authlete 1.6.0 → 1.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/authlete/model/client.rb +163 -145
- data/lib/authlete/model/service.rb +236 -218
- data/lib/authlete/version.rb +1 -1
- data/test/authlete/model/test_client.rb +416 -401
- data/test/authlete/model/test_service.rb +473 -458
- metadata +2 -2
|
@@ -21,243 +21,249 @@ require 'minitest/autorun'
|
|
|
21
21
|
|
|
22
22
|
|
|
23
23
|
class ServiceTest < Minitest::Test
|
|
24
|
-
NUMBER
|
|
25
|
-
SERVICE_OWNER_NUMBER
|
|
26
|
-
SERVICE_NAME
|
|
27
|
-
API_KEY
|
|
28
|
-
API_SECRET
|
|
29
|
-
ISSUER
|
|
30
|
-
AUTHORIZATION_ENDPOINT
|
|
31
|
-
TOKEN_ENDPOINT
|
|
32
|
-
REVOCATION_ENDPOINT
|
|
33
|
-
SUPPORTED_REVOCATION_AUTH_METHODS
|
|
34
|
-
USER_INFO_ENDPOINT
|
|
35
|
-
JWKS_URI
|
|
36
|
-
JWKS
|
|
37
|
-
REGISTRATION_ENDPOINT
|
|
38
|
-
REGISTRATION_MANAGEMENT_ENDPOINT
|
|
39
|
-
SUPPORTED_SCOPE_NAME
|
|
40
|
-
SUPPORTED_SCOPE_DESCRIPTION
|
|
41
|
-
SUPPORTED_SCOPES
|
|
42
|
-
SUPPORTED_RESPONSE_TYPES
|
|
43
|
-
SUPPORTED_GRANT_TYPES
|
|
44
|
-
SUPPORTED_ACRS
|
|
45
|
-
SUPPORTED_TOKEN_AUTH_METHODS
|
|
46
|
-
SUPPORTED_DISPLAYS
|
|
47
|
-
SUPPORTED_CLAIM_TYPES
|
|
48
|
-
SUPPORTED_CLAIMS
|
|
49
|
-
SERVICE_DOCUMENTATION
|
|
50
|
-
SUPPORTED_CLAIM_LOCALES
|
|
51
|
-
SUPPORTED_UI_LOCALES
|
|
52
|
-
POLICY_URI
|
|
53
|
-
TOS_URI
|
|
54
|
-
AUTHENTICATION_CALLBACK_ENDPOINT
|
|
55
|
-
AUTHENTICATION_CALLBACK_API_KEY
|
|
56
|
-
AUTHENTICATION_CALLBACK_API_SECRET
|
|
57
|
-
SUPPORTED_SNSES
|
|
58
|
-
SNS_CREDENTIALS_SNS
|
|
59
|
-
SNS_CREDENTIALS_API_KEY
|
|
60
|
-
SNS_CREDENTIALS_API_SECRET
|
|
61
|
-
SNS_CREDENTIALS
|
|
62
|
-
CREATED_AT
|
|
63
|
-
MODIFIED_AT
|
|
64
|
-
DEVELOPER_AUTHENTICATION_CALLBACK_ENDPOINT
|
|
65
|
-
DEVELOPER_AUTHENTICATION_CALLBACK_API_KEY
|
|
66
|
-
DEVELOPER_AUTHENTICATION_CALLBACK_API_SECRET
|
|
67
|
-
SUPPORTED_DEVELOPER_SNSES
|
|
68
|
-
DEVELOPER_SNS_CREDENTIALS_SNS
|
|
69
|
-
DEVELOPER_SNS_CREDENTIALS_API_KEY
|
|
70
|
-
DEVELOPER_SNS_CREDENTIALS_API_SECRET
|
|
71
|
-
DEVELOPER_SNS_CREDENTIALS
|
|
72
|
-
CLIENTS_PER_DEVELOPER
|
|
73
|
-
DIRECT_AUTHORIZATION_ENDPOINT_ENABLED
|
|
74
|
-
DIRECT_TOKEN_ENDPOINT_ENABLED
|
|
75
|
-
DIRECT_REVOCATION_ENDPOINT_ENABLED
|
|
76
|
-
DIRECT_USER_INFO_ENDPOINT_ENABLED
|
|
77
|
-
DIRECT_JWKS_ENDPOINT_ENABLED
|
|
78
|
-
DIRECT_INTROSPECTION_ENDPOINT_ENABLED
|
|
79
|
-
SINGLE_ACCESS_TOKEN_PER_SUBJECT
|
|
80
|
-
PKCE_REQUIRED
|
|
81
|
-
PKCE_S256_REQUIRED
|
|
82
|
-
REFRESH_TOKEN_KEPT
|
|
83
|
-
REFRESH_TOKEN_DURATION_KEPT
|
|
84
|
-
ERROR_DESCRIPTION_OMITTED
|
|
85
|
-
ERROR_URI_OMITTED
|
|
86
|
-
CLIENT_ID_ALIAS_ENABLED
|
|
87
|
-
SUPPORTED_SERVICE_PROFILES
|
|
88
|
-
TLS_CLIENT_CERTIFICATE_BOUND_ACCESS_TOKENS
|
|
89
|
-
INTROSPECTION_ENDPOINT
|
|
90
|
-
SUPPORTED_INTROSPECTION_AUTH_METHODS
|
|
91
|
-
MUTUAL_TLS_VALIDATE_PKI_CERT_CHAIN
|
|
92
|
-
TRUSTED_ROOT_CERTIFICATES
|
|
93
|
-
DYNAMIC_REGISTRATION_SUPPORTED
|
|
94
|
-
END_SESSION_ENDPOINT
|
|
95
|
-
DESCRIPTION
|
|
96
|
-
ACCESS_TOKEN_TYPE
|
|
97
|
-
ACCESS_TOKEN_SIGN_ALG
|
|
98
|
-
ACCESS_TOKEN_DURATION
|
|
99
|
-
REFRESH_TOKEN_DURATION
|
|
100
|
-
ID_TOKEN_DURATION
|
|
101
|
-
AUTHORIZATION_RESPONSE_DURATION
|
|
102
|
-
PUSHED_AUTH_REQ_DURATION
|
|
103
|
-
METADATA_KEY
|
|
104
|
-
METADATA_VALUE
|
|
105
|
-
METADATA
|
|
106
|
-
ACCESS_TOKEN_SIGNATURE_KEY_ID
|
|
107
|
-
AUTHORIZATION_SIGNATURE_KEY_ID
|
|
108
|
-
ID_TOKEN_SIGNATURE_KEY_ID
|
|
109
|
-
USER_INFO_SIGNATURE_KEY_ID
|
|
110
|
-
SUPPORTED_BACKCHANNEL_TOKEN_DELIVERY_MODES
|
|
111
|
-
BACKCHANNEL_AUTHENTICATION_ENDPOINT
|
|
112
|
-
BACKCHANNEL_USER_CODE_PARAMETER_SUPPORTED
|
|
113
|
-
BACKCHANNEL_AUTH_REQ_ID_DURATION
|
|
114
|
-
BACKCHANNEL_POLLING_INTERVAL
|
|
115
|
-
BACKCHANNEL_BINDING_MESSAGE_REQUIRED_IN_FAPI
|
|
116
|
-
ALLOWABLE_CLOCK_SKEW
|
|
117
|
-
DEVICE_AUTHORIZATION_ENDPOINT
|
|
118
|
-
DEVICE_VERIFICATION_URI
|
|
119
|
-
DEVICE_VERIFICATION_URI_COMPLETE
|
|
120
|
-
DEVICE_FLOW_CODE_DURATION
|
|
121
|
-
DEVICE_FLOW_POLLING_INTERVAL
|
|
122
|
-
USER_CODE_CHARSET
|
|
123
|
-
USER_CODE_LENGTH
|
|
124
|
-
PUSHED_AUTH_REQ_ENDPOINT
|
|
125
|
-
MTLS_ENDPOINT_ALIAS_NAME
|
|
126
|
-
MTLS_ENDPOINT_ALIAS_URI
|
|
127
|
-
MTLS_ENDPOINT_ALIASES
|
|
128
|
-
SUPPORTED_AUTHORIZATION_DETAILS_TYPES
|
|
129
|
-
SUPPORTED_TRUST_FRAMEWORKS
|
|
130
|
-
SUPPORTED_EVIDENCE
|
|
131
|
-
SUPPORTED_IDENTITY_DOCUMENTS
|
|
132
|
-
SUPPORTED_VERIFICATION_METHODS
|
|
133
|
-
SUPPORTED_VERIFIED_CLAIMS
|
|
134
|
-
MISSING_CLIENT_ID_ALLOWED
|
|
135
|
-
PAR_REQUIRED
|
|
136
|
-
REQUEST_OBJECT_REQUIRED
|
|
137
|
-
TRADITIONAL_REQUEST_OBJECT_PROCESSING_APPLIED
|
|
138
|
-
CLAIM_SHORTCUT_RESTRICTIVE
|
|
139
|
-
SCOPE_REQUIRED
|
|
140
|
-
NBF_OPTIONAL
|
|
141
|
-
ISS_SUPPRESSED
|
|
142
|
-
ATTRIBUTE_KEY
|
|
143
|
-
ATTRIBUTE_VALUE
|
|
144
|
-
ATTRIBUTES
|
|
145
|
-
SUPPORTED_CUSTOM_CLIENT_METADATA
|
|
146
|
-
TOKEN_EXPIRATION_LINKED
|
|
24
|
+
NUMBER = 1000
|
|
25
|
+
SERVICE_OWNER_NUMBER = 12345
|
|
26
|
+
SERVICE_NAME = '<service-name>'
|
|
27
|
+
API_KEY = '<api-key>'
|
|
28
|
+
API_SECRET = '<api-secret>'
|
|
29
|
+
ISSUER = '<issuer>'
|
|
30
|
+
AUTHORIZATION_ENDPOINT = '<authorization-endpoint>'
|
|
31
|
+
TOKEN_ENDPOINT = '<token-endpoint>'
|
|
32
|
+
REVOCATION_ENDPOINT = '<revocation-endpoint>'
|
|
33
|
+
SUPPORTED_REVOCATION_AUTH_METHODS = [ 'NONE', 'CLIENT_SECRET_BASIC' ]
|
|
34
|
+
USER_INFO_ENDPOINT = '<user-info-endpoint>'
|
|
35
|
+
JWKS_URI = '<jwks-uri>'
|
|
36
|
+
JWKS = '<jwks>'
|
|
37
|
+
REGISTRATION_ENDPOINT = '<registration-endpoint>'
|
|
38
|
+
REGISTRATION_MANAGEMENT_ENDPOINT = '<registration-management-endpoint>'
|
|
39
|
+
SUPPORTED_SCOPE_NAME = 'scope0'
|
|
40
|
+
SUPPORTED_SCOPE_DESCRIPTION = '<scope0-description>'
|
|
41
|
+
SUPPORTED_SCOPES = [ Authlete::Model::Scope.new(name: SUPPORTED_SCOPE_NAME, description: SUPPORTED_SCOPE_DESCRIPTION) ]
|
|
42
|
+
SUPPORTED_RESPONSE_TYPES = [ 'NONE', 'CODE', 'TOKEN', 'ID_TOKEN' ]
|
|
43
|
+
SUPPORTED_GRANT_TYPES = [ 'AUTHORIZATION_CODE', 'REFRESH_TOKEN' ]
|
|
44
|
+
SUPPORTED_ACRS = [ '<supported-acr0>', '<supported-acr1>' ]
|
|
45
|
+
SUPPORTED_TOKEN_AUTH_METHODS = [ 'NONE', 'CLIENT_SECRET_BASIC' ]
|
|
46
|
+
SUPPORTED_DISPLAYS = [ 'PAGE', 'POPUP', 'TOUCH', 'WAP' ]
|
|
47
|
+
SUPPORTED_CLAIM_TYPES = [ 'NORMAL' ]
|
|
48
|
+
SUPPORTED_CLAIMS = [ '<supported-claim0>', '<supported-claim1>' ]
|
|
49
|
+
SERVICE_DOCUMENTATION = '<service-documentation>'
|
|
50
|
+
SUPPORTED_CLAIM_LOCALES = [ 'en-US' ]
|
|
51
|
+
SUPPORTED_UI_LOCALES = [ 'en-US' ]
|
|
52
|
+
POLICY_URI = '<policy-uri>'
|
|
53
|
+
TOS_URI = '<tos-uri>'
|
|
54
|
+
AUTHENTICATION_CALLBACK_ENDPOINT = '<authentication-callback-endpoint>'
|
|
55
|
+
AUTHENTICATION_CALLBACK_API_KEY = '<authentication-callback-api-key>'
|
|
56
|
+
AUTHENTICATION_CALLBACK_API_SECRET = '<authentication-callback-api-secret>'
|
|
57
|
+
SUPPORTED_SNSES = [ 'FACEBOOK' ]
|
|
58
|
+
SNS_CREDENTIALS_SNS = 'FACEBOOK'
|
|
59
|
+
SNS_CREDENTIALS_API_KEY = '<sns-credentials0-api-key>'
|
|
60
|
+
SNS_CREDENTIALS_API_SECRET = '<sns-credentials0-api-secret>'
|
|
61
|
+
SNS_CREDENTIALS = [ Authlete::Model::SnsCredentials.new(sns: SNS_CREDENTIALS_SNS, apiKey: SNS_CREDENTIALS_API_KEY, apiSecret: SNS_CREDENTIALS_API_SECRET) ]
|
|
62
|
+
CREATED_AT = 10000
|
|
63
|
+
MODIFIED_AT = 10000
|
|
64
|
+
DEVELOPER_AUTHENTICATION_CALLBACK_ENDPOINT = '<developer-authentication-callback-endpoint>'
|
|
65
|
+
DEVELOPER_AUTHENTICATION_CALLBACK_API_KEY = '<developer-authentication-callback-api-key>'
|
|
66
|
+
DEVELOPER_AUTHENTICATION_CALLBACK_API_SECRET = '<developer-authentication-callback-api-secret>'
|
|
67
|
+
SUPPORTED_DEVELOPER_SNSES = [ 'FACEBOOK' ]
|
|
68
|
+
DEVELOPER_SNS_CREDENTIALS_SNS = 'FACEBOOK'
|
|
69
|
+
DEVELOPER_SNS_CREDENTIALS_API_KEY = '<developer-sns-credentials0-api-key>'
|
|
70
|
+
DEVELOPER_SNS_CREDENTIALS_API_SECRET = '<developer-sns-credentials0-api-secret>'
|
|
71
|
+
DEVELOPER_SNS_CREDENTIALS = [ Authlete::Model::SnsCredentials.new(sns: DEVELOPER_SNS_CREDENTIALS_SNS, apiKey: DEVELOPER_SNS_CREDENTIALS_API_KEY, apiSecret: DEVELOPER_SNS_CREDENTIALS_API_SECRET) ]
|
|
72
|
+
CLIENTS_PER_DEVELOPER = 10
|
|
73
|
+
DIRECT_AUTHORIZATION_ENDPOINT_ENABLED = true
|
|
74
|
+
DIRECT_TOKEN_ENDPOINT_ENABLED = true
|
|
75
|
+
DIRECT_REVOCATION_ENDPOINT_ENABLED = true
|
|
76
|
+
DIRECT_USER_INFO_ENDPOINT_ENABLED = true
|
|
77
|
+
DIRECT_JWKS_ENDPOINT_ENABLED = true
|
|
78
|
+
DIRECT_INTROSPECTION_ENDPOINT_ENABLED = true
|
|
79
|
+
SINGLE_ACCESS_TOKEN_PER_SUBJECT = false
|
|
80
|
+
PKCE_REQUIRED = true
|
|
81
|
+
PKCE_S256_REQUIRED = true
|
|
82
|
+
REFRESH_TOKEN_KEPT = true
|
|
83
|
+
REFRESH_TOKEN_DURATION_KEPT = true
|
|
84
|
+
ERROR_DESCRIPTION_OMITTED = false
|
|
85
|
+
ERROR_URI_OMITTED = false
|
|
86
|
+
CLIENT_ID_ALIAS_ENABLED = true
|
|
87
|
+
SUPPORTED_SERVICE_PROFILES = [ 'FAPI', 'OPEN_BANKING' ]
|
|
88
|
+
TLS_CLIENT_CERTIFICATE_BOUND_ACCESS_TOKENS = true
|
|
89
|
+
INTROSPECTION_ENDPOINT = '<introspection-endpoint>'
|
|
90
|
+
SUPPORTED_INTROSPECTION_AUTH_METHODS = [ 'NONE', 'CLIENT_SECRET_BASIC' ]
|
|
91
|
+
MUTUAL_TLS_VALIDATE_PKI_CERT_CHAIN = true
|
|
92
|
+
TRUSTED_ROOT_CERTIFICATES = [ '<trusted-root-certificate0>', '<trusted-root-certificate1>' ]
|
|
93
|
+
DYNAMIC_REGISTRATION_SUPPORTED = true
|
|
94
|
+
END_SESSION_ENDPOINT = '<end-session-endpoint>'
|
|
95
|
+
DESCRIPTION = '<description>'
|
|
96
|
+
ACCESS_TOKEN_TYPE = 'Bearer'
|
|
97
|
+
ACCESS_TOKEN_SIGN_ALG = 'HS256'
|
|
98
|
+
ACCESS_TOKEN_DURATION = 300
|
|
99
|
+
REFRESH_TOKEN_DURATION = 300
|
|
100
|
+
ID_TOKEN_DURATION = 300
|
|
101
|
+
AUTHORIZATION_RESPONSE_DURATION = 300
|
|
102
|
+
PUSHED_AUTH_REQ_DURATION = 300
|
|
103
|
+
METADATA_KEY = '<metadata0-key>'
|
|
104
|
+
METADATA_VALUE = '<metadata0-value>'
|
|
105
|
+
METADATA = [ Authlete::Model::Pair.new(key: METADATA_KEY, value: METADATA_VALUE) ]
|
|
106
|
+
ACCESS_TOKEN_SIGNATURE_KEY_ID = '<access-token-signature-key-id>'
|
|
107
|
+
AUTHORIZATION_SIGNATURE_KEY_ID = '<authorization-signature-key-id>'
|
|
108
|
+
ID_TOKEN_SIGNATURE_KEY_ID = '<id-token-signature-key-id>'
|
|
109
|
+
USER_INFO_SIGNATURE_KEY_ID = '<user-info-signature-key-id>'
|
|
110
|
+
SUPPORTED_BACKCHANNEL_TOKEN_DELIVERY_MODES = [ 'POLL', 'PING', 'PUSH' ]
|
|
111
|
+
BACKCHANNEL_AUTHENTICATION_ENDPOINT = '<backchannel-authentication-endpoint>'
|
|
112
|
+
BACKCHANNEL_USER_CODE_PARAMETER_SUPPORTED = true
|
|
113
|
+
BACKCHANNEL_AUTH_REQ_ID_DURATION = 300
|
|
114
|
+
BACKCHANNEL_POLLING_INTERVAL = 10
|
|
115
|
+
BACKCHANNEL_BINDING_MESSAGE_REQUIRED_IN_FAPI = true
|
|
116
|
+
ALLOWABLE_CLOCK_SKEW = 100
|
|
117
|
+
DEVICE_AUTHORIZATION_ENDPOINT = '<device-authorization-endpoint>'
|
|
118
|
+
DEVICE_VERIFICATION_URI = '<device-verification-uri>'
|
|
119
|
+
DEVICE_VERIFICATION_URI_COMPLETE = '<device-verification-uri-complete>'
|
|
120
|
+
DEVICE_FLOW_CODE_DURATION = 300
|
|
121
|
+
DEVICE_FLOW_POLLING_INTERVAL = 10
|
|
122
|
+
USER_CODE_CHARSET = 'BASE20'
|
|
123
|
+
USER_CODE_LENGTH = 100
|
|
124
|
+
PUSHED_AUTH_REQ_ENDPOINT = '<pushed-auth-req-endpoint>'
|
|
125
|
+
MTLS_ENDPOINT_ALIAS_NAME = '<mtls-endpoint-alias0-name>'
|
|
126
|
+
MTLS_ENDPOINT_ALIAS_URI = '<mtls-endpoint-alias0-uri>'
|
|
127
|
+
MTLS_ENDPOINT_ALIASES = [ Authlete::Model::NamedUri.new(name: MTLS_ENDPOINT_ALIAS_NAME, uri: MTLS_ENDPOINT_ALIAS_URI) ]
|
|
128
|
+
SUPPORTED_AUTHORIZATION_DETAILS_TYPES = [ '<supported-authorization-details-type0>', '<supported-authorization-details-type1>' ]
|
|
129
|
+
SUPPORTED_TRUST_FRAMEWORKS = [ '<supported-trust-framework0>', '<supported-trust-framework1>' ]
|
|
130
|
+
SUPPORTED_EVIDENCE = [ '<supported-evidence0>', '<supported-evidence1>' ]
|
|
131
|
+
SUPPORTED_IDENTITY_DOCUMENTS = [ '<supported-identity-document0>', '<supported-identity-document1>' ]
|
|
132
|
+
SUPPORTED_VERIFICATION_METHODS = [ '<supported-verification-method0>', '<supported-verification-method1>' ]
|
|
133
|
+
SUPPORTED_VERIFIED_CLAIMS = [ '<supported-verified-claim0>', '<supported-verified-claim1>' ]
|
|
134
|
+
MISSING_CLIENT_ID_ALLOWED = false
|
|
135
|
+
PAR_REQUIRED = false
|
|
136
|
+
REQUEST_OBJECT_REQUIRED = true
|
|
137
|
+
TRADITIONAL_REQUEST_OBJECT_PROCESSING_APPLIED = false
|
|
138
|
+
CLAIM_SHORTCUT_RESTRICTIVE = false
|
|
139
|
+
SCOPE_REQUIRED = true
|
|
140
|
+
NBF_OPTIONAL = true
|
|
141
|
+
ISS_SUPPRESSED = false
|
|
142
|
+
ATTRIBUTE_KEY = '<attribute0-key>'
|
|
143
|
+
ATTRIBUTE_VALUE = '<attribute0-value>'
|
|
144
|
+
ATTRIBUTES = [ Authlete::Model::Pair.new(key: ATTRIBUTE_KEY, value: ATTRIBUTE_VALUE) ]
|
|
145
|
+
SUPPORTED_CUSTOM_CLIENT_METADATA = [ '<supported-custom-client-metadata0>', '<supported-custom-client-metadata1>' ]
|
|
146
|
+
TOKEN_EXPIRATION_LINKED = false
|
|
147
|
+
FRONT_CHANNEL_REQUEST_OBJECT_ENCRYPTION_REQUIRED = false
|
|
148
|
+
REQUEST_OBJECT_ENCRYPTION_ALG_MATCH_REQUIRED = false
|
|
149
|
+
REQUEST_OBJECT_ENCRYPTION_ENC_MATCH_REQUIRED = false
|
|
147
150
|
|
|
148
151
|
|
|
149
152
|
def generate_json
|
|
150
153
|
return <<~JSON
|
|
151
154
|
{
|
|
152
|
-
"number":
|
|
153
|
-
"serviceOwnerNumber":
|
|
154
|
-
"serviceName":
|
|
155
|
-
"apiKey":
|
|
156
|
-
"apiSecret":
|
|
157
|
-
"issuer":
|
|
158
|
-
"authorizationEndpoint":
|
|
159
|
-
"tokenEndpoint":
|
|
160
|
-
"revocationEndpoint":
|
|
161
|
-
"supportedRevocationAuthMethods":
|
|
162
|
-
"userInfoEndpoint":
|
|
163
|
-
"jwksUri":
|
|
164
|
-
"jwks":
|
|
165
|
-
"registrationEndpoint":
|
|
166
|
-
"registrationManagementEndpoint":
|
|
167
|
-
"supportedScopes":
|
|
168
|
-
"supportedResponseTypes":
|
|
169
|
-
"supportedGrantTypes":
|
|
170
|
-
"supportedAcrs":
|
|
171
|
-
"supportedTokenAuthMethods":
|
|
172
|
-
"supportedDisplays":
|
|
173
|
-
"supportedClaimTypes":
|
|
174
|
-
"supportedClaims":
|
|
175
|
-
"serviceDocumentation":
|
|
176
|
-
"supportedClaimLocales":
|
|
177
|
-
"supportedUiLocales":
|
|
178
|
-
"policyUri":
|
|
179
|
-
"tosUri":
|
|
180
|
-
"authenticationCallbackEndpoint":
|
|
181
|
-
"authenticationCallbackApiKey":
|
|
182
|
-
"authenticationCallbackApiSecret":
|
|
183
|
-
"supportedSnses":
|
|
184
|
-
"snsCredentials":
|
|
185
|
-
"createdAt":
|
|
186
|
-
"modifiedAt":
|
|
187
|
-
"developerAuthenticationCallbackEndpoint":
|
|
188
|
-
"developerAuthenticationCallbackApiKey":
|
|
189
|
-
"developerAuthenticationCallbackApiSecret":
|
|
190
|
-
"supportedDeveloperSnses":
|
|
191
|
-
"developerSnsCredentials":
|
|
192
|
-
"clientsPerDeveloper":
|
|
193
|
-
"directAuthorizationEndpointEnabled":
|
|
194
|
-
"directTokenEndpointEnabled":
|
|
195
|
-
"directRevocationEndpointEnabled":
|
|
196
|
-
"directUserInfoEndpointEnabled":
|
|
197
|
-
"directJwksEndpointEnabled":
|
|
198
|
-
"directIntrospectionEndpointEnabled":
|
|
199
|
-
"singleAccessTokenPerSubject":
|
|
200
|
-
"pkceRequired":
|
|
201
|
-
"pkceS256Required":
|
|
202
|
-
"refreshTokenKept":
|
|
203
|
-
"refreshTokenDurationKept":
|
|
204
|
-
"errorDescriptionOmitted":
|
|
205
|
-
"errorUriOmitted":
|
|
206
|
-
"clientIdAliasEnabled":
|
|
207
|
-
"supportedServiceProfiles":
|
|
208
|
-
"tlsClientCertificateBoundAccessTokens":
|
|
209
|
-
"introspectionEndpoint":
|
|
210
|
-
"supportedIntrospectionAuthMethods":
|
|
211
|
-
"mutualTlsValidatePkiCertChain":
|
|
212
|
-
"trustedRootCertificates":
|
|
213
|
-
"dynamicRegistrationSupported":
|
|
214
|
-
"endSessionEndpoint":
|
|
215
|
-
"description":
|
|
216
|
-
"accessTokenType":
|
|
217
|
-
"accessTokenSignAlg":
|
|
218
|
-
"accessTokenDuration":
|
|
219
|
-
"refreshTokenDuration":
|
|
220
|
-
"idTokenDuration":
|
|
221
|
-
"authorizationResponseDuration":
|
|
222
|
-
"pushedAuthReqDuration":
|
|
223
|
-
"metadata":
|
|
224
|
-
"accessTokenSignatureKeyId":
|
|
225
|
-
"authorizationSignatureKeyId":
|
|
226
|
-
"idTokenSignatureKeyId":
|
|
227
|
-
"userInfoSignatureKeyId":
|
|
228
|
-
"supportedBackchannelTokenDeliveryModes":
|
|
229
|
-
"backchannelAuthenticationEndpoint":
|
|
230
|
-
"backchannelUserCodeParameterSupported":
|
|
231
|
-
"backchannelAuthReqIdDuration":
|
|
232
|
-
"backchannelPollingInterval":
|
|
233
|
-
"backchannelBindingMessageRequiredInFapi":
|
|
234
|
-
"allowableClockSkew":
|
|
235
|
-
"deviceAuthorizationEndpoint":
|
|
236
|
-
"deviceVerificationUri":
|
|
237
|
-
"deviceVerificationUriComplete":
|
|
238
|
-
"deviceFlowCodeDuration":
|
|
239
|
-
"deviceFlowPollingInterval":
|
|
240
|
-
"userCodeCharset":
|
|
241
|
-
"userCodeLength":
|
|
242
|
-
"pushedAuthReqEndpoint":
|
|
243
|
-
"mtlsEndpointAliases":
|
|
244
|
-
"supportedAuthorizationDetailsTypes":
|
|
245
|
-
"supportedTrustFrameworks":
|
|
246
|
-
"supportedEvidence":
|
|
247
|
-
"supportedIdentityDocuments":
|
|
248
|
-
"supportedVerificationMethods":
|
|
249
|
-
"supportedVerifiedClaims":
|
|
250
|
-
"missingClientIdAllowed":
|
|
251
|
-
"parRequired":
|
|
252
|
-
"requestObjectRequired":
|
|
253
|
-
"traditionalRequestObjectProcessingApplied":
|
|
254
|
-
"claimShortcutRestrictive":
|
|
255
|
-
"scopeRequired":
|
|
256
|
-
"nbfOptional":
|
|
257
|
-
"issSuppressed":
|
|
258
|
-
"attributes":
|
|
259
|
-
"supportedCustomClientMetadata":
|
|
260
|
-
"tokenExpirationLinked":
|
|
155
|
+
"number": 1000,
|
|
156
|
+
"serviceOwnerNumber": 12345,
|
|
157
|
+
"serviceName": "<service-name>",
|
|
158
|
+
"apiKey": "<api-key>",
|
|
159
|
+
"apiSecret": "<api-secret>",
|
|
160
|
+
"issuer": "<issuer>",
|
|
161
|
+
"authorizationEndpoint": "<authorization-endpoint>",
|
|
162
|
+
"tokenEndpoint": "<token-endpoint>",
|
|
163
|
+
"revocationEndpoint": "<revocation-endpoint>",
|
|
164
|
+
"supportedRevocationAuthMethods": [ "NONE", "CLIENT_SECRET_BASIC" ],
|
|
165
|
+
"userInfoEndpoint": "<user-info-endpoint>",
|
|
166
|
+
"jwksUri": "<jwks-uri>",
|
|
167
|
+
"jwks": "<jwks>",
|
|
168
|
+
"registrationEndpoint": "<registration-endpoint>",
|
|
169
|
+
"registrationManagementEndpoint": "<registration-management-endpoint>",
|
|
170
|
+
"supportedScopes": [ { "name": "scope0", "description": "<scope0-description>" } ],
|
|
171
|
+
"supportedResponseTypes": [ "NONE", "CODE", "TOKEN", "ID_TOKEN" ],
|
|
172
|
+
"supportedGrantTypes": [ "AUTHORIZATION_CODE", "REFRESH_TOKEN" ],
|
|
173
|
+
"supportedAcrs": [ "<supported-acr0>", "<supported-acr1>" ],
|
|
174
|
+
"supportedTokenAuthMethods": [ "NONE", "CLIENT_SECRET_BASIC" ],
|
|
175
|
+
"supportedDisplays": [ "PAGE", "POPUP", "TOUCH", "WAP" ],
|
|
176
|
+
"supportedClaimTypes": [ "NORMAL" ],
|
|
177
|
+
"supportedClaims": [ "<supported-claim0>", "<supported-claim1>" ],
|
|
178
|
+
"serviceDocumentation": "<service-documentation>",
|
|
179
|
+
"supportedClaimLocales": [ "en-US" ],
|
|
180
|
+
"supportedUiLocales": [ "en-US" ],
|
|
181
|
+
"policyUri": "<policy-uri>",
|
|
182
|
+
"tosUri": "<tos-uri>",
|
|
183
|
+
"authenticationCallbackEndpoint": "<authentication-callback-endpoint>",
|
|
184
|
+
"authenticationCallbackApiKey": "<authentication-callback-api-key>",
|
|
185
|
+
"authenticationCallbackApiSecret": "<authentication-callback-api-secret>",
|
|
186
|
+
"supportedSnses": [ "FACEBOOK" ],
|
|
187
|
+
"snsCredentials": [ { "sns": "FACEBOOK", "apiKey": "<sns-credentials0-api-key>", "apiSecret": "<sns-credentials0-api-secret>" } ],
|
|
188
|
+
"createdAt": 10000,
|
|
189
|
+
"modifiedAt": 10000,
|
|
190
|
+
"developerAuthenticationCallbackEndpoint": "<developer-authentication-callback-endpoint>",
|
|
191
|
+
"developerAuthenticationCallbackApiKey": "<developer-authentication-callback-api-key>",
|
|
192
|
+
"developerAuthenticationCallbackApiSecret": "<developer-authentication-callback-api-secret>",
|
|
193
|
+
"supportedDeveloperSnses": [ "FACEBOOK" ],
|
|
194
|
+
"developerSnsCredentials": [ { "sns": "FACEBOOK", "apiKey": "<developer-sns-credentials0-api-key>", "apiSecret": "<developer-sns-credentials0-api-secret>" } ],
|
|
195
|
+
"clientsPerDeveloper": 10,
|
|
196
|
+
"directAuthorizationEndpointEnabled": true,
|
|
197
|
+
"directTokenEndpointEnabled": true,
|
|
198
|
+
"directRevocationEndpointEnabled": true,
|
|
199
|
+
"directUserInfoEndpointEnabled": true,
|
|
200
|
+
"directJwksEndpointEnabled": true,
|
|
201
|
+
"directIntrospectionEndpointEnabled": true,
|
|
202
|
+
"singleAccessTokenPerSubject": false,
|
|
203
|
+
"pkceRequired": true,
|
|
204
|
+
"pkceS256Required": true,
|
|
205
|
+
"refreshTokenKept": true,
|
|
206
|
+
"refreshTokenDurationKept": true,
|
|
207
|
+
"errorDescriptionOmitted": false,
|
|
208
|
+
"errorUriOmitted": false,
|
|
209
|
+
"clientIdAliasEnabled": true,
|
|
210
|
+
"supportedServiceProfiles": [ "FAPI", "OPEN_BANKING" ],
|
|
211
|
+
"tlsClientCertificateBoundAccessTokens": true,
|
|
212
|
+
"introspectionEndpoint": "<introspection-endpoint>",
|
|
213
|
+
"supportedIntrospectionAuthMethods": [ "NONE", "CLIENT_SECRET_BASIC" ],
|
|
214
|
+
"mutualTlsValidatePkiCertChain": true,
|
|
215
|
+
"trustedRootCertificates": [ "<trusted-root-certificate0>", "<trusted-root-certificate1>" ],
|
|
216
|
+
"dynamicRegistrationSupported": true,
|
|
217
|
+
"endSessionEndpoint": "<end-session-endpoint>",
|
|
218
|
+
"description": "<description>",
|
|
219
|
+
"accessTokenType": "Bearer",
|
|
220
|
+
"accessTokenSignAlg": "HS256",
|
|
221
|
+
"accessTokenDuration": 300,
|
|
222
|
+
"refreshTokenDuration": 300,
|
|
223
|
+
"idTokenDuration": 300,
|
|
224
|
+
"authorizationResponseDuration": 300,
|
|
225
|
+
"pushedAuthReqDuration": 300,
|
|
226
|
+
"metadata": [ { "key": "<metadata0-key>", "value": "<metadata0-value>" } ],
|
|
227
|
+
"accessTokenSignatureKeyId": "<access-token-signature-key-id>",
|
|
228
|
+
"authorizationSignatureKeyId": "<authorization-signature-key-id>",
|
|
229
|
+
"idTokenSignatureKeyId": "<id-token-signature-key-id>",
|
|
230
|
+
"userInfoSignatureKeyId": "<user-info-signature-key-id>",
|
|
231
|
+
"supportedBackchannelTokenDeliveryModes": [ "POLL", "PING", "PUSH" ],
|
|
232
|
+
"backchannelAuthenticationEndpoint": "<backchannel-authentication-endpoint>",
|
|
233
|
+
"backchannelUserCodeParameterSupported": true,
|
|
234
|
+
"backchannelAuthReqIdDuration": 300,
|
|
235
|
+
"backchannelPollingInterval": 10,
|
|
236
|
+
"backchannelBindingMessageRequiredInFapi": true,
|
|
237
|
+
"allowableClockSkew": 100,
|
|
238
|
+
"deviceAuthorizationEndpoint": "<device-authorization-endpoint>",
|
|
239
|
+
"deviceVerificationUri": "<device-verification-uri>",
|
|
240
|
+
"deviceVerificationUriComplete": "<device-verification-uri-complete>",
|
|
241
|
+
"deviceFlowCodeDuration": 300,
|
|
242
|
+
"deviceFlowPollingInterval": 10,
|
|
243
|
+
"userCodeCharset": "BASE20",
|
|
244
|
+
"userCodeLength": 100,
|
|
245
|
+
"pushedAuthReqEndpoint": "<pushed-auth-req-endpoint>",
|
|
246
|
+
"mtlsEndpointAliases": [ { "name": "<mtls-endpoint-alias0-name>", "uri": "<mtls-endpoint-alias0-uri>" } ],
|
|
247
|
+
"supportedAuthorizationDetailsTypes": [ "<supported-authorization-details-type0>", "<supported-authorization-details-type1>" ],
|
|
248
|
+
"supportedTrustFrameworks": [ "<supported-trust-framework0>", "<supported-trust-framework1>" ],
|
|
249
|
+
"supportedEvidence": [ "<supported-evidence0>", "<supported-evidence1>" ],
|
|
250
|
+
"supportedIdentityDocuments": [ "<supported-identity-document0>", "<supported-identity-document1>" ],
|
|
251
|
+
"supportedVerificationMethods": [ "<supported-verification-method0>", "<supported-verification-method1>" ],
|
|
252
|
+
"supportedVerifiedClaims": [ "<supported-verified-claim0>", "<supported-verified-claim1>" ],
|
|
253
|
+
"missingClientIdAllowed": false,
|
|
254
|
+
"parRequired": false,
|
|
255
|
+
"requestObjectRequired": true,
|
|
256
|
+
"traditionalRequestObjectProcessingApplied": false,
|
|
257
|
+
"claimShortcutRestrictive": false,
|
|
258
|
+
"scopeRequired": true,
|
|
259
|
+
"nbfOptional": true,
|
|
260
|
+
"issSuppressed": false,
|
|
261
|
+
"attributes": [{ "key": "<attribute0-key>", "value": "<attribute0-value>" }],
|
|
262
|
+
"supportedCustomClientMetadata": [ "<supported-custom-client-metadata0>", "<supported-custom-client-metadata1>" ],
|
|
263
|
+
"tokenExpirationLinked": false,
|
|
264
|
+
"frontChannelRequestObjectEncryptionRequired": false,
|
|
265
|
+
"requestObjectEncryptionAlgMatchRequired": false,
|
|
266
|
+
"requestObjectEncryptionEncMatchRequired": false
|
|
261
267
|
}
|
|
262
268
|
JSON
|
|
263
269
|
end
|
|
@@ -265,115 +271,118 @@ class ServiceTest < Minitest::Test
|
|
|
265
271
|
|
|
266
272
|
def generate_hash
|
|
267
273
|
{
|
|
268
|
-
number:
|
|
269
|
-
serviceOwnerNumber:
|
|
270
|
-
serviceName:
|
|
271
|
-
apiKey:
|
|
272
|
-
apiSecret:
|
|
273
|
-
issuer:
|
|
274
|
-
authorizationEndpoint:
|
|
275
|
-
tokenEndpoint:
|
|
276
|
-
revocationEndpoint:
|
|
277
|
-
supportedRevocationAuthMethods:
|
|
278
|
-
userInfoEndpoint:
|
|
279
|
-
jwksUri:
|
|
280
|
-
jwks:
|
|
281
|
-
registrationEndpoint:
|
|
282
|
-
registrationManagementEndpoint:
|
|
283
|
-
supportedScopes:
|
|
284
|
-
supportedResponseTypes:
|
|
285
|
-
supportedGrantTypes:
|
|
286
|
-
supportedAcrs:
|
|
287
|
-
supportedTokenAuthMethods:
|
|
288
|
-
supportedDisplays:
|
|
289
|
-
supportedClaimTypes:
|
|
290
|
-
supportedClaims:
|
|
291
|
-
serviceDocumentation:
|
|
292
|
-
supportedClaimLocales:
|
|
293
|
-
supportedUiLocales:
|
|
294
|
-
policyUri:
|
|
295
|
-
tosUri:
|
|
296
|
-
authenticationCallbackEndpoint:
|
|
297
|
-
authenticationCallbackApiKey:
|
|
298
|
-
authenticationCallbackApiSecret:
|
|
299
|
-
supportedSnses:
|
|
300
|
-
snsCredentials:
|
|
301
|
-
createdAt:
|
|
302
|
-
modifiedAt:
|
|
303
|
-
developerAuthenticationCallbackEndpoint:
|
|
304
|
-
developerAuthenticationCallbackApiKey:
|
|
305
|
-
developerAuthenticationCallbackApiSecret:
|
|
306
|
-
supportedDeveloperSnses:
|
|
307
|
-
developerSnsCredentials:
|
|
308
|
-
clientsPerDeveloper:
|
|
309
|
-
directAuthorizationEndpointEnabled:
|
|
310
|
-
directTokenEndpointEnabled:
|
|
311
|
-
directRevocationEndpointEnabled:
|
|
312
|
-
directUserInfoEndpointEnabled:
|
|
313
|
-
directJwksEndpointEnabled:
|
|
314
|
-
directIntrospectionEndpointEnabled:
|
|
315
|
-
singleAccessTokenPerSubject:
|
|
316
|
-
pkceRequired:
|
|
317
|
-
pkceS256Required:
|
|
318
|
-
refreshTokenKept:
|
|
319
|
-
refreshTokenDurationKept:
|
|
320
|
-
errorDescriptionOmitted:
|
|
321
|
-
errorUriOmitted:
|
|
322
|
-
clientIdAliasEnabled:
|
|
323
|
-
supportedServiceProfiles:
|
|
324
|
-
tlsClientCertificateBoundAccessTokens:
|
|
325
|
-
introspectionEndpoint:
|
|
326
|
-
supportedIntrospectionAuthMethods:
|
|
327
|
-
mutualTlsValidatePkiCertChain:
|
|
328
|
-
trustedRootCertificates:
|
|
329
|
-
dynamicRegistrationSupported:
|
|
330
|
-
endSessionEndpoint:
|
|
331
|
-
description:
|
|
332
|
-
accessTokenType:
|
|
333
|
-
accessTokenSignAlg:
|
|
334
|
-
accessTokenDuration:
|
|
335
|
-
refreshTokenDuration:
|
|
336
|
-
idTokenDuration:
|
|
337
|
-
authorizationResponseDuration:
|
|
338
|
-
pushedAuthReqDuration:
|
|
339
|
-
metadata:
|
|
340
|
-
accessTokenSignatureKeyId:
|
|
341
|
-
authorizationSignatureKeyId:
|
|
342
|
-
idTokenSignatureKeyId:
|
|
343
|
-
userInfoSignatureKeyId:
|
|
344
|
-
supportedBackchannelTokenDeliveryModes:
|
|
345
|
-
backchannelAuthenticationEndpoint:
|
|
346
|
-
backchannelUserCodeParameterSupported:
|
|
347
|
-
backchannelAuthReqIdDuration:
|
|
348
|
-
backchannelPollingInterval:
|
|
349
|
-
backchannelBindingMessageRequiredInFapi:
|
|
350
|
-
allowableClockSkew:
|
|
351
|
-
deviceAuthorizationEndpoint:
|
|
352
|
-
deviceVerificationUri:
|
|
353
|
-
deviceVerificationUriComplete:
|
|
354
|
-
deviceFlowCodeDuration:
|
|
355
|
-
deviceFlowPollingInterval:
|
|
356
|
-
userCodeCharset:
|
|
357
|
-
userCodeLength:
|
|
358
|
-
pushedAuthReqEndpoint:
|
|
359
|
-
mtlsEndpointAliases:
|
|
360
|
-
supportedAuthorizationDetailsTypes:
|
|
361
|
-
supportedTrustFrameworks:
|
|
362
|
-
supportedEvidence:
|
|
363
|
-
supportedIdentityDocuments:
|
|
364
|
-
supportedVerificationMethods:
|
|
365
|
-
supportedVerifiedClaims:
|
|
366
|
-
missingClientIdAllowed:
|
|
367
|
-
parRequired:
|
|
368
|
-
requestObjectRequired:
|
|
369
|
-
traditionalRequestObjectProcessingApplied:
|
|
370
|
-
claimShortcutRestrictive:
|
|
371
|
-
scopeRequired:
|
|
372
|
-
nbfOptional:
|
|
373
|
-
issSuppressed:
|
|
374
|
-
attributes:
|
|
375
|
-
supportedCustomClientMetadata:
|
|
376
|
-
tokenExpirationLinked:
|
|
274
|
+
number: 1000,
|
|
275
|
+
serviceOwnerNumber: 12345,
|
|
276
|
+
serviceName: '<service-name>',
|
|
277
|
+
apiKey: '<api-key>',
|
|
278
|
+
apiSecret: '<api-secret>',
|
|
279
|
+
issuer: '<issuer>',
|
|
280
|
+
authorizationEndpoint: '<authorization-endpoint>',
|
|
281
|
+
tokenEndpoint: '<token-endpoint>',
|
|
282
|
+
revocationEndpoint: '<revocation-endpoint>',
|
|
283
|
+
supportedRevocationAuthMethods: [ 'NONE', 'CLIENT_SECRET_BASIC' ],
|
|
284
|
+
userInfoEndpoint: '<user-info-endpoint>',
|
|
285
|
+
jwksUri: '<jwks-uri>',
|
|
286
|
+
jwks: '<jwks>',
|
|
287
|
+
registrationEndpoint: '<registration-endpoint>',
|
|
288
|
+
registrationManagementEndpoint: '<registration-management-endpoint>',
|
|
289
|
+
supportedScopes: [ { name: 'scope0', description: '<scope0-description>', defaultEntry: false, descriptions: nil, attributes: nil } ],
|
|
290
|
+
supportedResponseTypes: [ 'NONE', 'CODE', 'TOKEN', 'ID_TOKEN' ],
|
|
291
|
+
supportedGrantTypes: [ 'AUTHORIZATION_CODE', 'REFRESH_TOKEN' ],
|
|
292
|
+
supportedAcrs: [ '<supported-acr0>', '<supported-acr1>' ],
|
|
293
|
+
supportedTokenAuthMethods: [ 'NONE', 'CLIENT_SECRET_BASIC' ],
|
|
294
|
+
supportedDisplays: [ 'PAGE', 'POPUP', 'TOUCH', 'WAP' ],
|
|
295
|
+
supportedClaimTypes: [ 'NORMAL' ],
|
|
296
|
+
supportedClaims: [ '<supported-claim0>', '<supported-claim1>' ],
|
|
297
|
+
serviceDocumentation: '<service-documentation>',
|
|
298
|
+
supportedClaimLocales: [ 'en-US' ],
|
|
299
|
+
supportedUiLocales: [ 'en-US' ],
|
|
300
|
+
policyUri: '<policy-uri>',
|
|
301
|
+
tosUri: '<tos-uri>',
|
|
302
|
+
authenticationCallbackEndpoint: '<authentication-callback-endpoint>',
|
|
303
|
+
authenticationCallbackApiKey: '<authentication-callback-api-key>',
|
|
304
|
+
authenticationCallbackApiSecret: '<authentication-callback-api-secret>',
|
|
305
|
+
supportedSnses: [ 'FACEBOOK' ],
|
|
306
|
+
snsCredentials: [ { sns: 'FACEBOOK', apiKey: '<sns-credentials0-api-key>', apiSecret: '<sns-credentials0-api-secret>' } ],
|
|
307
|
+
createdAt: 10000,
|
|
308
|
+
modifiedAt: 10000,
|
|
309
|
+
developerAuthenticationCallbackEndpoint: '<developer-authentication-callback-endpoint>',
|
|
310
|
+
developerAuthenticationCallbackApiKey: '<developer-authentication-callback-api-key>',
|
|
311
|
+
developerAuthenticationCallbackApiSecret: '<developer-authentication-callback-api-secret>',
|
|
312
|
+
supportedDeveloperSnses: [ 'FACEBOOK' ],
|
|
313
|
+
developerSnsCredentials: [ { sns: 'FACEBOOK', apiKey: '<developer-sns-credentials0-api-key>', apiSecret: '<developer-sns-credentials0-api-secret>' } ],
|
|
314
|
+
clientsPerDeveloper: 10,
|
|
315
|
+
directAuthorizationEndpointEnabled: true,
|
|
316
|
+
directTokenEndpointEnabled: true,
|
|
317
|
+
directRevocationEndpointEnabled: true,
|
|
318
|
+
directUserInfoEndpointEnabled: true,
|
|
319
|
+
directJwksEndpointEnabled: true,
|
|
320
|
+
directIntrospectionEndpointEnabled: true,
|
|
321
|
+
singleAccessTokenPerSubject: false,
|
|
322
|
+
pkceRequired: true,
|
|
323
|
+
pkceS256Required: true,
|
|
324
|
+
refreshTokenKept: true,
|
|
325
|
+
refreshTokenDurationKept: true,
|
|
326
|
+
errorDescriptionOmitted: false,
|
|
327
|
+
errorUriOmitted: false,
|
|
328
|
+
clientIdAliasEnabled: true,
|
|
329
|
+
supportedServiceProfiles: [ 'FAPI', 'OPEN_BANKING' ],
|
|
330
|
+
tlsClientCertificateBoundAccessTokens: true,
|
|
331
|
+
introspectionEndpoint: '<introspection-endpoint>',
|
|
332
|
+
supportedIntrospectionAuthMethods: [ 'NONE', 'CLIENT_SECRET_BASIC' ],
|
|
333
|
+
mutualTlsValidatePkiCertChain: true,
|
|
334
|
+
trustedRootCertificates: [ '<trusted-root-certificate0>', '<trusted-root-certificate1>' ],
|
|
335
|
+
dynamicRegistrationSupported: true,
|
|
336
|
+
endSessionEndpoint: '<end-session-endpoint>',
|
|
337
|
+
description: '<description>',
|
|
338
|
+
accessTokenType: 'Bearer',
|
|
339
|
+
accessTokenSignAlg: 'HS256',
|
|
340
|
+
accessTokenDuration: 300,
|
|
341
|
+
refreshTokenDuration: 300,
|
|
342
|
+
idTokenDuration: 300,
|
|
343
|
+
authorizationResponseDuration: 300,
|
|
344
|
+
pushedAuthReqDuration: 300,
|
|
345
|
+
metadata: [ { key: '<metadata0-key>', value: '<metadata0-value>' } ],
|
|
346
|
+
accessTokenSignatureKeyId: '<access-token-signature-key-id>',
|
|
347
|
+
authorizationSignatureKeyId: '<authorization-signature-key-id>',
|
|
348
|
+
idTokenSignatureKeyId: '<id-token-signature-key-id>',
|
|
349
|
+
userInfoSignatureKeyId: '<user-info-signature-key-id>',
|
|
350
|
+
supportedBackchannelTokenDeliveryModes: [ 'POLL', 'PING', 'PUSH' ],
|
|
351
|
+
backchannelAuthenticationEndpoint: '<backchannel-authentication-endpoint>',
|
|
352
|
+
backchannelUserCodeParameterSupported: true,
|
|
353
|
+
backchannelAuthReqIdDuration: 300,
|
|
354
|
+
backchannelPollingInterval: 10,
|
|
355
|
+
backchannelBindingMessageRequiredInFapi: true,
|
|
356
|
+
allowableClockSkew: 100,
|
|
357
|
+
deviceAuthorizationEndpoint: '<device-authorization-endpoint>',
|
|
358
|
+
deviceVerificationUri: '<device-verification-uri>',
|
|
359
|
+
deviceVerificationUriComplete: '<device-verification-uri-complete>',
|
|
360
|
+
deviceFlowCodeDuration: 300,
|
|
361
|
+
deviceFlowPollingInterval: 10,
|
|
362
|
+
userCodeCharset: 'BASE20',
|
|
363
|
+
userCodeLength: 100,
|
|
364
|
+
pushedAuthReqEndpoint: '<pushed-auth-req-endpoint>',
|
|
365
|
+
mtlsEndpointAliases: [ { name: '<mtls-endpoint-alias0-name>', uri: '<mtls-endpoint-alias0-uri>' } ],
|
|
366
|
+
supportedAuthorizationDetailsTypes: [ '<supported-authorization-details-type0>', '<supported-authorization-details-type1>' ],
|
|
367
|
+
supportedTrustFrameworks: [ '<supported-trust-framework0>', '<supported-trust-framework1>' ],
|
|
368
|
+
supportedEvidence: [ '<supported-evidence0>', '<supported-evidence1>' ],
|
|
369
|
+
supportedIdentityDocuments: [ '<supported-identity-document0>', '<supported-identity-document1>' ],
|
|
370
|
+
supportedVerificationMethods: [ '<supported-verification-method0>', '<supported-verification-method1>' ],
|
|
371
|
+
supportedVerifiedClaims: [ '<supported-verified-claim0>', '<supported-verified-claim1>' ],
|
|
372
|
+
missingClientIdAllowed: false,
|
|
373
|
+
parRequired: false,
|
|
374
|
+
requestObjectRequired: true,
|
|
375
|
+
traditionalRequestObjectProcessingApplied: false,
|
|
376
|
+
claimShortcutRestrictive: false,
|
|
377
|
+
scopeRequired: true,
|
|
378
|
+
nbfOptional: true,
|
|
379
|
+
issSuppressed: false,
|
|
380
|
+
attributes: [{ key: '<attribute0-key>', value: '<attribute0-value>' }],
|
|
381
|
+
supportedCustomClientMetadata: [ '<supported-custom-client-metadata0>', '<supported-custom-client-metadata1>' ],
|
|
382
|
+
tokenExpirationLinked: false,
|
|
383
|
+
frontChannelRequestObjectEncryptionRequired: false,
|
|
384
|
+
requestObjectEncryptionAlgMatchRequired: false,
|
|
385
|
+
requestObjectEncryptionEncMatchRequired: false
|
|
377
386
|
}
|
|
378
387
|
end
|
|
379
388
|
|
|
@@ -488,127 +497,133 @@ class ServiceTest < Minitest::Test
|
|
|
488
497
|
obj.attributes = ATTRIBUTES
|
|
489
498
|
obj.supported_custom_client_metadata = SUPPORTED_CUSTOM_CLIENT_METADATA
|
|
490
499
|
obj.token_expiration_linked = TOKEN_EXPIRATION_LINKED
|
|
500
|
+
obj.frontChannelRequestObjectEncryptionRequired = FRONT_CHANNEL_REQUEST_OBJECT_ENCRYPTION_REQUIRED
|
|
501
|
+
obj.requestObjectEncryptionAlgMatchRequired = REQUEST_OBJECT_ENCRYPTION_ALG_MATCH_REQUIRED
|
|
502
|
+
obj.requestObjectEncryptionEncMatchRequired = REQUEST_OBJECT_ENCRYPTION_ENC_MATCH_REQUIRED
|
|
491
503
|
end
|
|
492
504
|
|
|
493
505
|
|
|
494
506
|
def match(obj)
|
|
495
|
-
assert_equal NUMBER,
|
|
496
|
-
assert_equal SERVICE_OWNER_NUMBER,
|
|
497
|
-
assert_equal SERVICE_NAME,
|
|
498
|
-
assert_equal API_KEY,
|
|
499
|
-
assert_equal API_SECRET,
|
|
500
|
-
assert_equal ISSUER,
|
|
501
|
-
assert_equal AUTHORIZATION_ENDPOINT,
|
|
502
|
-
assert_equal TOKEN_ENDPOINT,
|
|
503
|
-
assert_equal REVOCATION_ENDPOINT,
|
|
504
|
-
assert_equal SUPPORTED_REVOCATION_AUTH_METHODS,
|
|
505
|
-
assert_equal USER_INFO_ENDPOINT,
|
|
506
|
-
assert_equal JWKS_URI,
|
|
507
|
-
assert_equal JWKS,
|
|
508
|
-
assert_equal REGISTRATION_ENDPOINT,
|
|
509
|
-
assert_equal REGISTRATION_MANAGEMENT_ENDPOINT,
|
|
510
|
-
assert_equal SUPPORTED_SCOPE_NAME,
|
|
511
|
-
assert_equal SUPPORTED_SCOPE_DESCRIPTION,
|
|
512
|
-
assert_equal SUPPORTED_RESPONSE_TYPES,
|
|
513
|
-
assert_equal SUPPORTED_GRANT_TYPES,
|
|
514
|
-
assert_equal SUPPORTED_ACRS,
|
|
515
|
-
assert_equal SUPPORTED_TOKEN_AUTH_METHODS,
|
|
516
|
-
assert_equal SUPPORTED_DISPLAYS,
|
|
517
|
-
assert_equal SUPPORTED_CLAIM_TYPES,
|
|
518
|
-
assert_equal SUPPORTED_CLAIMS,
|
|
519
|
-
assert_equal SERVICE_DOCUMENTATION,
|
|
520
|
-
assert_equal SUPPORTED_CLAIM_LOCALES,
|
|
521
|
-
assert_equal SUPPORTED_UI_LOCALES,
|
|
522
|
-
assert_equal POLICY_URI,
|
|
523
|
-
assert_equal TOS_URI,
|
|
524
|
-
assert_equal AUTHENTICATION_CALLBACK_ENDPOINT,
|
|
525
|
-
assert_equal AUTHENTICATION_CALLBACK_API_KEY,
|
|
526
|
-
assert_equal AUTHENTICATION_CALLBACK_API_SECRET,
|
|
527
|
-
assert_equal SUPPORTED_SNSES,
|
|
528
|
-
assert_equal SNS_CREDENTIALS_SNS,
|
|
529
|
-
assert_equal SNS_CREDENTIALS_API_KEY,
|
|
530
|
-
assert_equal SNS_CREDENTIALS_API_SECRET,
|
|
531
|
-
assert_equal CREATED_AT,
|
|
532
|
-
assert_equal MODIFIED_AT,
|
|
533
|
-
assert_equal DEVELOPER_AUTHENTICATION_CALLBACK_ENDPOINT,
|
|
534
|
-
assert_equal DEVELOPER_AUTHENTICATION_CALLBACK_API_KEY,
|
|
535
|
-
assert_equal DEVELOPER_AUTHENTICATION_CALLBACK_API_SECRET,
|
|
536
|
-
assert_equal SUPPORTED_DEVELOPER_SNSES,
|
|
537
|
-
assert_equal DEVELOPER_SNS_CREDENTIALS_SNS,
|
|
538
|
-
assert_equal DEVELOPER_SNS_CREDENTIALS_API_KEY,
|
|
539
|
-
assert_equal DEVELOPER_SNS_CREDENTIALS_API_SECRET,
|
|
540
|
-
assert_equal CLIENTS_PER_DEVELOPER,
|
|
541
|
-
assert_equal DIRECT_AUTHORIZATION_ENDPOINT_ENABLED,
|
|
542
|
-
assert_equal DIRECT_TOKEN_ENDPOINT_ENABLED,
|
|
543
|
-
assert_equal DIRECT_REVOCATION_ENDPOINT_ENABLED,
|
|
544
|
-
assert_equal DIRECT_USER_INFO_ENDPOINT_ENABLED,
|
|
545
|
-
assert_equal DIRECT_JWKS_ENDPOINT_ENABLED,
|
|
546
|
-
assert_equal DIRECT_INTROSPECTION_ENDPOINT_ENABLED,
|
|
547
|
-
assert_equal SINGLE_ACCESS_TOKEN_PER_SUBJECT,
|
|
548
|
-
assert_equal PKCE_REQUIRED,
|
|
549
|
-
assert_equal PKCE_S256_REQUIRED,
|
|
550
|
-
assert_equal REFRESH_TOKEN_KEPT,
|
|
551
|
-
assert_equal REFRESH_TOKEN_DURATION_KEPT,
|
|
552
|
-
assert_equal ERROR_DESCRIPTION_OMITTED,
|
|
553
|
-
assert_equal ERROR_URI_OMITTED,
|
|
554
|
-
assert_equal CLIENT_ID_ALIAS_ENABLED,
|
|
555
|
-
assert_equal SUPPORTED_SERVICE_PROFILES,
|
|
556
|
-
assert_equal TLS_CLIENT_CERTIFICATE_BOUND_ACCESS_TOKENS,
|
|
557
|
-
assert_equal INTROSPECTION_ENDPOINT,
|
|
558
|
-
assert_equal SUPPORTED_INTROSPECTION_AUTH_METHODS,
|
|
559
|
-
assert_equal MUTUAL_TLS_VALIDATE_PKI_CERT_CHAIN,
|
|
560
|
-
assert_equal TRUSTED_ROOT_CERTIFICATES,
|
|
561
|
-
assert_equal DYNAMIC_REGISTRATION_SUPPORTED,
|
|
562
|
-
assert_equal END_SESSION_ENDPOINT,
|
|
563
|
-
assert_equal DESCRIPTION,
|
|
564
|
-
assert_equal ACCESS_TOKEN_TYPE,
|
|
565
|
-
assert_equal ACCESS_TOKEN_SIGN_ALG,
|
|
566
|
-
assert_equal ACCESS_TOKEN_DURATION,
|
|
567
|
-
assert_equal REFRESH_TOKEN_DURATION,
|
|
568
|
-
assert_equal ID_TOKEN_DURATION,
|
|
569
|
-
assert_equal AUTHORIZATION_RESPONSE_DURATION,
|
|
570
|
-
assert_equal PUSHED_AUTH_REQ_DURATION,
|
|
571
|
-
assert_equal METADATA_KEY,
|
|
572
|
-
assert_equal METADATA_VALUE,
|
|
573
|
-
assert_equal ACCESS_TOKEN_SIGNATURE_KEY_ID,
|
|
574
|
-
assert_equal AUTHORIZATION_SIGNATURE_KEY_ID,
|
|
575
|
-
assert_equal ID_TOKEN_SIGNATURE_KEY_ID,
|
|
576
|
-
assert_equal USER_INFO_SIGNATURE_KEY_ID,
|
|
577
|
-
assert_equal SUPPORTED_BACKCHANNEL_TOKEN_DELIVERY_MODES,
|
|
578
|
-
assert_equal BACKCHANNEL_AUTHENTICATION_ENDPOINT,
|
|
579
|
-
assert_equal BACKCHANNEL_USER_CODE_PARAMETER_SUPPORTED,
|
|
580
|
-
assert_equal BACKCHANNEL_AUTH_REQ_ID_DURATION,
|
|
581
|
-
assert_equal BACKCHANNEL_POLLING_INTERVAL,
|
|
582
|
-
assert_equal BACKCHANNEL_BINDING_MESSAGE_REQUIRED_IN_FAPI,
|
|
583
|
-
assert_equal ALLOWABLE_CLOCK_SKEW,
|
|
584
|
-
assert_equal DEVICE_AUTHORIZATION_ENDPOINT,
|
|
585
|
-
assert_equal DEVICE_VERIFICATION_URI,
|
|
586
|
-
assert_equal DEVICE_VERIFICATION_URI_COMPLETE,
|
|
587
|
-
assert_equal DEVICE_FLOW_CODE_DURATION,
|
|
588
|
-
assert_equal DEVICE_FLOW_POLLING_INTERVAL,
|
|
589
|
-
assert_equal USER_CODE_CHARSET,
|
|
590
|
-
assert_equal USER_CODE_LENGTH,
|
|
591
|
-
assert_equal PUSHED_AUTH_REQ_ENDPOINT,
|
|
592
|
-
assert_equal MTLS_ENDPOINT_ALIAS_NAME,
|
|
593
|
-
assert_equal MTLS_ENDPOINT_ALIAS_URI,
|
|
594
|
-
assert_equal SUPPORTED_AUTHORIZATION_DETAILS_TYPES,
|
|
595
|
-
assert_equal SUPPORTED_TRUST_FRAMEWORKS,
|
|
596
|
-
assert_equal SUPPORTED_EVIDENCE,
|
|
597
|
-
assert_equal SUPPORTED_IDENTITY_DOCUMENTS,
|
|
598
|
-
assert_equal SUPPORTED_VERIFICATION_METHODS,
|
|
599
|
-
assert_equal SUPPORTED_VERIFIED_CLAIMS,
|
|
600
|
-
assert_equal MISSING_CLIENT_ID_ALLOWED,
|
|
601
|
-
assert_equal PAR_REQUIRED,
|
|
602
|
-
assert_equal REQUEST_OBJECT_REQUIRED,
|
|
603
|
-
assert_equal TRADITIONAL_REQUEST_OBJECT_PROCESSING_APPLIED,
|
|
604
|
-
assert_equal CLAIM_SHORTCUT_RESTRICTIVE,
|
|
605
|
-
assert_equal SCOPE_REQUIRED,
|
|
606
|
-
assert_equal NBF_OPTIONAL,
|
|
607
|
-
assert_equal ISS_SUPPRESSED,
|
|
608
|
-
assert_equal ATTRIBUTE_KEY,
|
|
609
|
-
assert_equal ATTRIBUTE_VALUE,
|
|
610
|
-
assert_equal SUPPORTED_CUSTOM_CLIENT_METADATA,
|
|
611
|
-
assert_equal TOKEN_EXPIRATION_LINKED,
|
|
507
|
+
assert_equal NUMBER, obj.number
|
|
508
|
+
assert_equal SERVICE_OWNER_NUMBER, obj.serviceOwnerNumber
|
|
509
|
+
assert_equal SERVICE_NAME, obj.serviceName
|
|
510
|
+
assert_equal API_KEY, obj.apiKey
|
|
511
|
+
assert_equal API_SECRET, obj.apiSecret
|
|
512
|
+
assert_equal ISSUER, obj.issuer
|
|
513
|
+
assert_equal AUTHORIZATION_ENDPOINT, obj.authorizationEndpoint
|
|
514
|
+
assert_equal TOKEN_ENDPOINT, obj.tokenEndpoint
|
|
515
|
+
assert_equal REVOCATION_ENDPOINT, obj.revocationEndpoint
|
|
516
|
+
assert_equal SUPPORTED_REVOCATION_AUTH_METHODS, obj.supportedRevocationAuthMethods
|
|
517
|
+
assert_equal USER_INFO_ENDPOINT, obj.userInfoEndpoint
|
|
518
|
+
assert_equal JWKS_URI, obj.jwksUri
|
|
519
|
+
assert_equal JWKS, obj.jwks
|
|
520
|
+
assert_equal REGISTRATION_ENDPOINT, obj.registrationEndpoint
|
|
521
|
+
assert_equal REGISTRATION_MANAGEMENT_ENDPOINT, obj.registrationManagementEndpoint
|
|
522
|
+
assert_equal SUPPORTED_SCOPE_NAME, obj.supportedScopes[0].name
|
|
523
|
+
assert_equal SUPPORTED_SCOPE_DESCRIPTION, obj.supportedScopes[0].description
|
|
524
|
+
assert_equal SUPPORTED_RESPONSE_TYPES, obj.supportedResponseTypes
|
|
525
|
+
assert_equal SUPPORTED_GRANT_TYPES, obj.supportedGrantTypes
|
|
526
|
+
assert_equal SUPPORTED_ACRS, obj.supportedAcrs
|
|
527
|
+
assert_equal SUPPORTED_TOKEN_AUTH_METHODS, obj.supportedTokenAuthMethods
|
|
528
|
+
assert_equal SUPPORTED_DISPLAYS, obj.supportedDisplays
|
|
529
|
+
assert_equal SUPPORTED_CLAIM_TYPES, obj.supportedClaimTypes
|
|
530
|
+
assert_equal SUPPORTED_CLAIMS, obj.supportedClaims
|
|
531
|
+
assert_equal SERVICE_DOCUMENTATION, obj.serviceDocumentation
|
|
532
|
+
assert_equal SUPPORTED_CLAIM_LOCALES, obj.supportedClaimLocales
|
|
533
|
+
assert_equal SUPPORTED_UI_LOCALES, obj.supportedUiLocales
|
|
534
|
+
assert_equal POLICY_URI, obj.policyUri
|
|
535
|
+
assert_equal TOS_URI, obj.tosUri
|
|
536
|
+
assert_equal AUTHENTICATION_CALLBACK_ENDPOINT, obj.authenticationCallbackEndpoint
|
|
537
|
+
assert_equal AUTHENTICATION_CALLBACK_API_KEY, obj.authenticationCallbackApiKey
|
|
538
|
+
assert_equal AUTHENTICATION_CALLBACK_API_SECRET, obj.authenticationCallbackApiSecret
|
|
539
|
+
assert_equal SUPPORTED_SNSES, obj.supportedSnses
|
|
540
|
+
assert_equal SNS_CREDENTIALS_SNS, obj.snsCredentials[0].sns
|
|
541
|
+
assert_equal SNS_CREDENTIALS_API_KEY, obj.snsCredentials[0].apiKey
|
|
542
|
+
assert_equal SNS_CREDENTIALS_API_SECRET, obj.snsCredentials[0].apiSecret
|
|
543
|
+
assert_equal CREATED_AT, obj.createdAt
|
|
544
|
+
assert_equal MODIFIED_AT, obj.modifiedAt
|
|
545
|
+
assert_equal DEVELOPER_AUTHENTICATION_CALLBACK_ENDPOINT, obj.developerAuthenticationCallbackEndpoint
|
|
546
|
+
assert_equal DEVELOPER_AUTHENTICATION_CALLBACK_API_KEY, obj.developerAuthenticationCallbackApiKey
|
|
547
|
+
assert_equal DEVELOPER_AUTHENTICATION_CALLBACK_API_SECRET, obj.developerAuthenticationCallbackApiSecret
|
|
548
|
+
assert_equal SUPPORTED_DEVELOPER_SNSES, obj.supportedDeveloperSnses
|
|
549
|
+
assert_equal DEVELOPER_SNS_CREDENTIALS_SNS, obj.developerSnsCredentials[0].sns
|
|
550
|
+
assert_equal DEVELOPER_SNS_CREDENTIALS_API_KEY, obj.developerSnsCredentials[0].apiKey
|
|
551
|
+
assert_equal DEVELOPER_SNS_CREDENTIALS_API_SECRET, obj.developerSnsCredentials[0].apiSecret
|
|
552
|
+
assert_equal CLIENTS_PER_DEVELOPER, obj.clientsPerDeveloper
|
|
553
|
+
assert_equal DIRECT_AUTHORIZATION_ENDPOINT_ENABLED, obj.directAuthorizationEndpointEnabled
|
|
554
|
+
assert_equal DIRECT_TOKEN_ENDPOINT_ENABLED, obj.directTokenEndpointEnabled
|
|
555
|
+
assert_equal DIRECT_REVOCATION_ENDPOINT_ENABLED, obj.directRevocationEndpointEnabled
|
|
556
|
+
assert_equal DIRECT_USER_INFO_ENDPOINT_ENABLED, obj.directUserInfoEndpointEnabled
|
|
557
|
+
assert_equal DIRECT_JWKS_ENDPOINT_ENABLED, obj.directJwksEndpointEnabled
|
|
558
|
+
assert_equal DIRECT_INTROSPECTION_ENDPOINT_ENABLED, obj.directIntrospectionEndpointEnabled
|
|
559
|
+
assert_equal SINGLE_ACCESS_TOKEN_PER_SUBJECT, obj.singleAccessTokenPerSubject
|
|
560
|
+
assert_equal PKCE_REQUIRED, obj.pkceRequired
|
|
561
|
+
assert_equal PKCE_S256_REQUIRED, obj.pkceS256Required
|
|
562
|
+
assert_equal REFRESH_TOKEN_KEPT, obj.refreshTokenKept
|
|
563
|
+
assert_equal REFRESH_TOKEN_DURATION_KEPT, obj.refreshTokenDurationKept
|
|
564
|
+
assert_equal ERROR_DESCRIPTION_OMITTED, obj.errorDescriptionOmitted
|
|
565
|
+
assert_equal ERROR_URI_OMITTED, obj.errorUriOmitted
|
|
566
|
+
assert_equal CLIENT_ID_ALIAS_ENABLED, obj.clientIdAliasEnabled
|
|
567
|
+
assert_equal SUPPORTED_SERVICE_PROFILES, obj.supportedServiceProfiles
|
|
568
|
+
assert_equal TLS_CLIENT_CERTIFICATE_BOUND_ACCESS_TOKENS, obj.tlsClientCertificateBoundAccessTokens
|
|
569
|
+
assert_equal INTROSPECTION_ENDPOINT, obj.introspectionEndpoint
|
|
570
|
+
assert_equal SUPPORTED_INTROSPECTION_AUTH_METHODS, obj.supportedIntrospectionAuthMethods
|
|
571
|
+
assert_equal MUTUAL_TLS_VALIDATE_PKI_CERT_CHAIN, obj.mutualTlsValidatePkiCertChain
|
|
572
|
+
assert_equal TRUSTED_ROOT_CERTIFICATES, obj.trustedRootCertificates
|
|
573
|
+
assert_equal DYNAMIC_REGISTRATION_SUPPORTED, obj.dynamicRegistrationSupported
|
|
574
|
+
assert_equal END_SESSION_ENDPOINT, obj.endSessionEndpoint
|
|
575
|
+
assert_equal DESCRIPTION, obj.description
|
|
576
|
+
assert_equal ACCESS_TOKEN_TYPE, obj.accessTokenType
|
|
577
|
+
assert_equal ACCESS_TOKEN_SIGN_ALG, obj.accessTokenSignAlg
|
|
578
|
+
assert_equal ACCESS_TOKEN_DURATION, obj.accessTokenDuration
|
|
579
|
+
assert_equal REFRESH_TOKEN_DURATION, obj.refreshTokenDuration
|
|
580
|
+
assert_equal ID_TOKEN_DURATION, obj.idTokenDuration
|
|
581
|
+
assert_equal AUTHORIZATION_RESPONSE_DURATION, obj.authorizationResponseDuration
|
|
582
|
+
assert_equal PUSHED_AUTH_REQ_DURATION, obj.pushedAuthReqDuration
|
|
583
|
+
assert_equal METADATA_KEY, obj.metadata[0].key
|
|
584
|
+
assert_equal METADATA_VALUE, obj.metadata[0].value
|
|
585
|
+
assert_equal ACCESS_TOKEN_SIGNATURE_KEY_ID, obj.accessTokenSignatureKeyId
|
|
586
|
+
assert_equal AUTHORIZATION_SIGNATURE_KEY_ID, obj.authorizationSignatureKeyId
|
|
587
|
+
assert_equal ID_TOKEN_SIGNATURE_KEY_ID, obj.idTokenSignatureKeyId
|
|
588
|
+
assert_equal USER_INFO_SIGNATURE_KEY_ID, obj.userInfoSignatureKeyId
|
|
589
|
+
assert_equal SUPPORTED_BACKCHANNEL_TOKEN_DELIVERY_MODES, obj.supportedBackchannelTokenDeliveryModes
|
|
590
|
+
assert_equal BACKCHANNEL_AUTHENTICATION_ENDPOINT, obj.backchannelAuthenticationEndpoint
|
|
591
|
+
assert_equal BACKCHANNEL_USER_CODE_PARAMETER_SUPPORTED, obj.backchannelUserCodeParameterSupported
|
|
592
|
+
assert_equal BACKCHANNEL_AUTH_REQ_ID_DURATION, obj.backchannelAuthReqIdDuration
|
|
593
|
+
assert_equal BACKCHANNEL_POLLING_INTERVAL, obj.backchannelPollingInterval
|
|
594
|
+
assert_equal BACKCHANNEL_BINDING_MESSAGE_REQUIRED_IN_FAPI, obj.backchannelBindingMessageRequiredInFapi
|
|
595
|
+
assert_equal ALLOWABLE_CLOCK_SKEW, obj.allowableClockSkew
|
|
596
|
+
assert_equal DEVICE_AUTHORIZATION_ENDPOINT, obj.deviceAuthorizationEndpoint
|
|
597
|
+
assert_equal DEVICE_VERIFICATION_URI, obj.deviceVerificationUri
|
|
598
|
+
assert_equal DEVICE_VERIFICATION_URI_COMPLETE, obj.deviceVerificationUriComplete
|
|
599
|
+
assert_equal DEVICE_FLOW_CODE_DURATION, obj.deviceFlowCodeDuration
|
|
600
|
+
assert_equal DEVICE_FLOW_POLLING_INTERVAL, obj.deviceFlowPollingInterval
|
|
601
|
+
assert_equal USER_CODE_CHARSET, obj.userCodeCharset
|
|
602
|
+
assert_equal USER_CODE_LENGTH, obj.userCodeLength
|
|
603
|
+
assert_equal PUSHED_AUTH_REQ_ENDPOINT, obj.pushedAuthReqEndpoint
|
|
604
|
+
assert_equal MTLS_ENDPOINT_ALIAS_NAME, obj.mtlsEndpointAliases[0].name
|
|
605
|
+
assert_equal MTLS_ENDPOINT_ALIAS_URI, obj.mtlsEndpointAliases[0].uri
|
|
606
|
+
assert_equal SUPPORTED_AUTHORIZATION_DETAILS_TYPES, obj.supportedAuthorizationDetailsTypes
|
|
607
|
+
assert_equal SUPPORTED_TRUST_FRAMEWORKS, obj.supportedTrustFrameworks
|
|
608
|
+
assert_equal SUPPORTED_EVIDENCE, obj.supportedEvidence
|
|
609
|
+
assert_equal SUPPORTED_IDENTITY_DOCUMENTS, obj.supportedIdentityDocuments
|
|
610
|
+
assert_equal SUPPORTED_VERIFICATION_METHODS, obj.supportedVerificationMethods
|
|
611
|
+
assert_equal SUPPORTED_VERIFIED_CLAIMS, obj.supportedVerifiedClaims
|
|
612
|
+
assert_equal MISSING_CLIENT_ID_ALLOWED, obj.missingClientIdAllowed
|
|
613
|
+
assert_equal PAR_REQUIRED, obj.parRequired
|
|
614
|
+
assert_equal REQUEST_OBJECT_REQUIRED, obj.requestObjectRequired
|
|
615
|
+
assert_equal TRADITIONAL_REQUEST_OBJECT_PROCESSING_APPLIED, obj.traditionalRequestObjectProcessingApplied
|
|
616
|
+
assert_equal CLAIM_SHORTCUT_RESTRICTIVE, obj.claimShortcutRestrictive
|
|
617
|
+
assert_equal SCOPE_REQUIRED, obj.scopeRequired
|
|
618
|
+
assert_equal NBF_OPTIONAL, obj.nbfOptional
|
|
619
|
+
assert_equal ISS_SUPPRESSED, obj.issSuppressed
|
|
620
|
+
assert_equal ATTRIBUTE_KEY, obj.attributes[0].key
|
|
621
|
+
assert_equal ATTRIBUTE_VALUE, obj.attributes[0].value
|
|
622
|
+
assert_equal SUPPORTED_CUSTOM_CLIENT_METADATA, obj.supportedCustomClientMetadata
|
|
623
|
+
assert_equal TOKEN_EXPIRATION_LINKED, obj.tokenExpirationLinked
|
|
624
|
+
assert_equal FRONT_CHANNEL_REQUEST_OBJECT_ENCRYPTION_REQUIRED, obj.frontChannelRequestObjectEncryptionRequired
|
|
625
|
+
assert_equal REQUEST_OBJECT_ENCRYPTION_ALG_MATCH_REQUIRED, obj.requestObjectEncryptionAlgMatchRequired
|
|
626
|
+
assert_equal REQUEST_OBJECT_ENCRYPTION_ENC_MATCH_REQUIRED, obj.requestObjectEncryptionEncMatchRequired
|
|
612
627
|
end
|
|
613
628
|
|
|
614
629
|
|