[Openid-specs-ab] RP Testing Instructions
roland at catalogix.se
Wed Oct 26 15:24:30 UTC 2016
> On 25 Oct 2016, at 22:41, Hans Zandbelt <hzandbelt at pingidentity.com> wrote:
> I believe that for at least some of the tests the RP cannot use a previously registered dynamic client. It has to go through the flow from scratch:
> 1. webfinger
> 2. discover
> 3. client registration
> 4. authorization request
> 5. authorization response
> rather than just doing 4. and 5. with and existing client. The test description doesn't mention this, though Roland has indicated that perhaps that is something that may change, depending on demand.
Some tests demands that you do 2,3 before 4,5 some doesn’t.
Presently I expect testers to do (1,)2,3,4,5 for every test even though (1,)2 and 3 isn’t needed for some if there is a previous client registration..
I just felt that handling all the same would be easier for everyone.
More information about the Openid-specs-ab