Difference between revisions of "I5:FeatureTest-Validates the openid.return to"

From OSIS Open Source Identity Systems
Jump to: navigation, search
(New page: {{FeatureTest |name = OpenID Provider Validates the openid.return to |testtype = OpenID Authentication |identifier = FTR-op-auth-8 |areatested ...)
 
 
(One intermediate revision by the same user not shown)
Line 7: Line 7:
 
   |summary            = Tests OpenID OP Validates the openid.return to
 
   |summary            = Tests OpenID OP Validates the openid.return to
 
   |testedrole        = OpenID Identity Provider
 
   |testedrole        = OpenID Identity Provider
   |referencesolution1 =  
+
   |referencesolution1 = Yahoo OpenID Provider
 
   |referencesolution2 =  
 
   |referencesolution2 =  
 
   |success            = OpenID authentication succeeds with transfer of Attribute Exchange info
 
   |success            = OpenID authentication succeeds with transfer of Attribute Exchange info
Line 15: Line 15:
 
# Go to the "OP return_to Verification (RP discovery)" test endpoint at Test-ID https://test-id.org/OP/ReturnToVerification.aspx
 
# Go to the "OP return_to Verification (RP discovery)" test endpoint at Test-ID https://test-id.org/OP/ReturnToVerification.aspx
 
# Enter an OpenID from the OpenID 2.0 OP you are testing into the "OpenID Identifier" login field of the page.
 
# Enter an OpenID from the OpenID 2.0 OP you are testing into the "OpenID Identifier" login field of the page.
# Make certain that you have entered values for all the sreg information at the openID account.
 
 
# After you submit the OpenID in the login box, you should be redirected to the OpenID Provider.
 
# After you submit the OpenID in the login box, you should be redirected to the OpenID Provider.
 
# Sign into the OpenID Provider.
 
# Sign into the OpenID Provider.
 
# This should redirect you back to your relying party site.
 
# This should redirect you back to your relying party site.
# At this point you should have a page saying that you have logged in Successfully and displaying the AX attributes returned. This is a successful if the first 9 claims have values returned.
+
# The first two buttons "Begin Verifiable RP" and "Begin Verifiable RP (realm style)"  should result in successful authentications. The third button "Begin UNverifiable RP"  should result in a warning by the OP.  If you are returned to a page "You should never reach this page. The Provider you are testing should never send an assertion to this URL. It has FAILED this test."  The OP has not verified the return to URI and the test has failed.
 
# Set outcome in the results page:
 
# Set outcome in the results page:
 
## If the success criteria was met, set the outcome to "Works".
 
## If the success criteria was met, set the outcome to "Works".

Latest revision as of 14:42, 30 March 2009

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|FeatureTest-Validates the openid.return to}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Provider Validates the openid.return to|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=FeatureTest,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=FeatureTest,title={{#var:page}},namespace=I5|as XML]]  edit
}}
{{#if:|Feature Test |Feature Test }}   OpenID Provider Validates the openid.return to
Test Type   bgcolor={{{color}}}}}|OpenID Authentication
Identifier   bgcolor={{{color}}}}}|FTR-op-auth-8  
Description   bgcolor={{{color}}}}}|Tests OpenID OP Validates the openid.return to  
Role tested   bgcolor={{{color}}}}}|OpenID Identity Provider  
Known Successful Reference Solution(s)   bgcolor={{{color}}}}}|{{ #if: Yahoo OpenID Provider |
I5:Yahoo OpenID Provider}}{{ #if: |
[[I5:]]}} {{ #if: |
}} {{ #if: |
}}  
Success Criteria   bgcolor={{{color}}}}}|OpenID authentication succeeds with transfer of Attribute Exchange info  
Failure Criteria   bgcolor={{{color}}}}}|OpenID not accepted or other failures  

Features Proven

{{#dpl:debug=1

 |resultsheader=\n
 |noresultsheader= {|\n|bgcolor=#eeeeee|No matching Feature found.\n|}\n
 |category=Feature
 |namespace=I5
 |linksto=I5:FeatureTest-Validates the openid.return to
 |nottitlematch = Feature.edit
 |include={Feature}.viewfromtest
 |includematch=/FeatureTest-Validates the openid.return to/s
 |table=class=sortable,-,Feature,feature_type,solution_role

}}

Instructions

  1. Open the result page for your solution and this test.
  2. Go to the "OP return_to Verification (RP discovery)" test endpoint at Test-ID https://test-id.org/OP/ReturnToVerification.aspx
  3. Enter an OpenID from the OpenID 2.0 OP you are testing into the "OpenID Identifier" login field of the page.
  4. After you submit the OpenID in the login box, you should be redirected to the OpenID Provider.
  5. Sign into the OpenID Provider.
  6. This should redirect you back to your relying party site.
  7. The first two buttons "Begin Verifiable RP" and "Begin Verifiable RP (realm style)" should result in successful authentications. The third button "Begin UNverifiable RP" should result in a warning by the OP. If you are returned to a page "You should never reach this page. The Provider you are testing should never send an assertion to this URL. It has FAILED this test." The OP has not verified the return to URI and the test has failed.
  8. Set outcome in the results page:
    1. If the success criteria was met, set the outcome to "Works".
    2. If the test failed, set the outcome to "Failed" and enter information about the failure in the Notes section.
    3. If other issues occurred set the result to "Issues" and describe them in the Notes section.
  9. Add either four tilde ~~~~ signs or a text name into the "Tested by" parameter.
  10. Update the Date Tested, Browser, and Operating System lines of the results page.