RubyGems - smart_app_launch_test_kit - Versions diffs - 0.1.2 → 0.1.3 - Mend

smart_app_launch_test_kit 0.1.2 → 0.1.3

Files changed (5) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4b5b5d83f2f6bd20c159c0c258b0a67123880f3f526c21487795c0b7e60dde44
-  data.tar.gz: bcd5875e3e0a8a34a5d573d1cfda6b6babfc55c1b4364834a761c21c264ad83b
+  metadata.gz: 758773637de38a995aa7943da1291685f655e97f829c2e11d7adfc54d129ad42
+  data.tar.gz: b0c2adfcf695418617999e414a0d85766e440e943787d811ffb54218810fee2c
 SHA512:
-  metadata.gz: 76d53cd6f4b40e128dc3510f0e4e01de66e8e61c475c7db1516bf726e8f2890c4ebc08e5838e2d3714b7791a3e5a65fc4165eeae6136bada32e23a08ada64caf
-  data.tar.gz: 6d6a3851b0d01ceb6d1576be40eb74be5a8b86089d705c26ab877251a843d68d9d4afc10c13de43d5eb122e9e971c2e5d76f8afb17b30f3def60370769ecd660
+  metadata.gz: 9b9aabc2d05bf3b3a3fe49f35fe0be2e634f7c774d86d3d6a0129aa1cd424f1c5cebd03c84c24855445a0baf95ac23c730d614e9f628a946b5ac8d5ca0b6f8fa
+  data.tar.gz: b287eaf62940d60d904af996c0cbbd90d59ba68ce79cdbe6400a20515b9eccb6aa0ff6c094bd07cfd86b928a11c3b6e7e740c896d125c62f5da65a857450ed38

data/lib/smart_app_launch/app_redirect_test.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+require 'uri'
 module SMARTAppLaunch
   class AppRedirectTest < Inferno::Test
     title 'OAuth server redirects client browser to app redirect URI'
@@ -63,6 +65,17 @@ module SMARTAppLaunch
       )
     end
+    def authorization_url_builder(url, params)
+      uri = URI(url)
+      # because the URL might have paramters on it
+      original_parameters = Hash[URI.decode_www_form(uri.query || '')]
+      new_params = original_parameters.merge(params)
+      uri.query = URI.encode_www_form(new_params)
+      uri.to_s
+    end
     run do
       assert_valid_http_uri(
         smart_authorization_url,
@@ -101,20 +114,10 @@ module SMARTAppLaunch
         oauth2_params.merge!('code_challenge' => code_challenge, 'code_challenge_method' => pkce_code_challenge_method)
       end
-      authorization_url = smart_authorization_url
-      authorization_url +=
-        if authorization_url.include? '?'
-          '&'
-        else
-          '?'
-        end
-      oauth2_params.each do |key, value|
-        authorization_url += "#{key}=#{CGI.escape(value)}&"
-      end
-      authorization_url.chomp!('&')
+      authorization_url = authorization_url_builder(
+        smart_authorization_url,
+        oauth2_params
+      )
       wait(
         identifier: state,

@@ -13,6 +13,7 @@ module SMARTAppLaunch
         configuration
       - `aud` must match the client ID
       - `exp` must represent a time in the future
+      - `sub` must be a non-blank string not exceeding 255 characters in length
     )
     REQUIRED_CLAIMS = ['iss', 'sub', 'aud', 'exp', 'iat'].freeze
@@ -47,7 +48,7 @@ module SMARTAppLaunch
             verify_not_before: false,
             verify_iat: false,
             verify_jti: false,
-            verify_sub: false,
+            verify_sub: true,
             verify_iss: true,
             verify_aud: true
           )
@@ -55,6 +56,10 @@ module SMARTAppLaunch
         assert false, "Token validation error: #{e.message}"
       end
+      sub_value = payload['sub']
+      assert !sub_value.blank?, "ID token `sub` claim is blank"
+      assert sub_value.length < 256, "ID token `sub` claim exceeds 255 characters in length"
       missing_claims = required_claims - payload.keys
       missing_claims_string = missing_claims.map { |claim| "`#{claim}`" }.join(', ')

data/lib/smart_app_launch/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module SMARTAppLaunch
-  VERSION = '0.1.2'
+  VERSION = '0.1.3'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smart_app_launch_test_kit
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.3
 platform: ruby
 authors:
 - Stephen MacVicar
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-04-07 00:00:00.000000000 Z
+date: 2022-05-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inferno_core