Class: ONCCertificationG10TestKit::AuthorizationRequestBuilder

Inherits:
Object
  • Object
show all
Defined in:
lib/onc_certification_g10_test_kit/authorization_request_builder.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(encryption_method:, scope:, iss:, sub:, aud:, content_type: 'application/x-www-form-urlencoded', grant_type: 'client_credentials', client_assertion_type: 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer', exp: 5.minutes.from_now, jti: SecureRandom.hex(32)) ⇒ AuthorizationRequestBuilder

Returns a new instance of AuthorizationRequestBuilder.



17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 17

def initialize(
  encryption_method:,
  scope:,
  iss:,
  sub:,
  aud:,
  content_type: 'application/x-www-form-urlencoded',
  grant_type: 'client_credentials',
  client_assertion_type: 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
  exp: 5.minutes.from_now,
  jti: SecureRandom.hex(32)
)
  @encryption_method = encryption_method
  @scope = scope
  @iss = iss
  @sub = sub
  @aud = aud
  @content_type = content_type
  @grant_type = grant_type
  @client_assertion_type = client_assertion_type
  @exp = exp
  @jti = jti
end

Instance Attribute Details

#audObject (readonly)

Returns the value of attribute aud.



14
15
16
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 14

def aud
  @aud
end

#client_assertion_typeObject (readonly)

Returns the value of attribute client_assertion_type.



14
15
16
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 14

def client_assertion_type
  @client_assertion_type
end

#content_typeObject (readonly)

Returns the value of attribute content_type.



14
15
16
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 14

def content_type
  @content_type
end

#encryption_methodObject (readonly)

Returns the value of attribute encryption_method.



14
15
16
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 14

def encryption_method
  @encryption_method
end

#expObject (readonly)

Returns the value of attribute exp.



14
15
16
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 14

def exp
  @exp
end

#grant_typeObject (readonly)

Returns the value of attribute grant_type.



14
15
16
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 14

def grant_type
  @grant_type
end

#issObject (readonly)

Returns the value of attribute iss.



14
15
16
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 14

def iss
  @iss
end

#jtiObject (readonly)

Returns the value of attribute jti.



14
15
16
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 14

def jti
  @jti
end

#scopeObject (readonly)

Returns the value of attribute scope.



14
15
16
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 14

def scope
  @scope
end

#subObject (readonly)

Returns the value of attribute sub.



14
15
16
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 14

def sub
  @sub
end

Class Method Details

.buildObject 



5
6
7
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 5

def self.build(...)
  new(...).authorization_request
end

.bulk_data_jwksObject 



9
10
11
12
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 9

def self.bulk_data_jwks
  @bulk_data_jwks ||= JSON.parse(File.read(ENV.fetch('G10_BULK_DATA_JWKS',
                                                     File.join(__dir__, 'bulk_data_jwks.json'))))
end

Instance Method Details

#authorization_requestObject 



81
82
83
84
85
86
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 81

def authorization_request
  uri = Addressable::URI.new
  uri.query_values = authorization_request_query_values

  { body: uri.query, headers: authorization_request_headers }
end

#authorization_request_headersObject 



56
57
58
59
60
61
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 56

def authorization_request_headers
  {
    content_type:,
    accept: 'application/json'
  }.compact
end

#authorization_request_query_valuesObject 



63
64
65
66
67
68
69
70
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 63

def authorization_request_query_values
  {
    'scope' => scope,
    'grant_type' => grant_type,
    'client_assertion_type' => client_assertion_type,
    'client_assertion' => client_assertion.to_s
  }.compact
end

#bulk_private_keyObject 



41
42
43
44
45
46
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 41

def bulk_private_key
  @bulk_private_key ||=
    self.class.bulk_data_jwks['keys']
      .select { |key| key['key_ops']&.include?('sign') }
      .find { |key| key['alg'] == encryption_method }
end

#client_assertionObject 



72
73
74
75
76
77
78
79
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 72

def client_assertion
  @client_assertion ||=
    begin
      jwt_token.kid = jwk['kid']
      jwk_private_key = jwk.to_key
      jwt_token.sign(jwk_private_key, bulk_private_key['alg'])
    end
end

#jwkObject 



52
53
54
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 52

def jwk
  @jwk ||= JSON::JWK.new(bulk_private_key)
end

#jwt_tokenObject 



48
49
50
 
# File 'lib/onc_certification_g10_test_kit/authorization_request_builder.rb', line 48

def jwt_token
  @jwt_token ||= JSON::JWT.new(iss:, sub:, aud:, exp:, jti:).compact
end