Upload New File

e5247468 · Vincent Hofman · ce01d6d3 · e5247468
Commit e5247468 authored 2 years ago by Vincent Hofman
--- a/IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Authorization_Code.json
+++ b/IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Authorization_Code.json
+{
+  "profileType": "HTTPREQUEST",
+  "id": "IUA_ITI71_POST_Request_Authorization_Code",
+  "name": "ITI-71_HttpPOST_Request_Authorization_Code",
+  "description": "Validation Profile for validating an ITI-71 Post HTTP Request",
+  "context": "IHE",
+  "assertions": [
+    {
+      "selector": "request.method",
+      "id": "ITI71-014_POSTMethodChecking",
+      "description": "Assertion for the HTTP method checking",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+        "type": "FIXEDVALUE",
+        "fixedValue": "POST"
+        }
+      ]
+    },
+    {
+      "selector": "request.version",
+      "id": "ITI71-014_HTTP1VersionChecking",
+      "description": "Assertion for the HTTP version checking",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "FIXEDVALUE",
+          "fixedValue": "HTTP/1.1"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.path",
+      "id": "ITI71-014_URIRegexChecking",
+      "description": "Assertion for the HTTP uri checking",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^(\\/[^\\/\\s]+)+$"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('grant_type').values",
+      "id": "ITI71-014_grant_type_parameter_presence",
+      "description": "1 and only 1 grant_type parameter is mandatory in the HTTP POST request.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 1,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('grant_type').values",
+      "id": "ITI71-014_grant_type_parameter_value",
+      "description": "grant_type parameter's value SHALL be authorization_code.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "FIXEDVALUE",
+          "fixedValue": "authorization_code"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('code').values",
+      "id": "ITI71-014_code_parameter_presence",
+      "description": "1 and only 1 code parameter is mandatory in the HTTP POST request.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 1,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('code').values",
+      "id": "ITI71-014_code_parameter_value",
+      "description": "code parameter's value SHALL be a b64token; regex: [-a-zA-Z0-9._~+/]+=*.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "[-a-zA-Z0-9._~+\/]+=*"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('redirect_uri').values",
+      "id": "ITI71-014_redirect_uri_parameter_presence",
+      "description": "One redirect_uri parameter is permitted in the HTTP GET request.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 1,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('redirect_uri').values",
+      "id": "ITI71-014_redirect_uri_method_parameter_value",
+      "description": "redirect_uri parameter's value SHALL be a URI. Regex: ^http[s]?:\/\/[a-zA-Z0-9.\\/]*$",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^http[s]?:\\/\\/[a-zA-Z0-9.\\/]*$"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('code_verifier').values",
+      "id": "ITI71-014_code_verifier_parameter_presence",
+      "description": "One and only one code_verifier parameter is required in the HTTP GET request.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 1,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('code_verifier').values",
+      "id": "ITI71-014_code_verifier_parameter_value",
+      "description": "code_verifier parameter's value SHALL be b64 value; regex: [-a-zA-Z0-9._~+/]+=*.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "[-a-zA-Z0-9._~+\\/]+=*"
+        }
+      ]
+    },{
+      "selector": "request.headers('Content-Type').values",
+      "id": "ITI71-035_content-type_parameter_presence",
+      "description": "One and only one Content-Type parameter is required.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 1,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('Content-Type').values",
+      "id": "ITI71-014_content-type_parameter_value",
+      "description": "Content-Type parameter's value SHALL be application/x-www-form-urlencoded.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "FIXEDVALUE",
+          "fixedValue": "application/x-www-form-urlencoded"
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('Authorization').values",
+      "id": "ITI71-014_Authorization_parameter_presence",
+      "description": "One and only one Authorization Client is required in the HTTP Header.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 1,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('Authorization').values",
+      "id": "ITI71-014_Authorization_parameter_value",
+      "description": "The Authorization Client shall present its client_id and client_secret in a HTTP Basic Authentication Header to the Authorization Server.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "Basic\\ [-a-zA-Z0-9._~+\\/]+=*"
+        }
+      ]
+    },{
+      "selector": "request.headers('Host').values",
+      "id": "ITI71-004_HostPresenceChecking",
+      "description": "One and only one Host is required in the Header",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 1,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('Host').values",
+      "id": "ITI71-004_HostValueChecking",
+      "description": "Host Shall be a server name; Regex: ^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$"
+        }
+      ]
+    }
+  ]
+}