Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FI-2910: Host JWKS for Client Assertion #515

Merged
merged 30 commits into from
Jul 30, 2024
Merged

FI-2910: Host JWKS for Client Assertion #515

merged 30 commits into from
Jul 30, 2024

Conversation

vanessuniq
Copy link
Contributor

@vanessuniq vanessuniq commented Jul 10, 2024
edited
Loading

Summary

This branch hosts the JWKS used for signing client assertions in core, and populate the jku field in the client assertion with the JWKS url.

Testing Guidance

vanessuniq and others added 15 commits July 1, 2024 17:26
@vanessuniq
Added support for auth_info to fhir_client
d57305b 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Added unit test for auth info
9757cfb 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Merge branch 'main' into fi-2863-fhir-client-auth-info
bd0c7c0
@vanessuniq
WIP:perform refresh using auth_info
8c5a9f8 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
support for backend services authentication using auth_info
8767118 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
WIP auth info unit test
89cf746 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Merge branch 'main' into fi-2865-fhir-client-auth-info-refresh
47d0ce3
@vanessuniq
Updated auth_info_spec
bb9f3ac 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Extracted the auth info sample data to its own fixture file"
082f5d7 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Updated fhir_client_spec
fcf4585 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Freeze constants
fcd85d1 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Updated ffhir client spec
b4d631f 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Update based on PR comments
6d34b89 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Update to return for and
618ff71 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Host jwks set for client assertion
bf4af65 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq vanessuniq requested a review from Jammjammjamm July 10, 2024 11:59
@vanessuniq vanessuniq self-assigned this Jul 10, 2024
vanessuniq and others added 4 commits July 10, 2024 09:58
@vanessuniq @Jammjammjamm
Update ENV name for the inferno core jwks path
3d9186a 
Co-authored-by: Stephen MacVicar <Jammjammjamm@users.noreply.github.com>
@vanessuniq
Added doc to JWKS class
e6506ac 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq @Jammjammjamm
proofread JWKs doc
b97a1b9 
Co-authored-by: Stephen MacVicar <Jammjammjamm@users.noreply.github.com>
@vanessuniq
extract reading content of jwks file into its own method
b6b510c 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
Jammjammjamm
Jammjammjamm reviewed Jul 16, 2024
View reviewed changes
lib/inferno/dsl/auth_info.rb Outdated
@@ -270,7 +270,8 @@ def auth_jwt_header
{
'alg' => encryption_algorithm,
'kid' => private_key['kid'],
'typ' => 'JWT'
'typ' => 'JWT',
'jku' => "#{Inferno::Application['base_url']}/jwks.json"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's add the jwks url as an inferno application property so that no one ever has to build it, like how we do for base url: https://github.com/inferno-framework/inferno-core/blob/main/lib/inferno/config/application.rb#L23

@vanessuniq
Host jwks set for client assertion
402acda 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Merge branch 'fi-2910-host-jwks' of github.com:inferno-framework/infe…
9f5630c 
…rno-core into fi-2910-host-jwks
@vanessuniq
WIP auth info unit test
2b9299f 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Updated auth_info_spec
9cb6382 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Extracted the auth info sample data to its own fixture file"
e8d76e0 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Freeze constants
2834abe 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Update based on PR comments
105dee8 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Host jwks set for client assertion
f7d5c35 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq
Merge branch 'fi-2910-host-jwks' of github.com:inferno-framework/infe…
13754ae 
…rno-core into fi-2910-host-jwks
@vanessuniq
Added jwks url to app property
21e8b39 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@vanessuniq vanessuniq changed the base branch from fi-2865-fhir-client-auth-info-refresh to main July 21, 2024 20:07
@vanessuniq vanessuniq changed the base branch from main to fi-2865-fhir-client-auth-info-refresh July 30, 2024 13:38
@vanessuniq vanessuniq changed the base branch from fi-2865-fhir-client-auth-info-refresh to main July 30, 2024 13:38
@vanessuniq
use short class name
a9a77b1 
Signed-off-by: Vanessa Fotso <vfotso@mitre.org>
@codecov Codecov
Copy link

codecov bot commented Jul 30, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 79.69%. Comparing base (3e96653) to head (a9a77b1).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #515      +/-   ##
==========================================
+ Coverage   79.64%   79.69%   +0.04%     
==========================================
  Files         243      243              
  Lines       12174    12178       +4     
  Branches     1204     1205       +1     
==========================================
+ Hits         9696     9705       +9     
+ Misses       1813     1808       -5     
  Partials      665      665
Flag Coverage Δ
backend 91.66% <100.00%> (+0.13%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@vanessuniq vanessuniq merged commit 55dafb6 into main Jul 30, 2024
10 checks passed
@rpassas rpassas mentioned this pull request Sep 11, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Jammjammjamm Jammjammjamm Jammjammjamm approved these changes

Assignees

@vanessuniq vanessuniq

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@vanessuniq @Jammjammjamm