Skip to content

FAPI Conformance Suite

miltonbo edited this page Feb 20, 2020 · 7 revisions

Server: ce-ob.gluu.org

Instructions: https://openid.net/certification/fapi_op_testing/

Test Suite: https://www.certification.openid.net/

Fapi RW - MTLS variant : https://www.certification.openid.net/plan-detail.html?plan=K38k7NvnZsOfr&public=true

Fapi RW - Private Key JWT variant : https://www.certification.openid.net/plan-detail.html?plan=BRCeoF1s8YqIi&public=true

Plan public link (Yuriy Z sandbox): https://www.certification.openid.net/plan-detail.html?plan=4odwd7jxzLuiZ&public=true

Submission: https://openid.net/certification/fapi_op_submission/

Variant Test name Passed ? (Yes/No) Manual Review Passed: (Yes/No) Logs link (must be public link to certification.openid.net)
fapi-r fapi-r-ensure-redirect-uri-in-authorization-request No No https://www.certification.openid.net/log-detail.html?log=386Az3sijd&public=true
fapi-r fapi-r-ensure-redirect-uri-is-registered No No https://www.certification.openid.net/log-detail.html?log=nNYcqmONWw&public=true
fapi-r fapi-r-reject-plain-pkce No No https://www.certification.openid.net/log-detail.html?log=EQ1JGg8wac&public=true
fapi-r fapi-r-require-pkce No No https://www.certification.openid.net/log-detail.html?log=YXpnDibgHH&public=true
fapi-r fapi-r-code-id-token-with-mtls No No https://www.certification.openid.net/log-detail.html?log=c3MNUQ7sj3&public=true
fapi-rw mtls fapi-rw-id2-discovery-end-point-verification Yes https://www.certification.openid.net/log-detail.html?log=ArzJPL0N2C&public=true
fapi-rw mtls fapi-rw-id2 Yes https://www.certification.openid.net/log-detail.html?log=hAUQMiXH0Z&public=true
fapi-rw mtls fapi-rw-id2-user-rejects-authentication Yes https://www.certification.openid.net/log-detail.html?log=Y9AlumOvMt&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-with-multiple-aud-succeeds Yes https://www.certification.openid.net/log-detail.html?log=edyVDB6CXZ&public=true
fapi-rw mtls fapi-rw-id2-ensure-authorization-request-without-state-success Yes https://www.certification.openid.net/log-detail.html?log=1C4YjiDTCC&public=true
fapi-rw mtls fapi-rw-id2-ensure-response-mode-query Yes https://www.certification.openid.net/log-detail.html?log=j8awUossD3&public=true
fapi-rw mtls fapi-rw-id2-ensure-different-nonce-inside-and-outside-request-object Yes https://www.certification.openid.net/log-detail.html?log=tOATEvqRG5&public=true
fapi-rw mtls fapi-rw-id2-ensure-registered-redirect-uri No No https://www.certification.openid.net/log-detail.html?log=Nby0zVGX3Z&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-with-long-nonce Yes https://www.certification.openid.net/log-detail.html?log=4yHIAJ77xI&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-with-long-state Yes https://www.certification.openid.net/log-detail.html?log=l8FyGuP1SI&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-without-exp-fails Yes https://www.certification.openid.net/log-detail.html?log=XVBYUco9Pp&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-without-scope-fails Yes https://www.certification.openid.net/log-detail.html?log=UhSDansfUs&public=true
fapi-rw mtls fapi-rw-id2-state-only-outside-request-object-not-used Yes https://www.certification.openid.net/log-detail.html?log=3G6og5TkoQ&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-without-nonce-fails Yes https://www.certification.openid.net/log-detail.html?log=sbXm7XngyH&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-without-redirect-uri-fails Yes https://www.certification.openid.net/log-detail.html?log=EyV39PnzNm&public=true
fapi-rw mtls fapi-rw-id2-ensure-expired-request-object-fails Yes https://www.certification.openid.net/log-detail.html?log=D6pEE9ZwIn&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-with-bad-aud-fails Yes https://www.certification.openid.net/log-detail.html?log=OfbqXZo6UP&public=true
fapi-rw mtls fapi-rw-id2-ensure-signed-request-object-with-RS256-fails Yes https://www.certification.openid.net/log-detail.html?log=ZistjXS1jn&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-signature-algorithm-is-not-none Yes https://www.certification.openid.net/log-detail.html?log=pfAHboHV3o&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-with-invalid-signature-fails Yes https://www.certification.openid.net/log-detail.html?log=RxqHdiw0Yb&public=true
fapi-rw mtls fapi-rw-id2-ensure-matching-key-in-authorization-request Yes https://www.certification.openid.net/log-detail.html?log=FK9FCojwI7&public=true
fapi-rw mtls fapi-rw-id2-ensure-authorization-request-without-request-object-fails Yes https://www.certification.openid.net/log-detail.html?log=gyV0CmI7GB&public=true
fapi-rw mtls fapi-rw-id2-ensure-redirect-uri-in-authorization-request No No https://www.certification.openid.net/log-detail.html?log=ksesbAbojv&public=true
fapi-rw mtls fapi-rw-id2-ensure-response-type-code-fails Yes https://www.certification.openid.net/log-detail.html?log=3GVCFvC4PG&public=true
fapi-rw mtls fapi-rw-id2-ensure-client-id-in-token-endpoint Yes https://www.certification.openid.net/log-detail.html?log=ul1SZXgWOe&public=true
fapi-rw mtls fapi-rw-id2-ensure-mtls-holder-of-key-required Yes https://www.certification.openid.net/log-detail.html?log=IwUzpqWvzK&public=true
fapi-rw mtls fapi-rw-id2-ensure-authorization-code-is-bound-to-client Yes https://www.certification.openid.net/log-detail.html?log=iJzF9uC9kg&public=true
fapi-rw mtls fapi-rw-id2-refresh-token Yes https://www.certification.openid.net/log-detail.html?log=W6LVtiON7l&public=true
fapi-rw mtls fapi-rw-id2-attempt-reuse-authorisation-code-after-30seconds Yes https://www.certification.openid.net/log-detail.html?log=MPs9YWrjir&public=true
fapi-rw mtls fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second Yes https://www.certification.openid.net/log-detail.html?log=dCTo1ZeY1E&public=true
fapi-rw private_key_jwt fapi-rw-id2-discovery-end-point-verification Yes https://www.certification.openid.net/log-detail.html?log=zOnblLzc1T&public=true
fapi-rw private_key_jwt fapi-rw-id2 Yes https://www.certification.openid.net/log-detail.html?log=sWEHGw4Val&public=true
fapi-rw private_key_jwt fapi-rw-id2-user-rejects-authentication Yes https://www.certification.openid.net/log-detail.html?log=7HwHzlRpL1&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-request-object-with-multiple-aud-succeeds Yes https://www.certification.openid.net/log-detail.html?log=q0lgvZe6qT&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-authorization-request-without-state-success Yes https://www.certification.openid.net/log-detail.html?log=SNb34hyLgL&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-response-mode-query Yes https://www.certification.openid.net/log-detail.html?log=C9UnG8TNNc&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-different-nonce-inside-and-outside-request-object Yes https://www.certification.openid.net/log-detail.html?log=lFmXsjqWjC&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-registered-redirect-uri No No https://www.certification.openid.net/log-detail.html?log=FmjWb6Hhnq&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-request-object-with-long-nonce Yes https://www.certification.openid.net/log-detail.html?log=6izkUyEWTG&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-request-object-with-long-state Yes https://www.certification.openid.net/log-detail.html?log=WSo5ePfs03&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-request-object-without-exp-fails Yes https://www.certification.openid.net/log-detail.html?log=XPYCGTf9WZ&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-request-object-without-scope-fails Yes https://www.certification.openid.net/log-detail.html?log=fN7QFKqyXk&public=true
fapi-rw private_key_jwt fapi-rw-id2-state-only-outside-request-object-not-used Yes https://www.certification.openid.net/log-detail.html?log=OKESfWkzkb&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-request-object-without-nonce-fails Yes https://www.certification.openid.net/log-detail.html?log=wSew4EKZ7b&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-request-object-without-redirect-uri-fails Yes https://www.certification.openid.net/log-detail.html?log=nDZL9Xf8bY&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-expired-request-object-fails Yes https://www.certification.openid.net/log-detail.html?log=nDZL9Xf8bY&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-request-object-with-bad-aud-fails Yes https://www.certification.openid.net/log-detail.html?log=7HnVRSa23H&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-signed-request-object-with-RS256-fails Yes https://www.certification.openid.net/log-detail.html?log=Si3w3m0ATR&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-request-object-signature-algorithm-is-not-none Yes https://www.certification.openid.net/log-detail.html?log=8yQQ7RyO48&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-request-object-with-invalid-signature-fails Yes https://www.certification.openid.net/log-detail.html?log=qAdU4eAL0H&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-matching-key-in-authorization-request Yes https://www.certification.openid.net/log-detail.html?log=k67vVkuCm8&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-authorization-request-without-request-object-fails Yes https://www.certification.openid.net/log-detail.html?log=zvOreE3flg&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-redirect-uri-in-authorization-request No No https://www.certification.openid.net/log-detail.html?log=V49shZQQsx&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-response-type-code-fails Yes https://www.certification.openid.net/log-detail.html?log=5ApJYX1dgk&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-client-id-in-token-endpoint Yes https://www.certification.openid.net/log-detail.html?log=IwhmKCC1N4&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-mtls-holder-of-key-required Yes https://www.certification.openid.net/log-detail.html?log=iSIT8je2Zu&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-authorization-code-is-bound-to-client Yes https://www.certification.openid.net/log-detail.html?log=oDuWpRF4Cu&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-signed-client-assertion-with-RS256-fails Yes https://www.certification.openid.net/log-detail.html?log=KVubsDsYIB&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-client-assertion-in-token-endpoint Yes https://www.certification.openid.net/log-detail.html?log=BhYeqHO50A&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-client-assertion-with-exp-is-5-minutes-in-past-fails Yes https://www.certification.openid.net/log-detail.html?log=7yKGlSakY5&public=true
fapi-rw private_key_jwt fapi-rw-id2-ensure-client-assertion-with-wrong-aud-fails Yes https://www.certification.openid.net/log-detail.html?log=8CQT4N3w9a&public=true
fapi-rw private_key_jwt fapi-rw-id2-refresh-token Yes https://www.certification.openid.net/log-detail.html?log=AHnCk677Qh&public=true
fapi-rw private_key_jwt fapi-rw-id2-attempt-reuse-authorisation-code-after-30seconds Yes https://www.certification.openid.net/log-detail.html?log=MMom4UZG3V&public=true
fapi-rw private_key_jwt fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second Yes https://www.certification.openid.net/log-detail.html?log=k2zsOs2SS1&public=true