == 1
+        chunks[0] = "shc:/#{chunks[0]}"
+      else
+        chunks.map!.with_index(1) { |ch, i| "shc:/#{i}/#{chunks.length}/#{ch}" }
+      end
+      chunks
     end
 
     # Assemble jws from qr code chunks
-    def assemble_jws(qr_chunks)
+    def qr_chunks_to_jws(qr_chunks)
       if qr_chunks.length == 1
         # Strip off shc:/ and convert numeric jws
         numeric_jws = qr_chunks[0].delete_prefix('shc:/')
@@ -35,14 +43,6 @@ module HealthCards
       end
     end
 
-    def get_payload_from_qr(qr_chunks)
-      jws = assemble_jws qr_chunks
-
-      # Get JWS payload, then decode and inflate
-      message = Base64.urlsafe_decode64 jws.split('.')[1]
-      JSON.parse(Zlib::Inflate.new(-Zlib::MAX_WBITS).inflate(message))
-    end
-
     private
 
     # Each character "c" of the jws is converted into a sequence of two digits by taking c.ord - 45

data/lib/health_cards/covid_health_card.rb

@@ -1,12 +1,17 @@
 # frozen_string_literal: true
 
+require 'health_cards/attribute_filters'
+require 'health_cards/card_types'
+
 module HealthCards
   # Implements HealthCard for use with COVID Vaccination IG
   class COVIDHealthCard < HealthCards::HealthCard
     fhir_version '4.0.1'
+
     additional_types 'https://smarthealth.cards#covid19'
+    additional_types 'https://smarthealth.cards#immunization'
 
-    allow FHIR::Patient, %w[name birthDate]
-    allow FHIR::Immunization, %w[status vaccineCode patient occurrenceDateTime]
+    allow type: FHIR::Patient, attributes: %w[name birthDate]
+    allow type: FHIR::Immunization, attributes: %w[status vaccineCode patient occurrenceDateTime]
   end
 end

data/lib/health_cards/{exceptions.rb → errors.rb}

@@ -1,45 +1,69 @@
 # frozen_string_literal: true
 
 module HealthCards
+  class HealthCardsError < StandardError; end
+
+  class JWSError < HealthCardsError; end
+
+  class HealthCardError < HealthCardsError; end
+
+  #  Errors related to JWS
+
   # Exception thrown when a private key is expected or required
-  class MissingPrivateKey < StandardError
+  class MissingPrivateKeyError < JWSError
     def initialize(msg = 'Missing private key')
       super(msg)
     end
   end
 
   # Exception thrown when a public key is expected or required
-  class MissingPublicKey < StandardError
+  class MissingPublicKeyError < JWSError
     def initialize(msg = 'Missing public key')
       super(msg)
     end
   end
 
+  class UnresolvableKeySetError < JWSError; end
+
+  # Errors related to HealthCard / Bundle
+
   # Exception thrown when an invalid payload is provided
-  class InvalidPayloadException < ArgumentError
-    def initialize(msg = 'Bundle must be a FHIR::Bundle')
+  class InvalidPayloadError < HealthCardError
+    def initialize(msg = 'Bundle is not a valid FHIR Bundle')
       super(msg)
     end
   end
 
   # Exception thrown when verifiable credential JSON does not include a locatable FHIR Bundle
-  class InvalidCredentialException < ArgumentError
+  class InvalidCredentialError < HealthCardError
     def initialize(msg = 'Unable to locate FHIR Bundle in credential')
       super(msg)
     end
   end
 
-  # Exception thrown when an invalid key (public or private) is provided
-  class InvalidKeyException < ArgumentError
-    def initialize(expected_class, actual_obj)
-      super("Expected an instance of #{expected_class} but was #{actual_obj.class}")
-    end
-  end
-
   # Exception thrown when a reference in a bundle in unresolvable
-  class InvalidBundleReferenceException < ArgumentError
+  class InvalidBundleReferenceError < HealthCardError
     def initialize(url)
       super("Unable to resolve url (#{url}) within bundle")
     end
   end
+
+  # Error thrown when FHIR Parameters are invalid
+  class InvalidParametersError < HealthCardError
+    attr_reader :code
+
+    def initialize(code: nil, message: nil)
+      @code = code
+      super(message)
+    end
+  end
+
+  # Other errors
+
+  # Exception thrown when an invalid key (public or private) is provided
+  class InvalidKeyError < HealthCardsError
+    def initialize(expected_class, actual_obj)
+      super("Expected an instance of #{expected_class} but was #{actual_obj.class}")
+    end
+  end
 end

data/lib/health_cards/exporter.rb

@@ -3,21 +3,52 @@
 module HealthCards
   # Converts a JWS to formats needed by endpoints (e.g. $issue-health-card, download and qr code)
   module Exporter
-    extend Chunking
+    class << self
+      # Export JWS for file download
+      # @param [Array<JWS, String>] An array of JWS objects to be exported
+      # @return [String] JSON string containing file download contents
+      def download(jws)
+        { verifiableCredential: jws.map(&:to_s) }.to_json
+      end
 
-    # Export JWS for file download
-    # @param [Array<JWS, String>] An array of JWS objects to be exported
-    # @return [String] JSON string containing file download contents
-    def self.download(jws)
-      { verifiableCredential: jws.map(&:to_s) }.to_json
-    end
+      # Export JWS for $issue-health-card endpoint
+      # @param [FHIR::Parameters] A FHIR::Parameters object
+      # @yields [types] An array of strings representing the types in the FHIR::Parameters.
+      # Expects block to return JWS instances for those types
+      # @return [String] JSON string containing a FHIR Parameters resource
+      def issue(fhir_params)
+        *jws = yield extract_types!(fhir_params)
+
+        params = jws.compact.map { |j| FHIR::Parameters::Parameter.new(name: 'verifiableCredential', valueString: j) }
+
+        FHIR::Parameters.new(parameter: params).to_json
+      end
+
+      def qr_codes(jws)
+        QRCodes.from_jws(jws)
+      end
+
+      private
+
+      def extract_types!(fhir_params)
+        if fhir_params.nil?
+          code = 'structure'
+          err_msg = 'No Parameters found'
+        elsif !fhir_params.valid?
+          code = 'invalid'
+          err_msg = fhir_params.validate.to_s
+        else
+          types = fhir_params.parameter.map(&:valueUri).compact
+          if types.empty?
+            code = 'required'
+            err_msg = 'Invalid Parameter: Expected valueUri'
+          end
+        end
+
+        raise InvalidParametersError.new(code: code, message: err_msg) if code
 
-    # Export JWS for $issue-health-card endpoint
-    # @param [Array<WJS, String] An array of JWS objects to be exported
-    # @return [String] JSON string containing a FHIR Parameters resource
-    def self.issue(jws)
-      params = jws.map { |j| FHIR::Parameters::Parameter.new(name: 'verifiableCredential', valueString: j) }
-      FHIR::Parameters.new(parameter: params).to_json
+        types
+      end
     end
   end
 end

data/lib/health_cards/health_card.rb

@@ -1,14 +1,41 @@
 # frozen_string_literal: true
 
-require 'json/minify'
 require 'zlib'
+require 'uri'
+
+require 'health_cards/attribute_filters'
+require 'health_cards/card_types'
 
 module HealthCards
   # A HealthCard which implements the credential claims specified by https://smarthealth.cards/
   class HealthCard
-    VC_TYPE = [
-      'https://healthwallet.cards#health-card'
-    ].freeze
+    include HealthCards::AttributeFilters
+    extend HealthCards::CardTypes
+
+    FHIR_REF_REGEX = %r{((http|https)://([A-Za-z0-9\-\\.:%$]*/)+)?(
+      Account|ActivityDefinition|AdverseEvent|AllergyIntolerance|Appointment|AppointmentResponse|AuditEvent|Basic|
+      Binary|BiologicallyDerivedProduct|BodyStructure|Bundle|CapabilityStatement|CarePlan|CareTeam|CatalogEntry|
+      ChargeItem|ChargeItemDefinition|Claim|ClaimResponse|ClinicalImpression|CodeSystem|Communication|
+      CommunicationRequest|CompartmentDefinition|Composition|ConceptMap|Condition|Consent|Contract|Coverage|
+      CoverageEligibilityRequest|CoverageEligibilityResponse|DetectedIssue|Device|DeviceDefinition|DeviceMetric
+      |DeviceRequest|DeviceUseStatement|DiagnosticReport|DocumentManifest|DocumentReference|EffectEvidenceSynthesis|
+      Encounter|Endpoint|EnrollmentRequest|EnrollmentResponse|EpisodeOfCare|EventDefinition|Evidence|EvidenceVariable|
+      ExampleScenario|ExplanationOfBenefit|FamilyMemberHistory|Flag|Goal|GraphDefinition|Group|GuidanceResponse|
+      HealthcareService|ImagingStudy|Immunization|ImmunizationEvaluation|ImmunizationRecommendation|
+      ImplementationGuide|InsurancePlan|Invoice|Library|Linkage|List|Location|Measure|MeasureReport|Media|Medication|
+      MedicationAdministration|MedicationDispense|MedicationKnowledge|MedicationRequest|MedicationStatement|
+      MedicinalProduct|MedicinalProductAuthorization|MedicinalProductContraindication|MedicinalProductIndication|
+      MedicinalProductIngredient|MedicinalProductInteraction|MedicinalProductManufactured|MedicinalProductPackaged|
+      MedicinalProductPharmaceutical|MedicinalProductUndesirableEffect|MessageDefinition|MessageHeader|
+      MolecularSequence|NamingSystem|NutritionOrder|Observation|ObservationDefinition|OperationDefinition|
+      OperationOutcome|Organization|OrganizationAffiliation|Patient|PaymentNotice|PaymentReconciliation|Person|
+      PlanDefinition|Practitioner|PractitionerRole|Procedure|Provenance|Questionnaire|QuestionnaireResponse|
+      RelatedPerson|RequestGroup|ResearchDefinition|ResearchElementDefinition|ResearchStudy|ResearchSubject|
+      RiskAssessment|RiskEvidenceSynthesis|Schedule|SearchParameter|ServiceRequest|Slot|Specimen|SpecimenDefinition|
+      StructureDefinition|StructureMap|Subscription|Substance|SubstanceNucleicAcid|SubstancePolymer|SubstanceProtein|
+      SubstanceReferenceInformation|SubstanceSourceMaterial|SubstanceSpecification|SupplyDelivery|SupplyRequest|Task|
+      TerminologyCapabilities|TestReport|TestScript|ValueSet|VerificationResult|VisionPrescription)/
+      [A-Za-z0-9\-.]{1,64}(/_history/[A-Za-z0-9\-.]{1,64})?}x.freeze
 
     attr_reader :issuer, :nbf, :bundle
 
@@ -30,7 +57,7 @@ module HealthCards
         json = decompress_payload(payload)
         bundle_hash = json.dig('vc', 'credentialSubject', 'fhirBundle')
 
-        raise HealthCards::InvalidCredentialException unless bundle_hash
+        raise HealthCards::InvalidCredentialError unless bundle_hash
 
         bundle = FHIR::Bundle.new(bundle_hash)
         new(issuer: json['iss'], bundle: bundle)
@@ -51,21 +78,6 @@ module HealthCards
         Zlib::Deflate.new(nil, -Zlib::MAX_WBITS).deflate(payload.to_s, Zlib::FINISH)
       end
 
-      # Define allowed attributes for this HealthCard class
-      # @param klass [Class] Scopes the attributes to a spefic class. Must be a subclass of FHIR::Model
-      # @param attributes [Array] An array of string with the attribute names that will be passed through
-      #  when data is minimized
-      def allow(klass, attributes)
-        resource_type = klass.name.split('::').last
-        allowable[resource_type] = attributes
-      end
-
-      # Define allowed attributes for this HealthCard class
-      # @return [Hash] A hash of FHIR::Model subclasses and attributes that will pass through minimization
-      def allowable
-        @allowable ||= {}
-      end
-
       # Sets/Gets the fhir version that will be passed through to the credential created by an instnace of
       # this HealthCard (sub)class
       # @param ver [String] FHIR Version supported by this HealthCard (sub)class. Leaving this param out
@@ -76,36 +88,20 @@ module HealthCards
         @fhir_version ||= ver unless ver.nil?
         @fhir_version
       end
+    end
 
-      # Additional type claims this HealthCard class supports
-      # @param types [String, Array] A string or array of string representing the additional type claims or nil
-      # if used as a getter
-      # @return [Array] the additional types added by this classes
-      def additional_types(*add_types)
-        types.concat(add_types) unless add_types.nil?
-        types - VC_TYPE
-      end
-
-      # Type claims supported by this HealthCard subclass
-      # @return [Array] an array of Strings with all the supported type claims
-      def types
-        @types ||= VC_TYPE.dup
-      end
+    allow type: FHIR::Meta, attributes: %w[security]
 
-      # Check if this class supports the given type claim(s)
-      # @param type [Array, String] A type as defined by the SMART Health Cards framework
-      # @return [Boolean] Whether or not the type param is included in the types supported by the HealthCard (sub)class
-      def supports_type?(*type)
-        !types.intersection(type).empty?
-      end
-    end
+    disallow attributes: %w[id text]
+    disallow type: FHIR::CodeableConcept, attributes: %w[text]
+    disallow type: FHIR::Coding, attributes: %w[display]
 
     # Create a HealthCard
     #
     # @param bundle [FHIR::Bundle] VerifiableCredential containing a fhir bundle
     # @param issuer [String] The url from the Issuer of the HealthCard
     def initialize(bundle:, issuer: nil)
-      raise InvalidPayloadException unless bundle.is_a?(FHIR::Bundle)
+      raise InvalidPayloadError unless bundle.is_a?(FHIR::Bundle) # && bundle.valid?
 
       @issuer = issuer
       @bundle = bundle
@@ -121,10 +117,9 @@ module HealthCards
           type: self.class.types,
           credentialSubject: {
             fhirVersion: self.class.fhir_version,
-            fhirBundle: strip_fhir_bundle
+            fhirBundle: strip_fhir_bundle.to_hash
           }
         }
-
       }
     end
 
@@ -138,7 +133,7 @@ module HealthCards
     # A minified JSON string matching the VC structure specified by https://smarthealth.cards/#health-cards-are-encoded-as-compact-serialization-json-web-signatures-jws
     # @return [String] JSON string
     def to_json(*_args)
-      JSON.minify(to_hash.to_json)
+      to_hash.to_json
     end
 
     # Processes the bundle according to https://smarthealth.cards/#health-cards-are-small and returns
@@ -146,78 +141,63 @@ module HealthCards
     # @return [Hash] A hash with the same content as the FHIR::Bundle, processed accoding
     # to SMART Health Cards framework and any constraints created by subclasses
     def strip_fhir_bundle
-      stripped_bundle = @bundle.to_hash
-      if stripped_bundle.key?('entry') && !stripped_bundle['entry'].empty?
-        entries = stripped_bundle['entry']
-        entries, @url_map = redefine_uris(entries)
-        update_elements(entries)
+      return [] unless bundle.entry
+
+      new_bundle = duplicate_bundle
+      url_map = redefine_uris(new_bundle)
+
+      new_bundle.entry.each do |entry|
+        entry.each_element do |value, metadata, _|
+          case metadata['type']
+          when 'Reference'
+            value.reference = process_reference(url_map, entry, value)
+          when 'Resource'
+            value.meta = nil unless value.meta&.security
+          end
+
+          handle_allowable(value)
+          handle_disallowable(value)
+        end
       end
-      stripped_bundle
+
+      new_bundle
     end
 
     private
 
-    def redefine_uris(entries)
+    def duplicate_bundle
+      FHIR::Bundle.new(bundle.to_hash)
+    end
+
+    def redefine_uris(bundle)
       url_map = {}
       resource_count = 0
-      entries.each do |entry|
-        old_url = entry['fullUrl']
+      bundle.entry.each do |entry|
+        old_url = entry.fullUrl
         new_url = "resource:#{resource_count}"
         url_map[old_url] = new_url
-        entry['fullUrl'] = new_url
+        entry.fullUrl = new_url
         resource_count += 1
       end
-      [entries, url_map]
+      url_map
     end
 
-    def update_elements(entries)
-      entries.each do |entry|
-        resource = entry['resource']
+    def process_reference(url_map, entry, ref)
+      entry_url = URI(url_map.key(entry.fullUrl))
+      ref_url = ref.reference
 
-        resource.delete('id')
-        resource.delete('text')
-        if resource.dig('meta', 'security')
-          resource['meta'] = resource['meta'].slice('security')
-        else
-          resource.delete('meta')
-        end
-        handle_allowable(resource)
-        update_nested_elements(resource)
-      end
-    end
+      return unless ref_url
 
-    def handle_allowable(resource)
-      allowable = self.class.allowable[resource['resourceType']]
-      return resource unless allowable
+      return url_map[ref_url] if url_map[ref_url]
 
-      allow = allowable + ['resourceType']
-      resource.select! { |att| allow.include?(att) }
-    end
+      fhir_base_url = FHIR_REF_REGEX.match(entry_url.to_s)[1]
+      full_url = URI.join(fhir_base_url, ref_url).to_s
 
-    def process_url(url)
-      new_url = @url_map.key?(url) ? @url_map[url] : @url_map["#{issuer}/#{url}"]
-      raise InvalidBundleReferenceException, url unless new_url
+      new_url = url_map[full_url]
 
-      new_url
-    end
-
-    def update_nested_elements(hash)
-      hash.map { |k, v| update_nested_element(hash, k, v) }
-    end
+      raise InvalidBundleReferenceError, full_url unless new_url
 
-    def update_nested_element(hash, attribute_name, value) # rubocop:disable Metrics/CyclomaticComplexity
-      case value
-      when String
-        hash[attribute_name] = process_url(value) if attribute_name == 'reference'
-      when Hash
-        value.delete('text') if attribute_name.include?('CodeableConcept') || value.key?('coding')
-        update_nested_elements(value)
-      when Array
-        value.each do |member_element|
-          member_element.delete('display') if attribute_name == 'coding'
-          update_nested_elements(member_element) if member_element.is_a?(Hash)
-        end
-      end
+      new_url
     end
   end
 end

data/lib/health_cards/importer.rb

@@ -3,23 +3,40 @@
 module HealthCards
   # Converts a JWS to formats needed by endpoints (e.g. $issue-health-card, download and qr code)
   module Importer
-    extend Chunking
-
     # Import JWS from file upload
     # @param  [String] JSON string containing file upload contents
-    # @return [Array<JWS>] An array of JWS objects
+    # @return [Array<Hash>] An array of Hashes containing JWS payload and verification contents
     def self.upload(jws_string)
       vc = JSON.parse(jws_string)
       vc_jws = vc['verifiableCredential']
       vc_jws.map do |j|
-        jws = JWS.from_jws(j)
-        HealthCard.decompress_payload(jws.payload)
+        verify_jws j
       end
     end
 
+    # Scan QR code
+    # @param [Array<String>] Array containing numeric QR chunks
+    # @return [Hash] Hash containing the JWS payload and verification contents
     def self.scan(qr_contents)
-      contents = JSON.parse(qr_contents)
-      get_payload_from_qr contents
+      qr_codes = QRCodes.new(qr_contents)
+      verify_jws qr_codes.to_jws
+    end
+
+    # Verify JWS signature
+    # @param [String] JWS string
+    # @return [Hash] Hash containing the JWS payload and verification contents
+    private_class_method def self.verify_jws(jws_string)
+      jws = JWS.from_jws jws_string
+      result = { payload: HealthCard.decompress_payload(jws.payload) }
+      begin
+        result[:verified] = Verifier.verify jws
+        result[:error_message] = 'Signature Invalid' if result[:verified] == false
+      rescue MissingPublicKeyError, UnresolvableKeySetError => e
+        result[:verified] = false
+        result[:error_message] = e.message
+      end
+
+      result
     end
   end
 end

data/lib/health_cards/jws.rb

@@ -82,7 +82,7 @@ module HealthCards
     def signature
       return @signature if @signature
 
-      raise MissingPrivateKey unless key
+      raise MissingPrivateKeyError unless key
 
       @signature ||= key.sign(jws_signing_input)
     end
@@ -97,7 +97,7 @@ module HealthCards
     #
     # @return [Boolean]
     def verify
-      raise MissingPublicKey unless public_key
+      raise MissingPublicKeyError unless public_key
 
       public_key.verify(jws_signing_input, signature)
     end

data/lib/health_cards/key.rb

@@ -12,8 +12,8 @@ module HealthCards
     # Checks if obj is the the correct key type or nil
     # @param obj Object that should be of same type as caller or nil
     # @param allow_nil Allow/Disallow key to be nil
-    def self.enforce_valid_key_type!(obj, allow_nil:  false)
-      raise InvalidKeyException.new(self, obj) unless obj.is_a?(self) || (allow_nil && obj.nil?)
+    def self.enforce_valid_key_type!(obj, allow_nil: false)
+      raise InvalidKeyError.new(self, obj) unless obj.is_a?(self) || (allow_nil && obj.nil?)
     end
 
     # Create a key from a JWK

data/lib/health_cards/qr_codes.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require 'rqrcode'
+
+module HealthCards
+  # Implements QR Code chunking in ruby
+  class QRCodes
+    attr_reader :chunks
+
+    # Creates a QRCodes from a JWS
+    # @param jws [String] the JWS string
+    # @return [HealthCards::QRCodes]
+    def self.from_jws(jws)
+      QRCodes.new(ChunkingUtils.jws_to_qr_chunks(jws.to_s))
+    end
+
+    # Creates a QRCodes from a set of encoded chunks
+    # @param chunks [Array<String>] An array of QR Code chunks as a string
+    def initialize(chunks)
+      @chunks = chunks.sort.map.with_index(1) { |ch, i| Chunk.new(ordinal: i, input: ch) }
+    end
+
+    # Find a single QR Code chunk from this collection based on its ordinal position
+    # @return [HealthCards::Chunk] A single QRCode chunk
+    def code_by_ordinal(num)
+      chunks.find { |ch| ch.ordinal == num }
+    end
+
+    # Combine all chunks and decodes it into a JWS object
+    # @return [HealthCards::JWS] JWS object that the chunks combine to create
+    def to_jws
+      jws_string = ChunkingUtils.qr_chunks_to_jws(chunks.map(&:data))
+      JWS.from_jws(jws_string)
+    end
+  end
+end

data/lib/health_cards/verification.rb

@@ -15,7 +15,10 @@ module HealthCards
       key_set.add_keys(resolve_key(jws)) if resolve_keys && key_set.find_key(jws.kid).nil?
 
       key = key_set.find_key(jws.kid)
-      raise MissingPublicKey, 'Verifier does not contain public key that is able to verify this signature' unless key
+      unless key
+        raise MissingPublicKeyError,
+              'Verifier does not contain public key that is able to verify this signature'
+      end
 
       jws.public_key = key
       jws.verify
@@ -25,8 +28,12 @@ module HealthCards
     # @param jws [HealthCards::JWS, String] The JWS for which to resolve keys
     # @return [HealthCards::KeySet]
     def resolve_key(jws)
-      res = Net::HTTP.get(URI("#{HealthCard.from_jws(jws.to_s).issuer}/.well-known/jwks.json"))
+      jwks_uri = URI("#{HealthCard.from_jws(jws.to_s).issuer}/.well-known/jwks.json")
+      res = Net::HTTP.get(jwks_uri)
       HealthCards::KeySet.from_jwks(res)
+    # Handle response if key is malformed or unreachable
+    rescue StandardError => e
+      raise HealthCards::UnresolvableKeySetError, "Unable resolve a valid key from uri #{jwks_uri}: #{e.message}"
     end
   end
 end

data/lib/health_cards/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module HealthCards
-  VERSION = '0.0.1'
+  VERSION = '0.0.2'
 end

metadata

@@ -1,14 +1,21 @@
 --- !ruby/object:Gem::Specification
 name: health_cards
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
 platform: ruby
 authors:
 - Reece Adamson
+- Samuel Sayer
+- Stephen MacVicar
+- Neelima Karipineni
+- Daniel Lee
+- Mick O'Hanlon
+- Priyank Madria
+- Shaumik Ashraf
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-05-14 00:00:00.000000000 Z
+date: 2021-07-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fhir_models
@@ -16,16 +23,16 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 4.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 4.0.0
 - !ruby/object:Gem::Dependency
-  name: json-minify
+  name: rqrcode
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -38,7 +45,12 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: Create SMART Health Cards
+description: "Health Cards implements SMART Health Cards, a secure and decentralized
+  framework that allows \npeople to prove their vaccination status or medical test
+  results. It is built on top of FHIR R4 \nhealth data exchange standards and W3C
+  Verifiable Credentials. It allows conversion of\nclinical data into JWS which may
+  then be embedded into QR codes, exported to smart-health-card files, or\nreturned
+  by a $health-card-issue FHIR operation.\n"
 email:
 - radamson@mitre.org
 executables: []
@@ -47,10 +59,13 @@ extra_rdoc_files: []
 files:
 - LICENSE.txt
 - lib/health_cards.rb
-- lib/health_cards/chunking.rb
+- lib/health_cards/attribute_filters.rb
+- lib/health_cards/card_types.rb
+- lib/health_cards/chunk.rb
+- lib/health_cards/chunking_utils.rb
 - lib/health_cards/covid_health_card.rb
 - lib/health_cards/encoding.rb
-- lib/health_cards/exceptions.rb
+- lib/health_cards/errors.rb
 - lib/health_cards/exporter.rb
 - lib/health_cards/health_card.rb
 - lib/health_cards/importer.rb
@@ -60,12 +75,13 @@ files:
 - lib/health_cards/key_set.rb
 - lib/health_cards/private_key.rb
 - lib/health_cards/public_key.rb
+- lib/health_cards/qr_codes.rb
 - lib/health_cards/verification.rb
 - lib/health_cards/verifier.rb
 - lib/health_cards/version.rb
 homepage: https://github.com/dvci/health-cards
 licenses:
-- Apache 2.0
+- Apache-2.0
 metadata:
   homepage_uri: https://github.com/dvci/health-cards
   source_code_uri: https://github.com/dvci/health_cards
@@ -85,8 +101,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.15
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
-summary: Create SMART Health Cards
+summary: Create verifiable clinical data using SMART Health Cards.
 test_files: []