[Openid-specs-ab] RP Testing: "incorrect_behavior" during token exchange
William Denniss
wdenniss at google.com
Sun Mar 26 20:03:48 UTC 2017
While running the *rp-response_type-code* test in AppAuth, I'm seeing the
following error while exchanging the authorization code:
HTTP 200
{
error = "incorrect_behavior";
"error_description" = "Failed to verify client";
}
What does this error mean? It doesn't appear to be a standard error.
Also, the testing server should return HTTP 400 for errors per the spec
<https://tools.ietf.org/html/rfc6749#section-5.2>, not HTTP 200 for errors.
Where is the source code of the tests? Can that location be linked in
http://openid.net/certification/rp_testing/ ?
William
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20170326/8c719d86/attachment.html>
More information about the Openid-specs-ab
mailing list