Module: UDAPSecurityTestKit

Extended by:

CommonAssertions

Defined in:

lib/udap_security_test_kit.rb,
lib/udap_security_test_kit/tags.rb,
lib/udap_security_test_kit/urls.rb,
lib/udap_security_test_kit/version.rb,
lib/udap_security_test_kit/metadata.rb,
lib/udap_security_test_kit/client_suite.rb,
lib/udap_security_test_kit/redirect_uri.rb,
lib/udap_security_test_kit/discovery_group.rb,
lib/udap_security_test_kit/udap_jwt_builder.rb,
lib/udap_security_test_kit/udap_jwt_validator.rb,
lib/udap_security_test_kit/udap_request_builder.rb,
lib/udap_security_test_kit/udap_x509_certificate.rb,
lib/udap_security_test_kit/client_suite/oidc_jwks.rb,
lib/udap_security_test_kit/authorization_code_group.rb,
lib/udap_security_test_kit/client_credentials_group.rb,
lib/udap_security_test_kit/default_cert_file_loader.rb,
lib/udap_security_test_kit/well_known_endpoint_test.rb,
lib/udap_security_test_kit/registration_success_test.rb,
lib/udap_security_test_kit/token_endpoint_field_test.rb,
lib/udap_security_test_kit/endpoints/mock_udap_server.rb,
lib/udap_security_test_kit/signed_metadata_field_test.rb,
lib/udap_security_test_kit/software_statement_builder.rb,
lib/udap_security_test_kit/client_suite/client_options.rb,
lib/udap_security_test_kit/scopes_supported_field_test.rb,
lib/udap_security_test_kit/client_suite/access_ac_group.rb,
lib/udap_security_test_kit/client_suite/access_cc_group.rb,
lib/udap_security_test_kit/signed_metadata_contents_test.rb,
lib/udap_security_test_kit/authorization_code_received_test.rb,
lib/udap_security_test_kit/authorization_code_redirect_test.rb,
lib/udap_security_test_kit/client_suite/client_descriptions.rb,
lib/udap_security_test_kit/grant_types_supported_field_test.rb,
lib/udap_security_test_kit/registration_endpoint_field_test.rb,
lib/udap_security_test_kit/authorization_endpoint_field_test.rb,
lib/udap_security_test_kit/dynamic_client_registration_group.rb,
lib/udap_security_test_kit/token_exchange_response_body_test.rb,
lib/udap_security_test_kit/client_suite/registration_ac_group.rb,
lib/udap_security_test_kit/client_suite/registration_cc_group.rb,
lib/udap_security_test_kit/registration_success_contents_test.rb,
lib/udap_security_test_kit/udap_profiles_supported_field_test.rb,
lib/udap_security_test_kit/udap_versions_supported_field_test.rb,
lib/udap_security_test_kit/token_exchange_response_headers_test.rb,
lib/udap_security_test_kit/udap_client_assertion_payload_builder.rb,
lib/udap_security_test_kit/authorization_code_token_exchange_test.rb,
lib/udap_security_test_kit/client_credentials_token_exchange_test.rb,
lib/udap_security_test_kit/authorization_code_authentication_group.rb,
lib/udap_security_test_kit/client_credentials_authentication_group.rb,
lib/udap_security_test_kit/client_suite/access_ac_interaction_test.rb,
lib/udap_security_test_kit/client_suite/access_cc_interaction_test.rb,
lib/udap_security_test_kit/client_suite/token_request_verification.rb,
lib/udap_security_test_kit/signed_metadata_trust_verification_test.rb,
lib/udap_security_test_kit/udap_certifications_required_field_test.rb,
lib/udap_security_test_kit/client_suite/token_use_verification_test.rb,
lib/udap_security_test_kit/udap_auth_extensions_required_field_test.rb,
lib/udap_security_test_kit/udap_certifications_supported_field_test.rb,
lib/udap_security_test_kit/endpoints/echoing_fhir_responder_endpoint.rb,
lib/udap_security_test_kit/endpoints/mock_udap_server/token_endpoint.rb,
lib/udap_security_test_kit/udap_auth_extensions_supported_field_test.rb,
lib/udap_security_test_kit/client_suite/registration_interaction_test.rb,
lib/udap_security_test_kit/registration_failure_invalid_contents_test.rb,
lib/udap_security_test_kit/client_suite/registration_ac_verification_test.rb,
lib/udap_security_test_kit/client_suite/registration_cc_verification_test.rb,
lib/udap_security_test_kit/client_suite/registration_request_verification.rb,
lib/udap_security_test_kit/client_suite/token_request_ac_verification_test.rb,
lib/udap_security_test_kit/client_suite/token_request_cc_verification_test.rb,
lib/udap_security_test_kit/registration_failure_invalid_jwt_signature_test.rb,
lib/udap_security_test_kit/endpoints/mock_udap_server/registration_endpoint.rb,
lib/udap_security_test_kit/token_endpoint_auth_methods_supported_field_test.rb,
lib/udap_security_test_kit/endpoints/mock_udap_server/authorization_endpoint.rb,
lib/udap_security_test_kit/endpoints/mock_udap_server/introspection_endpoint.rb,
lib/udap_security_test_kit/client_suite/authorization_request_verification_test.rb,
lib/udap_security_test_kit/endpoints/mock_udap_server/udap_token_response_creation.rb,
lib/udap_security_test_kit/reg_endpoint_jwt_signing_alg_values_supported_field_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client_attestation_group.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server_attestation_group.rb,
lib/udap_security_test_kit/token_endpoint_auth_signing_alg_values_supported_field_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/jwt_security_group.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group.rb,
lib/udap_security_test_kit/endpoints/mock_udap_server/udap_registration_response_creation.rb,
lib/udap_security_test_kit/endpoints/mock_udap_server/udap_authorization_response_creation.rb,
lib/udap_security_test_kit/endpoints/mock_udap_server/udap_introspection_response_creation.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/security_measures_group.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/jti_reuse_prevention_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/client_authentication_group.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/metadata_interpretation_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/cryptographic_algorithms_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/authentication_requests_group.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/oauth2_protocol_compliance_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/private_key_authentication_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/validation_confidentiality_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/preferred_identity_provider_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/idp_supports_required_scopes_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/token_request_authentication_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/dynamic_client_registration_group.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/idp_authentication_compliance_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/metadata_server_capabilities_group.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/data_holder_auth_request_scope_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/resource_holder_authentication_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/identity_provider_interaction_group.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/client_authorization_code_usage_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/client_security_csrf_protection_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/software_statement_registration_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/trust_community_query_parameters_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/invalid_idp_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/prompt_none_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/jwt_security_group/jwt_jti_reuse_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/id_token_access_token_validation_group.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/client/b2b_authorization_extension_object_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/authorization_code_token_requests_group.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/state_mismatch_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/invalid_id_token_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/deny_token_request_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/security_measures_group/csrf_protection_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/security_measures_group/state_parameter_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/unauthenticated_user_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/general_error_response_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/jwt_security_group/jwt_signature_validation_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/invalid_redirection_uri_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/error_handling_group/valid_state_error_response_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/jwt_security_group/jwt_token_request_validation_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/jwt_security_group/jwt_grant_parameter_validation_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/jwt_security_group/jwt_certificate_chain_validation_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/security_measures_group/obtain_authorization_scopes_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/client_authentication_group/client_certificate_storage_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/identity_provider_interaction_group/idp_token_exchange_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/security_measures_group/unauthenticated_client_security_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/dynamic_client_registration_group/certification_handling_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/dynamic_client_registration_group/client_id_modification_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/id_token_access_token_validation_group/id_token_validation_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/metadata_server_capabilities_group/udap_profiles_supported_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/identity_provider_interaction_group/idp_metadata_validation_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/identity_provider_interaction_group/idp_dynamic_registration_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/authorization_code_token_requests_group/access_token_lifetime_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/client_authentication_group/no_client_credentials_native_apps_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/id_token_access_token_validation_group/access_token_validation_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/identity_provider_interaction_group/idp_authentication_request_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/authentication_requests_group/authentication_request_validation_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/metadata_server_capabilities_group/udap_metadata_representation_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/authorization_code_token_requests_group/authorization_code_usage_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/id_token_access_token_validation_group/token_response_validation_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/authentication_requests_group/authentication_request_construction_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/metadata_server_capabilities_group/udap_community_parameter_support_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/authorization_code_token_requests_group/access_token_request_validation_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/dynamic_client_registration_group/dynamic_client_registration_validation_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/metadata_server_capabilities_group/udap_metadata_endpoint_error_handling_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/metadata_server_capabilities_group/udap_authorization_extensions_required_test.rb,
lib/udap_security_test_kit/visual_inspection_and_attestation/server/authorization_code_token_requests_group/resource_holder_authorization_flow_test.rb

Defined Under Namespace

Modules: ClientWaitDialogDescriptions, MockUDAPServer, RegistrationRequestVerification, TokenRequestVerification, UDAPClientOptions, URLs Classes: AccessTokenLifetimeAttestationTest, AccessTokenRequestValidationAttestationTest, AccessTokenValidationAttestationTest, AuthenticationRequestConstructionAttestationTest, AuthenticationRequestValidationAttestationTest, AuthorizationCodeAuthenticationGroup, AuthorizationCodeFlowAttestationTest, AuthorizationCodeGroup, AuthorizationCodeReceivedTest, AuthorizationCodeRedirectTest, AuthorizationCodeTokenExchangeTest, AuthorizationCodeTokenRequestsAttestationGroup, AuthorizationCodeUsageAttestationTest, AuthorizationEndpointFieldTest, B2BAuthorizationExtensionObjectAttestationTest, CSRFProtectionAttestationTest, CertificationHandlingAttestationTest, ClientAttestationGroup, ClientAuthenticationGroup, ClientAuthorizationCodeUsageAttestationTest, ClientCertificateStorageAttestationTest, ClientCredentialsAuthenticationGroup, ClientCredentialsGroup, ClientCredentialsTokenExchangeTest, ClientIDModificationAttestationTest, ClientSecurityAndCSRFProtectionAttestationTest, CommunityParameterSupportAttestationTest, CryptographicAlgorithmsAndSecurityProtocolsAttestationTest, DataHolderAuthRequestScopeAttestationTest, DefaultCertFileLoader, DenyTokenRequestAttestationTest, DiscoveryGroup, DynamicClientRegistrationAttestationGroup, DynamicClientRegistrationGroup, DynamicClientRegistrationValidationAttestationTest, EchoingFHIRResponderEndpoint, ErrorHandlingAttestationGroup, GeneralErrorResponseAttestationTest, GrantTypesSupportedFieldTest, IDTokenAccessTokenValidationAttestationGroup, IDTokenValidationAttestationTest, IdPAuthenticationComplianceAttestationTest, IdPAuthenticationRequestAttestationTest, IdPDynamicRegistrationAttestationTest, IdPMetadataValidationAttestationTest, IdPSupportsRequiredScopesAttestationTest, IdPTokenExchangeAttestationTest, IdentityProviderInteractionAttestationGroup, InvalidIDTokenErrorAttestationTest, InvalidIdpErrorAttestationTest, InvalidRedirectionURIAttestationTest, JTIReusePreventionAttestationTest, JWTSecurityGroup, JwtCertificateChainValidationAttestationTest, JwtGrantParameterValidationAttestationTest, JwtJtiReuseAttestationTest, JwtSignatureValidationAttestationTest, JwtTokenRequestValidationAttestationTest, Metadata, MetadataInterpretationAttestationTest, MetadataServerCapabilitiesAttestationGroup, NoClientCredentialsForNativeAppsAttestationTest, OAuth2ProtocolComplianceAttestationTest, OIDCJWKS, ObtainAuthorizationScopesAttestationTest, OpenIDConnectAuthenticationRequestsAttestationGroup, PreferredIdentityProviderAttestationTest, PrivateKeyAuthenticationAttestationTest, PromptNoneErrorAttestationTest, RegEndpointJWTSigningAlgValuesSupportedFieldTest, RegistrationEndpointFieldTest, RegistrationFailureInvalidContentsTest, RegistrationFailureInvalidJWTSignatureTest, RegistrationSuccessContentsTest, RegistrationSuccessTest, ResourceHolderTokenEndpointAuthenticationAttestationTest, ScopesSupportedFieldTest, SecurityMeasuresAttestationGroup, ServerAttestationGroup, SignedMetadataContentsTest, SignedMetadataFieldTest, SignedMetadataTrustVerificationTest, SoftwareStatementAndRegistrationAttestationTest, SoftwareStatementBuilder, StateMismatchErrorAttestationTest, StateParameterAttestationTest, Suite, TokenEndpointAuthMethodsSupportedFieldTest, TokenEndpointAuthSigningAlgValuesSupportedFieldTest, TokenEndpointFieldTest, TokenExchangeResponseBodyTest, TokenExchangeResponseHeadersTest, TokenRequestAuthenticationAttestationTest, TokenResponseValidationAttestationTest, TrustCommunityAndQueryParametersAttestationTest, UDAPAuthExtensionsRequiredFieldTest, UDAPAuthExtensionsSupportedFieldTest, UDAPAuthorizationExtensionsRequiredAttestationTest, UDAPCertificationsRequiredFieldTest, UDAPCertificationsSupportedFieldTest, UDAPClientAccessAuthorizationCode, UDAPClientAccessAuthorizationCodeInteraction, UDAPClientAccessClientCredentials, UDAPClientAccessClientCredentialsInteraction, UDAPClientAppLaunchAuthorizationRequestVerification, UDAPClientAssertionPayloadBuilder, UDAPClientRegistrationAuthorizationCode, UDAPClientRegistrationAuthorizationCodeVerification, UDAPClientRegistrationClientCredentials, UDAPClientRegistrationClientCredentialsVerification, UDAPClientRegistrationInteraction, UDAPClientTokenRequestAuthorizationCodeVerification, UDAPClientTokenRequestClientCredentialsVerification, UDAPJWTBuilder, UDAPJWTValidator, UDAPMetadataEndpointErrorHandlingAttestationTest, UDAPMetadataRepresentationAttestationTest, UDAPProfilesSupportedAttestationTest, UDAPProfilesSupportedFieldTest, UDAPRequestBuilder, UDAPSecurityClientTestSuite, UDAPTokenUseVerification, UDAPVersionsSupportedFieldTest, UDAPX509Certificate, UnauthenticatedClientSecurityAttestationTest, UnauthenticatedUserErrorAttestationTest, ValidStateErrorResponseAttestationTest, ValidationAndConfidentialityAttestationTest, WellKnownEndpointTest

Constant Summary

REGISTRATION_TAG =

'registration'

AUTHORIZATION_TAG =

'authorization'

INTROSPECTION_TAG =

'introspection'

TOKEN_TAG =

'token'

UDAP_TAG =

'udap'

ACCESS_TAG =

'access'

CLIENT_CREDENTIALS_TAG =

'client_credentials'

AUTHORIZATION_CODE_TAG =

'authorization_code'

REFRESH_TOKEN_TAG =

'refresh_token'

FHIR_PATH =

'/fhir'

OIDC_DISCOVERY_PATH =

"#{FHIR_PATH}/.well-known/openid-configuration".freeze

OIDC_JWKS_PATH =

"#{FHIR_PATH}/.well-known/jwks.json".freeze

UDAP_DISCOVERY_PATH =

"#{FHIR_PATH}/.well-known/udap".freeze

AUTH_SERVER_PATH =

'/auth'

REGISTRATION_PATH =

"#{AUTH_SERVER_PATH}/register".freeze

AUTHORIZATION_PATH =

"#{AUTH_SERVER_PATH}/authorization".freeze

INTROSPECTION_PATH =

"#{AUTH_SERVER_PATH}/introspect".freeze

TOKEN_PATH =

"#{AUTH_SERVER_PATH}/token".freeze

RESUME_PASS_PATH =

'/resume_pass'

RESUME_FAIL_PATH =

'/resume_fail'

VERSION =

'0.12.0'.freeze

LAST_UPDATED =

'2025-07-21'.freeze

UDAP_REDIRECT_URI =

"#{Inferno::Application['base_url']}/custom/udap_security/redirect".freeze

RE_RUN_REGISTRATION_SUFFIX =

'Create a new session and re-run the Client Registration group if you need to change this value.'

INPUT_CLIENT_ID_DESCRIPTION_LOCKED =

"The registered Client Id for use in obtaining access tokens. #{RE_RUN_REGISTRATION_SUFFIX}".freeze

INPUT_UDAP_REGISTRATION_JWT_DESCRIPTION_LOCKED =

"The software statement JWT provided during UDAP client registration. #{RE_RUN_REGISTRATION_SUFFIX}".freeze

INPUT_LAUNCH_CONTEXT_DESCRIPTION =

'Launch context details to be included in access token responses, specified as a JSON array. If provided, ' \
'the contents will be merged into Inferno\'s token responses.'

INPUT_FHIR_USER_RELATIVE_REFERENCE =

'A FHIR relative reference (<resource type>/<id>) for the FHIR user record to return when the openid ' \
'and fhirUser scopes are requested. Include this resource in the **Available Resources** input so ' \
'that it can be accessed via FHIR read.'

INPUT_FHIR_READ_RESOURCES_BUNDLE_DESCRIPTION =

'Resources to make available in Inferno\'s simulated FHIR server provided as a FHIR bundle. Each entry ' \
'must contain a resource with the id element populated. Each instance present will be available for ' \
'retrieval from Inferno at the endpoint: <fhir-base>/<resource type>/<instance id>. These will only ' \
'be available through the read interaction.'

INPUT_ECHOED_FHIR_RESPONSE_DESCRIPTION =

'JSON representation of a default FHIR resource for Inferno to echo when a request is made to the ' \
'simulated FHIR server. Reads targetting resources in the **Available Resources** input will return ' \
'that resource instead of this. Otherwise, the content here will be echoed back exactly and no check ' \
'will be made that it is appropriate for the request made. If nothing is provided, an OperationOutcome ' \
'indicating nothing to echo will be returned.'

Method Summary

Methods included from CommonAssertions

assert_array_of_strings