...
Any RS participating in interop has to expose either multiple resource sets (as registered with the AS) or multiple scopes, or both. This enables testing UMA-specific interop around sufficient/insufficient authz data, permission tickets that match/don't match the requested type of access, etc., while not dictating the specifics of what the API looks like. Each RS participant needs to provide enough information directly in the table below to explain how to access these differential resource sets and scopes, e.g. the URLs, parameters, etc. This way, clients can tell whether the RS was at fault or not if something goes wrong with authorization. It is RECOMMENDED that each RS document exactly the one or two endpoints/calls/parameters that are sufficient for UMA interop testing purposes, to limit the universe of potential actions that a client can take.
Solution:role | API info | SDK avail? | Login URL and RO creds | Protected resource URL(s) info | Client SDK/library info | Expects dynamic client registration at AS? | Other details |
---|---|---|---|---|---|---|---|
OX:RS | Java | Will fill in when RS is up | |||||
CI:RS | https://nuvepds.appspot.com/about/api | Python and Java | https://nuvepds.appspot.com (Sign in with your social profile) | https://nuvepds.appspot.com/about/api | Optional | ||
RH:RS | Uses "pbryan" (http-json-resource) | https://xenosmilus.umdc.umu.se:8777/login.html (user:alice, password:krall) | Base URL for alice's resources: https://xenosmilus.umdc.umu.se:8777/json/alice | Available in Python and Java (sample at https://nuvepdsclient.appspot.com/) – where? | Supports webfinger. Supports acct and http identifier urls. |
...