UMA1 Interop Features and Feature Tests
Main UMA1 Interop Testing page | Participants and Solutions | Results | uma-dev list
Table of Contents | ||||
---|---|---|---|---|
|
...
ID | req/opt | Description | Success |
---|---|---|---|
FT-as-config-data | req | AS provides configuration data that conforms to specified formats and provides all required properties and values. | Data conforms and is complete
|
FT-as-config-endpt | req | AS makes config data available through https://as_uri/.well-known/uma-configuration. | AS config data endpoint uses https: scheme with specific URL form, with a valid certificate |
FT-rs-get-config-data | opt | RS successfully accesses and parses AS config data properties it needs at https://as_uri/.well-known/uma-configuration, including all endpoint-related properties not specific to the RS and including handling of non-understood extension properties. | RS successfully accesses and parses AS config data |
FT-c-get-config-data | opt | Client successfully accesses and parses AS config data properties it needs at https://as_uri/.well-known/uma-configuration, including all endpoint-related properties not specific to the client and including handling of non-understood extension properties. | Client successfully accesses and parses AS config data |
Feature tests for "dynreg"
Client registration of resource servers (which are clients of the AS's protection API) and clients of resource servers (which are also clients of the AS's authorization API) at run time when services have not "met" before a resource owner or requesting party forces the issue.
...
ID | req/opt | Role | Description | Success |
---|---|---|---|---|
FT-rs-no-rpt | req | RS | RS responds to client not bearing an RPT with HTTP 401 and correct as_uri corresponding to AS protecting the resource to which access was attempted. | RS responds with HTTP 401 and as_uri |
FT-rs-invalid-rpt | req | RS | RS responds to client bearing an invalid RPT with HTTP 401 and correct as_uri corresponding to AS protecting the resource to which access was attempted. | RS responds with HTTP 401 and as_uri |
FT-c-rpt | req | C | C requests access to a resource by providing a correctly formed and located RPT. | |
FT-rs-insufficient-perm | req | RS | RS responds to client bearing a valid "bearer" profile RPT that has insufficient permissions with HTTP 403, as_uri, and permission ticket corresponding to resource for which access was attempted. NOTE: Conducting this test depends on RS-specific API and scope details. | RS responds with HTTP 403, as_uri, and permission ticket |
FT-rs-respect-authz | req | RS | RS limits access to resource that is currently under protection at an AS for which a valid RPT with valid authorization data has not been presented by a client. NOTE: Conducting this test depends on RS-specific API and scope details. | RS blocks and grants client's access according to RPT's current status |
Feature tests for "claims"
TBS.