udap_security_test_kit 0.11.6 → 0.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/udap_security_test_kit/client_suite.rb +3 -0
- data/lib/udap_security_test_kit/registration_failure_invalid_contents_test.rb +1 -1
- data/lib/udap_security_test_kit/requirements/generated/udap-security-test-kit_requirements_coverage.csv +317 -0
- data/lib/udap_security_test_kit/requirements/generated/udap_security_client_requirements_coverage.csv +38 -38
- data/lib/udap_security_test_kit/requirements/generated/udap_security_requirements_coverage.csv +70 -70
- data/lib/udap_security_test_kit/version.rb +2 -2
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/b2b_authorization_extension_object_test.rb +77 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/client_authorization_code_usage_test.rb +47 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/client_security_csrf_protection_test.rb +50 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/cryptographic_algorithms_test.rb +44 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/data_holder_auth_request_scope_test.rb +42 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/idp_authentication_compliance_test.rb +44 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/idp_supports_required_scopes_test.rb +42 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/jti_reuse_prevention_test.rb +44 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/metadata_interpretation_test.rb +47 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/oauth2_protocol_compliance_test.rb +50 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/preferred_identity_provider_test.rb +45 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/private_key_authentication_test.rb +47 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/resource_holder_authentication_test.rb +45 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/software_statement_registration_test.rb +49 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/token_request_authentication_test.rb +51 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/trust_community_query_parameters_test.rb +43 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client/validation_confidentiality_test.rb +49 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/client_attestation_group.rb +48 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/authentication_requests_group/authentication_request_construction_test.rb +56 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/authentication_requests_group/authentication_request_validation_test.rb +60 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/authentication_requests_group.rb +13 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/authorization_code_token_requests_group/access_token_lifetime_test.rb +42 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/authorization_code_token_requests_group/access_token_request_validation_test.rb +51 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/authorization_code_token_requests_group/authorization_code_usage_test.rb +45 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/authorization_code_token_requests_group/resource_holder_authorization_flow_test.rb +37 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/authorization_code_token_requests_group.rb +17 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/client_authentication_group/client_certificate_storage_test.rb +36 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/client_authentication_group/no_client_credentials_native_apps_test.rb +38 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/client_authentication_group.rb +13 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/dynamic_client_registration_group/certification_handling_test.rb +45 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/dynamic_client_registration_group/client_id_modification_test.rb +42 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/dynamic_client_registration_group/dynamic_client_registration_validation_test.rb +48 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/dynamic_client_registration_group.rb +15 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/deny_token_request_test.rb +42 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/general_error_response_test.rb +39 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/invalid_id_token_test.rb +43 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/invalid_idp_test.rb +39 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/invalid_redirection_uri_test.rb +43 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/prompt_none_test.rb +39 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/state_mismatch_test.rb +43 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/unauthenticated_user_test.rb +42 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/valid_state_error_response_test.rb +43 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group.rb +27 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/id_token_access_token_validation_group/access_token_validation_test.rb +47 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/id_token_access_token_validation_group/id_token_validation_test.rb +45 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/id_token_access_token_validation_group/token_response_validation_test.rb +47 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/id_token_access_token_validation_group.rb +15 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/identity_provider_interaction_group/idp_authentication_request_test.rb +45 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/identity_provider_interaction_group/idp_dynamic_registration_test.rb +45 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/identity_provider_interaction_group/idp_metadata_validation_test.rb +44 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/identity_provider_interaction_group/idp_token_exchange_test.rb +46 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/identity_provider_interaction_group.rb +17 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/jwt_security_group/jwt_certificate_chain_validation_test.rb +36 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/jwt_security_group/jwt_grant_parameter_validation_test.rb +36 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/jwt_security_group/jwt_jti_reuse_test.rb +35 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/jwt_security_group/jwt_signature_validation_test.rb +36 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/jwt_security_group/jwt_token_request_validation_test.rb +43 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/jwt_security_group.rb +19 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/metadata_server_capabilities_group/udap_authorization_extensions_required_test.rb +43 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/metadata_server_capabilities_group/udap_community_parameter_support_test.rb +44 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/metadata_server_capabilities_group/udap_metadata_endpoint_error_handling_test.rb +43 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/metadata_server_capabilities_group/udap_metadata_representation_test.rb +42 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/metadata_server_capabilities_group/udap_profiles_supported_test.rb +43 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/metadata_server_capabilities_group.rb +19 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/security_measures_group/csrf_protection_test.rb +49 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/security_measures_group/obtain_authorization_scopes_test.rb +44 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/security_measures_group/state_parameter_test.rb +48 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/security_measures_group/unauthenticated_client_security_test.rb +47 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server/security_measures_group.rb +17 -0
- data/lib/udap_security_test_kit/visual_inspection_and_attestation/server_attestation_group.rb +33 -0
- data/lib/udap_security_test_kit.rb +2 -0
- metadata +81 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 389308da43499f5da9c609232c1cc3fdaf1032878d896036c748fad5ad559e5b
|
|
4
|
+
data.tar.gz: fede0634c5887c1269335e23a43f7eafd2ead88f7023e7ddad38c461afebf14a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: '0889a1e651666db51b2e6ab9f3bea0adcfc03c0e6f63a94e485a85351f3adf145a645bc1da3f385ad488f5fa22517ab0868e005a710a6caa43be9698a3d642c2'
|
|
7
|
+
data.tar.gz: 1bdf5d418b6eb50172a0d9365b3e3013bbfd163ebec2bb68d9b4427a4fa806f31e8e7587c2c4cb018ba5dde83d70b586b881ffb58045ee542210425e484028f5
|
|
@@ -8,6 +8,7 @@ require_relative 'client_suite/registration_ac_group'
|
|
|
8
8
|
require_relative 'client_suite/registration_cc_group'
|
|
9
9
|
require_relative 'client_suite/access_ac_group'
|
|
10
10
|
require_relative 'client_suite/access_cc_group'
|
|
11
|
+
require_relative 'visual_inspection_and_attestation/client_attestation_group'
|
|
11
12
|
|
|
12
13
|
module UDAPSecurityTestKit
|
|
13
14
|
class UDAPSecurityClientTestSuite < Inferno::TestSuite
|
|
@@ -113,5 +114,7 @@ module UDAPSecurityTestKit
|
|
|
113
114
|
required_suite_options: {
|
|
114
115
|
client_type: UDAPClientOptions::UDAP_CLIENT_CREDENTIALS
|
|
115
116
|
}
|
|
117
|
+
|
|
118
|
+
group from: :udap_client_v100_visual_inspection_and_attestation
|
|
116
119
|
end
|
|
117
120
|
end
|
|
@@ -8,7 +8,7 @@ module UDAPSecurityTestKit
|
|
|
8
8
|
description %(
|
|
9
9
|
The [UDAP IG Section 3.1](https://hl7.org/fhir/us/udap-security/STU1/registration.html#software-statement) states:
|
|
10
10
|
> The unique client URI used for the iss claim SHALL match the uriName entry in the Subject Alternative Name
|
|
11
|
-
> extension of the client app operator’s X.509 certificate, and SHALL
|
|
11
|
+
> extension of the client app operator’s X.509 certificate, and SHALL uniquelys identify a single client app
|
|
12
12
|
> operator and application over time
|
|
13
13
|
|
|
14
14
|
The [UDAP IG Section 3.2.3](https://hl7.org/fhir/us/udap-security/STU1/registration.html#request-body) states:
|