Skip to content

FAPI Conformance Suite

Jump to bottom Edit New page
miltonbo edited this page Feb 20, 2020 · 7 revisions

Server: ce-ob.gluu.org

Instructions: https://openid.net/certification/fapi_op_testing/

Test Suite: https://www.certification.openid.net/

Fapi RW - MTLS variant : https://www.certification.openid.net/plan-detail.html?plan=K38k7NvnZsOfr&public=true

Fapi RW - Private Key JWT variant : https://www.certification.openid.net/plan-detail.html?plan=BRCeoF1s8YqIi&public=true

Plan public link (Yuriy Z sandbox): https://www.certification.openid.net/plan-detail.html?plan=4odwd7jxzLuiZ&public=true

Submission: https://openid.net/certification/fapi_op_submission/

Variant Test name Passed ? (Yes/No) Manual Review Passed: (Yes/No) Logs link (must be public link to certification.openid.net)
fapi-r fapi-r-ensure-redirect-uri-in-authorization-request No No https://www.certification.openid.net/log-detail.html?log=386Az3sijd&public=true
fapi-r fapi-r-ensure-redirect-uri-is-registered No No https://www.certification.openid.net/log-detail.html?log=nNYcqmONWw&public=true
fapi-r fapi-r-reject-plain-pkce No No https://www.certification.openid.net/log-detail.html?log=EQ1JGg8wac&public=true
fapi-r fapi-r-require-pkce No No https://www.certification.openid.net/log-detail.html?log=YXpnDibgHH&public=true
fapi-r fapi-r-code-id-token-with-mtls No No https://www.certification.openid.net/log-detail.html?log=c3MNUQ7sj3&public=true
fapi-rw mtls fapi-rw-id2-discovery-end-point-verification Yes https://www.certification.openid.net/log-detail.html?log=ArzJPL0N2C&public=true
fapi-rw mtls fapi-rw-id2 Yes https://www.certification.openid.net/log-detail.html?log=hAUQMiXH0Z&public=true
fapi-rw mtls fapi-rw-id2-user-rejects-authentication Yes https://www.certification.openid.net/log-detail.html?log=Y9AlumOvMt&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-with-multiple-aud-succeeds Yes https://www.certification.openid.net/log-detail.html?log=edyVDB6CXZ&public=true
fapi-rw mtls fapi-rw-id2-ensure-authorization-request-without-state-success Yes https://www.certification.openid.net/log-detail.html?log=1C4YjiDTCC&public=true
fapi-rw mtls fapi-rw-id2-ensure-response-mode-query Yes https://www.certification.openid.net/log-detail.html?log=j8awUossD3&public=true
fapi-rw mtls fapi-rw-id2-ensure-different-nonce-inside-and-outside-request-object Yes https://www.certification.openid.net/log-detail.html?log=tOATEvqRG5&public=true
fapi-rw mtls fapi-rw-id2-ensure-registered-redirect-uri No No https://www.certification.openid.net/log-detail.html?log=Nby0zVGX3Z&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-with-long-nonce Yes https://www.certification.openid.net/log-detail.html?log=4yHIAJ77xI&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-with-long-state Yes https://www.certification.openid.net/log-detail.html?log=l8FyGuP1SI&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-without-exp-fails Yes https://www.certification.openid.net/log-detail.html?log=XVBYUco9Pp&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-without-scope-fails Yes https://www.certification.openid.net/log-detail.html?log=UhSDansfUs&public=true
fapi-rw mtls fapi-rw-id2-state-only-outside-request-object-not-used Yes https://www.certification.openid.net/log-detail.html?log=3G6og5TkoQ&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-without-nonce-fails Yes https://www.certification.openid.net/log-detail.html?log=sbXm7XngyH&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-without-redirect-uri-fails Yes https://www.certification.openid.net/log-detail.html?log=EyV39PnzNm&public=true
fapi-rw mtls fapi-rw-id2-ensure-expired-request-object-fails Yes https://www.certification.openid.net/log-detail.html?log=D6pEE9ZwIn&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-with-bad-aud-fails Yes https://www.certification.openid.net/log-detail.html?log=OfbqXZo6UP&public=true
fapi-rw mtls fapi-rw-id2-ensure-signed-request-object-with-RS256-fails Yes https://www.certification.openid.net/log-detail.html?log=ZistjXS1jn&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-signature-algorithm-is-not-none Yes https://www.certification.openid.net/log-detail.html?log=pfAHboHV3o&public=true
fapi-rw mtls fapi-rw-id2-ensure-request-object-with-invalid-signature-fails Yes https://www.certification.openid.net/log-detail.html?log=RxqHdiw0Yb&public=true
fapi-rw mtls fapi-rw-id2-ensure-matching-key-in-authorization-request Yes https://www.certification.openid.net/log-detail.html?log=FK9FCojwI7&public=true
fapi-rw mtls fapi-rw-id2-ensure-authorization-request-without-request-object-fails Yes https://www.certification.openid.net/log-detail.html?log=gyV0CmI7GB&public=true
fapi-rw mtls fapi-rw-id2-ensure-redirect-uri-in-authorization-request No No https://www.certification.openid.net/log-detail.html?log=ksesbAbojv&public=true
fapi-rw mtls fapi-rw-id2-ensure-response-type-code-fails Yes https://www.certification.openid.net/log-detail.html?log=3GVCFvC4PG&public=true
fapi-rw mtls fapi-rw-id2-ensure-client-id-in-token-endpoint Yes https://www.certification.openid.net/log-detail.html?log=ul1SZXgWOe&public=true
fapi-rw mtls fapi-rw-id2-ensure-mtls-holder-of-key-required Yes https://www.certification.openid.net/log-detail.html?log=IwUzpqWvzK&public=true
fapi-rw mtls fapi-rw-id2-ensure-authorization-code-is-bound-to-client Yes https://www.certification.openid.net/log-detail.html?log=iJzF9uC9kg&public=true
fapi-rw mtls fapi-rw-id2-refresh-token Yes https://www.certification.openid.net/log-detail.html?log=W6LVtiON7l&public=true
fapi-rw mtls fapi-rw-id2-attempt-reuse-authorisation-code-after-30seconds Yes https://www.certification.openid.net/log-detail.html?log=MPs9YWrjir&public=true
fapi-rw mtls fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second Yes https://www.certification.openid.net/log-detail.html?log=dCTo1ZeY1E&public=true
Add a custom footer
Add a custom sidebar
Clone this wiki locally