smart_app_launch_test_kit 0.1.2 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 758773637de38a995aa7943da1291685f655e97f829c2e11d7adfc54d129ad42
|
|
4
|
+
data.tar.gz: b0c2adfcf695418617999e414a0d85766e440e943787d811ffb54218810fee2c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9b9aabc2d05bf3b3a3fe49f35fe0be2e634f7c774d86d3d6a0129aa1cd424f1c5cebd03c84c24855445a0baf95ac23c730d614e9f628a946b5ac8d5ca0b6f8fa
|
|
7
|
+
data.tar.gz: b287eaf62940d60d904af996c0cbbd90d59ba68ce79cdbe6400a20515b9eccb6aa0ff6c094bd07cfd86b928a11c3b6e7e740c896d125c62f5da65a857450ed38
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require 'uri'
|
|
2
|
+
|
|
1
3
|
module SMARTAppLaunch
|
|
2
4
|
class AppRedirectTest < Inferno::Test
|
|
3
5
|
title 'OAuth server redirects client browser to app redirect URI'
|
|
@@ -63,6 +65,17 @@ module SMARTAppLaunch
|
|
|
63
65
|
)
|
|
64
66
|
end
|
|
65
67
|
|
|
68
|
+
def authorization_url_builder(url, params)
|
|
69
|
+
uri = URI(url)
|
|
70
|
+
|
|
71
|
+
# because the URL might have paramters on it
|
|
72
|
+
original_parameters = Hash[URI.decode_www_form(uri.query || '')]
|
|
73
|
+
new_params = original_parameters.merge(params)
|
|
74
|
+
|
|
75
|
+
uri.query = URI.encode_www_form(new_params)
|
|
76
|
+
uri.to_s
|
|
77
|
+
end
|
|
78
|
+
|
|
66
79
|
run do
|
|
67
80
|
assert_valid_http_uri(
|
|
68
81
|
smart_authorization_url,
|
|
@@ -101,20 +114,10 @@ module SMARTAppLaunch
|
|
|
101
114
|
oauth2_params.merge!('code_challenge' => code_challenge, 'code_challenge_method' => pkce_code_challenge_method)
|
|
102
115
|
end
|
|
103
116
|
|
|
104
|
-
authorization_url =
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
'&'
|
|
109
|
-
else
|
|
110
|
-
'?'
|
|
111
|
-
end
|
|
112
|
-
|
|
113
|
-
oauth2_params.each do |key, value|
|
|
114
|
-
authorization_url += "#{key}=#{CGI.escape(value)}&"
|
|
115
|
-
end
|
|
116
|
-
|
|
117
|
-
authorization_url.chomp!('&')
|
|
117
|
+
authorization_url = authorization_url_builder(
|
|
118
|
+
smart_authorization_url,
|
|
119
|
+
oauth2_params
|
|
120
|
+
)
|
|
118
121
|
|
|
119
122
|
wait(
|
|
120
123
|
identifier: state,
|
|
@@ -13,6 +13,7 @@ module SMARTAppLaunch
|
|
|
13
13
|
configuration
|
|
14
14
|
- `aud` must match the client ID
|
|
15
15
|
- `exp` must represent a time in the future
|
|
16
|
+
- `sub` must be a non-blank string not exceeding 255 characters in length
|
|
16
17
|
)
|
|
17
18
|
|
|
18
19
|
REQUIRED_CLAIMS = ['iss', 'sub', 'aud', 'exp', 'iat'].freeze
|
|
@@ -47,7 +48,7 @@ module SMARTAppLaunch
|
|
|
47
48
|
verify_not_before: false,
|
|
48
49
|
verify_iat: false,
|
|
49
50
|
verify_jti: false,
|
|
50
|
-
verify_sub:
|
|
51
|
+
verify_sub: true,
|
|
51
52
|
verify_iss: true,
|
|
52
53
|
verify_aud: true
|
|
53
54
|
)
|
|
@@ -55,6 +56,10 @@ module SMARTAppLaunch
|
|
|
55
56
|
assert false, "Token validation error: #{e.message}"
|
|
56
57
|
end
|
|
57
58
|
|
|
59
|
+
sub_value = payload['sub']
|
|
60
|
+
assert !sub_value.blank?, "ID token `sub` claim is blank"
|
|
61
|
+
assert sub_value.length < 256, "ID token `sub` claim exceeds 255 characters in length"
|
|
62
|
+
|
|
58
63
|
missing_claims = required_claims - payload.keys
|
|
59
64
|
missing_claims_string = missing_claims.map { |claim| "`#{claim}`" }.join(', ')
|
|
60
65
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: smart_app_launch_test_kit
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Stephen MacVicar
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-05-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: inferno_core
|