Someone reported today (f2f) that the test suite currently does not test for the state parameter and value being returned by the OP on an authentication error response.
We should verify this statement; I believe this is not an existing test, but it may or may not be implicitly done as part of other tests. In any case it is a MUST in the spec.
If true, we should add a proper test that sends an authentication request - with a state parameter - that triggers an error on the OP and verifies that the same state parameter/value is passed back on the error response.
Someone reported today (f2f) that the test suite currently does not test for the
stateparameter and value being returned by the OP on an authentication error response.stateparameter - that triggers an error on the OP and verifies that the samestateparameter/value is passed back on the error response.