RubyGems - udap_security_test_kit - Versions diffs - 0.11.0 → 0.11.1 - Mend

udap_security_test_kit 0.11.0 → 0.11.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 22f218d70b41d99e7bfcb59937758c65cb24feb1a6574cdeea9ad63856dcd384
-  data.tar.gz: e87a1232e452de2ccf38cd585da0fd6b6415d9dc5c17c85f40bb0b92ed159bfd
+  metadata.gz: 191991de0d6424f3f08d07ef03bb5609a2fad336acdde0f61e4a62de7786fdd2
+  data.tar.gz: f65208486d7cea656ce8aa10f54cffc0ec885200703ce753e7d6c179e111a533
 SHA512:
-  metadata.gz: 731fcbb8519cf4d1248d308fbd312dcec6c441c1a218d6e7b9c97ea70325a358c9d1fa9936e48f691aba0fdf30869440ce98469c922a26d422794637136d3255
-  data.tar.gz: 0bece8c3cb74d388617287a1fdeb8a91d2e8f649f18ef37503dfe9aaddcd7de56fc3c65051bba37c8dcb07522fd2fb69e0fa8a75b629efa5877a41f82ff95d9b
+  metadata.gz: d47d7583522b6f734d6048333dc9e127f21f503e0ed0369872a3af86f40c36d904c1ab50d00b886ff3d49158be427b6638f3f3e54f3ac24070ca5bb664276fc7
+  data.tar.gz: 868a2a47d0c8575db14b97327027b2221e19367ac6daa37376992b7bf6cbc87c905327351c7f2233b1b62507765e4a389c86e4e61e2c280e356b367f0ace89fa

data/lib/udap_security_test_kit/authorization_code_authentication_group.rb CHANGED Viewed

@@ -14,45 +14,40 @@ module UDAPSecurityTestKit
     )
     id :udap_authorization_code_authentication_group
+    config(
+      requests: {
+        token_exchange: {
+          name: :udap_auth_code_flow_token_exchange
+        }
+      },
+      inputs: {
+        udap_client_id: {
+          name: :udap_authorization_code_flow_client_id
+        },
+        token_response_body: {
+          name: :udap_auth_code_flow_token_exchange_response_body
+        }
+      },
+      outputs: {
+        udap_access_token: {
+          name: :udap_auth_code_flow_access_token
+        },
+        udap_expires_in: {
+          name: :udap_auth_code_flow_expires_in
+        },
+        udap_received_scopes: {
+          name: :udap_auth_code_flow_received_scopes
+        },
+        udap_refresh_token: {
+          name: :udap_auth_code_flow_refresh_token
+        }
+      }
+    )
     test from: :udap_authorization_code_redirect
     test from: :udap_authorization_code_received
-    test from: :udap_authorization_code_token_exchange,
-         config: {
-           requests: {
-             token_exchange: {
-               name: :udap_auth_code_flow_token_exchange
-             }
-           }
-         }
-    test from: :udap_token_exchange_response_body,
-         config: {
-           inputs: {
-             token_response_body: {
-               name: :udap_auth_code_flow_token_exchange_response_body
-             }
-           },
-           outputs: {
-             udap_access_token: {
-               name: :udap_auth_code_flow_access_token
-             },
-             udap_expires_in: {
-               name: :udap_auth_code_flow_expires_in
-             },
-             udap_received_scopes: {
-               name: :udap_auth_code_flow_received_scopes
-             },
-             udap_refresh_token: {
-               name: :udap_auth_code_flow_refresh_token
-             }
-           }
-         }
-    test from: :udap_token_exchange_response_headers,
-         config: {
-           requests: {
-             token_exchange: {
-               name: :udap_auth_code_flow_token_exchange
-             }
-           }
-         }
+    test from: :udap_authorization_code_token_exchange
+    test from: :udap_token_exchange_response_body
+    test from: :udap_token_exchange_response_headers
   end
 end

data/lib/udap_security_test_kit/authorization_code_group.rb CHANGED Viewed

@@ -80,14 +80,8 @@ module UDAPSecurityTestKit
               }
             },
             outputs: {
-              udap_client_cert_pem: {
-                name: :udap_auth_code_flow_client_cert_pem
-              },
-              udap_client_private_key_pem: {
-                name: :udap_auth_code_flow_client_private_key
-              },
-              udap_cert_iss: {
-                name: :udap_auth_code_flow_cert_iss
+              udap_client_id: {
+                name: :udap_authorization_code_flow_client_id
               }
             }
           } do

data/lib/udap_security_test_kit/client_credentials_authentication_group.rb CHANGED Viewed

@@ -12,43 +12,38 @@ module UDAPSecurityTestKit
     )
     id :udap_client_credentials_authentication_group
-    test from: :udap_client_credentials_token_exchange,
-         config: {
-           requests: {
-             token_exchange: {
-               name: :udap_client_credentials_flow_token_exchange
-             }
-           }
-         }
-    test from: :udap_token_exchange_response_body,
-         config: {
-           inputs: {
-             token_response_body: {
-               name: :udap_client_credentials_flow_token_exchange_response_body
-             }
-           },
-           outputs: {
-             udap_access_token: {
-               name: :udap_client_credentials_flow_access_token
-             },
-             udap_expires_in: {
-               name: :udap_client_credentials_flow_expires_in
-             },
-             udap_received_scopes: {
-               name: :udap_client_credentials_flow_received_scopes
-             },
-             udap_refresh_token: {
-               name: :udap_client_credentials_flow_refresh_token
-             }
-           }
-         }
-    test from: :udap_token_exchange_response_headers,
-         config: {
-           requests: {
-             token_exchange: {
-               name: :udap_client_credentials_flow_token_exchange
-             }
-           }
-         }
+    config(
+      requests: {
+        token_exchange: {
+          name: :udap_client_credentials_flow_token_exchange
+        }
+      },
+      inputs: {
+        udap_client_id: {
+          name: :udap_client_credentials_flow_client_id
+        },
+        token_response_body: {
+          name: :udap_client_credentials_flow_token_exchange_response_body
+        }
+      },
+      outputs: {
+        udap_access_token: {
+          name: :udap_client_credentials_flow_access_token
+        },
+        udap_expires_in: {
+          name: :udap_client_credentials_flow_expires_in
+        },
+        udap_received_scopes: {
+          name: :udap_client_credentials_flow_received_scopes
+        },
+        udap_refresh_token: {
+          name: :udap_client_credentials_flow_refresh_token
+        }
+      }
+    )
+    test from: :udap_client_credentials_token_exchange
+    test from: :udap_token_exchange_response_body
+    test from: :udap_token_exchange_response_headers
   end
 end

data/lib/udap_security_test_kit/client_credentials_group.rb CHANGED Viewed

@@ -82,14 +82,8 @@ module UDAPSecurityTestKit
               }
             },
             outputs: {
-              udap_client_cert_pem: {
-                name: :udap_client_credentials_flow_client_cert_pem
-              },
-              udap_client_private_key_pem: {
-                name: :udap_client_credentials_flow_client_private_key
-              },
-              udap_cert_iss: {
-                name: :udap_cert_iss_client_creds_flow
+              udap_client_id: {
+                name: :udap_client_credentials_flow_client_id
               }
             }
           } do

data/lib/udap_security_test_kit/dynamic_client_registration_group.rb CHANGED Viewed

@@ -1,4 +1,3 @@
-require_relative 'generate_client_certs_test'
 require_relative 'registration_failure_invalid_contents_test'
 require_relative 'registration_failure_invalid_jwt_signature_test'
 require_relative 'registration_success_test'

data/lib/udap_security_test_kit/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module UDAPSecurityTestKit
-  VERSION = '0.11.0'.freeze
+  VERSION = '0.11.1'.freeze
 end

data/lib/udap_security_test_kit.rb CHANGED Viewed

@@ -51,12 +51,6 @@ module UDAPSecurityTestKit
       entries on `grant_type` and `iss` claims for more details.
     )
-    # cert_file = File.read(File.join(File.dirname(__FILE__), 'udap_security_test_kit/certs/InfernoCA.pem'))
-    # cert_file_route_handler = proc { [200, { 'Content-Type' => 'application/x-pem-file' }, [cert_file]] }
-    # route(:get, '/inferno_ca.pem', cert_file_route_handler)
     resume_test_route :get, '/redirect' do |request|
       request.query_parameters['state']
     end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: udap_security_test_kit
 version: !ruby/object:Gem::Version
-  version: 0.11.0
+  version: 0.11.1
 platform: ruby
 authors:
 - Stephen MacVicar
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-02-25 00:00:00.000000000 Z
+date: 2025-03-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inferno_core
@@ -66,7 +66,6 @@ files:
 - lib/udap_security_test_kit/default_cert_file_loader.rb
 - lib/udap_security_test_kit/discovery_group.rb
 - lib/udap_security_test_kit/dynamic_client_registration_group.rb
-- lib/udap_security_test_kit/generate_client_certs_test.rb
 - lib/udap_security_test_kit/grant_types_supported_field_test.rb
 - lib/udap_security_test_kit/igs/put_ig_package_dot_tgz_here
 - lib/udap_security_test_kit/metadata.rb

data/lib/udap_security_test_kit/generate_client_certs_test.rb DELETED Viewed

@@ -1,60 +0,0 @@
-require_relative 'udap_x509_certificate'
-require_relative 'default_cert_file_loader'
-module UDAPSecurityTestKit
-  class GenerateClientCertsTest < Inferno::Test
-    title 'Generate Client Certificates'
-    id :udap_generate_client_certs
-    description %(
-      This test may be included in test groups to generate and output a new client certificate for use in UDAP dynamic
-      client registration or authentication/authorization tests.
-    )
-    input :udap_client_cert_pem,
-          title: 'X.509 Client Certificate(s) (PEM Format)',
-          description: %(
-            A list of one or more X.509 certificates in PEM format separated by a newline. The first (leaf) certificate
-            MUST represent the client entity and the certificate chain must resolve to a CA trusted by the authorization
-            server under test.
-            Will be auto-generated if left blank.
-          ),
-          type: 'textarea',
-          optional: true
-    input :udap_client_private_key_pem,
-          title: 'Client Private Key (PEM Format)',
-          description: %(
-          The private key corresponding to the client certificate used for registration, in PEM format.  Used to sign
-          registration and/or authentication JWTs.
-          Will be auto-generated if left blank.
-          ),
-          type: 'textarea',
-          optional: true
-    input :udap_cert_iss,
-          title: 'JWT Issuer (iss) Claim',
-          description: %(
-            MUST correspond to a unique URI entry in the Subject Alternative Name (SAN) extension of the client
-            certificate used for registration.
-            Will be auto-generated with the client cert if left blank.
-          ),
-          optional: true
-    output :udap_cert_iss
-    output :udap_client_cert_pem
-    output :udap_client_private_key_pem
-    run do
-      omit_if udap_client_cert_pem.present? && udap_client_private_key_pem.present?,
-              'User has opted to provide client certs'
-      signing_key = DefaultCertFileLoader.load_default_ca_private_key_file
-      cert = UDAPX509Certificate.new(DefaultCertFileLoader.load_default_ca_pem_file, signing_key)
-      output udap_cert_iss: cert.san
-      output udap_client_cert_pem: cert.cert.to_pem
-      output udap_client_private_key_pem: cert.cert_private_key.to_pem
-    end
-  end
-end