Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Compliance test for OpenID providers

What automated standards-conformance tests are there for OpenID providers?

I'm making changes to the implementation of an OpenID provider, to bring it from version 1.1 of the standard to version 2.0.

Before releasing the code, I want to be sure that it conforms to the specifications of the standard. For testing web standards compliance, the W3C has validator tools. What tools exist so that I can point an automated tester at my OpenID provider and get a report of compliance with the standard?

like image 351
bignose Avatar asked May 03 '09 00:05

bignose


People also ask

Does OpenID use certificates?

The OpenID Foundation's certification process utilizes self-certification and conformance test suites developed by the Foundation. Certified implementations can use the “OpenID Certified” certification mark.

Is OpenID deprecated?

Yes, OpenID is an obsolete standard that is no longer supported by the OpenID Foundation.

What is OpenID authentication delegation?

It allows users to be authenticated by co-operating sites (known as relying parties, or RP) using a third-party identity provider (IDP) service, eliminating the need for webmasters to provide their own ad hoc login systems, and allowing users to log in to multiple unrelated websites without having to have a separate ...


2 Answers

You could look at http://test-id.net/ which has a set of tests written in .net.

like image 192
BaroqueBobcat Avatar answered Oct 04 '22 00:10

BaroqueBobcat


There are no conformance tests (at least officially approved) that I know of - even for 1.1. Certainly its something that would be very high value. Same goes for oAuth - they're both complex protocols and sometimes event the spec doesn't cover everything.

Probably the only thing you can do right now is thorough unit testing coverage locally.

like image 44
steve Avatar answered Oct 04 '22 00:10

steve