shc_vaccination_test_kit 0.2.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dbdd993ca6764d4b7b4137f21c6b03b5abff56ebe630ec9306b76c824ecdc1da
-  data.tar.gz: 893338ec3107db24033fff60c9f0a0f86d77768654ccdb7e49d983df6b6c605f
+  metadata.gz: fba6c400d4a9ac873d20b71a7ee8265e162d63e3862d63d6b596c9c457dc2c91
+  data.tar.gz: dbf2ac6446acf88efe2826f5293f921ca1e6b4bfafec745a284bb8fefbf55da2
 SHA512:
-  metadata.gz: 5d2fbb5473a7e8f2601311785779ae06e440e91523431be44f0c528b6ee1640e617b16f61d138c5dcf2201c2207da6e29b2acfa263d2ec8000d0f2bbf97607a4
-  data.tar.gz: 6f5ac3f76f69479159ca387f0fa0fb76676a061bc2c360b122e0011413cdc9342625b3da1e7f4f64ea31386fbe8837d8f5afb042539742ad4179d2870f500614
+  metadata.gz: 481be6a8e337ff9bc9c419c64c3b3bc0f087ab89e813b0578a67b6b78d9113e79c8e78894d468d3510bf46a612599297b73d392b1c0366406bacbaf09f977145
+  data.tar.gz: c27435d742c29237945d94c54f2acc0416e5d06e3d4b10d2aaa457a6f000cbf58fe8e52d53e13a932d31397059c47f050aeafa6538f693f98d50ed79c915d712

data/lib/shc_vaccination_test_kit/igs/README.md

@@ -0,0 +1,21 @@
+# Note on this IGs folder
+
+There are three reasons why it would be necessary to put an IG package.tgz in this folder. If none of these apply, you do not need to put any files here, or can consider removing any existing files to make it clear they are unused.
+
+## 1. Generated Test Suites
+Some test kits use a "generator" to automatically generate the contents of a test suite for an IG. The IG files are required every time the test suites need to be regenerated. Examples of test kits that use this approach are the US Core Test Kit and CARIN IG for Blue Button® Test Kit.
+
+
+## 2. Non-published IG
+If your IG, or the specific version of the IG you want to test against, is not published, then the validator service needs to load the IG from file in order to be able to validate resources with it. The IG must be referenced in the `fhir_resource_validator` block in the test suite definition by filename, ie:
+
+```ruby
+      fhir_resource_validator do
+        igs 'igs/filename.tgz'
+
+        ...
+      end
+```
+
+## 3. Inferno Validator UI
+The Inferno Validator UI is configured to auto-load any IGs present in the igs folder and include them in all validations. The Inferno Validator UI is currently disabled by default, so this is only relevant if you choose to re-enable it. In general, the Inferno team is currently leaving IGs in this folder even if not otherwise necessary to make it easy to re-enable the validator UI.

data/lib/shc_vaccination_test_kit/metadata.rb

@@ -0,0 +1,54 @@
+require_relative 'version'
+
+module SHCVaccinationTestKit
+  class Metadata < Inferno::TestKit
+    id :shc_vaccination_test_kit
+    title 'SMART Health Cards: Vaccination and Testing Test Kit'
+    description <<~DESCRIPTION
+      The SMART Health Cards Vaccination: Vaccination and Testing Test Kit provides an
+      executable set of tests for the [SMART Health Cards: Vaccinations and Testing Implementation Guide v0.5.0-rc](https://www.hl7.org/fhir/uv/shc-vaccination/2021Sep/). This test kit
+      simulates downloading and validating a SMART Health Card.
+      <!-- break -->
+
+      This test kit is [open source](https://github.com/inferno-framework/shc-vaccination-test-kit#license) and freely available for use or
+      adoption by the health IT community including EHR vendors, health app
+      developers, and testing labs. It is built using the [Inferno Framework](https://inferno-framework.github.io/inferno-core/). The Inferno Framework is
+      designed for reuse and aims to make it easier to build test kits for any
+      FHIR-based data exchange.
+
+      ## Status
+
+      These tests are intended to allow server implementers to perform checks of their server against SMART Health Card: Vaccination & Testing requrirements.
+
+      The test kit currently tests the following requirements:
+      - Download and validate a health card via file download
+      - Download and validate a health card via FHIR $health-cards-issue operation
+
+      See the test descriptions within the test kit for detail on the specific validations performed as part of testing these requirements.
+
+      This test kit does not test:
+      - Decoding of QR codes
+
+      ## Repository
+
+      The SMART Health Cards Vaccination Test Kit GitHub repository can be [found here](https://github.com/inferno-framework/shc-vaccination-test-kit).
+
+      ## Providing Feedback and Reporting Issues
+
+      We welcome feedback on the tests, including but not limited to the following areas:
+
+      - Validation logic, such as potential bugs, lax checks, and unexpected failures.
+      - Requirements coverage, such as requirements that have been missed, tests that necessitate features that the IG does not require, or other issues with the interpretation of the IG's requirements.
+      - User experience, such as confusing or missing information in the test UI.
+
+      Please report any issues with this set of tests in the [issues section](https://github.com/inferno-framework/shc-vaccination-test-kit/issues) of the repository.
+    DESCRIPTION
+    suite_ids [:shc_vaccination]
+    tags ['SMART Health Cards']
+    last_updated LAST_UPDATED
+    version VERSION
+    maturity 'Low'
+    authors ['Stephen MacVicar']
+    repo 'https://github.com/inferno-framework/smart-health-cards-test-kit'
+  end
+end

data/lib/shc_vaccination_test_kit/shc_vaccination_validation_test.rb

@@ -0,0 +1,60 @@
+require 'inferno'
+
+module SHCVaccinationTestKit
+  class SHCVaccinationFHIRValidation < Inferno::Test
+    include SmartHealthCardsTestKit::HealthCard
+
+    id :shc_vaccination_validation_test
+    title 'test Health Card payloads conform to the Vaccination Credential Bundle Profiles'
+    description %(
+      SMART Health Card (SHC) for vaccination records payload SHALL be a valid FHIR Bundle resource
+    )
+    input :fhir_bundles
+
+    run do
+      skip_if fhir_bundles.blank?, 'No FHIR bundles received'
+
+      assert_valid_json(fhir_bundles)
+      bundle_array = JSON.parse(fhir_bundles)
+
+      skip_if bundle_array.blank?, 'No FHIR bundles received'
+
+      bundle_array.each do |bundle|
+        validate_fhir_bundle(FHIR::Bundle.new(bundle))
+      end
+    end
+
+    def validate_fhir_bundle(bundle)
+      # assert bundle.entry.any? { |r| r.resource.is_a?(FHIR::Immunization) } || bundle.entry.any? { |r| r.resource.is_a?(FHIR::Observation) },
+      # "Bundle must have either Immunization entries or Observation entries"
+
+      # if bundle.entry.any? { |r| r.resource.is_a?(FHIR::Immunization) }
+      assert_valid_resource(
+        resource: bundle,
+        profile_url: 'http://hl7.org/fhir/uv/smarthealthcards-vaccination/StructureDefinition/vaccination-credential-bundle'
+      )
+
+      warning do
+        assert_valid_resource(
+          resource: bundle,
+          profile_url: 'http://hl7.org/fhir/uv/smarthealthcards-vaccination/StructureDefinition/vaccination-credential-bundle-dm'
+        )
+      end
+      # end
+
+      if bundle.entry.any? { |r| r.resource.is_a?(FHIR::Observation) }
+        assert_valid_resource(
+          resource: bundle,
+          profile_url: 'http://hl7.org/fhir/uv/smarthealthcards-vaccination/StructureDefinition/covid19-laboratory-bundle'
+        )
+
+        warning do
+          assert_valid_resource(
+            resource: bundle,
+            profile_url: 'http://hl7.org/fhir/uv/smarthealthcards-vaccination/StructureDefinition/covid19-laboratory-bundle-dm'
+          )
+        end
+      end
+    end
+  end
+end

data/lib/shc_vaccination_test_kit/version.rb

@@ -0,0 +1,4 @@
+module SHCVaccinationTestKit
+  VERSION = '0.4.0'.freeze
+  LAST_UPDATED = '2025-03-11'.freeze # TODO: update next release
+end

data/lib/shc_vaccination_test_kit.rb

@@ -1,29 +1,50 @@
-require 'health_cards'
-require_relative 'covid19_vci/file_download'
-require_relative 'covid19_vci/fhir_operation'
+require 'smart_health_cards_test_kit'
+require_relative 'shc_vaccination_test_kit/shc_vaccination_validation_test'
+require_relative 'shc_vaccination_test_kit/metadata'
 
-module Covid19VCI
-  class Suite < Inferno::TestSuite
-    id 'c19-vci'
+module SHCVaccinationTestKit
+  class SHCVaccinationSuite < Inferno::TestSuite
+    id 'shc_vaccination'
     title 'SMART Health Cards: Vaccination & Testing'
     description %(
       This test suite evaluates the ability of a system to provide
-      access to [SMART Health Cards](https://smarthealth.cards/) via file download or HL7® FHIR® API.
+      access to [SMART Health Cards Vaccination and Testing](https://hl7.org/fhir/uv/shc-vaccination/2021Sep/index.html)
+      resources via file download, HL7® FHIR® API, or QR Scanning.
     )
+    source_code_url('https://github.com/inferno-framework/shc-vaccination-test-kit')
+    download_url('https://github.com/inferno-framework/shc-vaccination-test-kit/releases')
+    report_issue_url('https://github.com/inferno-framework/shc-vaccination-test-kit/issues')
 
     VALIDATION_MESSAGE_FILTERS = [
       /\A\S+: \S+: URL value '.*' does not resolve/,
     ].freeze
 
     fhir_resource_validator do
-      igs 'igs/hl7.fhir.uv.smarthealthcards-vaccination-0.5.0-rc.tgz'
+      igs('igs/hl7.fhir.uv.smarthealthcards-vaccination-0.5.0-rc.tgz')
 
       exclude_message do |message|
         VALIDATION_MESSAGE_FILTERS.any? { |filter| filter.match? message.message }
       end
     end
 
-    group from: :vci_file_download
-    group from: :vci_fhir_operation
+    # Tests and TestGroups
+    # SmartHealthCardsTestKit::SmartHealthCardsTestSuite.groups.each do |group|
+    #   test_group = group.ancestors[1]
+
+    #   test_group.children.reject! { |test| test.id.include?('shc_fhir_validation_test') }
+    #   test_group.test(from: :shc_vaccination_validation_test)
+
+    #   group(from: test_group.id)
+    # end
+
+    def self.add_shc_group(group_id)
+      group from: group_id do
+        children.reject! { |test| test.id.include?('shc_fhir_validation_test') }
+        test from: :shc_vaccination_validation_test
+      end
+    end
+
+    add_shc_group :shc_file_download_group
+    add_shc_group :shc_fhir_operation_group
   end
 end

metadata

@@ -1,43 +1,43 @@
 --- !ruby/object:Gem::Specification
 name: shc_vaccination_test_kit
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Stephen MacVicar
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-06-05 00:00:00.000000000 Z
+date: 2025-03-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: health_cards
+  name: inferno_core
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.2
+        version: 0.6.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.2
+        version: 0.6.4
 - !ruby/object:Gem::Dependency
-  name: inferno_core
+  name: smart_health_cards_test_kit
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.4.37
+        version: 0.10.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.4.37
+        version: 0.10.1
 - !ruby/object:Gem::Dependency
   name: database_cleaner-sequel
   requirement: !ruby/object:Gem::Requirement
@@ -103,18 +103,17 @@ extensions: []
 extra_rdoc_files: []
 files:
 - LICENSE
-- lib/covid19_vci/fhir_operation.rb
-- lib/covid19_vci/file_download.rb
-- lib/covid19_vci/vc_fhir_validation.rb
-- lib/covid19_vci/vc_headers.rb
-- lib/covid19_vci/vc_payload_verification.rb
-- lib/covid19_vci/vc_signature_verification.rb
-- lib/covid19_vci/version.rb
 - lib/shc_vaccination_test_kit.rb
+- lib/shc_vaccination_test_kit/igs/README.md
+- lib/shc_vaccination_test_kit/igs/hl7.fhir.uv.smarthealthcards-vaccination-0.5.0-rc.tgz
+- lib/shc_vaccination_test_kit/metadata.rb
+- lib/shc_vaccination_test_kit/shc_vaccination_validation_test.rb
+- lib/shc_vaccination_test_kit/version.rb
 homepage: https://github.com/inferno-framework/shc-vaccination-test-kit
 licenses:
 - Apache-2.0
 metadata:
+  inferno_test_kit: 'true'
   homepage_uri: https://github.com/inferno-framework/shc-vaccination-test-kit
   source_code_uri: https://github.com/inferno-framework/shc-vaccination-test-kit
 post_install_message:
@@ -125,14 +124,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 3.1.2
+      version: 3.3.6
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.9
+rubygems_version: 3.5.22
 signing_key:
 specification_version: 4
 summary: 'A collection of tests for the SMART Health Cards: Vaccination & Testing

data/lib/covid19_vci/fhir_operation.rb

@@ -1,105 +0,0 @@
-require_relative 'vc_fhir_validation'
-require_relative 'vc_headers'
-require_relative 'vc_payload_verification'
-require_relative 'vc_signature_verification'
-
-module Covid19VCI
-  class FHIROperation < Inferno::TestGroup
-    id 'vci_fhir_operation'
-    title 'Download and validate a health card via FHIR $health-cards-issue operation'
-
-    input :base_fhir_url, :patient_id
-
-    fhir_client do
-      url :base_fhir_url
-    end
-
-    test do
-      title 'Server advertises health card support in its SMART configuration'
-      id 'vci-fhir-01'
-
-      run do
-        get("#{base_fhir_url}/.well-known/smart-configuration")
-
-        assert_response_status(200)
-        assert_valid_json(response[:body])
-
-        smart_configuration = JSON.parse(response[:body])
-
-        assert smart_configuration['capabilities']&.include?('health-cards'),
-               "SMART configuration does not list support for 'health-cards' capability"
-      end
-    end
-
-    test do
-      title 'Server advertises $health-cards-issue operation support in its CapabilityStatement'
-      id 'vci-fhir-02'
-
-      run do
-        fhir_get_capability_statement
-
-        assert_response_status(200)
-
-        operations = resource.rest&.flat_map do |rest|
-          rest.resource
-            &.select { |r| r.type == 'Patient' && r.respond_to?(:operation) }
-            &.flat_map(&:operation)
-        end&.compact
-
-        operation_defined = operations.any? { |operation| operation.name == 'health-cards-issue' }
-
-        assert operation_defined,
-               'Server CapabilityStatement did not declare support for $health-cards-issue operation ' \
-               'on the Patient resource.'
-      end
-    end
-
-    test do
-      title 'Server returns a health card from the $health-cards-issue operation'
-      id 'vci-fhir-03'
-      output :credential_strings
-
-      run do
-        request_params = FHIR::Parameters.new(
-          parameter: [
-            {
-              name: 'credentialType',
-              valueUri: 'https://smarthealth.cards#covid19'
-            }
-          ]
-        )
-        fhir_operation("/Patient/#{patient_id}/$health-cards-issue", body: request_params)
-
-        assert_response_status((200..207).to_a)
-        assert_resource_type(:parameters)
-
-        hc_parameters = resource.parameter.select { |parameter| parameter.name == 'verifiableCredential' }
-
-        assert hc_parameters.present?, 'No COVID-19 health cards were returned'
-        credential_strings = hc_parameters.map(&:value).join(',')
-
-        output credential_strings: credential_strings
-
-        count = hc_parameters.length
-
-        pass "#{count} verifiable #{'credential'.pluralize(count)} received"
-      end
-    end
-
-    test from: :vc_headers do
-      id 'vci-fhir-04'
-    end
-
-    test from: :vc_signature_verification do
-      id 'vci-fhir-05'
-    end
-
-    test from: :vc_payload_verification do
-      id 'vci-fhir-06'
-    end
-
-    test from: :vc_fhir_verification do
-      id 'vci-fhir-07'
-    end
-  end
-end

data/lib/covid19_vci/file_download.rb

@@ -1,109 +0,0 @@
-require_relative 'vc_fhir_validation'
-require_relative 'vc_headers'
-require_relative 'vc_payload_verification'
-require_relative 'vc_signature_verification'
-
-module Covid19VCI
-  class FileDownload < Inferno::TestGroup
-    id 'vci_file_download'
-    title 'Download and validate a health card via file download'
-
-    input :file_download_url
-
-    test do
-      id 'vci-file-01'
-      title 'Health card can be downloaded'
-      description 'The health card can be downloaded and is a valid JSON object'
-      makes_request :vci_file_download
-
-      run do
-        get(file_download_url, name: :vci_file_download)
-
-        assert_response_status(200)
-        assert_valid_json(response[:body])
-      end
-    end
-
-    test do
-      id 'vci-file-02'
-      title 'Response contains correct Content-Type of application/smart-health-card'
-      uses_request :vci_file_download
-
-      run do
-        skip_if request.status != 200, 'Health card not successfully downloaded'
-
-        content_type = request.response_header('Content-Type')
-
-        assert content_type.present?, 'Response did not include a Content-Type header'
-        assert content_type.value.match?(%r{\Aapplication/smart-health-card(\z|\W)}),
-               "Content-Type header was '#{content_type.value}' instead of 'application/smart-health-card'"
-      end
-    end
-
-    test do
-      id 'vci-file-03'
-      title 'Health card is provided as a file download with a .smart-health-card extension'
-      uses_request :vci_file_download
-
-      run do
-        skip_if request.status != 200, 'Health card not successfully downloaded'
-
-        pass_if request.url.ends_with?('.smart-health-card')
-
-        content_disposition = request.response_header('Content-Disposition')
-        assert content_disposition.present?,
-               "Url did not end with '.smart-health-card' and response did not include a Content-Disposition header"
-
-        attachment_pattern = /\Aattachment;/
-        assert content_disposition.value.match?(attachment_pattern),
-               "Url did not end with '.smart-health-card' and " \
-               "Content-Disposition header does not indicate file should be downloaded: '#{content_disposition}'"
-
-        extension_pattern = /filename=".*\.smart-health-card"/
-        assert content_disposition.value.match?(extension_pattern),
-               "Url did not end with '.smart-health-card' and Content-Disposition header does not indicate " \
-               "file should have a '.smart-health-card' extension: '#{content_disposition}'"
-      end
-    end
-
-    test do
-      id 'vci-file-04'
-      title 'Response contains an array of Verifiable Credential strings'
-      uses_request :vci_file_download
-      output :credential_strings
-
-      run do
-        skip_if request.status != 200, 'Health card not successfully downloaded'
-
-        body = JSON.parse(response[:body])
-        assert body.include?('verifiableCredential'),
-               "Health card does not contain 'verifiableCredential' field"
-
-        vc = body['verifiableCredential']
-
-        assert vc.is_a?(Array), "'verifiableCredential' field must contain an Array"
-        assert vc.length.positive?, "'verifiableCredential' field must contain at least one verifiable credential"
-
-        output credential_strings: vc.join(',')
-
-        pass "Received #{vc.length} verifiable #{'credential'.pluralize(vc.length)}"
-      end
-    end
-
-    test from: :vc_headers do
-      id 'vci-file-05'
-    end
-
-    test from: :vc_signature_verification do
-      id 'vci-file-06'
-    end
-
-    test from: :vc_payload_verification do
-      id 'vci-file-07'
-    end
-
-    test from: :vc_fhir_verification do
-      id 'vci-file-08'
-    end
-  end
-end

data/lib/covid19_vci/vc_fhir_validation.rb

@@ -1,75 +0,0 @@
-module Covid19VCI
-  class VCFHIRVerification < Inferno::Test
-    title 'Health Card payloads conform to the Vaccination Credential Bundle Profiles'
-    input :credential_strings
-
-    id :vc_fhir_verification
-
-    run do
-      skip_if credential_strings.blank?, 'No Verifiable Credentials received'
-
-      credential_strings.split(',').each do |credential|
-        raw_payload = HealthCards::JWS.from_jws(credential).payload
-        assert raw_payload&.length&.positive?, 'No payload found'
-
-        decompressed_payload =
-          begin
-            Zlib::Inflate.new(-Zlib::MAX_WBITS).inflate(raw_payload)
-          rescue Zlib::DataError
-            assert false, 'Payload compression error. Unable to inflate payload.'
-          end
-
-        assert decompressed_payload.length.positive?, 'Payload compression error. Unable to inflate payload.'
-
-        payload_length = decompressed_payload.length
-        health_card = HealthCards::COVIDHealthCard.from_jws(credential)
-        health_card_length = health_card.to_json.length
-
-        assert_valid_json decompressed_payload, 'Payload is not valid JSON'
-
-        payload = JSON.parse(decompressed_payload)
-        vc = payload['vc']
-        assert vc.is_a?(Hash), "Expected 'vc' claim to be a JSON object, but found #{vc.class}"
-
-        subject = vc['credentialSubject']
-        assert subject.is_a?(Hash), "Expected 'vc.credentialSubject' to be a JSON object, but found #{subject.class}"
-
-        raw_bundle = subject['fhirBundle']
-        assert raw_bundle.is_a?(Hash), "Expected 'vc.fhirBundle' to be a JSON object, but found #{raw_bundle.class}"
-
-        bundle = FHIR::Bundle.new(raw_bundle)
-
-        # assert bundle.entry.any? { |r| r.resource.is_a?(FHIR::Immunization) } || bundle.entry.any? { |r| r.resource.is_a?(FHIR::Observation) },
-        # "Bundle must have either Immunization entries or Observation entries"
-
-        # if bundle.entry.any? { |r| r.resource.is_a?(FHIR::Immunization) }
-          assert_valid_resource(
-            resource: bundle,
-            profile_url: 'http://hl7.org/fhir/uv/smarthealthcards-vaccination/StructureDefinition/vaccination-credential-bundle'
-          )
-
-          warning do
-            assert_valid_resource(
-              resource: bundle,
-              profile_url: 'http://hl7.org/fhir/uv/smarthealthcards-vaccination/StructureDefinition/vaccination-credential-bundle-dm'
-            )
-          end
-        # end
-
-        if bundle.entry.any? { |r| r.resource.is_a?(FHIR::Observation) }
-          assert_valid_resource(
-            resource: bundle,
-            profile_url: 'http://hl7.org/fhir/uv/smarthealthcards-vaccination/StructureDefinition/covid19-laboratory-bundle'
-          )
-
-          warning do
-            assert_valid_resource(
-              resource: bundle,
-              profile_url: 'http://hl7.org/fhir/uv/smarthealthcards-vaccination/StructureDefinition/covid19-laboratory-bundle-dm'
-            )
-          end
-        end
-      end
-    end
-  end
-end

data/lib/covid19_vci/vc_headers.rb

@@ -1,21 +0,0 @@
-module Covid19VCI
-  class VCHeaders < Inferno::Test
-    title 'Health Cards contain the correct headers'
-    input :credential_strings
-
-    id :vc_headers
-
-    run do
-      skip_if credential_strings.blank?, 'No Verifiable Credentials received'
-      credential_strings.split(',').each do |credential|
-        header = HealthCards::JWS.from_jws(credential).header
-
-        assert header['zip'] == 'DEF', "Expected 'zip' header to equal 'DEF', but found '#{header['zip']}'"
-        assert header['alg'] == 'ES256', "Expected 'alg' header to equal 'ES256', but found '#{header['alg']}'"
-        assert header['kid'].present?, "No 'kid' header was present"
-      rescue StandardError => e
-        assert false, "Error decoding credential: #{e.message}"
-      end
-    end
-  end
-end

data/lib/covid19_vci/vc_payload_verification.rb

@@ -1,115 +0,0 @@
-module Covid19VCI
-  class VCPayloadVerification < Inferno::Test
-    title 'Health Card payloads follow the spec requirements'
-    input :credential_strings
-
-    id :vc_payload_verification
-
-    run do
-      skip_if credential_strings.blank?, 'No Verifiable Credentials received'
-
-      credential_strings.split(',').each do |credential|
-        raw_payload = HealthCards::JWS.from_jws(credential).payload
-        assert raw_payload&.length&.positive?, 'No payload found'
-
-        decompressed_payload =
-          begin
-            Zlib::Inflate.new(-Zlib::MAX_WBITS).inflate(raw_payload)
-          rescue Zlib::DataError
-            assert false, 'Payload compression error. Unable to inflate payload.'
-          end
-
-        assert decompressed_payload.length.positive?, 'Payload compression error. Unable to inflate payload.'
-
-        payload_length = decompressed_payload.length
-        health_card = HealthCards::HealthCard.from_jws(credential)
-        health_card_length = health_card.to_json.length
-
-        warning do
-          assert payload_length <= health_card_length,
-                 "Payload may not be properly minified. Received a payload with length #{payload_length}, " \
-                 "but was able to generate a payload with length #{health_card_length}"
-        end
-
-        assert_valid_json decompressed_payload, 'Payload is not valid JSON'
-
-        payload = JSON.parse(decompressed_payload)
-
-        warning do
-          nbf = payload['nbf']
-          assert nbf.present?, "Payload does not include an 'nbf' claim"
-          assert nbf.is_a?(Numeric), "Expected 'nbf' claim to be Numeric, but found #{nbf.class}"
-          issue_time = Time.at(nbf).to_datetime
-          assert issue_time < DateTime.now, "'nbf' is in the future: #{issue_time.rfc822}"
-        end
-
-        vc = payload['vc']
-        assert vc.is_a?(Hash), "Expected 'vc' claim to be a JSON object, but found #{vc.class}"
-        type = vc['type']
-
-        warning do
-          assert type.is_a?(Array), "Expected 'vc.type' to be an array, but found #{type.class}"
-          assert type.include?('https://smarthealth.cards#health-card'),
-                 "'vc.type' does not include 'https://smarthealth.cards#health-card'"
-        end
-
-        subject = vc['credentialSubject']
-        assert subject.is_a?(Hash), "Expected 'vc.credentialSubject' to be a JSON object, but found #{subject.class}"
-
-        warning do
-          assert subject['fhirVersion'].present?, "'vc.credentialSubject.fhirVersion' not provided"
-        end
-
-        raw_bundle = subject['fhirBundle']
-        assert raw_bundle.is_a?(Hash), "Expected 'vc.fhirBundle' to be a JSON object, but found #{raw_bundle.class}"
-
-        resource_scheme_regex = /\Aresource:\d+\z/
-        warning do
-          urls = raw_bundle['entry'].map { |entry| entry['fullUrl'] }
-          bad_urls = urls.reject { |url| url.match?(resource_scheme_regex) }
-          assert bad_urls.empty?,
-                 "The following Bundle entry urls do not use short resource-scheme URIs: #{bad_urls.join(', ')}"
-        end
-
-        bundle = FHIR::Bundle.new(raw_bundle)
-        resources = bundle.entry.map(&:resource)
-        bundle.entry.each { |entry| entry.resource = nil }
-        resources << bundle
-
-        resources.each do |resource|
-          warning { assert resource.id.nil?, "#{resource.resourceType} resource should not have an 'id' element" }
-
-          if resource.respond_to? :text
-            warning { assert resource.text.nil?, "#{resource.resourceType} resource should not have a 'text' element" }
-          end
-
-          resource.each_element(resource) do |value, meta, path|
-            case meta['type']
-            when 'CodeableConcept'
-              warning { assert value.text.nil?, "#{resource.resourceType} should not have a #{path}.text element" }
-            when 'Coding'
-              warning do
-                assert value.display.nil?, "#{resource.resourceType} should not have a #{path}.display element"
-              end
-            when 'Reference'
-              warning do
-                next if value.reference.nil?
-
-                assert value.reference.match?(resource_scheme_regex),
-                       "#{resource.resourceType}.#{path}.reference is not using the short resource URI scheme: " \
-                       "#{value.reference}"
-              end
-            when 'Meta'
-              hash = value.to_hash
-              warning do
-                assert hash.length == 1 && hash.include?('security'),
-                       "If present, Bundle 'meta' field should only include 'security', " \
-                       "but found: #{hash.keys.join(', ')}"
-              end
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/covid19_vci/vc_signature_verification.rb

@@ -1,69 +0,0 @@
-module Covid19VCI
-  class VCSignatureVerification < Inferno::Test
-    title 'Verifiable Credential signatures can be verified'
-    input :credential_strings
-
-    id :vc_signature_verification
-
-    run do
-      skip_if credential_strings.blank?, 'No Verifiable Credentials received'
-      credential_strings.split(',').each do |credential|
-        card = HealthCards::HealthCard.from_jws(credential)
-        iss = card.issuer
-
-        jws = HealthCards::JWS.from_jws(credential)
-
-        assert iss.present?, 'Credential contains no `iss`'
-        warning { assert iss.start_with?('https://'), "`iss` SHALL use the `https` scheme: #{iss}" }
-        assert !iss.end_with?('/'), "`iss` SHALL NOT include a trailing `/`: #{iss}"
-
-        key_set_url = "#{card.issuer}/.well-known/jwks.json"
-
-        get(key_set_url)
-
-        assert_response_status(200)
-        assert_valid_json(response[:body])
-
-        cors_header = request.response_header('Control-Allow-Origin')
-        warning do
-          assert cors_header.present?,
-                 'No CORS header received. Issuers SHALL publish their public keys with CORS enabled'
-          assert cors_header.value == '*',
-                 "Expected CORS header value of `*`, but actual value was `#{cors_header.value}`"
-        end
-
-        key_set = JSON.parse(response[:body])
-
-        public_key = key_set['keys'].find { |key| key['kid'] == jws.kid }
-        key_object = HealthCards::Key.from_jwk(public_key)
-
-        assert public_key.present?, "Key set did not contain a key with a `kid` of #{jws.kid}"
-
-        warning { assert public_key['kty'] == 'EC', "Key had a `kty` value of `#{public_key['kty']}` instead of `EC`" }
-        warning do
-          assert public_key['use'] == 'sig', "Key had a `use` value of `#{public_key['use']}` instead of `sig`"
-        end
-        warning do
-          assert public_key['alg'] == 'ES256', "Key had an `alg` value of `#{public_key['alg']}` instead of `ES256`"
-        end
-        warning do
-          assert public_key['crv'] == 'P-256', "Key had a `crv` value of `#{public_key['crv']}` instead of `P-256`"
-        end
-        warning { assert !public_key.include?('d'), 'Key SHALL NOT have the private key parameter `d`' }
-        warning do
-          assert public_key['kid'] == key_object.kid,
-                 "'kid' SHALL be equal to the base64url-encoded SHA-256 JWK Thumbprint of the key. " \
-                 "Received: '#{public_key['kid']}', Expected: '#{key_object.kid}'"
-        end
-
-        verifier = HealthCards::Verifier.new(keys: key_object, resolve_keys: false)
-
-        begin
-          assert verifier.verify(jws), 'JWS signature invalid'
-        rescue StandardError => e
-          assert false, "Error decoding credential: #{e.message}"
-        end
-      end
-    end
-  end
-end

data/lib/covid19_vci/version.rb

@@ -1,3 +0,0 @@
-module Covid19VCI
-  VERSION = '0.2.0'.freeze
-end