Skip to content

IDP Test Strategy

Jump to bottom
Amit Bhadoria edited this page Feb 15, 2016 · 4 revisions

Following are the test clients/apps created as part of IDP deployment:

  • test.endpoint.client
    • this is a test app to test oAuth APIs for ENDPOINT type apps
    • test app does not have any client secret
    • app has scopes endpoint, validation
    • app is registered with system tenant users-alpha.integratingfactor.com
    • token grant can be implicit, or code
  • test.backend.client
    • this is a test app to test oAuth APIs for BACKEND type apps
    • test app's client secret is secret
    • app has scopes backend, validation, openid
    • app is registered with system tenant users-alpha.integratingfactor.com
    • token grant can only be code
  • test.service.client
    • this is a test app to test tenant registration and management APIs
    • test app's client secret is secret
    • app has scopes backend, validation, openid, registrar
    • app is registered with system tenant users-alpha.integratingfactor.com
    • token grant can only be code

There are no test users created, actual user accounts should be used for token authorization during testing. If necessary, a user account can be created just for testing purpose.

There are following categories to test:

  • Interactive: involves user interaction
    • oAuth user token authorization
    • oAuth user token grant implicit
    • oAuth user authentication
  • User API: involves ENDPOINT/BACKEND app interaction with IDP (needs auth_code/access_token from user interaction)
    • oAuth user token grant auth_code
    • oAuth user token grant refresh
    • oAuth user token validation
    • User tenant registration management
    • User tenant user role management
    • User tenant user provisioning
    • User app registration management
  • Service API: involves SERVICE app interaction with IDP using resource owner token (no dependence on any parameter from user interaction)
    • oAuth service token grant implicit
    • oAuth service token grant refresh
    • oAuth service token validation
    • Service tenant user role management
    • Service tenant user provisioning
    • Service app registration management

© 2015-2016 · Integratingfactor.com

Clone this wiki locally