Difference between revisions of "OC5:RP Features"
m (1 revision: Cloning for OC5 Interop) |
(Uses Discovery -> Uses WebFinger Discovery) |
||
| Line 114: | Line 114: | ||
}} | }} | ||
| − | ==Feature-Uses Discovery== | + | ==Feature-Uses WebFinger Discovery== |
{{Feature | {{Feature | ||
| − | |feature_id = Uses Discovery | + | |feature_id = Uses WebFinger Discovery |
| − | |feature_description = Uses Discovery | + | |feature_description = Uses WebFinger Discovery |
|feature_type = interop | |feature_type = interop | ||
|solution_role = RP | |solution_role = RP | ||
| − | |test_description = Discover | + | |test_description = Discover user's OP location with WebFinger |
|acceptable = Works | |acceptable = Works | ||
|not_acceptable = Fails | |not_acceptable = Fails | ||
| − | |testlist = [[OC5:FeatureTest-Uses Discovery]] | + | |testlist = [[OC5:FeatureTest-Uses WebFinger Discovery]] |
|maturity_status = Established | |maturity_status = Established | ||
|maturity_date = OC3 | |maturity_date = OC3 | ||
Revision as of 17:03, 4 June 2014
{{#vardefine:DtArticleSortKey|}}
Feature-Web Page Application
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Web Page Application|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Web Page Application - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Web Page Application | Use OP from Web Page Application | Works | Fails |
Tests
OC5:FeatureTest-Web Page Application
Feature-Native Client Application
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Native Client Application|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Native Client Application - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Native Client Application | Use OP from Native Client Application | Works | Fails |
Tests
OC5:FeatureTest-Native Client Application
Feature-Accept Valid Asymmetric ID Token Signature
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Accept Valid Asymmetric ID Token Signature|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Accept Valid Asymmetric ID Token Signature - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Accept Valid Asymmetric ID Token Signature | Validate ID Token Correctly Signed with RS256 | Works | Fails |
Tests
OC5:FeatureTest-Accept Valid Asymmetric ID Token Signature
Feature-Reject Invalid Asymmetric ID Token Signature
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Reject Invalid Asymmetric ID Token Signature|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Reject Invalid Asymmetric ID Token Signature - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Reject Invalid Asymmetric ID Token Signature | Reject ID Token with Incorrect RS256 Signature | Works | Fails |
Tests
OC5:FeatureTest-Reject Invalid Asymmetric ID Token Signature
Feature-Accept Valid Symmetric ID Token Signature
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Accept Valid Symmetric ID Token Signature|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Accept Valid Symmetric ID Token Signature - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Accept Valid Symmetric ID Token Signature | Validate ID Token Correctly Signed with HS256 | Works | Fails |
Tests
OC5:FeatureTest-Accept Valid Symmetric ID Token Signature
Feature-Reject Invalid Symmetric ID Token Signature
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Reject Invalid Symmetric ID Token Signature|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Reject Invalid Symmetric ID Token Signature - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Reject Invalid Symmetric ID Token Signature | Reject ID Token with Incorrect HS256 Signature | Works | Fails |
Tests
OC5:FeatureTest-Reject Invalid Symmetric ID Token Signature
Feature-Requesting UserInfo Claims with scope Values
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Requesting UserInfo Claims with scope Values|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Requesting UserInfo Claims with scope Values - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Requesting UserInfo Claims with scope Values | Request Claims using scope Value | Displays claims returned that were requested with a scope value | Fails |
Tests
OC5:FeatureTest-Requesting UserInfo Claims with scope Values
Feature-Requesting UserInfo Claims with OpenID Request Object
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Requesting UserInfo Claims with OpenID Request Object|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Requesting UserInfo Claims with OpenID Request Object - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Requesting UserInfo Claims with OpenID Request Object | Request Claims using OpenID Request Object | Displays claims returned that were requested with an OpenID Request Object | Fails |
Tests
OC5:FeatureTest-Requesting UserInfo Claims with OpenID Request Object
Feature-Uses WebFinger Discovery
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Uses WebFinger Discovery|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Uses WebFinger Discovery - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Uses WebFinger Discovery | Discover user's OP location with WebFinger | Works | Fails |
Tests
OC5:FeatureTest-Uses WebFinger Discovery
Feature-Can Discover Identifiers using E-Mail Syntax
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Discover Identifiers using E-Mail Syntax|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Can Discover Identifiers using E-Mail Syntax - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Can Discover Identifiers using E-Mail Syntax | Discover and Use OP for Identifier using E-Mail Syntax | Works | Fails |
Tests
OC5:FeatureTest-Can Discover Identifiers using E-Mail Syntax
Feature-Can Discover Identifiers using URL Syntax
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Discover Identifiers using URL Syntax|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Can Discover Identifiers using URL Syntax - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Can Discover Identifiers using URL Syntax | Discover and Use OP for Identifier using URL Syntax | Works | Fails |
Tests
OC5:FeatureTest-Can Discover Identifiers using URL Syntax
Feature-Uses Dynamic Registration
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Uses Dynamic Registration|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Uses Dynamic Registration - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Uses Dynamic Registration | Dynamically Register Client with OP and Use OP | Works | Fails |
Tests
OC5:FeatureTest-Uses Dynamic Registration
Feature-Uses Aggregated Claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Uses Aggregated Claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Uses Aggregated Claims - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Uses Aggregated Claims | Display Aggregated Claims Received from OP | Works | Fails |
Tests
OC5:FeatureTest-Uses Aggregated Claims
Feature-Uses Distributed Claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Uses Distributed Claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Uses Distributed Claims - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Uses Distributed Claims | Display Distributed Claims Received from OP | Works | Fails |
Tests
OC5:FeatureTest-Uses Distributed Claims
Feature-Verifies Correct at_hash when Implicit Flow Used
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Verifies Correct at_hash when Implicit Flow Used|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Verifies Correct at_hash when Implicit Flow Used - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Verifies Correct at_hash when Implicit Flow Used | Receive response to request using response_type token id_token with correct at_hash value | Correct at_hash value verified | Response rejected |
Tests
OC5:FeatureTest-Verifies Correct at_hash when Implicit Flow Used
Feature-Rejects Incorrect at_hash when Implicit Flow Used
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Rejects Incorrect at_hash when Implicit Flow Used|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Rejects Incorrect at_hash when Implicit Flow Used - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Rejects Incorrect at_hash when Implicit Flow Used | Receive response to request using response_type token id_token with incorrect at_hash value | Incorrect at_hash value rejected | Response accepted |
Tests
OC5:FeatureTest-Rejects Incorrect at_hash when Implicit Flow Used
Feature-Verifies Correct c_hash when Code Flow Used
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Verifies Correct c_hash when Code Flow Used|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Verifies Correct c_hash when Code Flow Used - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Verifies Correct c_hash when Code Flow Used | Receive response to request using response_type code with correct c_hash value | Correct c_hash value verified | Response rejected |
Tests
OC5:FeatureTest-Verifies Correct c_hash when Code Flow Used
Feature-Rejects Incorrect c_hash when Code Flow Used
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Rejects Incorrect c_hash when Code Flow Used|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Rejects Incorrect c_hash when Code Flow Used - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Rejects Incorrect c_hash when Code Flow Used | Receive response to request using response_type code with incorrect c_hash value | Incorrect c_hash value rejected | Response accepted |
Tests
OC5:FeatureTest-Rejects Incorrect c_hash when Code Flow Used
Feature-Can Request and Use Claims in id_token
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Request and Use Claims in id_token|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Can Request and Use Claims in id_token - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Request and Use Claims in id_token | Request name and email claims be returned in the id_token | Claims returned in id_token and accepted | Fails |
Tests
OC5:FeatureTest-Can Request and Use Claims in id_token
Feature-Can Use Self-Issued OP
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Use Self-Issued OP|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Can Use Self-Issued OP - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Use Self-Issued OP | Request name and email claims claims from self-issued OP | Claims returned in id_token and accepted | Fails |
Tests
OC5:FeatureTest-Can Use Self-Issued OP
Feature-Can Make Access Token Request with client_secret_basic Authentication
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Make Access Token Request with client_secret_basic Authentication|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Can Make Access Token Request with client_secret_basic Authentication - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Make Access Token Request with client_secret_basic Authentication | Send Access Token Request with client_secret_basic Authentication | Works | Fails |
Tests
OC5:FeatureTest-Can Make Access Token Request with client_secret_basic Authentication
Feature-Can Make Access Token Request with client_secret_post Authentication
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Make Access Token Request with client_secret_post Authentication|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Can Make Access Token Request with client_secret_post Authentication - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Make Access Token Request with client_secret_post Authentication | Send Access Token Request with client_secret_post Authentication | Works | Fails |
Tests
OC5:FeatureTest-Can Make Access Token Request with client_secret_post Authentication
Feature-Can Make Access Token Request with private_key_jwt Authentication
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Make Access Token Request with private_key_jwt Authentication|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Can Make Access Token Request with private_key_jwt Authentication - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Make Access Token Request with private_key_jwt Authentication | Send Access Token Request with private_key_jwt Authentication | Works | Fails |
Tests
OC5:FeatureTest-Can Make Access Token Request with private_key_jwt Authentication
Feature-Can Make Access Token Request with client_secret_jwt Authentication
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Make Access Token Request with client_secret_jwt Authentication|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Can Make Access Token Request with client_secret_jwt Authentication - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Make Access Token Request with client_secret_jwt Authentication | Send Access Token Request with client_secret_jwt Authentication | Works | Fails |
Tests
OC5:FeatureTest-Can Make Access Token Request with client_secret_jwt Authentication
Feature-Logout Initiated by RP
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Logout Initiated by RP|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Logout Initiated by RP - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Logout Initiated by RP | Send logout request to OP | Logout request sent to OP | No logout request sent |
Tests
OC5:FeatureTest-Logout Initiated by RP
Feature-Logout Received by RP
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Logout Received by RP|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Logout Received by RP - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Logout Received by RP | Detect and act upon OP initiated logout | RP detects logout request and logs out | RP not logged out |
Tests
OC5:FeatureTest-Logout Received by RP
Feature-State Change Other than Logout Received by RP
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:State Change Other than Logout Received by RP|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP State Change Other than Logout Received by RP - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| State Change Other than Logout Received by RP | Change logged in user at the OP and notify RP | Change detected by RP | Change not detected |
Tests
OC5:FeatureTest-State Change Other than Logout Received by RP
Feature-Can Request and Use Signed UserInfo Response
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Request and Use Signed UserInfo Response|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Can Request and Use Signed UserInfo Response - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Request and Use Signed UserInfo Response | Register for, request, and use signed UserInfo responses | Can request and use signed UserInfo responses | Cannot request or use signed UserInfo Responses |
Tests
OC5:FeatureTest-Can Request and Use Signed UserInfo Response
Feature-Can Request and Use Encrypted UserInfo Response
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Request and Use Encrypted UserInfo Response|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Can Request and Use Encrypted UserInfo Response - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Request and Use Encrypted UserInfo Response | Register for, request, and use encrypted UserInfo responses | Can request and use encrypted UserInfo responses | Cannot request or use encrypted UserInfo Responses |
Tests
OC5:FeatureTest-Can Request and Use Encrypted UserInfo Response
Feature-Can Request and Use Signed and Encrypted UserInfo Response
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Request and Use Signed and Encrypted UserInfo Response|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Can Request and Use Signed and Encrypted UserInfo Response - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Request and Use Signed and Encrypted UserInfo Response | Register for, request, and use signed and encrypted UserInfo responses | Can request and use signed and encrypted UserInfo responses | Cannot request or use signed and encrypted UserInfo Responses |
Tests
OC5:FeatureTest-Can Request and Use Signed and Encrypted UserInfo Response
Feature-Can Request and Use Encrypted ID Token Response
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Request and Use Encrypted ID Token Response|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Can Request and Use Encrypted ID Token Response - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Request and Use Encrypted ID Token Response | Register for, request, and use encrypted ID Token responses | Can request and use encrypted ID Token responses | Cannot request or use encrypted ID Token Responses |
Tests
OC5:FeatureTest-Can Request and Use Encrypted ID Token Response
Feature-Can Request and Use Signed and Encrypted ID Token Response
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|RP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Request and Use Signed and Encrypted ID Token Response|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| RP Can Request and Use Signed and Encrypted ID Token Response - Maturity: New {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Request and Use Signed and Encrypted ID Token Response | Register for, request, and use signed and encrypted ID Token responses | Can request and use signed and encrypted ID Token responses | Cannot request or use signed and encrypted ID Token Responses |
Tests
OC5:FeatureTest-Can Request and Use Signed and Encrypted ID Token Response
