Mentions légales du service

Skip to content
Snippets Groups Projects
Commit b4ad2d65 authored by Vincent Hofman's avatar Vincent Hofman
Browse files

Upload New File

parent e5247468
No related branches found
No related tags found
1 merge request!31X v hofma master patch 20434
Hide whitespace changes
Inline Side-by-side
IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Client_credentials.json 0 → 100644
+ 199
0
View file @ b4ad2d65
{
"profileType": "HTTPREQUEST",
"id": "IUA_ITI71_POST_Request_Client_Credentials",
"name": "ITI-71_HttpPOST_Request_Client_Credentials",
"description": "Validation Profile for validating an ITI-71 Post HTTP Request",
"context": "IHE",
"assertions": [
{
"selector": "request.method",
"id": "ITI71-001_POSTMethodChecking",
"description": "Assertion for the HTTP method checking",
"requirementPriority": "MANDATORY",
"checksComposition": "oneOf",
"checks": [
{
"type": "FIXEDVALUE",
"fixedValue": "POST"
}
]
},
{
"selector": "request.version",
"id": "ITI71-001_HTTP1VersionChecking",
"description": "Assertion for the HTTP version checking",
"requirementPriority": "MANDATORY",
"checksComposition": "oneOf",
"checks": [
{
"type": "FIXEDVALUE",
"fixedValue": "HTTP/1.1"
}
]
},
{
"selector": "request.uri.path",
"id": "ITI71-001_URIRegexChecking",
"description": "Assertion for the HTTP uri checking",
"requirementPriority": "MANDATORY",
"checksComposition": "oneOf",
"checks": [
{
"type": "REGEX",
"regex": "^(\\/[^\\/\\s]+)+$"
}
]
},
{
"selector": "request.uri.queryParams('grant_type').values",
"id": "ITI71-001_grant-type_parameter_presence",
"description": "1 and only 1 grant_type parameter is mandatory in the HTTP POST request.",
"requirementPriority": "MANDATORY",
"checksComposition": "oneOf",
"checks": [
{
"type": "OCCURRENCE",
"minOccurrence": 1,
"maxOccurrence": 1
}
]
},
{
"selector": "request.uri.queryParams('grant_type').values",
"id": "ITI71-001_grant_type_parameter_value",
"description": "grant_type parameter's value SHALL be client_credentials.",
"requirementPriority": "MANDATORY",
"checksComposition": "oneOf",
"checks": [
{
"type": "FIXEDVALUE",
"fixedValue": "client_credentials"
}
]
},
{
"selector": "request.uri.queryParams('resource').values",
"id": "ITI71-002_resource_parameter_presence",
"description": "1 resource parameter is permitted in the HTTP POST request.",
"requirementPriority": "MANDATORY",
"checksComposition": "oneOf",
"checks": [
{
"type": "OCCURRENCE",
"minOccurrence": 0,
"maxOccurrence" : 1
}
]
},
{
"selector": "request.uri.queryParams('resource').values",
"id": "ITI71-002_resource_parameter_value",
"description": "resource parameter's value SHALL be a url.",
"requirementPriority": "MANDATORY",
"checksComposition": "oneOf",
"applyIf": "request.uri.queryParams('resource').values.size() > 0",
"checks": [
{
"type": "REGEX",
"regex": "https?:\\/\\/(www\\.)?[-a-zA-Z0-9@:%._\\+~#=]{1,256}\\.[a-zA-Z0-9()]{1,6}\\b([-a-zA-Z0-9()@:%_\\+.~#?&//=]*)"
}
]
},
{
"selector": "request.uri.queryParams('scope').values",
"id": "ITI71-002_scope_parameter_presence",
"description": "1 scope parameter is permitted in the HTTP POST request.",
"requirementPriority": "MANDATORY",
"checksComposition": "oneOf",
"checks": [
{
"type": "OCCURRENCE",
"minOccurrence": 0,
"maxOccurrence": 1
}
]
},
{
"selector": "request.uri.queryParams('scope').values",
"id": "ITI71-002_scope_parameter_value",
"description": "Scope parameter's value SHALL match the rules : scope = scope-token *( SP scope-token ) AND scope-token = 1*( %x21 / %x23-5B / %x5D-7E ); regex: ([\\!|\\#-\\[|\\]-\\~]+| )+",
"requirementPriority": "MANDATORY",
"checksComposition": "oneOf",
"applyIf": "request.uri.queryParams('scope').values.size() > 0",
"checks": [
{
"type": "REGEX",
"regex": "([\\!|\\#-\\[|\\]-\\~]+| )+"
}
]
},
{
"selector": "request.headers('Content-Type').values",
"id": "ITI71-035_content-type_parameter_value",
"description": "One and only one Content-Type parameter is required.",
"requirementPriority": "MANDATORY",
"checksComposition": "oneOf",
"checks": [
{
"type": "OCCURRENCE",
"minOccurrence": 1,
"maxOccurrence": 1
}
]
},
{
"selector": "request.headers('Content-Type').values",
"id": "ITI71-003_grant-type_parameter_value",
"description": "Content-Type parameter's value SHALL be application/x-www-form-urlencoded.",
"requirementPriority": "MANDATORY",
"checksComposition": "oneOf",
"checks": [
{
"type": "FIXEDVALUE",
"fixedValue": "application/x-www-form-urlencoded"
}
]
},
{
"selector": "request.headers('Authorization').values",
"id": "ITI71-004_Authorization_parameter_value",
"description": "The Authorization Client shall present its client_id and client_secret in a HTTP Basic Authentication Header to the Authorization Server.",
"requirementPriority": "MANDATORY",
"checksComposition": "oneOf",
"checks": [
{
"type": "REGEX",
"regex": "Basic\\ [-a-zA-Z0-9._~+\\/]+=*"
}
]
},
{
"selector": "request.headers('Host').values",
"id": "ITI71-004_HostPresenceChecking",
"description": "One and only one Host is required in the Header",
"requirementPriority": "MANDATORY",
"checksComposition": "oneOf",
"checks": [
{
"type": "OCCURRENCE",
"minOccurrence": 1,
"maxOccurrence": 1
}
]
},
{
"selector": "request.headers('Host').values",
"id": "ITI71-004_HostValueChecking",
"description": "Host Shall be a server name; Regex: ^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$",
"requirementPriority": "MANDATORY",
"checksComposition": "oneOf",
"checks": [
{
"type": "REGEX",
"regex": "^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$"
}
]
}
]
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment