smart_health_cards_test_kit 0.9.0

data/lib/smart_health_cards_test_kit/utils/verifier.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require_relative 'key_set'
+require_relative 'verification'
+
+module SmartHealthCardsTestKit
+  module Utils
+    # Verifiers can validate HealthCards using public keys
+    class Verifier
+      attr_reader :keys
+      attr_accessor :resolve_keys
+
+      include SmartHealthCardsTestKit::Utils::Verification
+      extend SmartHealthCardsTestKit::Utils::Verification
+
+      # Verify a Payload
+      #
+      # This method _always_ uses key resolution and does not depend on any cached keys
+      #
+      # @param verifiable [SmartHealthCardsTestKit::Utils::JWS, String] the health card to verify
+      # @return [Boolean]
+      def self.verify(verifiable)
+        verify_using_key_set(verifiable)
+      end
+
+      # Create a new Verifier
+      #
+      # @param keys [SmartHealthCardsTestKit::Utils::KeySet, SmartHealthCardsTestKit::Utils::Key, nil] keys to use when verifying Health Cards
+      # @param resolve_keys [Boolean] Enables or disables key resolution
+      def initialize(keys: nil, resolve_keys: true)
+        @keys = case keys
+                when KeySet
+                  keys
+                when Key
+                  KeySet.new(keys)
+                else
+                  KeySet.new
+                end
+
+        self.resolve_keys = resolve_keys
+      end
+
+      # # Add a key to use when verifying
+      # #
+      # # @param key [SmartHealthCardsTestKit::Utils::Key, SmartHealthCardsTestKit::Utils::KeySet] the key to add
+      # def add_keys(key)
+      #   @keys.add_keys(key)
+      # end
+
+      # # Remove a key to use when verifying
+      # #
+      # # @param key [SmartHealthCardsTestKit::Utils::Key] the key to remove
+      # def remove_keys(key)
+      #   @keys.remove_keys(key)
+      # end
+
+      # Verify a Payload
+      #
+      # @param verifiable [SmartHealthCardsTestKit::Utils::JWS, String] the health card to verify
+      # @return [Boolean]
+      def verify(verifiable)
+        verify_using_key_set(verifiable, keys, resolve_keys: resolve_keys?)
+      end
+
+      def resolve_keys?
+        resolve_keys
+      end
+    end
+  end
+end

data/lib/smart_health_cards_test_kit/version.rb

@@ -0,0 +1,3 @@
+module SmartHealthCardsTestKit
+  VERSION = '0.9.0'
+end

data/lib/smart_health_cards_test_kit/views/scan_qr_code.html

@@ -0,0 +1,207 @@
+<html>
+  <head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <title>Scan a QR Code</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css" rel="stylesheet" crossorigin="anonymous">
+  </head>
+  <body class="m-3" onload="onLoad()">
+    <section class="hero is-small is-success">
+      <h3>Scan a QR Code</h3>
+      <p class="subtitle">Use device's camera to scan a QR code representing a Smart Health Card</p>
+    </section>
+
+    <div>
+      <div class="field is-grouped">
+          <button id="start" class="btn btn-primary" onclick="disableStartButton()">Start</button>
+          <button id="stop" class="btn btn-primary" onclick="enableStartButton()" disabled>Stop</button>
+      </div>
+      <div class="level-right" id="multi-status-container">
+      </div>
+
+      <video id="preview"></video>
+
+      <div class="notification is-success is-light" hidden id="success-notification">
+        <div class="level">
+          <div class="level-left">
+            <div class="level-item">
+              <span class="is-size-4">QR code scanned successfully.</span>
+            </div>
+          </div>
+        </div>
+      </div>
+
+      <div class="notification is-success is-light">
+        <form id="upload-qr-code" action="post_qr_code" accept-charset="UTF-8" method="post"></form>
+          <div class="level">
+            <div class="level-left">
+              <div class="level-item">
+                <span class="is-size-4" id="qr-contents"></span>
+              </div>
+            </div>
+          </div>
+        </form>
+      </div>
+
+      <div class="notification is-danger is-light" hidden id="error-notification">
+        <div class="level">
+          <div class="level-left">
+            <div class="level-item">
+              <span class="is-size-4">QR code does not contain a SMART Health Card.</span>
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js" crossorigin="anonymous"></script>
+
+    <script type="module">
+      import QrScanner from './qr-scanner.min.js';
+
+      const healthCardPattern = /^shc:\/(?<multipleChunks>(?<chunkIndex>[0-9]+)\/(?<chunkCount>[0-9]+)\/)?[0-9]+$/;
+
+      let qrScanner;
+      let startButton;
+      let stopButton;
+      let successNotification;
+      let errorNotification;
+      let inputField;
+      let multiStatusContainer;
+      let form
+
+      let scannedCodes = [];
+
+      window.onLoad = function() {
+        const videoElement = document.getElementById('preview');
+
+        qrScanner = new QrScanner(videoElement, handleScan);
+
+        startButton = document.getElementById('start');
+        stopButton = document.getElementById('stop');
+        successNotification = document.getElementById('success-notification');
+        errorNotification = document.getElementById('error-notification');
+        inputField = document.getElementById('qr-contents');
+        multiStatusContainer = document.getElementById('multi-status-container');
+        form = document.getElementById('upload-qr-code');
+
+        startButton.addEventListener('click', startScanning);
+        stopButton.addEventListener('click', stopScanning);
+      }
+
+      window.startScanning = function() {
+        disableStartButton();
+        hideSuccessNotification();
+        hideErrorNotification();
+        qrScanner.start();
+      };
+
+      window.stopScanning = function() {
+        enableStartButton();
+        qrScanner.stop();
+      };
+
+      window.disableStartButton = function() {
+        startButton.setAttribute('disabled', true);
+        stopButton.removeAttribute('disabled');
+      };
+
+      window.enableStartButton = function() {
+        stopButton.setAttribute('disabled', true);
+        startButton.removeAttribute('disabled');
+      };
+
+      window.hideSuccessNotification = function() {
+        successNotification.setAttribute('hidden', true);
+      };
+
+      window.showSuccessNotification = function() {
+        hideErrorNotification();
+        successNotification.removeAttribute('hidden');
+      };
+
+      window.hideErrorNotification = function() {
+        errorNotification.setAttribute('hidden', true);
+      };
+
+      window.showErrorNotification = function() {
+        hideSuccessNotification();
+        errorNotification.removeAttribute('hidden');
+      };
+
+      window.handleScan = function(result) {
+        console.log(result);
+
+        if (healthCardPattern.test(result)) {
+          const match = result.match(healthCardPattern);
+          if (match.groups.multipleChunks) {
+            hideErrorNotification();
+            const chunkCount = +match.groups.chunkCount;
+            const currentChunkIndex = +match.groups.chunkIndex;
+            if (scannedCodes.length !== chunkCount) {
+              scannedCodes = new Array(chunkCount);
+              scannedCodes.fill(null, 0, chunkCount);
+            }
+            scannedCodes[currentChunkIndex - 1] = result;
+
+            multiStatusContainer.innerHTML = scannedCodes
+              .map((code, index) => {
+                return code
+                  ? multiPresentElement(index + 1, chunkCount)
+                  : multiMissingElement(index + 1, chunkCount);
+              })
+              .join('\n');
+
+            if (scannedCodes.every(code => code)) {
+              stopScanning();
+
+              inputField.textContent = JSON.stringify(scannedCodes);
+              showSuccessNotification();
+
+              //TODO: do something here. Post result to endpoint? Need to understand the logic in this nested if statement
+
+            }
+          } else {
+            stopScanning();
+
+            multiStatusContainer.innerHTML = '';
+            inputField.textContent = JSON.stringify([result]);
+            showSuccessNotification();
+
+            //QR code scanned successfully. Post to endpoint (code borrowed from upload_qr_code.html)
+            const urlParams = new URLSearchParams(window.location.search);
+            const requestId = urlParams.get('id');
+            if (requestId) {
+              form.action += '?id=' + encodeURIComponent(requestId);
+            }
+
+            const postUrl = `${form.action}`;
+            fetch(postUrl, {
+              method: 'POST',
+              headers: {
+                'Content-Type': 'application/json',
+              },
+              body: JSON.stringify({ qr_code_content: result }),
+            })
+              .then(response => {
+                if (response.ok) {
+                  inputField.textContent += " - QR Code successfully posted to server.";
+                  window.history.back(); // Go back to the previous page
+                } else {
+                  inputField.textContent += " - Error posting QR code to server.";
+                }
+              })
+              .catch(error => {
+                inputField.textContent += ` - Network error: ${error}`;
+              });
+
+          }
+        } else {
+          stopScanning();
+
+          showErrorNotification();
+        }
+      };
+    </script>
+  </body>
+</html>

data/lib/smart_health_cards_test_kit/views/upload_qr_code.html

@@ -0,0 +1,130 @@
+<html>
+  <head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <title>Upload a QR image file</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css" rel="stylesheet" crossorigin="anonymous">
+  </head>
+  <body class="m-3">
+    <div>
+      <h3>Upload a QR image file</h3>
+      <p class="subtitle">Manually upload a pre saved QR image file. The file shall have .png, .jpg, or .jpeg file extension.</p>
+    </div>
+    <div>
+      <form id="upload-qr-code" action="post_qr_code" accept-charset="UTF-8" method="post">
+        <div class="field is-grouped">
+          <div class="file has-name">
+            <label class="file-label">
+              <input type="file" name="qr_file" id="qr_file" accept=".png, .jpg, .jpeg" class="file-input" style="display: none;">
+              <label for="qr_file" class="btn btn-primary">Choose File</label>
+              <span class="file-name">No file uploaded</span>
+            </label>
+          </div>
+          <p></p>
+          <p id="qr-content" style="margin-top: 10px;"></p>
+          <p class="control">
+            <input type="submit" class="btn btn-secondary" id="upload-button" disabled>
+          </p>
+        </div>
+      </form>
+      <canvas id="qr-canvas" style="display: none;"></canvas>
+
+      <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js" crossorigin="anonymous"></script>
+      <script src="jsqr.js"></script>
+      <script>
+        document.addEventListener('DOMContentLoaded', function () {
+          const fileInput = document.getElementById('qr_file');
+          const fileName = document.querySelector('.file-name');
+          const uploadButton = document.getElementById('upload-button');
+          const qrCanvas = document.getElementById('qr-canvas');
+          const qrContent = document.getElementById('qr-content');
+          const form = document.getElementById('upload-qr-code');
+
+          let qrCodeContent = null;
+
+          // Update form action if `id` query param is present
+          const urlParams = new URLSearchParams(window.location.search);
+          const requestId = urlParams.get('id');
+          if (requestId) {
+            form.action += '?id=' + encodeURIComponent(requestId);
+          }
+
+          fileInput.addEventListener('change', function () {
+            const file = fileInput.files[0];
+            if (file) {
+              fileName.textContent = file.name;
+
+              // Read the image file and decode QR code
+              const reader = new FileReader();
+              reader.onload = function (e) {
+                const img = new Image();
+                img.onload = function () {
+                  // Draw the image on the canvas
+                  const ctx = qrCanvas.getContext('2d');
+                  qrCanvas.width = img.width;
+                  qrCanvas.height = img.height;
+                  ctx.drawImage(img, 0, 0, img.width, img.height);
+
+                  // Get image data from the canvas
+                  const imageData = ctx.getImageData(0, 0, qrCanvas.width, qrCanvas.height);
+
+                  // Decode QR code using jsQR
+                  const qrCode = jsQR(imageData.data, imageData.width, imageData.height);
+                  if (qrCode) {
+                    qrContent.textContent = `QR Code Content: ${qrCode.data}`;
+                    qrCodeContent = qrCode.data; // Store the decoded content
+                    uploadButton.disabled = false; // Enable the submit button
+                    // Change button style to "btn-primary"
+                    uploadButton.classList.remove('btn-secondary');
+                    uploadButton.classList.add('btn-primary');
+                  } else {
+                    qrContent.textContent = 'No QR code detected in the image.';
+                    uploadButton.disabled = true;
+                    // Reset button style to "btn-secondary"
+                    uploadButton.classList.remove('btn-primary');
+                    uploadButton.classList.add('btn-secondary');
+                  }
+                };
+                img.src = e.target.result;
+              };
+              reader.readAsDataURL(file);
+            } else {
+              fileName.textContent = 'No file uploaded';
+              uploadButton.disabled = true;
+              qrContent.textContent = '';
+              // Reset button style to "btn-secondary"
+              uploadButton.classList.remove('btn-primary');
+              uploadButton.classList.add('btn-secondary');
+            }
+          });
+
+          form.addEventListener('submit', function (event) {
+            event.preventDefault(); // Prevent default form submission
+
+            if (qrCodeContent) {
+              const postUrl = `${form.action}`;
+              fetch(postUrl, {
+                method: 'POST',
+                headers: {
+                  'Content-Type': 'application/json',
+                },
+                body: JSON.stringify({ qr_code_content: qrCodeContent }),
+              })
+                .then(response => {
+                  if (response.ok) {
+                    qrContent.textContent += " - QR Code successfully posted to server.";
+                    window.history.back(); // Go back to the previous page
+                  } else {
+                    qrContent.textContent += " - Error posting QR code to server.";
+                  }
+                })
+                .catch(error => {
+                  qrContent.textContent += ` - Network error: ${error}`;
+                });
+            }
+          });
+        });
+      </script>
+    </div>
+  </body>
+</html>

data/lib/smart_health_cards_test_kit.rb

@@ -0,0 +1,67 @@
+require 'json'
+
+require_relative 'smart_health_cards_test_kit/version'
+
+require_relative 'smart_health_cards_test_kit/utils/jws'
+require_relative 'smart_health_cards_test_kit/health_card'
+
+require_relative 'smart_health_cards_test_kit/shc_fhir_validation'
+require_relative 'smart_health_cards_test_kit/shc_header_verification'
+require_relative 'smart_health_cards_test_kit/shc_payload_verification'
+require_relative 'smart_health_cards_test_kit/shc_signature_verification'
+
+require_relative 'smart_health_cards_test_kit/file_download_group'
+require_relative 'smart_health_cards_test_kit/qr_code_group'
+require_relative 'smart_health_cards_test_kit/fhir_operation_group'
+
+module SmartHealthCardsTestKit
+  class SmartHealthCardsTestSuite < Inferno::TestSuite
+    id :smart_health_cards
+    title 'SMART Health Cards'
+    description %(
+      The US Core Test Kit tests systems for their conformance to the
+      [SMART Health Cards Framework v1.4.0](https://spec.smarthealth.cards/)
+    )
+    version VERSION
+
+    # All FHIR validation requsets will use this FHIR validator
+    fhir_resource_validator do
+      # igs 'identifier#version' # Use this method for published IGs/versions
+      # igs 'igs/filename.tgz'   # Use this otherwise
+
+      exclude_message do |message|
+        message.message.match?(/\A\S+: \S+: URL value '.*' does not resolve/)
+      end
+    end
+
+    # HTTP Routes
+    resume_test_route :post, '/post_qr_code' do |request|
+      request.query_parameters['id']
+    end
+
+    scan_qr_code_html = File.read(File.join(__dir__, './smart_health_cards_test_kit/views/scan_qr_code.html'))
+    scan_qr_code_html_route_handler = proc { [200, { 'Content-Type' => 'text/html' }, [scan_qr_code_html]] }
+    route(:get, '/scan_qr_code', scan_qr_code_html_route_handler)
+
+    qr_scanner = File.read(File.join(__dir__, './smart_health_cards_test_kit/javascript/qr-scanner.min.js'))
+    qr_scanner_route_handler = proc { [200, { 'Content-Type' => 'text/javascript' }, [qr_scanner]] }
+    route(:get, '/qr-scanner.min.js', qr_scanner_route_handler)
+
+    qr_scanner_worker = File.read(File.join(__dir__, './smart_health_cards_test_kit/javascript/qr-scanner-worker.min.js'))
+    qr_scanner_worker_route_handler = proc { [200, { 'Content-Type' => 'text/javascript' }, [qr_scanner_worker]] }
+    route(:get, '/qr-scanner-worker.min.js', qr_scanner_worker_route_handler)
+
+    js_qr = File.read(File.join(__dir__, './smart_health_cards_test_kit/javascript/jsQR.js'))
+    js_qr_route_handler = proc { [200, { 'Content-Type' => 'text/javascript' }, [js_qr]] }
+    route(:get, '/jsqr.js', js_qr_route_handler)
+
+    upload_html = File.read(File.join(__dir__, './smart_health_cards_test_kit/views/upload_qr_code.html'))
+    upload_html_route_handler = proc { [200, { 'Content-Type' => 'text/html' }, [upload_html]] }
+    route(:get, '/upload_qr_code', upload_html_route_handler)
+
+    # Tests and TestGroups
+    group from: :shc_file_download_group
+    group from: :shc_fhir_operation_group
+    group from: :shc_qr_code_group
+  end
+end

metadata

@@ -0,0 +1,168 @@
+--- !ruby/object:Gem::Specification
+name: smart_health_cards_test_kit
+version: !ruby/object:Gem::Version
+  version: 0.9.0
+platform: ruby
+authors:
+- Yunwei Wang
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2025-01-07 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: inferno_core
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.5.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.5.0
+- !ruby/object:Gem::Dependency
+  name: rqrcode
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rqrcode_core
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.2.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.2.0
+- !ruby/object:Gem::Dependency
+  name: database_cleaner-sequel
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+- !ruby/object:Gem::Dependency
+  name: factory_bot
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '6.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '6.1'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.10'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.10'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.11'
+description: Smart Health Cards test kit
+email:
+- inferno@groups.mitre.org
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- lib/smart_health_cards_test_kit.rb
+- lib/smart_health_cards_test_kit/fhir_operation_group.rb
+- lib/smart_health_cards_test_kit/file_download_group.rb
+- lib/smart_health_cards_test_kit/health_card.rb
+- lib/smart_health_cards_test_kit/javascript/jsQR.js
+- lib/smart_health_cards_test_kit/javascript/qr-scanner-worker.min.js
+- lib/smart_health_cards_test_kit/javascript/qr-scanner.min.js
+- lib/smart_health_cards_test_kit/qr_code_group.rb
+- lib/smart_health_cards_test_kit/shc_fhir_validation.rb
+- lib/smart_health_cards_test_kit/shc_header_verification.rb
+- lib/smart_health_cards_test_kit/shc_payload_verification.rb
+- lib/smart_health_cards_test_kit/shc_signature_verification.rb
+- lib/smart_health_cards_test_kit/utils/chunking_utils.rb
+- lib/smart_health_cards_test_kit/utils/encoding.rb
+- lib/smart_health_cards_test_kit/utils/jws.rb
+- lib/smart_health_cards_test_kit/utils/key.rb
+- lib/smart_health_cards_test_kit/utils/key_set.rb
+- lib/smart_health_cards_test_kit/utils/private_key.rb
+- lib/smart_health_cards_test_kit/utils/public_key.rb
+- lib/smart_health_cards_test_kit/utils/verification.rb
+- lib/smart_health_cards_test_kit/utils/verifier.rb
+- lib/smart_health_cards_test_kit/version.rb
+- lib/smart_health_cards_test_kit/views/scan_qr_code.html
+- lib/smart_health_cards_test_kit/views/upload_qr_code.html
+homepage: https://github.com/inferno-framework/smart-health-cards-test-kit
+licenses:
+- Apache-2.0
+metadata:
+  homepage_uri: https://github.com/inferno-framework/smart-health-cards-test-kit
+  source_code_uri: https://github.com/inferno-framework/smart-health-cards-test-kit
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.1.2
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.5.7
+signing_key:
+specification_version: 4
+summary: Smart Health Cards test kit
+test_files: []