Class: Inferno::DSL::AuthInfo

Inherits:

Object

• Object
• Inferno::DSL::AuthInfo

Defined in:

lib/inferno/dsl/auth_info.rb

Overview

AuthInfo provides a user with a single input which contains the information needed for a FHIR client to perform authorization and refresh an access token when necessary.

AuthInfo supports the following auth_type:

• public - Client id only
• symmetric - Confidential symmetric (i.e., with a static client id and secret)
• asymmetric - Confidential asymmetric (i.e., a client id with a signed JWT rather than a client secret)
• backend_services

When configuring an AuthInfo input, the invdidual fields are exposed as components in the input’s options, and can be configured there similar to normal inputs.

The AuthInfo input type supports two different modes in the UI. Different fields will be presented to the user depending on which mode is selected:

• auth - This presents the inputs needed to perform authorization, and is appropriate to use as an input to test groups which perform authorization.
• access - This presents the inputs needed to access resources assuming that authorization has already happened, and is appropriate to use as an input to test groups which access resources using previously granted authorization.

Examples:

class AuthInfoExampleSuite < Inferno::TestSuite
  input :url,
        title: 'Base FHIR url'

  group do
    title 'Perform public authorization'
    input :fhir_auth,
          type: :auth_info,
          options: {
            mode: 'auth',
            components: [
              {
                name: :auth_type,
                default: 'public',
                locked: true
              }
            ]
          }

    # Some tests here to perform authorization
  end

  group do
    title 'FHIR API Tests'
    input :fhir_auth,
          type: :auth_info,
          options: {
            mode: 'access'
          }

    fhir_client do
      url :url
      auth_info :fhir_auth
    end

    # Some tests here to access FHIR API
  end
end

Constant Summary

ATTRIBUTES =

[
  :auth_type,
  :use_discovery,
  :token_url,
  :auth_url,
  :requested_scopes,
  :client_id,
  :client_secret,
  :redirect_url, # TODO: does this belong here?
  :pkce_support,
  :pkce_code_challenge_method,
  :auth_request_method,
  :encryption_algorithm,
  :kid,
  :jwks,
  :access_token,
  :refresh_token,
  :issue_time,
  :expires_in,
  :name
].freeze

Instance Attribute Summary

• #access_token ⇒ Object
• #auth_request_method ⇒ Object

  The http method which will be used to perform the request to the authorization endpoint.

• #auth_type ⇒ Object

  The type of authorization to be performed.

• #auth_url ⇒ Object

  The url of the authorization endpoint.

• #client ⇒ Object

  Returns the value of attribute client.

• #client_id ⇒ Object
• #client_secret ⇒ Object
• #encryption_algorithm ⇒ Object

  The encryption algorithm which will be used to sign the JWT client credentials.

• #expires_in ⇒ Object

  The lifetime of the access token in seconds.

• #issue_time ⇒ Object

  An iso8601 formatted string representing the time the access token was issued.

• #jwks ⇒ Object

  A JWKS (including private keys) which will be used instead of Inferno’s default JWKS if provided.

• #kid ⇒ Object

  The key id for the keys to be used to sign the JWT client credentials.

• #name ⇒ Object
• #pkce_code_challenge_method ⇒ Object

  Either S256 (default) or plain.

• #pkce_support ⇒ Object

  Whether PKCE will be used during authorization.

• #redirect_url ⇒ Object
• #refresh_token ⇒ Object
• #requested_scopes ⇒ Object

  The scopes which will be requested during authorization.

• #token_url ⇒ Object

  The url of the auth server’s token endpoint.

Instance Attribute Details

#access_token ⇒ Object

# File 'lib/inferno/dsl/auth_info.rb', line 100

#auth_request_method ⇒ Object

The http method which will be used to perform the request to the authorization endpoint. Either get (default) or post

# File 'lib/inferno/dsl/auth_info.rb', line 100

#auth_type ⇒ Object

The type of authorization to be performed. One of public, symmetric, asymmetric, or backend_services

# File 'lib/inferno/dsl/auth_info.rb', line 100

#auth_url ⇒ Object

The url of the authorization endpoint

# File 'lib/inferno/dsl/auth_info.rb', line 100

#client ⇒ Object

Returns the value of attribute client.

# File 'lib/inferno/dsl/auth_info.rb', line 98

def client
  @client
end

#client_id ⇒ Object

# File 'lib/inferno/dsl/auth_info.rb', line 100

#client_secret ⇒ Object

# File 'lib/inferno/dsl/auth_info.rb', line 100

#encryption_algorithm ⇒ Object

The encryption algorithm which will be used to sign the JWT client credentials. Either es384 (default) or rs384

# File 'lib/inferno/dsl/auth_info.rb', line 100

#expires_in ⇒ Object

The lifetime of the access token in seconds

# File 'lib/inferno/dsl/auth_info.rb', line 100

#issue_time ⇒ Object

An iso8601 formatted string representing the time the access token was issued

# File 'lib/inferno/dsl/auth_info.rb', line 100

#jwks ⇒ Object

A JWKS (including private keys) which will be used instead of Inferno’s default JWKS if provided

# File 'lib/inferno/dsl/auth_info.rb', line 100

#kid ⇒ Object

The key id for the keys to be used to sign the JWT client credentials. When blank, the first key for the selected encryption algorithm will be used

# File 'lib/inferno/dsl/auth_info.rb', line 100

#name ⇒ Object

# File 'lib/inferno/dsl/auth_info.rb', line 100

#pkce_code_challenge_method ⇒ Object

Either S256 (default) or plain

# File 'lib/inferno/dsl/auth_info.rb', line 100

#pkce_support ⇒ Object

Whether PKCE will be used during authorization. Either enabled or disabled.

# File 'lib/inferno/dsl/auth_info.rb', line 100

#redirect_url ⇒ Object

# File 'lib/inferno/dsl/auth_info.rb', line 100

#refresh_token ⇒ Object

# File 'lib/inferno/dsl/auth_info.rb', line 100

#requested_scopes ⇒ Object

The scopes which will be requested during authorization

# File 'lib/inferno/dsl/auth_info.rb', line 100

#token_url ⇒ Object

The url of the auth server’s token endpoint

# File 'lib/inferno/dsl/auth_info.rb', line 100