-
Notifications
You must be signed in to change notification settings - Fork 1
OSIS Testing Compliance
Danny Yates edited this page Jan 21, 2014
·
1 revision
This page shows compliance with the OSIS I5 OpenID Interop test suite
Note: some of these tests are testing the example provider, rather than Skylith. These need automating!
-
OP AX fetch- tests Skylith handling of extensions & example provider response OP rejects HTTP no-encryption- OP return_to Verification (RP discovery) - fail; not implemented yet
OP sends properly formatted response_nonce- OP performs multi-factor authentication - fail; no PAPE support yet
- OP offers fully SSL-protected authentication - unable to test without CA signed SSL cert; no reason to expect a fail; HELP WANTED
OP Asserts new claimed_id if doing identifier Select and is delegated to from a 3rd party- OP Simple Registration - fail; no SReg support yet
OP supports HMAC-SHA256 associations- OP sends large assertions as POST (opt. with UTF-8 multi-byte characters) - fail
OP accepts POSTed authentication requestsOP sends properly formatted error responses to invalid direct request messagesOP sends properly formatted error responses via redirect to the RP to invalid indirect request messages- OP properly responds to identity-less checkid messages - fail
- OP properly responds to GSA level 1 authentication requests - fail; I have no idea what this is!
- OP supports the PAPE extension's max_auth_age parameter - fail; no PAPE support yet
OP provides replay protection via nonce checksOP rejects check_auth messages with shared association handles