Difference between revisions of "I5:FeatureTest-OpenID Relying Party has HMAC-SHA256 support"

From OSIS Open Source Identity Systems
Jump to: navigation, search
 
Line 13: Line 13:
 
}}
 
}}
 
# Open the result page for your solution and this test.
 
# Open the result page for your solution and this test.
# Use an openID like http://example.myopenid.com that supports a https: version but doen't provide a 302 redirect from the http: to the https: version.  (myopenid.com is an example)
 
 
# Open the OpenID login page for your relying party.
 
# Open the OpenID login page for your relying party.
# Enter the http version of the openID such as https://example.myopenid.com into the OpenID login field of the page.
+
# Enter the OpenID http://test-id.org/RP/HMACSHA256.aspx into the OpenID login field of the page.
# Create a new account at the RP using this ID.
+
# On Success you will be displayed a PASS in the test result
# Logout of the RP.
+
# On Failure you will be displayed FAIL in the test result or receive an error
# Open the OpenID login page for your relying party.
+
# Enter the http version of the openID such as http://example.myopenid.com into the OpenID login field of the page.
+
# At this point you should be prompted to create another new account.
+
# Failure would be being allowed access to the https openID account.
+
## A Test OP that genrates diffrent fragments for the returned claimed_id would also provide a good test.
+
 
# Set outcome in the results page:
 
# Set outcome in the results page:
 
## If the success criteria was met, set the outcome to "Works".
 
## If the success criteria was met, set the outcome to "Works".

Latest revision as of 18:11, 14 April 2009

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|FeatureTest-OpenID Relying Party has HMAC-SHA256 support}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party has HMAC-SHA256 support|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=FeatureTest,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=FeatureTest,title={{#var:page}},namespace=I5|as XML]]  edit
}}
{{#if:|Feature Test |Feature Test }}   OpenID Relying Party has HMAC-SHA256 support
Test Type   bgcolor={{{color}}}}}|OpenID Authentication
Identifier   bgcolor={{{color}}}}}|FTR-orp-sec-1  
Description   bgcolor={{{color}}}}}|Tests OpenID RP's ability to support HMAC-SHA256  
Role tested   bgcolor={{{color}}}}}|OpenID Identity Relying Party  
Known Successful Reference Solution(s)   bgcolor={{{color}}}}}|{{ #if: JanRain PHP |
I5:JanRain PHP}}{{ #if: Plaxo Signin |
I5:Plaxo Signin}} {{ #if: |
}} {{ #if: |
}}  
Success Criteria   bgcolor={{{color}}}}}|The RP treats the http: and https: verions of the URI as separate openID  
Failure Criteria   bgcolor={{{color}}}}}|The RP allows both http: and https: forms  

Features Proven

{{#dpl:debug=1

 |resultsheader=\n
 |noresultsheader= {|\n|bgcolor=#eeeeee|No matching Feature found.\n|}\n
 |category=Feature
 |namespace=I5
 |linksto=I5:FeatureTest-OpenID Relying Party has HMAC-SHA256 support
 |nottitlematch = Feature.edit
 |include={Feature}.viewfromtest
 |includematch=/FeatureTest-OpenID Relying Party has HMAC-SHA256 support/s
 |table=class=sortable,-,Feature,feature_type,solution_role

}}

Instructions

  1. Open the result page for your solution and this test.
  2. Open the OpenID login page for your relying party.
  3. Enter the OpenID http://test-id.org/RP/HMACSHA256.aspx into the OpenID login field of the page.
  4. On Success you will be displayed a PASS in the test result
  5. On Failure you will be displayed FAIL in the test result or receive an error
  6. Set outcome in the results page:
    1. If the success criteria was met, set the outcome to "Works".
    2. If the test failed, set the outcome to "Failed" and enter information about the failure in the Notes section.
    3. If other issues occurred set the result to "Issues" and describe them in the Notes section.
  7. Add either four tilde ~~~~ signs or a text name into the "Tested by" parameter.
  8. Update the Date Tested, Browser, and Operating System lines of the results page.