...
Feature ID | Type | Description | Test ID | Type | Role | Description | Succeed | Fail | |||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
F-as-config | req | AS makes available its configuration data in the correct form at the correct location. Supporting clauses:
Issues: We no longer say RS and C MUST retrieve the config data. Should we? Should the last two tests here be "opt"? | FT-as-config-data | req | AS | AS provides configuration data that conforms to specified format | Data conforms to format requirements | Fails | |||||||
FT-as-config-endpts | opt | AS | AS makes config data available through SSL/TLS-protected URL | AS config data endpoint uses https: scheme and RS or client is able to validate AS's certificate | Fails | ||||||||||
FT-rs-get-config-data | req | RS | RS successfully accesses and parses AS config data properties it needs at http://\{as_uri}/.well-known/uma-configuration or https://\{as_uri}/.well-known/uma-configuration, including all endpoint-related properties not specific to the client and including handling of non-understood extension properties | RS successfully accesses and parses AS config data | Fails | ||||||||||
FT-c-get-config-data | req | C | Client successfully accesses and parses AS config data properties it needs at http://\{as_uri}/.well-known/uma-configuration or https://\{as_uri}/.well-known/uma-configuration, including all endpoint-related properties not specific to the RS and including handling of non-understood extension properties | Client successfully accesses and parses AS config data | Fails | ||||||||||
F-dyn-client-reg | opt | AS supports generating dynamic client credentials and RS and client support getting them. Supporting clauses:
| 5
| The value, if this property is present, the value MUST be the string "yes" (dynamic registration is supported, using an unspecified method) or "no" (it is not supported; hosts and requesters are required to pre-register)." (The property being dynamic_client_registration_supported.)
Issues: Typo in Core Sec 1.4: s/absent/absence/ | FT-as-dyn-client-reg | opt | AS | AS config data "dynamic_client_endpoint" property is non-null | AS config data "dynamic_client_endpoint" property has a valid URL value for a DynClientReg endpoint | Fails | |||||
FT-rs-get-dyn-client-creds | opt | RS | RS interacts with AS to request and receive client credentials dynamically | RS gets client credentials dynamically | Fails | ||||||||||
FT-c-get-dyn-client-creds | opt | C | C interacts with AS to request and receive client credentials dynamically | C gets client credentials dynamically | Fails | ||||||||||
F-dyn-client-reg:
- Sec 1.5: "The value, if this property is present, the value MUST be the string "yes" (dynamic registration is supported, using an unspecified method) or "no" (it is not supported; hosts and requesters are required to pre-register)." (The property being dynamic_client_registration_supported.)
- Sec 2.2: "If the host has not already obtained an OAuth client identifier and optional secret from this AM, in this step it MUST do so in order to engage in OAuth-based interactions with the AM."
...