[Openid-specs-ab] FW: 24 new interop feature tests defined

Mike Jones Michael.Jones at microsoft.com
Thu Jun 5 23:34:37 UTC 2014



From: Mike Jones
Sent: Thursday, June 05, 2014 4:34 PM
To: openid-connect-interop at googlegroups.com
Subject: 24 new interop feature tests defined

24 new feature tests have been added to the interop wiki at http://osis.idcommons.net/wiki/Category:OC5_FeatureTests and on solution pages such as http://osis.idcommons.net/wiki/OC5:NRI_PHP.  These fill out some of the previously untested features, including third party login tests, key rollover tests, and issuer consistency tests, including two new negative tests.  Several tests were also renamed - primarily to replace uses of "user_id" with "sub".  The new tests and renamed tests  are listed below.  Finally, two tests for registration update functionality were removed.

I'll also plan to be in touch with Roland about hopefully incorporating these tests into the automated test tools.  Comments both on these tests and on those that you think are missing would be highly welcomed!

The new OP tests are:
Can Request OP Initiated Login
Support form_post Response Mode
Uses Keys Registered with jwks_uri Value
Uses Keys Registered with jwks Value
Can Rollover OP Signing Key
Support RP Signing Key Rollover
Support RP Encryption Key Rollover
Can Rollover OP Encryption Key
Publish openid-configuration Discovery Information
Discovered issuer Matches openid-configuration Path Prefix
Discovered issuer Matches ID Token iss Value

The new RP tests are:
Support Third-Party Initiated Login
Can Make Request with code Response Type
Can Make Request with id_token Response Type
Can Make Request with id_token token Response Type
Can Make Request with form_post Response Mode
Uses Keys Discovered with jwks_uri Value
Support OP Signing Key Rollover
Can Rollover RP Signing Key
Can Rollover RP Encryption Key
Support OP Encryption Key Rollover
Uses openid-configuration Discovery Information
Rejects Discovered issuer Not Matching openid-configuration Path Prefix
Rejects Discovered issuer Not Matching ID Token iss Value

The renamed tests are:
Providing public user_id Value -> Providing public sub Value
Providing pairwise user_id Value -> Providing pairwise sub Value
Public and pairwise user_id Values Differ -> Public and pairwise sub Values Differ
Support Request Object Specifying user_id Value -> Support Request Object Specifying sub Value
Support Request Object Specifying user_id Value when prompt none Used -> Support Request Object Specifying sub Value when prompt none Used
Displays Policy URL in Login Page -> Displays Policy URI in Login Page
Supports using Sector Identifier for Pairwise user_id Values -> Supports using Sector Identifier for Pairwise sub Values
Enables Discovery -> Support WebFinger Discovery
Uses Discovery -> Uses WebFinger Discovery

The deleted tests are:
Support Registration Update
Support Registration Secret Rotation

                                                            Happy Testing!
                                                            -- Mike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20140605/58acaae4/attachment-0001.html>


More information about the Openid-specs-ab mailing list