[Openid-specs-risc] openid/sharedsignals: Comment created on issue 210
github at oidf.org
github at oidf.org
Tue Oct 8 16:27:43 UTC 2024
openid/sharedsignals event
Issue Comment created on issue 210
Issue Title: Requirements for the test suite
https://github.com/openid/sharedsignals/issues/210
Comment: I am working on tests for the Shared Signals Framework as part of the OpenID Conformance Test Suite. The ‘plan’ is to provide two different test plans: - SSF transmitter test (SSFTT) - SSF receiver test (SSFRT) We will start with the SSF transmitter test plan, which will cover the following: - SSF transmitter metadata - SSF stream management - SSF subject management After that, we will work on the SSF receiver test, with tests for: - Receiving events via PUSH/PULL delivery mode All of the above will implement checks according to SSF 1.0 and CAEP Interop requirements. Additional remarks: R1) Access to a working SSF transmitter and receiver implementation would speed up test development. Could someone provide access to such an environment, or point me to a suitable (free?) offering? R2) I'm currently working with a PoC for SSF support in [Keycloak](https://www.keycloak.org/), which I implement on the side. R3) To test the Transmitter stream and subject management, I must provide suitable authorization for requests. I currently only allow testers to configure an access token for the requests; eventually, we'd like to allow users to configure client credentials to obtain an access token via the [RFC6749](https://datatracker.ietf.org/doc/html/rfc6749) client_credentials grant. We'll provide the necessary means to obtain OAuth server / OpenID Provider metadata to get tokens with suitable client credentials. Initially, we will start with a simple client_id and client_secret. Using a preconfigured access token is sufficient for testing basic stream and subject management functionality; however, to test transmitter behavior with insufficient scopes, we need to be able to request tokens with client credentials.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20241008/1e755746/attachment.html>
More information about the Openid-specs-risc
mailing list