udap_security_test_kit 0.10.2 → 0.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/config/presets/SureFhirIdentityMatchingDemo.json +272 -0
- data/lib/udap_security_test_kit/authorization_code_redirect_test.rb +4 -0
- data/lib/udap_security_test_kit/igs/put_ig_package_dot_tgz_here +0 -0
- data/lib/udap_security_test_kit/metadata.rb +32 -0
- data/lib/udap_security_test_kit/udap_jwt_builder.rb +1 -1
- data/lib/udap_security_test_kit/version.rb +1 -1
- data/lib/udap_security_test_kit/well_known_endpoint_test.rb +14 -1
- data/lib/udap_security_test_kit.rb +9 -11
- metadata +10 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 22f218d70b41d99e7bfcb59937758c65cb24feb1a6574cdeea9ad63856dcd384
|
|
4
|
+
data.tar.gz: e87a1232e452de2ccf38cd585da0fd6b6415d9dc5c17c85f40bb0b92ed159bfd
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 731fcbb8519cf4d1248d308fbd312dcec6c441c1a218d6e7b9c97ea70325a358c9d1fa9936e48f691aba0fdf30869440ce98469c922a26d422794637136d3255
|
|
7
|
+
data.tar.gz: 0bece8c3cb74d388617287a1fdeb8a91d2e8f649f18ef37503dfe9aaddcd7de56fc3c65051bba37c8dcb07522fd2fb69e0fa8a75b629efa5877a41f82ff95d9b
|
|
@@ -0,0 +1,272 @@
|
|
|
1
|
+
{
|
|
2
|
+
"title": "Demo: SureFhir Certs + IdentityMatching Server",
|
|
3
|
+
"id": null,
|
|
4
|
+
"test_suite_id": "udap_security",
|
|
5
|
+
"inputs": [
|
|
6
|
+
{
|
|
7
|
+
"name": "udap_fhir_base_url",
|
|
8
|
+
"value": "https://identity-matching.fast.hl7.org/fhir",
|
|
9
|
+
"_title": "FHIR Server Base URL",
|
|
10
|
+
"_description": "Base FHIR URL of FHIR Server. Discovery request will be sent to {baseURL}/.well-known/udap",
|
|
11
|
+
"_type": "text"
|
|
12
|
+
},
|
|
13
|
+
{
|
|
14
|
+
"name": "udap_community_parameter",
|
|
15
|
+
"value": "udap://stage.healthtogo.me/",
|
|
16
|
+
"_title": "UDAP Community Parameter",
|
|
17
|
+
"_description": "If included, the designated community value will be appended as a query to the well-known\n endpoint to indicate the client's trust of certificates from this trust community.",
|
|
18
|
+
"_type": "text",
|
|
19
|
+
"_optional": true
|
|
20
|
+
},
|
|
21
|
+
{
|
|
22
|
+
"name": "flow_type_auth_code",
|
|
23
|
+
"value": [
|
|
24
|
+
"authorization_code"
|
|
25
|
+
],
|
|
26
|
+
"_title": "Required OAuth2.0 Flow Type for Authorization Code Workflow",
|
|
27
|
+
"_description": "Which grant type(s) must be supported per the returned Discovery metadata",
|
|
28
|
+
"_type": "checkbox",
|
|
29
|
+
"_optional": false,
|
|
30
|
+
"_options": {
|
|
31
|
+
"list_options": [
|
|
32
|
+
{
|
|
33
|
+
"label": "Authorization Code",
|
|
34
|
+
"value": "authorization_code"
|
|
35
|
+
},
|
|
36
|
+
{
|
|
37
|
+
"label": "Client Credentials",
|
|
38
|
+
"value": "client_credentials"
|
|
39
|
+
}
|
|
40
|
+
]
|
|
41
|
+
},
|
|
42
|
+
"_locked": true
|
|
43
|
+
},
|
|
44
|
+
{
|
|
45
|
+
"name": "udap_server_trust_anchor_certs",
|
|
46
|
+
"value": "-----BEGIN CERTIFICATE-----\nMIIF4DCCA8igAwIBAgIIC7cAbiIvVFwwDQYJKoZIhvcNAQELBQAwgZgxCzAJBgNV\nBAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJU2FuIERpZWdvMRMwEQYDVQQK\nEwpFTVIgRGlyZWN0MTYwNAYDVQQLEy1DZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAo\nY2VydHMuZW1yZGlyZWN0LmNvbSkxGzAZBgNVBAMTEkVNUiBEaXJlY3QgVGVzdCBD\nQTAeFw0xNDA0MjQxNjI5MjBaFw0yOTA0MjQxNjI5MjBaMIGzMQswCQYDVQQGEwJV\nUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJU2FuIERpZWdvMRMwEQYD\nVQQKDApFTVIgRGlyZWN0MT8wPQYDVQQLDDZUZXN0IFBLSSBDZXJ0aWZpY2F0aW9u\nIEF1dGhvcml0eSAoY2VydHMuZW1yZGlyZWN0LmNvbSkxJTAjBgNVBAMMHEVNUiBE\naXJlY3QgVGVzdCBDbGllbnQgU3ViQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw\nggEKAoIBAQCPwkP36KVBwdb9dNsKAhqEoVtMEdL4Ee01tB7y6gIINi3ZGbqhw/lF\nJjRS/fi+SqN8SkjZMkLl6ET9aTM5W+y7aXl+3iqn+dKsesS+kinTAfD4cSI2R4WK\n5HBomEf+PR3scewFKMBbguYW2I42tKPLMwI6L+kMRlQhI3sK4Fyj6M6gUqPaKlx7\nsGPQ/qr8PLwU3doCrC65avSmuC+y5jpbCkJ1kk+g4DLcO+TXx8oC2aVrMRFdD+lx\nNiShdlo5hzhiIGUZmyVe08vLTLB9LGCHz1w9+oqteco4aerYbOlZQxe9d0f7xlZa\nhj7DDfmkqLEFKRQXOJFQtcdCFp3XrXbDAgMBAAGjggEPMIIBCzBQBggrBgEFBQcB\nAQREMEIwQAYIKwYBBQUHMAKGNGh0dHA6Ly9jZXJ0cy5lbXJkaXJlY3QuY29tL2Nl\ncnRzL0VNUkRpcmVjdFRlc3RDQS5jcnQwHQYDVR0OBBYEFKOVbWu9K1HN4c/lkG/X\nJk+/3T7eMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUMdaEL0mYbgAB0Geh\n+J4csG+noqwwEQYDVR0gBAowCDAGBgRVHSAAMEMGA1UdHwQ8MDowOKA2oDSGMmh0\ndHA6Ly9jZXJ0cy5lbXJkaXJlY3QuY29tL2NybC9FTVJEaXJlY3RUZXN0Q0EuY3Js\nMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAKAjGzW0AEdMKRjKx\niEzS5SQqmHmAYmajowd38wac4udD3TMvf3tHMZfkGy3ulZSQ40LyjXa60s9/5508\nbwFGHBejyfo1vnc2FJA/0KcmlKzhwhmpe7QoZ1T7uWwG+Y98TRzL7wF8mzCUT+Fe\nMFP35xL3IIJ3CKzIkC9Wv+6kSgkobNoAJyUECbVtmxJer2/LmzfXsYI0NQ3QmeZL\npYoo4EOmIXpoWUSeZHh3av3guoy16s+bs5UuFQ2NfJeuD1n+uQBaNRchR3DxshEK\n66RiKu+QjdBrq0aoTXIT2MYKGiVEbYQlJuDuxilXLYlcYTcDpPIS7hh95bmAxRho\nwgbr3E3dsNgvMuANlgUJno5vyMr9P5zu+kDbJ8nB2fm5/LjXLmNvOy+rj8jCLbuP\nGS/vWxfvi21l4Xfmphi6skeq6JyIUPAm/U6bkR8LF5+/aVoIXUvkRHqbyBzDDDWc\n4+LjI4+INFK+Lxj/cwvh398Ko4LCA0KenJDBFN0Je/rz92uK867sgcQ7dreOK8pf\ngqWulL9H4kCkoZZF4367x2SQVQPWPExefQrpPwk6AlJTHocFqm1TUvmjTwCxmXWr\nztkq2GRxsmT6/2n5TrmHabl6cXDKtmnhS3k9FGFA556YowwJSEm9pKexguxqcyrg\nPPKM/j6ERtHoHDSMKT0frOoawoY=\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIGZjCCBE6gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx\nCzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlTYW4gRGllZ28xEzARBgNVBAoTCkVNUiBE\naXJlY3QxNjA0BgNVBAsTLUNlcnRpZmljYXRpb24gQXV0aG9yaXR5IChjZXJ0cy5l\nbXJkaXJlY3QuY29tKTEbMBkGA1UEAxMSRU1SIERpcmVjdCBUZXN0IENBMB4XDTEy\nMDkwNjA0MzEzNloXDTMyMDkwNjA0MzEzNlowgZgxCzAJBgNVBAYTAlVTMQswCQYD\nVQQIEwJDQTESMBAGA1UEBxMJU2FuIERpZWdvMRMwEQYDVQQKEwpFTVIgRGlyZWN0\nMTYwNAYDVQQLEy1DZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAoY2VydHMuZW1yZGly\nZWN0LmNvbSkxGzAZBgNVBAMTEkVNUiBEaXJlY3QgVGVzdCBDQTCCAiIwDQYJKoZI\nhvcNAQEBBQADggIPADCCAgoCggIBALugk56Hoot6yEEohbRQdQP6sMTCzXOSgxHr\neYI4h00EhMb8x8VzD/ZCEdgmrwa6y1WE7WaPdTcX/jCd0GNUwgqPz7sLP2NeTA9k\ngn/m0kXvxIgzaEhJntdqdvzHqlhtIMAURAu9erAfMn0giK7zwtSg5bYwC09tyv4d\nRIAX9UuvOpOqJnQk9DRRd64+9EKkX9Zj1lqT0/Wjr0w3jcGYN02dB03T4WARZEug\nzkBzPcmYPLhl09gRrgQg8msgTQi68vR+UKNUoQhRJAkk/CAqkMT8Uzuae/W7utYk\n4/vmiJEHoC7OV7yGa7VrD0HhjDzfs53kdnnzlo6MB+6oGFtIKaMF4D8GVSr+MY/p\na+C2dkqf4y3Pr3hqM3t4vgmr/eg0dhzh9+z4lpEZz9ciWcOXwjmxec3OFanvMOeG\n4OhKRiGIj/mVkDEWlC3tcdP22DtGk/RHGOJHkf6qKFxeNDOFHUdTpiXldAl3cUg9\nBNAlUnWHFwim+byxxVYzmXs/8KfLfOp6xIFjI/eddNE7/avQWoEkOapgUDfaixWi\nI1d40QGKJr0d1Yo+W5VxzzufJp5iC/4EmlYzaK9+dVOtfQGfNWaXmfYa8H7krcrW\ncvp0ando4Reh3a+qpybvBVyRJree1WODQHqs7J2lx9quyVfI3Box3uc/Hw2xxdjx\nV3cUsvd5AgMBAAGjgbgwgbUwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC\nAQYwHQYDVR0OBBYEFDHWhC9JmG4AAdBnofieHLBvp6KsMB8GA1UdIwQYMBaAFDHW\nhC9JmG4AAdBnofieHLBvp6KsMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9jZXJ0\ncy5lbXJkaXJlY3QuY29tL0VNUkRpcmVjdFRlc3RDQS5jcmwwEQYDVR0gBAowCDAG\nBgRVHSAAMA0GCSqGSIb3DQEBCwUAA4ICAQBsXbY8B7FcIskyeB/CGEI77GaDMDfK\nWGseJJYlJYz2FeIJgPtqdPhzn0jhQUVcwr//gC5j1aARlussG3gMr8OajpSpOqqf\nXEjzuITeq+Hxsp+ursiJXOZKhurY5NJKZ30ulFDxOZ97bWVUYPTfyy1qUrsqnNlW\n8LJcCnNzZ2uDSJn32FugUtWe0EEgRM10/8Q2IJXLuIhEQLbwl6q7PcDiPkT/yVh/\n9L6ul2bO/ZXp7DeSPeOafWOuCoTNbKxgBuljajm2VNB5+Xx/rSuPnoTRhsaXhke+\nnb3ZbGHJ2ZRu/Q45+OB1ws7VednMci25OVo+yVpH8tl2KF9u1JVNtf5mY3//HEwR\n8OfPPRZeQCqquESVrQjZILa6Ot7lVIhoNI6zkZAp3TaWYBi94upVkeA9uqVIC7cB\npiOz+6XXRDdJDMuh6xsA2tq2E5BY51H5pfskXBBGgHxDQ56R3RskZ7q/NaKSiqBA\nInueG7TVW+dR++rT2n9wkzJHKpA+YS0zHodvIoB71KNq1P/9choCMcBrNph5n32C\n8DpOlF+hi3kOkwjwchfkzC5XS+Zio5VYOyCV1C+CYJ7sw1psk1yYAWPm9rnUmfrm\nO27HXv6lW0Z9EpeUu++52CSYjZsx3E4J1FR0TulzsD8BQtFRL6aPfuSg85okOsxw\nb/p0AdITxRO0vQ==\n-----END CERTIFICATE-----",
|
|
47
|
+
"_title": "Auth Server Trust Anchor X509 Certificate(s) (PEM Format)",
|
|
48
|
+
"_description": "\n A list of one or more trust anchor root CA X.509 certificates, separated by a newline. Inferno will use\n these to establish\n trust with the authorization server's certificates provided in the discovery response signed_metadata JWT.\n ",
|
|
49
|
+
"_type": "textarea",
|
|
50
|
+
"_optional": true
|
|
51
|
+
},
|
|
52
|
+
{
|
|
53
|
+
"name": "udap_auth_code_flow_registration_grant_type",
|
|
54
|
+
"value": "authorization_code",
|
|
55
|
+
"_title": "Client Registration Grant Type",
|
|
56
|
+
"_description": "\n The OAuth2.0 grant type for which this client will register itself. A given client may register as either\n option, but not both.\n ",
|
|
57
|
+
"_type": "radio",
|
|
58
|
+
"_options": {
|
|
59
|
+
"list_options": [
|
|
60
|
+
{
|
|
61
|
+
"label": "Authorization Code",
|
|
62
|
+
"value": "authorization_code"
|
|
63
|
+
},
|
|
64
|
+
{
|
|
65
|
+
"label": "Client Credentials",
|
|
66
|
+
"value": "client_credentials"
|
|
67
|
+
}
|
|
68
|
+
]
|
|
69
|
+
},
|
|
70
|
+
"_locked": true
|
|
71
|
+
},
|
|
72
|
+
{
|
|
73
|
+
"name": "udap_auth_code_flow_client_registration_status",
|
|
74
|
+
"value": "update",
|
|
75
|
+
"_title": "Client Registration Status",
|
|
76
|
+
"_description": "\n If the client's iss and certificate combination has already been registered with the authorization server\n prior to this test run, select 'Update'.\n ",
|
|
77
|
+
"_type": "radio",
|
|
78
|
+
"_options": {
|
|
79
|
+
"list_options": [
|
|
80
|
+
{
|
|
81
|
+
"label": "New Registration (201 Response Code Expected)",
|
|
82
|
+
"value": "new"
|
|
83
|
+
},
|
|
84
|
+
{
|
|
85
|
+
"label": "Update Registration (200 or 201 Response Code Expected)",
|
|
86
|
+
"value": "update"
|
|
87
|
+
}
|
|
88
|
+
]
|
|
89
|
+
}
|
|
90
|
+
},
|
|
91
|
+
{
|
|
92
|
+
"name": "udap_auth_code_flow_client_cert_pem",
|
|
93
|
+
"value": "-----BEGIN CERTIFICATE-----\nMIIF7jCCA9agAwIBAgIRANwIl2YXy2fVCASfkpDCJvMwDQYJKoZIhvcNAQELBQAw\nfjELMAkGA1UEBhMCVVMxDzANBgNVBAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxh\nbmQxFDASBgNVBAoTC0ZoaXIgQ29kaW5nMRUwEwYDVQQLEwxJbnRlcm1lZGlhdGUx\nHjAcBgNVBAMTFVN1cmVGaGlyLUludGVybWVkaWF0ZTAeFw0yNTAyMDMyMDU3MDZa\nFw0yNzAyMDMyMDU3MDZaMH4xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24x\nETAPBgNVBAcMCFBvcnRsYW5kMRQwEgYDVQQKDAtGaGlyIENvZGluZzENMAsGA1UE\nCwwEVURBUDEmMCQGA1UEAwwdaHR0cHM6Ly9pbmZlcm5vLmhlYWx0aGl0Lmdvdi8w\nggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDy2kOxArrYZ2XKajkDouih\naTHHhFEI9pMdlpDkp9sYXnZRiNoQwFQ08svjrYNNzJtDFE1HNxKLzv3Ubrg2Ty7E\nEQ26kKC0ChO6oobtkXxEFGT5ynVY9WPockHQClWD00F85Sr5+ftqUBP2rBiDHuWD\n0kNmTjqEnq5G0G4mYr85V1euY/9c3Apubz5BGy1J51AI0043vV/h4baIH2hyEl5R\nEvu5XwjvAgOv6qk0+xDCTBXKxUDeOZjBelxLHxpaCs1y7uiw4Ob/r57QvHgWyerv\nofuCqyBR5mz4aZSdmREkXh2amp9uqA5zEfxrfjkMz1D6wJ43jXANNdp8GgABIOvH\nAgMBAAGjggFlMIIBYTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAdBgNV\nHQ4EFgQUDbOUKAfjcENPuV+fTYDkz+TFA/AwHwYDVR0jBBgwFoAUffrWFW01n6A5\nGTggnyqUp2pxKZMwTQYDVR0fBEYwRDBCoECgPoY8aHR0cDovL2NybC5maGlyY2Vy\ndHMubmV0L2NybC9zdXJlZmhpcmxhYnNJbnRlcm1lZGlhdGVDcmwuY3JsMEoGA1Ud\nEQRDMEGGHWh0dHBzOi8vaW5mZXJuby5oZWFsdGhpdC5nb3YvhiBodHRwczovL2lu\nZmVybm8tcWEuaGVhbHRoaXQuZ292LzBmBggrBgEFBQcBAQRaMFgwVgYIKwYBBQUH\nMAKGSmh0dHA6Ly9jcmwuZmhpcmNlcnRzLm5ldC9jZXJ0cy9pbnRlcm1lZGlhdGVz\nL1N1cmVGaGlyTGFic19JbnRlcm1lZGlhdGUuY2VyMA0GCSqGSIb3DQEBCwUAA4IC\nAQC4PtCfyOouoNmNBtT7sTyv5jMXtgv+kfu9ySepV9KbpOUceQEs9qbrCf3vmn4c\n4T4VGgXtoGHc2GmqdkWFmj37uqfjfR5dQ05SmYprvrI0he5Fe3f3FxzyBhEns69g\nIUay/hMWKLemati0MQ2HOZnY3SusF6qqCYTPYEWeV9sPNDNdgsIq47gPrZsnOlsQ\n6SyFmnmid4K8mJblxZBGpfpIfW6UaluId9WZeRhY39rhKXoxFc08alBfI6WEtTPG\nI6T+azyaVtDm+ypo18d94oLI7rmr/67xEwDFUNrJ2lotueI0Fr3IA2BHNw1BdrX/\nnXr/RRCENdsRnAJ+fhWYVjDCBdqmjF1b386lBWyJSuWlh6CbcEXFDxBN0LPzyWEj\nqIENKnWCWG8QoregV3K0gu1WiHhtNdaDdBAy79sbQ+5i86jMcyjJ0bC16kLz+jeo\nqDBx0oNdH4YVum/Uscyp/bwxznQ7eAg1oyCAeywlQ3eZKTB4Ki3rhfDDnuzDdh4X\nqS7H0/euzP7VIpTy/8QRrgTXCrFubRqZY0axoPDWG6ZrXtxAillVOoUVn6ucrvxf\nLE2BtQRVgNnw58QbP1bNZei5intokoy3V/3+1/En2/HlEv/HZloooUwkbuxkQE97\nb/b3yodmo1lF1qq+zfd6zzk9ERxC+2X9c2g2VCP5LcpJJQ==\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIGlDCCBHygAwIBAgIRAPAQo572a38pKrE1y3TWITIwDQYJKoZIhvcNAQELBQAw\nbDELMAkGA1UEBhMCVVMxDzANBgNVBAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxh\nbmQxFDASBgNVBAoTC0ZoaXIgQ29kaW5nMQ0wCwYDVQQLEwRSb290MRQwEgYDVQQD\nEwtTdXJlRmhpci1DQTAeFw0yNDAzMzEyMTIxNTdaFw0yOTA0MDEyMTIxNTdaMH4x\nCzAJBgNVBAYTAlVTMQ8wDQYDVQQIEwZPcmVnb24xETAPBgNVBAcTCFBvcnRsYW5k\nMRQwEgYDVQQKEwtGaGlyIENvZGluZzEVMBMGA1UECxMMSW50ZXJtZWRpYXRlMR4w\nHAYDVQQDExVTdXJlRmhpci1JbnRlcm1lZGlhdGUwggIiMA0GCSqGSIb3DQEBAQUA\nA4ICDwAwggIKAoICAQDoUwSdndRTVIzHTG6C1EOktgQYq6ON91JpSDUX5mnPtSbn\nHU6v8G7qvFWzK6S6jquuflV21xv5wQMtT0P7jsUdZAZfFB5OnxjC6sGraBeemwZg\n0SPoq+0h0Mnk+R0pXmwmc57x+nGADoVVnBBflGPRMg8Lnh/+31S4LT+0fmzHxfTy\nXG8jRJGT/yyYFSAJP3lx+WRioi0TykHrap4cztnL68jA4RszfRdsrvjCEeSzli8E\n7p7aakyQLqsC4Q4HBwHsK7uYc8bAx9o7s1ydyLGZsYTxOu7GQEhkLdAZFeiuoptW\nSUcb/ykVq4X/d88zp3cvjj35tTzfvWKb5lyWnMe3pGHJRyLOKq/PDDvfjb07F9sT\nbUjEAXf28WWMlCKW76KMD4c/ZacWRcH6LFFVLL60B21vippvhh4Sim1j7Py/8VKC\n98n6sp2rZQtA90V9+UEewZphtrZiEhgg5wOotBE992qaveILColwscu+os2AOeE0\nkbcggShVdPW6j9ZFqkwM9ZX9d23w39p3grtjBkHfGgPftRVn6kY6cd1Xh+bmlH4z\nV3GLDjSk3eHDy2R22PSfIQXkr7e+jh9umHwgSxXFBEqIpHPsFS9o+H9VqMqv9IOs\nd2nD9A7NuEwR4hyw84RYV0uKNFWKnBxhlEeyCR3g24Bt01EpO9W2DSeE1qPzBQID\nAQABo4IBHTCCARkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYD\nVR0OBBYEFH361hVtNZ+gORk4IJ8qlKdqcSmTMB8GA1UdIwQYMBaAFOvJcuZBjV4H\nKquZj31t/Dd30UojMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jcmwuZmhpcmNl\ncnRzLm5ldC9jcmwvU3VyZUZoaXJMYWJzUm9vdENybC5jcmwwHwYDVR0RBBgwFoYU\ndWRhcDovL2ZoaXJsYWJzLm5ldC8wTgYIKwYBBQUHAQEEQjBAMD4GCCsGAQUFBzAC\nhjJodHRwOi8vY3JsLmZoaXJjZXJ0cy5uZXQvY2VydHMvU3VyZUZoaXJMYWJzX0NB\nLmNlcjANBgkqhkiG9w0BAQsFAAOCAgEAfI95Qn1DpBU54DHz8ysUcgdi2XnHMe83\nghym9/0Ov5w8fZ1kr5GMjt9wWK0/qRv8gcWPwcZPyMgEiEq1rgQsi2LdmNmVmp2h\np8T1zqhRdJDjUSiOTWJZW+ULypHS7vhqHjAwQXxpznQYRDUqRQNr/PuscDbHJ+qm\nSMJHn186129V+C5sAjLthijIY1t+gNROsbc7EQ9wqXPa1jhS5hhntKzm7OKzlFKu\nmyWORXIpTBEqzyrK8ynMxgUnsZtV7PFqT4h4kfHZPi2ZgSukuBLNpLqgR9OLZ4od\n3VcoS83pZiq0WaY76iK+2Fqv0QtHuhLm5R/EWlRsbQ4DlYWR9MgjoE7rR5tWb6l5\nNvtPGwvTARRCYoFX0kjP/YwzldWHWdM1YZ73z7u7Fj7jCsNhUHYaGIRw25bxMxqr\nYUDsbtj3Ze+wjSDxiWxtgV5qrWz8BDjpFIDeE3VsJPHCw4Vy4ufqizrNd7ZcNBmp\ncMmx1ollvdxnQRVrlQAowK+ACjtcVEzcT8QBWRu0D3hjdbDeHmJwu/a+BmAaBKhS\n/1ieQ0eTN5pTrTndmOkICOMqYG4H14AvoR/NGkMOWcNwm0bfiFzRyunc2uZkyXvf\np8LT2aL9LWZNxREyjOqMCBGFcLXA+r02I+c550YwNtJkUTDqsDCMGyC5pB3dZdc2\ng+IojrfmcIE=\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIFyDCCA7CgAwIBAgIID4f+NanzOocwDQYJKoZIhvcNAQELBQAwbDELMAkGA1UE\nBhMCVVMxDzANBgNVBAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxhbmQxFDASBgNV\nBAoTC0ZoaXIgQ29kaW5nMQ0wCwYDVQQLEwRSb290MRQwEgYDVQQDEwtTdXJlRmhp\nci1DQTAeFw0yNDAzMzEyMTIxNTVaFw0zNDA0MDEyMTIxNTVaMGwxCzAJBgNVBAYT\nAlVTMQ8wDQYDVQQIEwZPcmVnb24xETAPBgNVBAcTCFBvcnRsYW5kMRQwEgYDVQQK\nEwtGaGlyIENvZGluZzENMAsGA1UECxMEUm9vdDEUMBIGA1UEAxMLU3VyZUZoaXIt\nQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDD+/hwbP6Frzz3lGrm\n43nDZ8Irg+4zuIjbhKMUtEoBhUKdTVJa1DDPVgDoMoGLBhyePHepJtizY7CPnkNv\nNnCdU8vyIld1k3b+xigEH7oEhscBgyvaWMhyGNu318nFE8eWDhfEF9p31g4yHLZo\n4qqYyDgOlDOJqPNoU2llRnwx6x78ZrlQOMfdo95P6FKImp4t3OVjAGWIWQXmHx0l\n2nt1rShvA/KAIRzA6jpWcIBc9aWagkcoqiebSLpS8AYn1tytI0Abn+nL85BMH18B\n2glVHWBreRGcYDGStlKeIHapHzA3Kzz0QadwJjGQdtNqNIIwvk9RFNfaQRrkYw97\nf3gpTTQ6BHAm71qwBxlOWnyn5qaNuUBcSLAqUt+bXarEujYd5XGOFjtUjr+Uf04n\n968hC1v7Whk/tKDwvQFctyrvaNaHi6kcElUhAc9NzIK/cQkiYvfF8rHLePxzUOVx\nsRUkcxciNXN5iM6NZNRIQSuUmbLTfiYoFql0LOFyuxY0RDlRUdGodPuiylj3eFrh\nOoSX6cYanZmya33Ln90hEjQfNP4ISkco/0xIzTZ+56qKi3QRfziE5Ua0X0L51GiP\nlBrQZ4eiKW8rbTE42Ingg2r3GzMglU7PEeqNOdDeX8b9keevI0LXiXFKUA2ckwy1\nqJ38giw9BNGVeYauNFu4DvRrwQIDAQABo24wbDAPBgNVHRMBAf8EBTADAQH/MA4G\nA1UdDwEB/wQEAwIBBjAqBgNVHSUBAf8EIDAeBggrBgEFBQcDAgYIKwYBBQUHAwEG\nCCsGAQUFBwMIMB0GA1UdDgQWBBTryXLmQY1eByqrmY99bfw3d9FKIzANBgkqhkiG\n9w0BAQsFAAOCAgEAsgMzB5Q3k18urq1ztcF2/8hDAJZ7JeI7qRKYujkfwm8skkLN\n4IYQl4bT5MBD4EehQBQYD2BqqmOdXxDiCdWyvNKfberIXZpufEK2vrlz3U3nE05S\nMoVtaNievQpH5XVvmF46AKJUVVx6zHntWBv1gTvyBk/i8pcMdH7/x2d1DFYsjmam\n4VCbjEeLyyocYju+wXwEu5r1HC9lqSUSdJX5oUSuxDdHBf7MQlFUUi5hNpm7qa2a\nJ36fTgOi5C24gR11qO5PV69drlNgr0iPC3hEEICI33YzHMVG9EfuST2nUZsYIdYr\ndr596osBMIRkCgQfyR2AfkoMAW/ea6x7nzqWphfTCGij0XboYYR/prm6odXBbhQD\nEn1cTlXceyyyhPV7QhR8gD284PyQQ9MiTp9Z1S4TWWItH1p251G9BaLgvnL1zMp3\nx2j3GH3auMJzirpsHS0Z8ph7gg0mI5Tf8yBHZ4t3CM0gmcuhjcSUxT0myOa04+Fp\nnNWkPc8Sms/3vL/rOcxOd+WJXD6VnpgjAvYKqjDHls27wG3wTu06aU9CEP+MxCQo\nvUAZ8rab6UBwCyqcuP2BMqYQUVzhLyxXicQqbxzc8bFep0Z988UjTkqYhTujZ7Ha\nH+y31f+V92LrJJAAO2hpOh5Xqqz34AMVDi87+zD4Z0+b7rFVfTOPOBZQRKU=\n-----END CERTIFICATE-----",
|
|
94
|
+
"_title": "Authorization Code Client Certificate(s) (PEM Format)",
|
|
95
|
+
"_description": "\n A list of one or more X.509 certificates in PEM format separated by a newline. The first (leaf) certificate\n MUST represent the client entity Inferno will register as,\n and the trust chain that will be built from the provided certificate(s) must resolve to a CA trusted by the\n authorization server under test.\n ",
|
|
96
|
+
"_type": "textarea",
|
|
97
|
+
"_optional": false
|
|
98
|
+
},
|
|
99
|
+
{
|
|
100
|
+
"name": "udap_auth_code_flow_client_private_key",
|
|
101
|
+
"value": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDy2kOxArrYZ2XK\najkDouihaTHHhFEI9pMdlpDkp9sYXnZRiNoQwFQ08svjrYNNzJtDFE1HNxKLzv3U\nbrg2Ty7EEQ26kKC0ChO6oobtkXxEFGT5ynVY9WPockHQClWD00F85Sr5+ftqUBP2\nrBiDHuWD0kNmTjqEnq5G0G4mYr85V1euY/9c3Apubz5BGy1J51AI0043vV/h4baI\nH2hyEl5REvu5XwjvAgOv6qk0+xDCTBXKxUDeOZjBelxLHxpaCs1y7uiw4Ob/r57Q\nvHgWyervofuCqyBR5mz4aZSdmREkXh2amp9uqA5zEfxrfjkMz1D6wJ43jXANNdp8\nGgABIOvHAgMBAAECggEARNiRhhXjCERPvBFe9mPxlQiwXwJowqS8UhAEJX5cg00M\nN9MXFtafSJ9oI7Rl2+FcRqjzu3OmY1Ib7WQx/tt1w4meHbywgjm1HBzFKYYr91Tc\nx1+Y4s42M4holeTIF2YFU7XX+CPhHWN0NWLWVB2nLTanetJEjqI5f8PI5kLqOQO3\nbApR7DRGjQAKTM3ozC9ycwVUlQcOagG5VeO0pvExmj3LP1MZ/smrgnEZe+BlqRIe\nnmFfO8XR4r+G2Y8g6z6SC/C8CCHlLrBtzqRp655cKgwnYatDMIViVTngqSx+XmIa\n5a6j0RRE9H30h4E2qbxggjInArd8Qxg+XyebKWD2UQKBgQD7hjyNvvcXEXDCZGJD\nrOx0IsAwFxw98MPnaUjUJWoXXqAgKe5goAgKIyGxvdvJkx8axlORtf1dndBLd4v+\n51upncgNN0lw7XtZeYyKkLzoMQvKHuTZKxSrxWnd5r+/VxioOfxMf1PQav8oTUgF\nf8BDkdmWwZzT+6/bwP5f9cA9TwKBgQD3LIaMBh2uoTu6M1WOxFfYPagyuN1hzoBv\nNc6mHtuqULEJGSgGIZfSqgB7t2qn0t+L/jrZX8AIJjGoF1OGOuZnTSRuvymt+m1P\nH2gjbTeaxr1OO0v2tnws4zAieqV2MaGKKLkzLZvkgz7Ihga3dUMNCysp11KwV9gu\nKp8kL2v8CQKBgQCSnI+FbC/pQWBB33Or0QtPMsZmAcKTlFkM9cDe8CQkFSMvPGHX\n7tBg4FOOoIWRvPEfkUU7JSLXw9qbcsamwcMbXn4yvexQKA2DfSdfybhje9tMaK+q\nqsL00TDBiPRyGtmjjZE0IfAAB65NlqaJlgrDGCwGBTteEVJTvO5Jjx0MXwKBgQCb\nkkHJJhxOiprOMns6Vag4qW4RJrvoUJIT7Rj5A9kclJco89V2LnShmnCdba9Km/Yp\n5cTihlqWhnugobXneXEFOc+hiN5R65obP9hK2/Ywi8Ag2j+QtADqO8BTI0C7aLeU\n/ta6OI2zQUwl5/2YQM0IC6yKNEWOSmv9esQZgWOFCQKBgG0KqReVpgyWsru2echQ\nj3UGbgftBQtEssSr5Zd7ZymrIUa0na2X4c3qmAEjD5aT1RrU0xvOvOz0Ib3RS77U\nEkDFFGHsOMdo21gx+L14dJtevBtiOs4+ka18YvLxBv7L+EtJjs96rb+2vTC+hPOn\nPt+YtETr5wLxaKTolgnN3Xok\n-----END PRIVATE KEY-----",
|
|
102
|
+
"_title": "Authorization Code Client Private Key (PEM Format)",
|
|
103
|
+
"_description": "\n The private key corresponding to the client certificate used for registration, in PEM format. Used to sign\n registration and/or authentication JWTs.\n ",
|
|
104
|
+
"_type": "textarea",
|
|
105
|
+
"_optional": false
|
|
106
|
+
},
|
|
107
|
+
{
|
|
108
|
+
"name": "udap_auth_code_flow_cert_iss",
|
|
109
|
+
"value": "https://inferno.healthit.gov/",
|
|
110
|
+
"_title": "Authorization Code JWT Issuer (iss) Claim",
|
|
111
|
+
"_description": "\n MUST correspond to a unique URI entry in the Subject Alternative Name (SAN) extension of the client\n certificate used for registration.\n ",
|
|
112
|
+
"_type": "text",
|
|
113
|
+
"_optional": false
|
|
114
|
+
},
|
|
115
|
+
{
|
|
116
|
+
"name": "udap_auth_code_flow_registration_scope",
|
|
117
|
+
"value": "patient/*.r",
|
|
118
|
+
"_title": "Authorization Code Registration Requested Scope(s)",
|
|
119
|
+
"_description": "\n String containing a space delimited list of scopes requested by the client application for use in\n subsequent requests. The Authorization Server MAY consider this list when deciding the scopes that it\n will allow the application to subsequently request. Apps requesting the \"authorization_code\" grant\n type SHOULD request user or patient scopes.\n ",
|
|
120
|
+
"_type": "text"
|
|
121
|
+
},
|
|
122
|
+
{
|
|
123
|
+
"name": "udap_jwt_signing_alg",
|
|
124
|
+
"value": "RS256",
|
|
125
|
+
"_title": "JWT Signing Algorithm",
|
|
126
|
+
"_description": "\n Algorithm used to sign UDAP JSON Web Tokens (JWTs). UDAP Implementations SHALL support\n RS256.\n ",
|
|
127
|
+
"_type": "radio",
|
|
128
|
+
"_options": {
|
|
129
|
+
"list_options": [
|
|
130
|
+
{
|
|
131
|
+
"label": "RS256",
|
|
132
|
+
"value": "RS256"
|
|
133
|
+
}
|
|
134
|
+
]
|
|
135
|
+
},
|
|
136
|
+
"_locked": true
|
|
137
|
+
},
|
|
138
|
+
{
|
|
139
|
+
"name": "udap_auth_code_flow_registration_certifications",
|
|
140
|
+
"value": null,
|
|
141
|
+
"_title": "Authorization Code UDAP Registration Certifications",
|
|
142
|
+
"_description": "\n Additional UDAP certifications to include in registration request, if required by the authorization server.\n Include a space separated list of strings representing a Base64-encoded, signed JWT.\n ",
|
|
143
|
+
"_type": "textarea",
|
|
144
|
+
"_optional": true
|
|
145
|
+
},
|
|
146
|
+
{
|
|
147
|
+
"name": "udap_authorization_code_request_scopes",
|
|
148
|
+
"value": "patient/AllergyIntolerance.r patient/Condition.r",
|
|
149
|
+
"_title": "Scope Parameter for Authorization Request",
|
|
150
|
+
"_description": "\n A list of space-separated scopes to include in the authorization request. If included, these may be equal\n to or a subset of the scopes requested during registration.\n If empty, scope will be omitted as a parameter to the authorization endpoint.\n ",
|
|
151
|
+
"_type": "text",
|
|
152
|
+
"_optional": true
|
|
153
|
+
},
|
|
154
|
+
{
|
|
155
|
+
"name": "udap_authorization_code_request_aud",
|
|
156
|
+
"value": ["include_aud"],
|
|
157
|
+
"_title": "Audience ('aud') Parameter for Authorization Request",
|
|
158
|
+
"_description": "\n If selected, the Base FHIR URL will be used as the 'aud' parameter in the request to the authorization\n endpoint.\n ",
|
|
159
|
+
"_type": "checkbox",
|
|
160
|
+
"_optional": true,
|
|
161
|
+
"_options": {
|
|
162
|
+
"list_options": [
|
|
163
|
+
{
|
|
164
|
+
"label": "Include 'aud' parameter",
|
|
165
|
+
"value": "include_aud"
|
|
166
|
+
}
|
|
167
|
+
]
|
|
168
|
+
}
|
|
169
|
+
},
|
|
170
|
+
{
|
|
171
|
+
"name": "flow_type_client_creds",
|
|
172
|
+
"value": [
|
|
173
|
+
"client_credentials"
|
|
174
|
+
],
|
|
175
|
+
"_title": "Required OAuth2.0 Flow Type for Client Credentials Workflow",
|
|
176
|
+
"_description": "Which grant type(s) must be supported per the returned Discovery metadata",
|
|
177
|
+
"_type": "checkbox",
|
|
178
|
+
"_optional": "false",
|
|
179
|
+
"_options": {
|
|
180
|
+
"list_options": [
|
|
181
|
+
{
|
|
182
|
+
"label": "Authorization Code",
|
|
183
|
+
"value": "authorization_code"
|
|
184
|
+
},
|
|
185
|
+
{
|
|
186
|
+
"label": "Client Credentials",
|
|
187
|
+
"value": "client_credentials"
|
|
188
|
+
}
|
|
189
|
+
]
|
|
190
|
+
},
|
|
191
|
+
"_locked": true
|
|
192
|
+
},
|
|
193
|
+
{
|
|
194
|
+
"name": "udap_client_credentials_flow_registration_grant_type",
|
|
195
|
+
"value": "client_credentials",
|
|
196
|
+
"_title": "Client Registration Grant Type",
|
|
197
|
+
"_description": "\n The OAuth2.0 grant type for which this client will register itself. A given client may register as either\n option, but not both.\n ",
|
|
198
|
+
"_type": "radio",
|
|
199
|
+
"_options": {
|
|
200
|
+
"list_options": [
|
|
201
|
+
{
|
|
202
|
+
"label": "Authorization Code",
|
|
203
|
+
"value": "authorization_code"
|
|
204
|
+
},
|
|
205
|
+
{
|
|
206
|
+
"label": "Client Credentials",
|
|
207
|
+
"value": "client_credentials"
|
|
208
|
+
}
|
|
209
|
+
]
|
|
210
|
+
},
|
|
211
|
+
"_locked": true
|
|
212
|
+
},
|
|
213
|
+
{
|
|
214
|
+
"name": "udap_client_credentials_flow_client_registration_status",
|
|
215
|
+
"value": "update",
|
|
216
|
+
"_title": "Client Registration Status",
|
|
217
|
+
"_description": "\n If the client's iss and certificate combination has already been registered with the authorization server\n prior to this test run, select 'Update'.\n ",
|
|
218
|
+
"_type": "radio",
|
|
219
|
+
"_options": {
|
|
220
|
+
"list_options": [
|
|
221
|
+
{
|
|
222
|
+
"label": "New Registration (201 Response Code Expected)",
|
|
223
|
+
"value": "new"
|
|
224
|
+
},
|
|
225
|
+
{
|
|
226
|
+
"label": "Update Registration (200 or 201 Response Code Expected)",
|
|
227
|
+
"value": "update"
|
|
228
|
+
}
|
|
229
|
+
]
|
|
230
|
+
}
|
|
231
|
+
},
|
|
232
|
+
{
|
|
233
|
+
"name": "udap_client_credentials_flow_client_cert_pem",
|
|
234
|
+
"value": "-----BEGIN CERTIFICATE-----\nMIIF7jCCA9agAwIBAgIRANwIl2YXy2fVCASfkpDCJvMwDQYJKoZIhvcNAQELBQAw\nfjELMAkGA1UEBhMCVVMxDzANBgNVBAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxh\nbmQxFDASBgNVBAoTC0ZoaXIgQ29kaW5nMRUwEwYDVQQLEwxJbnRlcm1lZGlhdGUx\nHjAcBgNVBAMTFVN1cmVGaGlyLUludGVybWVkaWF0ZTAeFw0yNTAyMDMyMDU3MDZa\nFw0yNzAyMDMyMDU3MDZaMH4xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24x\nETAPBgNVBAcMCFBvcnRsYW5kMRQwEgYDVQQKDAtGaGlyIENvZGluZzENMAsGA1UE\nCwwEVURBUDEmMCQGA1UEAwwdaHR0cHM6Ly9pbmZlcm5vLmhlYWx0aGl0Lmdvdi8w\nggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDy2kOxArrYZ2XKajkDouih\naTHHhFEI9pMdlpDkp9sYXnZRiNoQwFQ08svjrYNNzJtDFE1HNxKLzv3Ubrg2Ty7E\nEQ26kKC0ChO6oobtkXxEFGT5ynVY9WPockHQClWD00F85Sr5+ftqUBP2rBiDHuWD\n0kNmTjqEnq5G0G4mYr85V1euY/9c3Apubz5BGy1J51AI0043vV/h4baIH2hyEl5R\nEvu5XwjvAgOv6qk0+xDCTBXKxUDeOZjBelxLHxpaCs1y7uiw4Ob/r57QvHgWyerv\nofuCqyBR5mz4aZSdmREkXh2amp9uqA5zEfxrfjkMz1D6wJ43jXANNdp8GgABIOvH\nAgMBAAGjggFlMIIBYTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAdBgNV\nHQ4EFgQUDbOUKAfjcENPuV+fTYDkz+TFA/AwHwYDVR0jBBgwFoAUffrWFW01n6A5\nGTggnyqUp2pxKZMwTQYDVR0fBEYwRDBCoECgPoY8aHR0cDovL2NybC5maGlyY2Vy\ndHMubmV0L2NybC9zdXJlZmhpcmxhYnNJbnRlcm1lZGlhdGVDcmwuY3JsMEoGA1Ud\nEQRDMEGGHWh0dHBzOi8vaW5mZXJuby5oZWFsdGhpdC5nb3YvhiBodHRwczovL2lu\nZmVybm8tcWEuaGVhbHRoaXQuZ292LzBmBggrBgEFBQcBAQRaMFgwVgYIKwYBBQUH\nMAKGSmh0dHA6Ly9jcmwuZmhpcmNlcnRzLm5ldC9jZXJ0cy9pbnRlcm1lZGlhdGVz\nL1N1cmVGaGlyTGFic19JbnRlcm1lZGlhdGUuY2VyMA0GCSqGSIb3DQEBCwUAA4IC\nAQC4PtCfyOouoNmNBtT7sTyv5jMXtgv+kfu9ySepV9KbpOUceQEs9qbrCf3vmn4c\n4T4VGgXtoGHc2GmqdkWFmj37uqfjfR5dQ05SmYprvrI0he5Fe3f3FxzyBhEns69g\nIUay/hMWKLemati0MQ2HOZnY3SusF6qqCYTPYEWeV9sPNDNdgsIq47gPrZsnOlsQ\n6SyFmnmid4K8mJblxZBGpfpIfW6UaluId9WZeRhY39rhKXoxFc08alBfI6WEtTPG\nI6T+azyaVtDm+ypo18d94oLI7rmr/67xEwDFUNrJ2lotueI0Fr3IA2BHNw1BdrX/\nnXr/RRCENdsRnAJ+fhWYVjDCBdqmjF1b386lBWyJSuWlh6CbcEXFDxBN0LPzyWEj\nqIENKnWCWG8QoregV3K0gu1WiHhtNdaDdBAy79sbQ+5i86jMcyjJ0bC16kLz+jeo\nqDBx0oNdH4YVum/Uscyp/bwxznQ7eAg1oyCAeywlQ3eZKTB4Ki3rhfDDnuzDdh4X\nqS7H0/euzP7VIpTy/8QRrgTXCrFubRqZY0axoPDWG6ZrXtxAillVOoUVn6ucrvxf\nLE2BtQRVgNnw58QbP1bNZei5intokoy3V/3+1/En2/HlEv/HZloooUwkbuxkQE97\nb/b3yodmo1lF1qq+zfd6zzk9ERxC+2X9c2g2VCP5LcpJJQ==\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIGlDCCBHygAwIBAgIRAPAQo572a38pKrE1y3TWITIwDQYJKoZIhvcNAQELBQAw\nbDELMAkGA1UEBhMCVVMxDzANBgNVBAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxh\nbmQxFDASBgNVBAoTC0ZoaXIgQ29kaW5nMQ0wCwYDVQQLEwRSb290MRQwEgYDVQQD\nEwtTdXJlRmhpci1DQTAeFw0yNDAzMzEyMTIxNTdaFw0yOTA0MDEyMTIxNTdaMH4x\nCzAJBgNVBAYTAlVTMQ8wDQYDVQQIEwZPcmVnb24xETAPBgNVBAcTCFBvcnRsYW5k\nMRQwEgYDVQQKEwtGaGlyIENvZGluZzEVMBMGA1UECxMMSW50ZXJtZWRpYXRlMR4w\nHAYDVQQDExVTdXJlRmhpci1JbnRlcm1lZGlhdGUwggIiMA0GCSqGSIb3DQEBAQUA\nA4ICDwAwggIKAoICAQDoUwSdndRTVIzHTG6C1EOktgQYq6ON91JpSDUX5mnPtSbn\nHU6v8G7qvFWzK6S6jquuflV21xv5wQMtT0P7jsUdZAZfFB5OnxjC6sGraBeemwZg\n0SPoq+0h0Mnk+R0pXmwmc57x+nGADoVVnBBflGPRMg8Lnh/+31S4LT+0fmzHxfTy\nXG8jRJGT/yyYFSAJP3lx+WRioi0TykHrap4cztnL68jA4RszfRdsrvjCEeSzli8E\n7p7aakyQLqsC4Q4HBwHsK7uYc8bAx9o7s1ydyLGZsYTxOu7GQEhkLdAZFeiuoptW\nSUcb/ykVq4X/d88zp3cvjj35tTzfvWKb5lyWnMe3pGHJRyLOKq/PDDvfjb07F9sT\nbUjEAXf28WWMlCKW76KMD4c/ZacWRcH6LFFVLL60B21vippvhh4Sim1j7Py/8VKC\n98n6sp2rZQtA90V9+UEewZphtrZiEhgg5wOotBE992qaveILColwscu+os2AOeE0\nkbcggShVdPW6j9ZFqkwM9ZX9d23w39p3grtjBkHfGgPftRVn6kY6cd1Xh+bmlH4z\nV3GLDjSk3eHDy2R22PSfIQXkr7e+jh9umHwgSxXFBEqIpHPsFS9o+H9VqMqv9IOs\nd2nD9A7NuEwR4hyw84RYV0uKNFWKnBxhlEeyCR3g24Bt01EpO9W2DSeE1qPzBQID\nAQABo4IBHTCCARkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYD\nVR0OBBYEFH361hVtNZ+gORk4IJ8qlKdqcSmTMB8GA1UdIwQYMBaAFOvJcuZBjV4H\nKquZj31t/Dd30UojMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jcmwuZmhpcmNl\ncnRzLm5ldC9jcmwvU3VyZUZoaXJMYWJzUm9vdENybC5jcmwwHwYDVR0RBBgwFoYU\ndWRhcDovL2ZoaXJsYWJzLm5ldC8wTgYIKwYBBQUHAQEEQjBAMD4GCCsGAQUFBzAC\nhjJodHRwOi8vY3JsLmZoaXJjZXJ0cy5uZXQvY2VydHMvU3VyZUZoaXJMYWJzX0NB\nLmNlcjANBgkqhkiG9w0BAQsFAAOCAgEAfI95Qn1DpBU54DHz8ysUcgdi2XnHMe83\nghym9/0Ov5w8fZ1kr5GMjt9wWK0/qRv8gcWPwcZPyMgEiEq1rgQsi2LdmNmVmp2h\np8T1zqhRdJDjUSiOTWJZW+ULypHS7vhqHjAwQXxpznQYRDUqRQNr/PuscDbHJ+qm\nSMJHn186129V+C5sAjLthijIY1t+gNROsbc7EQ9wqXPa1jhS5hhntKzm7OKzlFKu\nmyWORXIpTBEqzyrK8ynMxgUnsZtV7PFqT4h4kfHZPi2ZgSukuBLNpLqgR9OLZ4od\n3VcoS83pZiq0WaY76iK+2Fqv0QtHuhLm5R/EWlRsbQ4DlYWR9MgjoE7rR5tWb6l5\nNvtPGwvTARRCYoFX0kjP/YwzldWHWdM1YZ73z7u7Fj7jCsNhUHYaGIRw25bxMxqr\nYUDsbtj3Ze+wjSDxiWxtgV5qrWz8BDjpFIDeE3VsJPHCw4Vy4ufqizrNd7ZcNBmp\ncMmx1ollvdxnQRVrlQAowK+ACjtcVEzcT8QBWRu0D3hjdbDeHmJwu/a+BmAaBKhS\n/1ieQ0eTN5pTrTndmOkICOMqYG4H14AvoR/NGkMOWcNwm0bfiFzRyunc2uZkyXvf\np8LT2aL9LWZNxREyjOqMCBGFcLXA+r02I+c550YwNtJkUTDqsDCMGyC5pB3dZdc2\ng+IojrfmcIE=\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIFyDCCA7CgAwIBAgIID4f+NanzOocwDQYJKoZIhvcNAQELBQAwbDELMAkGA1UE\nBhMCVVMxDzANBgNVBAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxhbmQxFDASBgNV\nBAoTC0ZoaXIgQ29kaW5nMQ0wCwYDVQQLEwRSb290MRQwEgYDVQQDEwtTdXJlRmhp\nci1DQTAeFw0yNDAzMzEyMTIxNTVaFw0zNDA0MDEyMTIxNTVaMGwxCzAJBgNVBAYT\nAlVTMQ8wDQYDVQQIEwZPcmVnb24xETAPBgNVBAcTCFBvcnRsYW5kMRQwEgYDVQQK\nEwtGaGlyIENvZGluZzENMAsGA1UECxMEUm9vdDEUMBIGA1UEAxMLU3VyZUZoaXIt\nQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDD+/hwbP6Frzz3lGrm\n43nDZ8Irg+4zuIjbhKMUtEoBhUKdTVJa1DDPVgDoMoGLBhyePHepJtizY7CPnkNv\nNnCdU8vyIld1k3b+xigEH7oEhscBgyvaWMhyGNu318nFE8eWDhfEF9p31g4yHLZo\n4qqYyDgOlDOJqPNoU2llRnwx6x78ZrlQOMfdo95P6FKImp4t3OVjAGWIWQXmHx0l\n2nt1rShvA/KAIRzA6jpWcIBc9aWagkcoqiebSLpS8AYn1tytI0Abn+nL85BMH18B\n2glVHWBreRGcYDGStlKeIHapHzA3Kzz0QadwJjGQdtNqNIIwvk9RFNfaQRrkYw97\nf3gpTTQ6BHAm71qwBxlOWnyn5qaNuUBcSLAqUt+bXarEujYd5XGOFjtUjr+Uf04n\n968hC1v7Whk/tKDwvQFctyrvaNaHi6kcElUhAc9NzIK/cQkiYvfF8rHLePxzUOVx\nsRUkcxciNXN5iM6NZNRIQSuUmbLTfiYoFql0LOFyuxY0RDlRUdGodPuiylj3eFrh\nOoSX6cYanZmya33Ln90hEjQfNP4ISkco/0xIzTZ+56qKi3QRfziE5Ua0X0L51GiP\nlBrQZ4eiKW8rbTE42Ingg2r3GzMglU7PEeqNOdDeX8b9keevI0LXiXFKUA2ckwy1\nqJ38giw9BNGVeYauNFu4DvRrwQIDAQABo24wbDAPBgNVHRMBAf8EBTADAQH/MA4G\nA1UdDwEB/wQEAwIBBjAqBgNVHSUBAf8EIDAeBggrBgEFBQcDAgYIKwYBBQUHAwEG\nCCsGAQUFBwMIMB0GA1UdDgQWBBTryXLmQY1eByqrmY99bfw3d9FKIzANBgkqhkiG\n9w0BAQsFAAOCAgEAsgMzB5Q3k18urq1ztcF2/8hDAJZ7JeI7qRKYujkfwm8skkLN\n4IYQl4bT5MBD4EehQBQYD2BqqmOdXxDiCdWyvNKfberIXZpufEK2vrlz3U3nE05S\nMoVtaNievQpH5XVvmF46AKJUVVx6zHntWBv1gTvyBk/i8pcMdH7/x2d1DFYsjmam\n4VCbjEeLyyocYju+wXwEu5r1HC9lqSUSdJX5oUSuxDdHBf7MQlFUUi5hNpm7qa2a\nJ36fTgOi5C24gR11qO5PV69drlNgr0iPC3hEEICI33YzHMVG9EfuST2nUZsYIdYr\ndr596osBMIRkCgQfyR2AfkoMAW/ea6x7nzqWphfTCGij0XboYYR/prm6odXBbhQD\nEn1cTlXceyyyhPV7QhR8gD284PyQQ9MiTp9Z1S4TWWItH1p251G9BaLgvnL1zMp3\nx2j3GH3auMJzirpsHS0Z8ph7gg0mI5Tf8yBHZ4t3CM0gmcuhjcSUxT0myOa04+Fp\nnNWkPc8Sms/3vL/rOcxOd+WJXD6VnpgjAvYKqjDHls27wG3wTu06aU9CEP+MxCQo\nvUAZ8rab6UBwCyqcuP2BMqYQUVzhLyxXicQqbxzc8bFep0Z988UjTkqYhTujZ7Ha\nH+y31f+V92LrJJAAO2hpOh5Xqqz34AMVDi87+zD4Z0+b7rFVfTOPOBZQRKU=\n-----END CERTIFICATE-----",
|
|
235
|
+
"_title": "Client Credentials Client Certificate(s) (PEM Format)",
|
|
236
|
+
"_description": "\n A list of one or more X.509 certificates in PEM format separated by a newline. The first (leaf) certificate\n MUST represent the client entity Inferno will register as,\n and the trust chain that will be built from the provided certificate(s) must resolve to a CA trusted by the\n authorization server under test.\n ",
|
|
237
|
+
"_type": "textarea",
|
|
238
|
+
"_optional": false
|
|
239
|
+
},
|
|
240
|
+
{
|
|
241
|
+
"name": "udap_client_credentials_flow_client_private_key",
|
|
242
|
+
"value": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDy2kOxArrYZ2XK\najkDouihaTHHhFEI9pMdlpDkp9sYXnZRiNoQwFQ08svjrYNNzJtDFE1HNxKLzv3U\nbrg2Ty7EEQ26kKC0ChO6oobtkXxEFGT5ynVY9WPockHQClWD00F85Sr5+ftqUBP2\nrBiDHuWD0kNmTjqEnq5G0G4mYr85V1euY/9c3Apubz5BGy1J51AI0043vV/h4baI\nH2hyEl5REvu5XwjvAgOv6qk0+xDCTBXKxUDeOZjBelxLHxpaCs1y7uiw4Ob/r57Q\nvHgWyervofuCqyBR5mz4aZSdmREkXh2amp9uqA5zEfxrfjkMz1D6wJ43jXANNdp8\nGgABIOvHAgMBAAECggEARNiRhhXjCERPvBFe9mPxlQiwXwJowqS8UhAEJX5cg00M\nN9MXFtafSJ9oI7Rl2+FcRqjzu3OmY1Ib7WQx/tt1w4meHbywgjm1HBzFKYYr91Tc\nx1+Y4s42M4holeTIF2YFU7XX+CPhHWN0NWLWVB2nLTanetJEjqI5f8PI5kLqOQO3\nbApR7DRGjQAKTM3ozC9ycwVUlQcOagG5VeO0pvExmj3LP1MZ/smrgnEZe+BlqRIe\nnmFfO8XR4r+G2Y8g6z6SC/C8CCHlLrBtzqRp655cKgwnYatDMIViVTngqSx+XmIa\n5a6j0RRE9H30h4E2qbxggjInArd8Qxg+XyebKWD2UQKBgQD7hjyNvvcXEXDCZGJD\nrOx0IsAwFxw98MPnaUjUJWoXXqAgKe5goAgKIyGxvdvJkx8axlORtf1dndBLd4v+\n51upncgNN0lw7XtZeYyKkLzoMQvKHuTZKxSrxWnd5r+/VxioOfxMf1PQav8oTUgF\nf8BDkdmWwZzT+6/bwP5f9cA9TwKBgQD3LIaMBh2uoTu6M1WOxFfYPagyuN1hzoBv\nNc6mHtuqULEJGSgGIZfSqgB7t2qn0t+L/jrZX8AIJjGoF1OGOuZnTSRuvymt+m1P\nH2gjbTeaxr1OO0v2tnws4zAieqV2MaGKKLkzLZvkgz7Ihga3dUMNCysp11KwV9gu\nKp8kL2v8CQKBgQCSnI+FbC/pQWBB33Or0QtPMsZmAcKTlFkM9cDe8CQkFSMvPGHX\n7tBg4FOOoIWRvPEfkUU7JSLXw9qbcsamwcMbXn4yvexQKA2DfSdfybhje9tMaK+q\nqsL00TDBiPRyGtmjjZE0IfAAB65NlqaJlgrDGCwGBTteEVJTvO5Jjx0MXwKBgQCb\nkkHJJhxOiprOMns6Vag4qW4RJrvoUJIT7Rj5A9kclJco89V2LnShmnCdba9Km/Yp\n5cTihlqWhnugobXneXEFOc+hiN5R65obP9hK2/Ywi8Ag2j+QtADqO8BTI0C7aLeU\n/ta6OI2zQUwl5/2YQM0IC6yKNEWOSmv9esQZgWOFCQKBgG0KqReVpgyWsru2echQ\nj3UGbgftBQtEssSr5Zd7ZymrIUa0na2X4c3qmAEjD5aT1RrU0xvOvOz0Ib3RS77U\nEkDFFGHsOMdo21gx+L14dJtevBtiOs4+ka18YvLxBv7L+EtJjs96rb+2vTC+hPOn\nPt+YtETr5wLxaKTolgnN3Xok\n-----END PRIVATE KEY-----",
|
|
243
|
+
"_title": "Client Credentials Client Private Key (PEM Format)",
|
|
244
|
+
"_description": "\n The private key corresponding to the client certificate used for registration, in PEM format. Used to sign\n registration and/or authentication JWTs.\n ",
|
|
245
|
+
"_type": "textarea",
|
|
246
|
+
"_optional": false
|
|
247
|
+
},
|
|
248
|
+
{
|
|
249
|
+
"name": "udap_cert_iss_client_creds_flow",
|
|
250
|
+
"value": "https://inferno-qa.healthit.gov/",
|
|
251
|
+
"_title": "Client Credentials JWT Issuer (iss) Claim",
|
|
252
|
+
"_description": "\n MUST correspond to a unique URI entry in the Subject Alternative Name (SAN) extension of the client\n certificate used for registration.\n ",
|
|
253
|
+
"_type": "text",
|
|
254
|
+
"_optional": false
|
|
255
|
+
},
|
|
256
|
+
{
|
|
257
|
+
"name": "udap_client_credentials_flow_registration_scope",
|
|
258
|
+
"value": "system/*.r",
|
|
259
|
+
"_title": "Client Credentials Registration Requested Scope(s)",
|
|
260
|
+
"_description": "\n String containing a space delimited list of scopes requested by the client application for use in\n subsequent requests. The Authorization Server MAY consider this list when deciding the scopes that it\n will allow the application to subsequently request. Apps requesting the \"client_credentials\" grant\n type SHOULD request system scopes.\n ",
|
|
261
|
+
"_type": "text"
|
|
262
|
+
},
|
|
263
|
+
{
|
|
264
|
+
"name": "udap_client_creds_flow_registration_certifications",
|
|
265
|
+
"value": null,
|
|
266
|
+
"_title": "Client Credentials UDAP Registration Certifications",
|
|
267
|
+
"_description": "\n Additional UDAP certifications to include in registration request, if required by the authorization server.\n Include a space separated list of strings representing a Base64-encoded, signed JWT.\n ",
|
|
268
|
+
"_type": "textarea",
|
|
269
|
+
"_optional": true
|
|
270
|
+
}
|
|
271
|
+
]
|
|
272
|
+
}
|
|
@@ -52,6 +52,10 @@ module UDAPSecurityTestKit
|
|
|
52
52
|
|
|
53
53
|
receives_request :redirect
|
|
54
54
|
|
|
55
|
+
config options: {
|
|
56
|
+
redirect_uri: UDAPSecurityTestKit::UDAP_REDIRECT_URI
|
|
57
|
+
}
|
|
58
|
+
|
|
55
59
|
def wait_message(auth_url)
|
|
56
60
|
if config.options[:redirect_message_proc].present?
|
|
57
61
|
return instance_exec(auth_url, &config.options[:redirect_message_proc])
|
|
File without changes
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
require_relative 'version'
|
|
2
|
+
|
|
3
|
+
module UDAPSecurityTestKit
|
|
4
|
+
class Metadata < Inferno::TestKit
|
|
5
|
+
id :udap_security
|
|
6
|
+
title 'UDAP Security'
|
|
7
|
+
description <<~DESCRIPTION
|
|
8
|
+
This is a collection of tests to verify server conformance to the [HL7 UDAP Security
|
|
9
|
+
STU 1.0 IG](https://hl7.org/fhir/us/udap-security/STU1/index.html)
|
|
10
|
+
<!-- break -->
|
|
11
|
+
Specifically, this test
|
|
12
|
+
kit assesses the required capabilities from the following sections:
|
|
13
|
+
- [JSON Web Token (JWT) Requirements](https://hl7.org/fhir/us/udap-security/STU1/index.html)
|
|
14
|
+
- [Discovery](https://hl7.org/fhir/us/udap-security/STU1/discovery.html)
|
|
15
|
+
- [Dynamic Client Registration](https://hl7.org/fhir/us/udap-security/STU1/registration.html)
|
|
16
|
+
- [Consumer-Facing Authorization & Authentication](https://hl7.org/fhir/us/udap-security/STU1/consumer.html)
|
|
17
|
+
- [Business-to-Business (B2B) Authorization & Authentication](https://hl7.org/fhir/us/udap-security/STU1/b2b.html)
|
|
18
|
+
|
|
19
|
+
[Tiered OAuth for User
|
|
20
|
+
Authentication](https://hl7.org/fhir/us/udap-security/STU1/user.html) is not a
|
|
21
|
+
required capability and is not assessed.
|
|
22
|
+
This test kit also does not assess client conformance.
|
|
23
|
+
DESCRIPTION
|
|
24
|
+
suite_ids [:udap_security]
|
|
25
|
+
tags ['UDAP Security']
|
|
26
|
+
last_updated '2025-01-09'
|
|
27
|
+
version VERSION
|
|
28
|
+
maturity 'Low'
|
|
29
|
+
authors 'inferno@groups.mitre.org'
|
|
30
|
+
repo 'https://github.com/inferno-framework/udap-security-test-kit'
|
|
31
|
+
end
|
|
32
|
+
end
|
|
@@ -21,7 +21,7 @@ module UDAPSecurityTestKit
|
|
|
21
21
|
|
|
22
22
|
x5c_certs_encoded = x5c_certs_pem_string.map do |cert|
|
|
23
23
|
cert_pem = OpenSSL::X509::Certificate.new(cert)
|
|
24
|
-
Base64.
|
|
24
|
+
Base64.strict_encode64(cert_pem.to_der)
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
JWT.encode payload, private_key, alg, { x5c: x5c_certs_encoded }
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
require 'uri'
|
|
1
2
|
module UDAPSecurityTestKit
|
|
2
3
|
class WellKnownEndpointTest < Inferno::Test
|
|
3
4
|
include Inferno::DSL::Assertions
|
|
@@ -18,11 +19,23 @@ module UDAPSecurityTestKit
|
|
|
18
19
|
title: 'FHIR Server Base URL',
|
|
19
20
|
description: 'Base FHIR URL of FHIR Server. Discovery request will be sent to {baseURL}/.well-known/udap'
|
|
20
21
|
|
|
22
|
+
input :udap_community_parameter,
|
|
23
|
+
title: 'UDAP Community Parameter',
|
|
24
|
+
description: "If included, the designated community value will be appended as a query to the well-known
|
|
25
|
+
endpoint to indicate the client's trust of certificates from this trust community.",
|
|
26
|
+
optional: true
|
|
27
|
+
|
|
21
28
|
output :udap_well_known_metadata_json
|
|
22
29
|
makes_request :config
|
|
23
30
|
|
|
24
31
|
run do
|
|
25
|
-
|
|
32
|
+
uri = URI.parse("#{udap_fhir_base_url.strip.chomp('/')}/.well-known/udap")
|
|
33
|
+
unless udap_community_parameter.blank?
|
|
34
|
+
queries = URI.decode_www_form(uri.query || '') << ['community', udap_community_parameter]
|
|
35
|
+
uri.query = URI.encode_www_form(queries)
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
get(uri.to_s, name: :udap_well_known_metadata_json)
|
|
26
39
|
assert_response_status(200)
|
|
27
40
|
assert_valid_json(response[:body])
|
|
28
41
|
output udap_well_known_metadata_json: response[:body]
|
|
@@ -1,13 +1,12 @@
|
|
|
1
1
|
require_relative 'udap_security_test_kit/authorization_code_group'
|
|
2
2
|
require_relative 'udap_security_test_kit/client_credentials_group'
|
|
3
|
-
require_relative 'udap_security_test_kit/version'
|
|
4
3
|
require_relative 'udap_security_test_kit/redirect_uri'
|
|
4
|
+
require_relative 'udap_security_test_kit/metadata'
|
|
5
5
|
|
|
6
6
|
module UDAPSecurityTestKit
|
|
7
7
|
class Suite < Inferno::TestSuite
|
|
8
8
|
id :udap_security
|
|
9
9
|
title 'UDAP Security'
|
|
10
|
-
version VERSION
|
|
11
10
|
description %(
|
|
12
11
|
The User Data Access Protocol (UDAP) Security test kit verifies that systems correctly implement the
|
|
13
12
|
[HL7 UDAP Security IG](http://hl7.org/fhir/us/udap-security/STU1/)
|
|
@@ -68,20 +67,19 @@ module UDAPSecurityTestKit
|
|
|
68
67
|
|
|
69
68
|
links [
|
|
70
69
|
{
|
|
71
|
-
|
|
72
|
-
url: 'https://github.com/inferno-framework/udap-security-test-kit/issues'
|
|
73
|
-
},
|
|
74
|
-
{
|
|
70
|
+
type: 'source_code',
|
|
75
71
|
label: 'Open Source',
|
|
76
|
-
url: 'https://github.com/inferno-framework/udap-security-test-kit'
|
|
72
|
+
url: 'https://github.com/inferno-framework/udap-security-test-kit/'
|
|
77
73
|
},
|
|
78
74
|
{
|
|
79
|
-
|
|
80
|
-
|
|
75
|
+
type: 'report_issue',
|
|
76
|
+
label: 'Report Issue',
|
|
77
|
+
url: 'https://github.com/inferno-framework/udap-security-test-kit/issues/'
|
|
81
78
|
},
|
|
82
79
|
{
|
|
83
|
-
|
|
84
|
-
|
|
80
|
+
type: 'download',
|
|
81
|
+
label: 'Download',
|
|
82
|
+
url: 'https://github.com/inferno-framework/udap-security-test-kit/releases/'
|
|
85
83
|
}
|
|
86
84
|
]
|
|
87
85
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: udap_security_test_kit
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.11.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Stephen MacVicar
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2025-02-25 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: inferno_core
|
|
@@ -17,14 +17,14 @@ dependencies:
|
|
|
17
17
|
requirements:
|
|
18
18
|
- - ">="
|
|
19
19
|
- !ruby/object:Gem::Version
|
|
20
|
-
version: 0.
|
|
20
|
+
version: 0.6.1
|
|
21
21
|
type: :runtime
|
|
22
22
|
prerelease: false
|
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
|
24
24
|
requirements:
|
|
25
25
|
- - ">="
|
|
26
26
|
- !ruby/object:Gem::Version
|
|
27
|
-
version: 0.
|
|
27
|
+
version: 0.6.1
|
|
28
28
|
- !ruby/object:Gem::Dependency
|
|
29
29
|
name: jwt
|
|
30
30
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -47,6 +47,7 @@ extensions: []
|
|
|
47
47
|
extra_rdoc_files: []
|
|
48
48
|
files:
|
|
49
49
|
- LICENSE
|
|
50
|
+
- config/presets/SureFhirIdentityMatchingDemo.json
|
|
50
51
|
- lib/udap_security_test_kit.rb
|
|
51
52
|
- lib/udap_security_test_kit/authorization_code_authentication_group.rb
|
|
52
53
|
- lib/udap_security_test_kit/authorization_code_group.rb
|
|
@@ -67,6 +68,8 @@ files:
|
|
|
67
68
|
- lib/udap_security_test_kit/dynamic_client_registration_group.rb
|
|
68
69
|
- lib/udap_security_test_kit/generate_client_certs_test.rb
|
|
69
70
|
- lib/udap_security_test_kit/grant_types_supported_field_test.rb
|
|
71
|
+
- lib/udap_security_test_kit/igs/put_ig_package_dot_tgz_here
|
|
72
|
+
- lib/udap_security_test_kit/metadata.rb
|
|
70
73
|
- lib/udap_security_test_kit/redirect_uri.rb
|
|
71
74
|
- lib/udap_security_test_kit/reg_endpoint_jwt_signing_alg_values_supported_field_test.rb
|
|
72
75
|
- lib/udap_security_test_kit/registration_endpoint_field_test.rb
|
|
@@ -103,6 +106,7 @@ licenses:
|
|
|
103
106
|
metadata:
|
|
104
107
|
homepage_uri: https://github.com/inferno-framework/udap-security-test-kit
|
|
105
108
|
source_code_uri: https://github.com/inferno-framework/udap-security-test-kit
|
|
109
|
+
inferno_test_kit: 'true'
|
|
106
110
|
post_install_message:
|
|
107
111
|
rdoc_options: []
|
|
108
112
|
require_paths:
|
|
@@ -111,14 +115,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
111
115
|
requirements:
|
|
112
116
|
- - ">="
|
|
113
117
|
- !ruby/object:Gem::Version
|
|
114
|
-
version: 3.
|
|
118
|
+
version: 3.3.6
|
|
115
119
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
116
120
|
requirements:
|
|
117
121
|
- - ">="
|
|
118
122
|
- !ruby/object:Gem::Version
|
|
119
123
|
version: '0'
|
|
120
124
|
requirements: []
|
|
121
|
-
rubygems_version: 3.
|
|
125
|
+
rubygems_version: 3.5.22
|
|
122
126
|
signing_key:
|
|
123
127
|
specification_version: 4
|
|
124
128
|
summary: UDAP Security IG Test Kit
|