[Openid-specs-ab] RP Testing: regressions since december, service availability

Filip Skokan panva.ip at gmail.com
Wed Mar 29 07:25:32 UTC 2017


That did it Roland! Thank you. None are failing now
https://travis-ci.org/panva/openid-client-conformance-tests

I've incorporated new available tests that popped up since december, namely
the following, and they pass too.

- rp-discovery-webfinger-unknown-member
- rp-discovery-webfinger-http-href
- rp-id_token-sig+enc-a128kw
- rp-id_token-missing-c_hash
- rp-id_token-missing-at_hash
- rp-key-rotation-op-sign-key-native

Travis is now configured to run via a daily cron, when tests fail
notifications will be sent out so we'll find out sooner that something's
amiss.

Best,
*Filip Skokan*

On Wed, Mar 29, 2017 at 9:14 AM, Roland Hedberg <roland at catalogix.se> wrote:

> Updated the code and restarted the server.
> Could you check if I’ve fixed the problems ?
>
> 28 mars 2017 kl. 22:59 skrev Filip Skokan <panva.ip at gmail.com>:
>
> rp-discovery-webfinger-url fails because it does not account for
> <https://github.com/rohe/oidctest/blob/793f7dcd5dbf89c22865b949b38fb0d0da710ce6/src/oidctest/cp/op.py#L100>URL
> syntax with i.e. /joe at the end of the subject
> <https://github.com/rohe/oidctest/blob/793f7dcd5dbf89c22865b949b38fb0d0da710ce6/src/oidctest/cp/op.py#L100>
> .
>
> parse_resource returns array with three members which is too much for only
> op_id and test_id unpack, resulting in ValueError: too many values to
> unpack and then the aforementioned 400.
>
> To confirm I changed my test to just submit https://rp.certification.
> openid.net:8080/node-openid-client/rp-discovery-webfinger-url as resource
> value, the test passes, but it should actually be
> https://rp.certification.openid.net:8080/node-openid-
> client/rp-discovery-webfinger-url*/joe* and maybe it should even account
> for a trailing '/', therefore parse_resource returning 4 members.
>
> Hope it helps. rp-userinfo-bearer-body is still a mystery to me...
>
> Best,
> *Filip Skokan*
>
> On Tue, Mar 28, 2017 at 8:50 PM, Roland Hedberg <roland at catalogix.se>
> wrote:
>
>> I’ll have look at the failing tests tomorrow.
>>
>> 28 mars 2017 kl. 20:05 skrev Filip Skokan <panva.ip at gmail.com>:
>>
>> Roland, Hans,
>>
>> thank you, the service is now back online, the regressions are still
>> present.
>>
>> Build
>> <https://travis-ci.org/panva/openid-client-conformance-tests/builds/215597596>,
>> suite [1]
>> <https://github.com/panva/openid-client-conformance-tests/blob/bc2d9168f291d249c986bd070968fc133006ae55/test/userinfo-endpoint.js#L42-L61>
>> , [2]
>> <https://github.com/panva/openid-client-conformance-tests/blob/master/test/discovery.js#L23-L30>
>> .
>>
>> Best,
>> *Filip Skokan*
>>
>> On Tue, Mar 28, 2017 at 5:43 PM, Roland Hedberg <roland at catalogix.se>
>> wrote:
>>
>>> I’ll look at this as soon as I can.
>>> Have been at a conference the whole day.
>>>
>>> — Roland
>>>
>>> 28 mars 2017 kl. 15:47 skrev Hans Zandbelt via Openid-specs-ab <
>>> openid-specs-ab at lists.openid.net>:
>>>
>>> it looks like there were modifications done to pyoidc on the RP machine
>>> itself that did not cleanly merge with an update [1] and that led to a
>>> syntax error in src/oic/utils/keyio.py so the restart that was done after
>>> the modifications failed [2], all of which was done yesterday Mar 27 11:44
>>> by Roland [3]
>>>
>>> I'll have to refer to Roland (the one with the smoking gun in his hand..
>>> ;-)) to fix this as I'm not sure why the local modifications were done in
>>> the first place.
>>>
>>> Hans.
>>>
>>> [1]
>>> oictest at openid-www2:~/projects/pyoidc$ git status
>>> On branch master
>>> Your branch and 'origin/master' have diverged,
>>> and have 13 and 10 different commits each, respectively.
>>>   (use "git pull" to merge the remote branch into yours)
>>> You have unmerged paths.
>>>   (fix conflicts and run "git commit")
>>>
>>> Changes to be committed:
>>>
>>> ...
>>>
>>> Unmerged paths:
>>>   (use "git add <file>..." to mark resolution)
>>>
>>> both modified:   src/oic/utils/keyio.py
>>>
>>> Untracked files:
>>>   (use "git add <file>..." to include in what will be committed)
>>>
>>> src/oic/utils/authn/client.py.local
>>>
>>> [2]
>>> Traceback (most recent call last):
>>>   File "server.py", line 9, in <module>
>>>     from oidctest.cp import dump_log
>>>   File "/usr/local/lib/python3.5/dist-packages/oidctest-0.7.0-py3.5.egg/oidctest/cp/__init__.py",
>>> line 6, in <module>
>>>     from otest.events import Events
>>>   File "/usr/local/lib/python3.5/dist-packages/otest-0.7.0-py3.5.egg/otest/__init__.py",
>>> line 19, in <module>
>>>     from oic.oauth2 import HttpError
>>>   File "/usr/local/lib/python3.5/dist-packages/oic-0.9.5.1-py3.5.egg/oic/oauth2/__init__.py",
>>> line 10, in <module>
>>>     from oic.oauth2.message import ASConfigurationResponse
>>>   File "/usr/local/lib/python3.5/dist-packages/oic-0.9.5.1-py3.5.egg/oic/oauth2/message.py",
>>> line 25, in <module>
>>>     from oic.utils.keyio import key_summary
>>>   File "/usr/local/lib/python3.5/dist-packages/oic-0.9.5.1-py3.5.egg/oic/utils/keyio.py",
>>> line 12
>>>     <<<<<<< HEAD
>>>      ^
>>> SyntaxError: invalid syntax
>>>
>>> [3]
>>> Mar 27 11:43:42 openid-www2 sudo: pam_unix(sudo:session): session opened
>>> for user root by roland_hedberg(uid=0)
>>> Mar 27 11:43:44 openid-www2 sudo: pam_unix(sudo:session): session closed
>>> for user root
>>> Mar 27 11:44:38 openid-www2 sudo:  oictest : TTY=pts/2 ;
>>> PWD=/home/oictest/oidf/oidc_cp_rplib ; USER=root ; COMMAND=/bin/kill
>>> 58924
>>> Mar 27 11:44:38 openid-www2 sudo: pam_unix(sudo:session): session opened
>>> for user root by roland_hedberg(uid=0)
>>>
>>> On Tue, Mar 28, 2017 at 2:18 PM, Filip Skokan via Openid-specs-ab <
>>> openid-specs-ab at lists.openid.net> wrote:
>>>
>>>> Hello,
>>>>
>>>> I am attempting to set a daily run of the conformance test suite to
>>>> account for and test with library's and dependencies updates.
>>>>
>>>> While running the same RP test suite as in december two tests are now
>>>> failing. If i recall correctly there was a big update in the testing
>>>> software right around january.
>>>>
>>>> 1)* rp-userinfo-bearer-body*
>>>> i get 200 OK status code with error body {"error": "invalid_request",
>>>> "error_description": "Token is malformed"}, i should get a userinfo
>>>> response with a valid subject, this test's behavior was correct in
>>>> december. Logs from december show a received body bearer, logs from few
>>>> days ago do not, as if the body was never parsed.
>>>>
>>>> 2) *rp-discovery-webfinger-url*
>>>> Returns a 400 HTML page instead of a well-known webfinger response now,
>>>> this test's behavior was correct in december.
>>>>
>>>> Did anyone pass these tests recently? If so, i would like to get in
>>>> touch to find out what's different.
>>>>
>>>> the testing service over at https://rp.certification.openid.net:8080/ is
>>>> also not available at this time
>>>>
>>>> Best,
>>>> *Filip*
>>>>
>>>> _______________________________________________
>>>> Openid-specs-ab mailing list
>>>> Openid-specs-ab at lists.openid.net
>>>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>>>>
>>>>
>>>
>>>
>>> --
>>> hans.zandbelt at zmartzone.eu
>>> ZmartZone IAM - www.zmartzone.eu
>>> _______________________________________________
>>> Openid-specs-ab mailing list
>>> Openid-specs-ab at lists.openid.net
>>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>>>
>>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20170329/5b7f400a/attachment-0001.html>


More information about the Openid-specs-ab mailing list