I5:FeatureTest-OpenID Relying Party has HMAC-SHA256 support

From OSIS Open Source Identity Systems
Revision as of 09:33, 14 April 2009 by Ve7jtb (Talk | contribs)

Jump to: navigation, search

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|FeatureTest-OpenID Relying Party has HMAC-SHA256 support}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party has HMAC-SHA256 support|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=FeatureTest,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=FeatureTest,title={{#var:page}},namespace=I5|as XML]]  edit
{{#if:|Feature Test |Feature Test }}   OpenID Relying Party has HMAC-SHA256 support
Test Type   bgcolor={{{color}}}}}|OpenID Authentication
Identifier   bgcolor={{{color}}}}}|FTR-orp-sec-1  
Description   bgcolor={{{color}}}}}|Tests OpenID RP's ability to support HMAC-SHA256  
Role tested   bgcolor={{{color}}}}}|OpenID Identity Relying Party  
Known Successful Reference Solution(s)   bgcolor={{{color}}}}}|{{ #if: JanRain PHP |
I5:JanRain PHP}}{{ #if: Plaxo Signin |
I5:Plaxo Signin}} {{ #if: |
}} {{ #if: |
Success Criteria   bgcolor={{{color}}}}}|The RP treats the http: and https: verions of the URI as separate openID  
Failure Criteria   bgcolor={{{color}}}}}|The RP allows both http: and https: forms  

Features Proven


 |noresultsheader= {|\n|bgcolor=#eeeeee|No matching Feature found.\n|}\n
 |linksto=I5:FeatureTest-OpenID Relying Party has HMAC-SHA256 support
 |nottitlematch = Feature.edit
 |includematch=/FeatureTest-OpenID Relying Party has HMAC-SHA256 support/s



  1. Open the result page for your solution and this test.
  2. Use an openID like http://example.myopenid.com that supports a https: version but doen't provide a 302 redirect from the http: to the https: version. (myopenid.com is an example)
  3. Open the OpenID login page for your relying party.
  4. Enter the http version of the openID such as https://example.myopenid.com into the OpenID login field of the page.
  5. Create a new account at the RP using this ID.
  6. Logout of the RP.
  7. Open the OpenID login page for your relying party.
  8. Enter the http version of the openID such as http://example.myopenid.com into the OpenID login field of the page.
  9. At this point you should be prompted to create another new account.
  10. Failure would be being allowed access to the https openID account.
    1. A Test OP that genrates diffrent fragments for the returned claimed_id would also provide a good test.
  11. Set outcome in the results page:
    1. If the success criteria was met, set the outcome to "Works".
    2. If the test failed, set the outcome to "Failed" and enter information about the failure in the Notes section.
    3. If other issues occurred set the result to "Issues" and describe them in the Notes section.
  12. Add either four tilde ~~~~ signs or a text name into the "Tested by" parameter.
  13. Update the Date Tested, Browser, and Operating System lines of the results page.