[Openid-specs-ab] RP Testing Instructions
Michael.Jones at microsoft.com
Mon Oct 31 14:00:59 UTC 2016
Thanks. I’ll update the testing instructions accordingly.
From: Roland Hedberg [mailto:roland at catalogix.se]
Sent: Wednesday, October 26, 2016 11:58 AM
To: Hans Zandbelt <hzandbelt at pingidentity.com>
Cc: Mike Jones <Michael.Jones at microsoft.com>; openid-specs-ab at lists.openid.net; Don Thibeau <don at oidf.org>; Mike Leszcz <mike.leszcz at oidf.org>
Subject: Re: RP Testing Instructions
So, we’re in violent agreement then :-)
On 26 Oct 2016, at 08:50, Hans Zandbelt <hzandbelt at pingidentity.com<mailto:hzandbelt at pingidentity.com>> wrote:
yes, so I meant to say that it should probably be more explicit in the testing instructions i.e. everyone always needs to do 1-5
On Wed, Oct 26, 2016 at 5:24 PM, Roland Hedberg <roland at catalogix.se<mailto:roland at catalogix.se>> wrote:
> On 25 Oct 2016, at 22:41, Hans Zandbelt <hzandbelt at pingidentity.com<mailto:hzandbelt at pingidentity.com>> wrote:
> I believe that for at least some of the tests the RP cannot use a previously registered dynamic client. It has to go through the flow from scratch:
> 1. webfinger
> 2. discover
> 3. client registration
> 4. authorization request
> 5. authorization response
> rather than just doing 4. and 5. with and existing client. The test description doesn't mention this, though Roland has indicated that perhaps that is something that may change, depending on demand.
Some tests demands that you do 2,3 before 4,5 some doesn’t.
Presently I expect testers to do (1,)2,3,4,5 for every test even though (1,)2 and 3 isn’t needed for some if there is a previous client registration..
I just felt that handling all the same would be easier for everyone.
Principal Solutions Architect
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-ab