diff --git a/IHE Validation profiles/.gitkeep b/IHE Validation profiles/.gitkeep
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/IHE Validation profiles/IUA/.gitkeep b/IHE Validation profiles/IUA/.gitkeep
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/IHE Validation profiles/IUA/IUA_ITI71_GET_Request_Validation_Profile.json b/IHE Validation profiles/IUA/IUA_ITI71_GET_Request_Validation_Profile.json
new file mode 100644
index 0000000000000000000000000000000000000000..8a0c4a65b262aef0066ef0f1d4107e2a1e15070c
--- /dev/null
+++ b/IHE Validation profiles/IUA/IUA_ITI71_GET_Request_Validation_Profile.json
@@ -0,0 +1,281 @@
+{
+ "profileType": "HTTPREQUEST",
+ "id": "IUA_ITI71_GET_Request_Validation_Profile",
+ "name": "ITI-71_HttpGET_Request",
+ "description": "Validation Profile for validating an ITI-71 Get HTTP Request",
+ "context": "IHE",
+ "assertions": [
+ {
+ "selector": "request.method",
+ "id": "ITI71-008_GETMethodChecking",
+ "description": "The HTTP method shall be GET",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "GET"
+ }
+ ]
+ },
+ {
+ "selector": "request.version",
+ "id": "ITI71-008_HTTP1VersionChecking",
+ "description": "The HTTP version shall be HTTP/1.1 ",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "HTTP/1.1"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.path",
+ "id": "ITI71-008_URIRegexChecking",
+ "description": "Assertion for the HTTP uri checking",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^(\\/[^\\/\\s]+)+$"
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Host').values",
+ "id": "ITI71-008_HostChecking",
+ "description": "Host Shall be a server name; Regex: ^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('response_type').values",
+ "id": "ITI71-008_response_type_parameter_presence",
+ "description": "One and only one response_type parameter is required.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('response_type').values",
+ "id": "ITI71-008_response_type_parameter_value",
+ "description": "response_type parameter's value SHALL be code.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "code"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('client_id').values",
+ "id": "ITI71-008_client_id_parameter_presence",
+ "description": "One and only one client_id is required.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('client_id').values",
+ "id": "ITI71-008_client_id_parameter_value",
+ "description": "client_id parameter's value SHALL be a b64token; regex: [-a-zA-Z0-9._~+\/]+=*.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "[-a-zA-Z0-9._~+\\/]+=*"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('state').values",
+ "id": "ITI71-008_state_parameter_presence",
+ "description": "One and only one state parameter is required in the HTTP GET request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('state').values",
+ "id": "ITI71-008_state_parameter_value",
+ "description": "State parameter's value SHALL be a random unguessable value; regex: [-a-zA-Z0-9._~+/]+=*.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "[-a-zA-Z0-9._~+\\/]+=*"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('code_challenge').values",
+ "id": "ITI71-008_code_challenge_parameter_presence",
+ "description": "One and only one code_challenge parameter is required in the HTTP GET request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('code_challenge').values",
+ "id": "ITI71-008_code_challenge_parameter_value",
+ "description": "code_challenge parameter's value SHALL be b64 value; regex: [-a-zA-Z0-9._~+/]+=*.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "[-a-zA-Z0-9._~+\\/]+=*"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('resource').values",
+ "id": "ITI71-009_resource_parameter_presence",
+ "description": "One resource parameter is permitted in the HTTP GET request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 0,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('resource').values",
+ "id": "ITI71-009_resource_parameter_regex",
+ "description": "Resource parameter's value SHALL be a URL. Regex: ^http[s]?:\/\/[a-zA-Z0-9.\/]*$",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "applyIf": "request.uri.queryParams('resource').values.size() > 0",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^http[s]?:\\/\\/[a-zA-Z0-9.\\/]*$"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('code_challenge_method').values",
+ "id": "ITI71-009_code_challenge_method_parameter_presence",
+ "description": "One code_challenge_method parameter is permitted in the HTTP GET request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 0,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('code_challenge_method').values",
+ "id": "ITI71-009_code_challenge_method_parameter_value",
+ "description": "code_challenge_method parameter's value may be S256",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "applyIf": "request.uri.queryParams('code_challenge_method').values.size() > 0",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "S256"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('redirect_uri').values",
+ "id": "ITI71-009_redirect_uri_parameter_presence",
+ "description": "One redirect_uri parameter is permitted in the HTTP GET request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 0,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('redirect_uri').values",
+ "id": "ITI71-009_redirect_uri_method_parameter_value",
+ "description": "redirect_uri parameter's value SHALL be a URI. Regex: http[s]?:\\/\\/[a-zA-Z0-9.\\/]*",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "applyIf": "request.uri.queryParams('redirect_uri').values.size() > 0",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "http[s]?:\\/\\/[a-zA-Z0-9.\\/]*"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('scope').values",
+ "id": "ITI71-009_scope_parameter_presence",
+ "description": "One scope parameter is permitted in the HTTP GET request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 0,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('scope').values",
+ "id": "ITI71-009_scope_parameter_value",
+ "description": "Scope parameter's value SHALL match the rules : scope = scope-token *( SP scope-token ) AND scope-token = 1*( %x21 / %x23-5B / %x5D-7E ); regex: ([\\!|\\#-\\[|\\]-\\~]+| )+",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "applyIf": "request.uri.queryParams('scope').values.size() > 0",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "([\\!|\\#-\\[|\\]-\\~]+| )+"
+ }
+ ]
+ }
+ ]
+}
\ No newline at end of file
diff --git a/IHE Validation profiles/IUA/IUA_ITI71_GET_Response_Validation_Profile.json b/IHE Validation profiles/IUA/IUA_ITI71_GET_Response_Validation_Profile.json
new file mode 100644
index 0000000000000000000000000000000000000000..c73dd1c2ac7955963484a222827d2ebf5251d1c4
--- /dev/null
+++ b/IHE Validation profiles/IUA/IUA_ITI71_GET_Response_Validation_Profile.json
@@ -0,0 +1,141 @@
+{
+ "profileType": "HTTPRESPONSE",
+ "id": "IUA_ITI71_GET_Response_Validation_Profile",
+ "name": "ITI-71_HttpGET_Response",
+ "description": "Validation Profile for validating an ITI-71 Get HTTP Response",
+ "context": "IHE",
+ "assertions": [
+ {
+ "selector": "response.version",
+ "id": "ITI71-010_HTTP1VersionChecking",
+ "description": "The HTTP version shall be HTTP/1.1 ",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "HTTP/1.1"
+ }
+ ]
+ },
+ {
+ "selector": "response.statusCode",
+ "id": "ITI71-010_HTTPStatusCodeChecking",
+ "description": "Http Status code shall be 302.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "302"
+ }
+ ]
+ },
+ {
+ "selector": "response.headers('Host').values",
+ "id": "ITI71-010_HostPresenceChecking",
+ "description": "One and only one Host is required in the Header",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "response.headers('Host').values",
+ "id": "ITI71-008_HostValueChecking",
+ "description": "Host Shall be a server name; Regex: ^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$"
+ }
+ ]
+ },
+ {
+ "selector": "response.headers('Location').values",
+ "id": "ITI71-010_LocationPresenceChecking",
+ "description": "One and only one Location is required in the Header",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "response.headers('Location').values",
+ "id": "ITI71-010_LocationRegexChecking",
+ "description": "A Location shall be a UIR. Regex: ^(\\/[^\\/\\s]+)+$",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^(\\/[^\\/\\s]+)+$"
+ }
+ ]
+ },
+ {
+ "selector": "response.headers('Location').values",
+ "id": "ITI71-011_code_parameter_presence",
+ "description": "1 and only 1 code parameter is mandatory in the HTTP POST response.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^(?:(?!code=*).)*code=*(?:(?!code=*).)*$"
+ }
+ ]
+ },
+ {
+ "selector": "response.headers('Location').values",
+ "id": "ITI71-011_code_parameter_value",
+ "description": "code parameter's value SHALL be a b64token; regex: [-a-zA-Z0-9._~+\/]+",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^.*code[=|%3D][-a-zA-Z0-9._~+\\/]+.*$"
+ }
+ ]
+ },
+ {
+ "selector": "response.headers('Location').values",
+ "id": "ITI71-011_state_parameter_presence",
+ "description": "One and only one state parameter is required in the HTTP GET response.",
+ "requirementPriority": "PERMITTED",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^(?:(?!state=*).)*state=*(?:(?!state=*).)*$"
+ }
+ ]
+ },
+ {
+ "selector": "response.headers('Location').values",
+ "id": "ITI71-011_state_parameter_value",
+ "description": "State parameter's value SHALL be a random unguessable value; regex: [-a-zA-Z0-9._~+/]+=*.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^.*state[=|%3D][-a-zA-Z0-9._~+\\/]+.*$"
+ }
+ ]
+ }
+ ]
+}
\ No newline at end of file
diff --git a/IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Authorization_Code.json b/IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Authorization_Code.json
new file mode 100644
index 0000000000000000000000000000000000000000..d4ae514e2cd17324b375ef93bdb398344f1e81d1
--- /dev/null
+++ b/IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Authorization_Code.json
@@ -0,0 +1,236 @@
+{
+ "profileType": "HTTPREQUEST",
+ "id": "IUA_ITI71_POST_Request_Authorization_Code",
+ "name": "ITI-71_HttpPOST_Request_Authorization_Code",
+ "description": "Validation Profile for validating an ITI-71 Post HTTP Request",
+ "context": "IHE",
+ "assertions": [
+ {
+ "selector": "request.method",
+ "id": "ITI71-014_POSTMethodChecking",
+ "description": "Assertion for the HTTP method checking",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "POST"
+ }
+ ]
+ },
+ {
+ "selector": "request.version",
+ "id": "ITI71-014_HTTP1VersionChecking",
+ "description": "Assertion for the HTTP version checking",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "HTTP/1.1"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.path",
+ "id": "ITI71-014_URIRegexChecking",
+ "description": "Assertion for the HTTP uri checking",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^(\\/[^\\/\\s]+)+$"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('grant_type').values",
+ "id": "ITI71-014_grant_type_parameter_presence",
+ "description": "1 and only 1 grant_type parameter is mandatory in the HTTP POST request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('grant_type').values",
+ "id": "ITI71-014_grant_type_parameter_value",
+ "description": "grant_type parameter's value SHALL be authorization_code.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "authorization_code"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('code').values",
+ "id": "ITI71-014_code_parameter_presence",
+ "description": "1 and only 1 code parameter is mandatory in the HTTP POST request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('code').values",
+ "id": "ITI71-014_code_parameter_value",
+ "description": "code parameter's value SHALL be a b64token; regex: [-a-zA-Z0-9._~+/]+=*.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "[-a-zA-Z0-9._~+\/]+=*"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('redirect_uri').values",
+ "id": "ITI71-014_redirect_uri_parameter_presence",
+ "description": "One redirect_uri parameter is permitted in the HTTP GET request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('redirect_uri').values",
+ "id": "ITI71-014_redirect_uri_method_parameter_value",
+ "description": "redirect_uri parameter's value SHALL be a URI. Regex: ^http[s]?:\/\/[a-zA-Z0-9.\\/]*$",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^http[s]?:\\/\\/[a-zA-Z0-9.\\/]*$"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('code_verifier').values",
+ "id": "ITI71-014_code_verifier_parameter_presence",
+ "description": "One and only one code_verifier parameter is required in the HTTP GET request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('code_verifier').values",
+ "id": "ITI71-014_code_verifier_parameter_value",
+ "description": "code_verifier parameter's value SHALL be b64 value; regex: [-a-zA-Z0-9._~+/]+=*.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "[-a-zA-Z0-9._~+\\/]+=*"
+ }
+ ]
+ },{
+ "selector": "request.headers('Content-Type').values",
+ "id": "ITI71-035_content-type_parameter_presence",
+ "description": "One and only one Content-Type parameter is required.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Content-Type').values",
+ "id": "ITI71-014_content-type_parameter_value",
+ "description": "Content-Type parameter's value SHALL be application/x-www-form-urlencoded.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "application/x-www-form-urlencoded"
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Authorization').values",
+ "id": "ITI71-014_Authorization_parameter_presence",
+ "description": "One and only one Authorization Client is required in the HTTP Header.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Authorization').values",
+ "id": "ITI71-014_Authorization_parameter_value",
+ "description": "The Authorization Client shall present its client_id and client_secret in a HTTP Basic Authentication Header to the Authorization Server.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "Basic\\ [-a-zA-Z0-9._~+\\/]+=*"
+ }
+ ]
+ },{
+ "selector": "request.headers('Host').values",
+ "id": "ITI71-004_HostPresenceChecking",
+ "description": "One and only one Host is required in the Header",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Host').values",
+ "id": "ITI71-004_HostValueChecking",
+ "description": "Host Shall be a server name; Regex: ^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$"
+ }
+ ]
+ }
+ ]
+}
+
diff --git a/IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Client_credentials.json b/IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Client_credentials.json
new file mode 100644
index 0000000000000000000000000000000000000000..ae79ed390c4df6fa2554526584e5dff132968865
--- /dev/null
+++ b/IHE Validation profiles/IUA/IUA_ITI71_POST_Request_Validation_Profile_Client_credentials.json
@@ -0,0 +1,199 @@
+{
+ "profileType": "HTTPREQUEST",
+ "id": "IUA_ITI71_POST_Request_Client_Credentials",
+ "name": "ITI-71_HttpPOST_Request_Client_Credentials",
+ "description": "Validation Profile for validating an ITI-71 Post HTTP Request",
+ "context": "IHE",
+ "assertions": [
+ {
+ "selector": "request.method",
+ "id": "ITI71-001_POSTMethodChecking",
+ "description": "Assertion for the HTTP method checking",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "POST"
+ }
+ ]
+ },
+ {
+ "selector": "request.version",
+ "id": "ITI71-001_HTTP1VersionChecking",
+ "description": "Assertion for the HTTP version checking",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "HTTP/1.1"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.path",
+ "id": "ITI71-001_URIRegexChecking",
+ "description": "Assertion for the HTTP uri checking",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^(\\/[^\\/\\s]+)+$"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('grant_type').values",
+ "id": "ITI71-001_grant-type_parameter_presence",
+ "description": "1 and only 1 grant_type parameter is mandatory in the HTTP POST request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('grant_type').values",
+ "id": "ITI71-001_grant_type_parameter_value",
+ "description": "grant_type parameter's value SHALL be client_credentials.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "client_credentials"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('resource').values",
+ "id": "ITI71-002_resource_parameter_presence",
+ "description": "1 resource parameter is permitted in the HTTP POST request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 0,
+ "maxOccurrence" : 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('resource').values",
+ "id": "ITI71-002_resource_parameter_value",
+ "description": "resource parameter's value SHALL be a url.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "applyIf": "request.uri.queryParams('resource').values.size() > 0",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "https?:\\/\\/(www\\.)?[-a-zA-Z0-9@:%._\\+~#=]{1,256}\\.[a-zA-Z0-9()]{1,6}\\b([-a-zA-Z0-9()@:%_\\+.~#?&//=]*)"
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('scope').values",
+ "id": "ITI71-002_scope_parameter_presence",
+ "description": "1 scope parameter is permitted in the HTTP POST request.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 0,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.uri.queryParams('scope').values",
+ "id": "ITI71-002_scope_parameter_value",
+ "description": "Scope parameter's value SHALL match the rules : scope = scope-token *( SP scope-token ) AND scope-token = 1*( %x21 / %x23-5B / %x5D-7E ); regex: ([\\!|\\#-\\[|\\]-\\~]+| )+",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "applyIf": "request.uri.queryParams('scope').values.size() > 0",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "([\\!|\\#-\\[|\\]-\\~]+| )+"
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Content-Type').values",
+ "id": "ITI71-035_content-type_parameter_value",
+ "description": "One and only one Content-Type parameter is required.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Content-Type').values",
+ "id": "ITI71-003_grant-type_parameter_value",
+ "description": "Content-Type parameter's value SHALL be application/x-www-form-urlencoded.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "application/x-www-form-urlencoded"
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Authorization').values",
+ "id": "ITI71-004_Authorization_parameter_value",
+ "description": "The Authorization Client shall present its client_id and client_secret in a HTTP Basic Authentication Header to the Authorization Server.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "Basic\\ [-a-zA-Z0-9._~+\\/]+=*"
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Host').values",
+ "id": "ITI71-004_HostPresenceChecking",
+ "description": "One and only one Host is required in the Header",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "request.headers('Host').values",
+ "id": "ITI71-004_HostValueChecking",
+ "description": "Host Shall be a server name; Regex: ^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "REGEX",
+ "regex": "^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\/]+$"
+ }
+ ]
+ }
+ ]
+}
+
diff --git a/IHE Validation profiles/IUA/IUA_ITI71_POST_Response_Validation_Profile.json b/IHE Validation profiles/IUA/IUA_ITI71_POST_Response_Validation_Profile.json
new file mode 100644
index 0000000000000000000000000000000000000000..e3e6ccf212ed033ed139071fab5c7c21b9263aa0
--- /dev/null
+++ b/IHE Validation profiles/IUA/IUA_ITI71_POST_Response_Validation_Profile.json
@@ -0,0 +1,117 @@
+{
+ "profileType": "HTTPRESPONSE",
+ "id": "IUA_ITI71_POST_Response_Validation_Profile",
+ "name": "ITI-71_HttpPOST_Response",
+ "description": "Validation Profile for validating an ITI-71 Post HTTP Response",
+ "context": "IHE",
+ "assertions": [
+ {
+ "selector": "response.version",
+ "id": "ITI71-035_HTTP1VersionChecking",
+ "description": "Assertion for the HTTP version checking",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "HTTP/1.1"
+ }
+ ]
+ },
+ {
+ "selector": "response.statusCode",
+ "id": "ITI71-035_HTTPStatusCodeChecking",
+ "description": "Http Status code shall be 200.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "200"
+ }
+ ]
+ },
+ {
+ "selector": "response.headers('Content-Type').values",
+ "id": "ITI71-035_content-type_parameter_presence",
+ "description": "One and only one Content-Type parameter is required.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "response.headers('Content-Type').values",
+ "id": "ITI71-035_content-type_parameter_value",
+ "description": "Content-Type parameter's value SHALL be application/json.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "application/json"
+ }
+ ]
+ },
+
+ {
+ "selector": "response.headers('Cache-Control').values",
+ "id": "ITI71-037_Cache-Control_parameter_presence",
+ "description": "One and only one Cache-Control parameter is required.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "response.headers('Cache-Control').values",
+ "id": "ITI71-037_Cache-Control_parameter_value",
+ "description": "Cache-Control parameter's value SHALL be no-store.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "no-store"
+ }
+ ]
+ },
+ {
+ "selector": "response.headers('Pragma').values",
+ "id": "ITI71-037_Pragma_parameter_presence",
+ "description": "One and only one Pragma parameter is required.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "OCCURRENCE",
+ "minOccurrence": 1,
+ "maxOccurrence": 1
+ }
+ ]
+ },
+ {
+ "selector": "response.headers('Pragma').values",
+ "id": "ITI71-037_Pragma_parameter_value",
+ "description": "Pragma parameter's value SHALL be no-cache.",
+ "requirementPriority": "MANDATORY",
+ "checksComposition": "oneOf",
+ "checks": [
+ {
+ "type": "FIXEDVALUE",
+ "fixedValue": "no-cache"
+ }
+ ]
+ }
+ ]
+}
\ No newline at end of file