I2 RP Profile Claim Processing Tests

From OSIS Open Source Identity Systems

Jump to: navigation, search

Contents

Claim Processing Examples And Tests

If you have a component that an RP can use to test a given issue, put your data here. 

* I2-Barcelona    * I2 Relying Party Profiles      * I2 RP Profile Claim Processing     * I2 RP Profile Token Validation

Expected Multi-valued Claim Test

Test #1: Given name as expected Multi-valued Claim

Instructions: 

* Create an account at one of the supporting IdPs below and add more than one First Name.
* Use the card at one of the supporting RPs below

Success: 

* First Name when viewed at the RP should contain a concatenation of all given first names.

Failure: 

* Only one first name is shown.

Supporting IDPs

To be a supporting IdP for Test #1 you must be able to set multiple first names. If you can't set multiple first names but you prefer a different attibute be multi-valued, please suggest a new Test case. [Bandit WAG IdP] -- note that if you don't have time to create your own account, you can login as user multi.valued.test (pwd: test-multi) and use that card.

Supporting RPs 

* [PamelaProject Joomla RP] (this doesn't quite actually work yet but it will)
* [CA SiteMinder RP] (RP expects a (optional) presented webpage claim to be multi-valued)

Unexpected Multi-valued Claim Test

Test #1: Email as unexpected Multi-valued Claim

Instructions: 

* Create an account at one of the supporting IdPs below and add more than one Email Address.
* Use the card at one of the supporting RPs below

Success: 

* An error should be shown to the user.

Failure: 

* The first email is accepted as the only returned value and processing continues.

Supporting IDPs

[Bandit WAG IdP] -- note that if you don't have time to create your own account, you can login as user multi.valued.email (pwd: test-multi) and use that card, it is already set up.

Supporting RPs 

* [PamelaProject Joomla RP] (this doesn't quite actually work yet but it will)
* [CA SiteMinder RP] (RP expects a (optional) presented gender claim to be single-valued)

HTML Entity Test

Instructions: 

* Import [this card] into an Identity Selector (password is osisinterop)
* Use this card at your relying party

Success: 

* nothing happens

Failure: 

* A javascript alert pops up saying "hacked!"

Supporting RPs 

* [CA SiteMinder RP] (all claim values escaped)

Credit: Thanks to Robin Martherus for contributing this idea during the last interop

Retrieved from "http://osis.idcommons.net/wiki/I2_RP_Profile_Claim_Processing_Tests"
Personal tools