From e5247468a778fafe33905a37cec2f53da3c84bd3 Mon Sep 17 00:00:00 2001
From: Vincent Hofman <vincent.hofman@kereval.com>
Date: Wed, 15 Mar 2023 13:24:19 +0000
Subject: [PATCH] Upload New File
---
...Validation_Profile_Authorization_Code.json | 236 ++++++++++++++++++
1 file changed, 236 insertions(+)
create mode 100644 IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Authorization_Code.json
diff --git a/IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Authorization_Code.json b/IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Authorization_Code.json
new file mode 100644
index 0000000..d4ae514
--- /dev/null
+++ b/IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Authorization_Code.json
@@ -0,0 +1,236 @@
+{
+ "profileType": "HTTPREQUEST",
+ "id": "IUA_ITI71_POST_Request_Authorization_Code",
+ "name": "ITI-71_HttpPOST_Request_Authorization_Code",
+ "description": "Validation Profile for validating an ITI-71 Post HTTP Request",
+ "context": "IHE",
+ "assertions": [
+ {
+ "selector": "request.method",
+ "id": "ITI71-014_POSTMethodChecking",
+ "description": "Assertion for the HTTP method checking",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "POST"
+ }
+ ]
+ },
+ {
+ "selector": "request.version",
+ "id": "ITI71-014_HTTP1VersionChecking",
+ "description": "Assertion for the HTTP version checking",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "HTTP/1.1"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.path",
+ "id": "ITI71-014_URIRegexChecking",
+ "description": "Assertion for the HTTP uri checking",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^(\\/[^\\/\\s]+)+$"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('grant_type').values",
+ "id": "ITI71-014_grant_type_parameter_presence",
+ "description": "1 and only 1 grant_type parameter is mandatory in the HTTP POST request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('grant_type').values",
+ "id": "ITI71-014_grant_type_parameter_value",
+ "description": "grant_type parameter's value SHALL be authorization_code.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "authorization_code"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('code').values",
+ "id": "ITI71-014_code_parameter_presence",
+ "description": "1 and only 1 code parameter is mandatory in the HTTP POST request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('code').values",
+ "id": "ITI71-014_code_parameter_value",
+ "description": "code parameter's value SHALL be a b64token; regex: [-a-zA-Z0-9._~+/]+=*.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "[-a-zA-Z0-9._~+\/]+=*"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('redirect_uri').values",
+ "id": "ITI71-014_redirect_uri_parameter_presence",
+ "description": "One redirect_uri parameter is permitted in the HTTP GET request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('redirect_uri').values",
+ "id": "ITI71-014_redirect_uri_method_parameter_value",
+ "description": "redirect_uri parameter's value SHALL be a URI. Regex: ^http[s]?:\/\/[a-zA-Z0-9.\\/]*$",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^http[s]?:\\/\\/[a-zA-Z0-9.\\/]*$"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('code_verifier').values",
+ "id": "ITI71-014_code_verifier_parameter_presence",
+ "description": "One and only one code_verifier parameter is required in the HTTP GET request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('code_verifier').values",
+ "id": "ITI71-014_code_verifier_parameter_value",
+ "description": "code_verifier parameter's value SHALL be b64 value; regex: [-a-zA-Z0-9._~+/]+=*.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "[-a-zA-Z0-9._~+\\/]+=*"
+ }
+ ]
+ },{
+ "selector": "request.headers('Content-Type').values",
+ "id": "ITI71-035_content-type_parameter_presence",
+ "description": "One and only one Content-Type parameter is required.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Content-Type').values",
+ "id": "ITI71-014_content-type_parameter_value",
+ "description": "Content-Type parameter's value SHALL be application/x-www-form-urlencoded.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "application/x-www-form-urlencoded"
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Authorization').values",
+ "id": "ITI71-014_Authorization_parameter_presence",
+ "description": "One and only one Authorization Client is required in the HTTP Header.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Authorization').values",
+ "id": "ITI71-014_Authorization_parameter_value",
+ "description": "The Authorization Client shall present its client_id and client_secret in a HTTP Basic Authentication Header to the Authorization Server.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "Basic\\ [-a-zA-Z0-9._~+\\/]+=*"
+ }
+ ]
+ },{
+ "selector": "request.headers('Host').values",
+ "id": "ITI71-004_HostPresenceChecking",
+ "description": "One and only one Host is required in the Header",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Host').values",
+ "id": "ITI71-004_HostValueChecking",
+ "description": "Host Shall be a server name; Regex: ^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$"
+ }
+ ]
+ }
+ ]
+}
+
--
GitLab