search

openid-certification / oidctest

THE CERTIFICATION TEST SUITE HAS BEEN MIGRATED TO A NEW SERVICE https://www.certificatinon.openid.net
Other
49 stars 15 forks source link

frontchannel_logout_session_supported and backchannel_logout_session_supported should be optional #201

Closed selfissued closed 4 years ago

selfissued commented 4 years ago

The Front-Channel and Back-Channel specs say that frontchannel_logout_session_supported and backchannel_logout_session_supported SHOULD be registered but that if they're not present, their default values are false. The certification tool flags it as an ERROR if these are missing in OP-FrontChannel-Discovery and OP-BackChannel-Discovery, rather than using the specified false values.

See the spec text at https://openid.net/specs/openid-connect-frontchannel-1_0.html#OPLogout and https://openid.net/specs/openid-connect-backchannel-1_0.html#BCSupport.

See the errors at https://op.certification.openid.net:60046/test_info/OP-FrontChannel-Discovery and https://op.certification.openid.net:60046/test_info/OP-BackChannel-Discovery.

rohe commented 4 years ago

Have issued a PR on pyOIDC to fix this.

rohe commented 4 years ago

The change to pyOIDC has been accepted and merged.

zandbelt commented 4 years ago

it is included in pyoidc 1.1.2 and as such part of OP release 2.3.1 and RP 1.2.1 https://github.com/openid-certification/oidctest/releases/tag/v1.2.3