This repository contains support materials for conformance testing and certification.
The certification is funded as an Erlang Ecosystem Foundation stipend entered by the Security Working Group.
/submitted_certifications/Erlang_Ecosystem_Foundation-oidcc-[PROFILE]-[DATE].zip- Finalized Certification
- Register on https://www.certification.openid.net/
- Create Testplan https://www.certification.openid.net/schedule-test.html
- Relevant for Certification: Yes
- Id:
oidcc-client-basic-certification-test-plan - Request Type:
plain_http_request - Client Registration Type:
dynamic_client
- Relevant for Certification: No
- Expected Failures
oidcc-client-test-discovery-webfinger-acct- WebFinger is not supportedoidcc-client-test-discovery-webfinger-url- Webfinger is not supported
- Id:
oidcc-client-test-plan - Client Authentication Type:
client_secret_post - Request Type:
plain_http_request - Response Type:
code - Client Registration Type:
dynamic_client - Response Mode:
default
- Relevant for Certification: No
- Id:
oidcc-client-refreshtoken-test-plan - Client Authentication Type:
client_secret_basic - Request Type:
plain_http_request - Response Type:
code - Client Registration Type:
dynamic_client - Response Mode:
form_post
- Relevant for Certification: Yes
- Id:
oidcc-client-formpost-basic-certification-test-plan - Request Type:
plain_http_request - Client Registration Type:
dynamic_client
- Relevant for Certification: Yes
- Id:
oidcc-client-config-certification-test-plan - Client Authentication Type:
client_secret_basic - Request Type:
plain_http_request - Response Mode:
default - Client Registration Type:
dynamic_client
- Relevant for Certification: Yes
- Id:
oidcc-client-test-3rd-party-init-login-test-plan - Client Authentication Type:
client_secret_basic - Request Type:
plain_http_request - Response Mode:
default - Client Registration Type:
dynamic_client
mix deps.getOptionally, you can mount the certification branch in your worktree:
git worktree add \
--track \
-b openid-foundation-certification \
certification \
origin/openid-foundation-certification- Open Plan / Specific Test
- Execute the Conformance runner:
mix run_certification \ --profile [PROFILE_NAME] \ --test-name [TEST_NAME] \ --alias [ALIAS] \ # Alias in www.certification.openid.net; Default "test" --version [VERSION] \ # Version to file Result artifacts for; Default "dev" --[no-]register-client \ # Run Client Registration; Default true; Disable for config only tests --[no-]start-server \ # Run Web Server; Default true; Disable for config / client only tests --[no-]auto-stop \ # Auto Stop when result is received; Default true; Disable for tests with multiple actions --[no-]auto-open \ # Auto open browser; Default false; Requires `xdg-open` --[no-]auto-screenshot \ # Auto screenshot window; Default false; Requires `gnome-screenshot` & `optipng` --token-endpoint-auth-method \ # Registration token_endpoint_auth_method; Default "client_secret_basic"
- Open http://localhost:4000/authorize in your Browser (or
auto-open) - Follow Test Protocol
- Test should pass
- Upload Screenshot to Test Protocol
After all tests have completed, prepare the publication.
- Create
Certification of Conformance.pdfintest_plans/[VERSION]/[PROFILE] - Package Client Data
mix package_client_data \ --version [VERSION] \ --profile [PROFILE]
- Upload signed
Certification of Conformance and
test_plans/[VERSION]/[PROFILE]/client-data.zipviaPublish for certificationin certification.openid.net / Plan - File downloaded
.zipas/submitted_certifications/Erlang_Ecosystem_Foundation-oidcc-[PROFILE]-[DATE].zip - Commit & Push File into PR
- Once merged, fill out the certification request form.