From b4ad2d657ae5c5157a81ffae82c0143b0f42a7b7 Mon Sep 17 00:00:00 2001
From: Vincent Hofman <vincent.hofman@kereval.com>
Date: Wed, 15 Mar 2023 13:24:35 +0000
Subject: [PATCH] Upload New File
---
...Validation_Profile_Client_credentials.json | 199 ++++++++++++++++++
1 file changed, 199 insertions(+)
create mode 100644 IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Client_credentials.json
diff --git a/IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Client_credentials.json b/IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Client_credentials.json
new file mode 100644
index 0000000..ae79ed3
--- /dev/null
+++ b/IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Client_credentials.json
@@ -0,0 +1,199 @@
+{
+ "profileType": "HTTPREQUEST",
+ "id": "IUA_ITI71_POST_Request_Client_Credentials",
+ "name": "ITI-71_HttpPOST_Request_Client_Credentials",
+ "description": "Validation Profile for validating an ITI-71 Post HTTP Request",
+ "context": "IHE",
+ "assertions": [
+ {
+ "selector": "request.method",
+ "id": "ITI71-001_POSTMethodChecking",
+ "description": "Assertion for the HTTP method checking",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "POST"
+ }
+ ]
+ },
+ {
+ "selector": "request.version",
+ "id": "ITI71-001_HTTP1VersionChecking",
+ "description": "Assertion for the HTTP version checking",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "HTTP/1.1"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.path",
+ "id": "ITI71-001_URIRegexChecking",
+ "description": "Assertion for the HTTP uri checking",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^(\\/[^\\/\\s]+)+$"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('grant_type').values",
+ "id": "ITI71-001_grant-type_parameter_presence",
+ "description": "1 and only 1 grant_type parameter is mandatory in the HTTP POST request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('grant_type').values",
+ "id": "ITI71-001_grant_type_parameter_value",
+ "description": "grant_type parameter's value SHALL be client_credentials.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "client_credentials"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('resource').values",
+ "id": "ITI71-002_resource_parameter_presence",
+ "description": "1 resource parameter is permitted in the HTTP POST request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 0,
+ "maxOccurrence" : 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('resource').values",
+ "id": "ITI71-002_resource_parameter_value",
+ "description": "resource parameter's value SHALL be a url.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "applyIf": "request.uri.queryParams('resource').values.size() > 0",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "https?:\\/\\/(www\\.)?[-a-zA-Z0-9@:%._\\+~#=]{1,256}\\.[a-zA-Z0-9()]{1,6}\\b([-a-zA-Z0-9()@:%_\\+.~#?&//=]*)"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('scope').values",
+ "id": "ITI71-002_scope_parameter_presence",
+ "description": "1 scope parameter is permitted in the HTTP POST request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 0,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('scope').values",
+ "id": "ITI71-002_scope_parameter_value",
+ "description": "Scope parameter's value SHALL match the rules : scope = scope-token *( SP scope-token ) AND scope-token = 1*( %x21 / %x23-5B / %x5D-7E ); regex: ([\\!|\\#-\\[|\\]-\\~]+| )+",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "applyIf": "request.uri.queryParams('scope').values.size() > 0",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "([\\!|\\#-\\[|\\]-\\~]+| )+"
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Content-Type').values",
+ "id": "ITI71-035_content-type_parameter_value",
+ "description": "One and only one Content-Type parameter is required.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Content-Type').values",
+ "id": "ITI71-003_grant-type_parameter_value",
+ "description": "Content-Type parameter's value SHALL be application/x-www-form-urlencoded.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "application/x-www-form-urlencoded"
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Authorization').values",
+ "id": "ITI71-004_Authorization_parameter_value",
+ "description": "The Authorization Client shall present its client_id and client_secret in a HTTP Basic Authentication Header to the Authorization Server.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "Basic\\ [-a-zA-Z0-9._~+\\/]+=*"
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Host').values",
+ "id": "ITI71-004_HostPresenceChecking",
+ "description": "One and only one Host is required in the Header",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Host').values",
+ "id": "ITI71-004_HostValueChecking",
+ "description": "Host Shall be a server name; Regex: ^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$"
+ }
+ ]
+ }
+ ]
+}
+
--
GitLab