[RC-Based Testing] Application Protocol Testing.

[melanisilva]

Is your suggestion a test requirement/change or improvement of the test framework? Please describe. This testing task is created to track the Application protocol ad-hoc testing task.

Scope :

• [x] - Testing OIDC endpoints
• [x] - Authorization code grant in apps
• [x] - Login using Pushed Authorization Requests
• [ ] - JWT Secured Authorization Response Mode (JARM) for OAuth 2.0
• [x] - Validate ID tokens
• [x] - Request user information
• [ ] - Token validation by resource servers
• [ ] - Revoke access tokens
• [ ] - Add logout to application

Trusted Token Issuer flow

• [x] Registering Trusted IDP
• [x] Enabling Token Exchange grant
• [x] Registering Application
• [x] Token Issuing
• [ ] Scope Validation

Describe the solution you would prefer

Environment Combination.

Additional context

Related Issues:

[melanisilva]

Reported Issues

• https://github.com/wso2/product-is/issues/19075

Other Related Issues

• https://github.com/wso2/product-is/issues/19160

[melanisilva]

Sample requests used for testing

1 . Login using Pushed Authorization Requests

curl --location 'https://wso2is.com:9443/oauth2/par' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'accept: application/json' \
--header 'Authorization: Basic VUQ4bU5oSE11MnplM0ZRZlpmSk9CTzBDaU1FYTpjb0tIeGp3ODhYNW9IaExnQmVad2R2TmV3YThwWWgzNlFmdFByc2dpdGg0YQ==' \
--header 'Cookie: JSESSIONID=C9A597FC86BB7C07C512D31A549E8FBACF148CFDC807F52B1D0B9B0264AFD203BD6DBD38024B035867B96F827E4A9A60766412B3B8BC489B2C0E4CD961E28195D5EDE237B9651BB332B5FE8B1C20794B2D79CF47C4849DB5F2247C23B8494D7E3FF2DB0AAF52A9153BDB475F32FBD976BAA1993BF2390CB88AEDA955878691F4' \
--data-urlencode 'client_id=UD8mNhHMu2ze3FQfZfJOBO0CiMEa' \
--data-urlencode 'redirect_uri=http://localhost.com:8080/pickup-dispatch/oauth2client' \
--data-urlencode 'response_type=code' \
--data-urlencode 'scope=openid'

2 . Request user information

Token Request

curl --location 'https://wso2is.com:9443/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded;charset=UTF-8' \
--header 'Authorization: Basic VUQ4bU5oSE11MnplM0ZRZlpmSk9CTzBDaU1FYTpjb0tIeGp3ODhYNW9IaExnQmVad2R2TmV3YThwWWgzNlFmdFByc2dpdGg0YQ==' \
--header 'Cookie: JSESSIONID=C9A597FC86BB7C07C512D31A549E8FBACF148CFDC807F52B1D0B9B0264AFD203BD6DBD38024B035867B96F827E4A9A60766412B3B8BC489B2C0E4CD961E28195D5EDE237B9651BB332B5FE8B1C20794B2D79CF47C4849DB5F2247C23B8494D7E3FF2DB0AAF52A9153BDB475F32FBD976BAA1993BF2390CB88AEDA955878691F4' \
--data-raw 'grant_type=password&username=melani&password=Test@123&scope=openid%20profile'

User info request

curl --location 'https://localhost:9443/oauth2/userinfo' \
--header 'Authorization: Bearer 6e85faef-89e3-3ef6-81ab-830a57c8342d'