Hello everyone,
As part of a research project, I've created a test suite to test OAuth 2.0
implementations and measure how well they implement the various MAY/SHOULD/MUST
security recommendations in the OAuth standards. (It also includes test cases
for the OIDC and FAPI RO/RW recommendations.)
Hi Pieter,
I am responsible for a very large private OAuth2 and OIDC implementation. I
would be highly interested in learning more about your tool if it is available
as code.
Garret
From: OAuth on behalf of Pieter Philippaerts
Sent: Monday, June 22, 2020 9:51
Hello Aaron,
> * Whether an AS token endpoint rejects a request that contains a PKCE
> code_verifier
> if the authorization code was issued with no code_challenge present
This is indeed one of the test cases. Out of the small set of 15 sites I have
currently tested (major providers - think Go
Hello Pieter,
I’m interested for my open source project.
Filip
Odesláno z iPhonu
> 22. 6. 2020 v 15:51, Pieter Philippaerts :
>
>
> Hello everyone,
>
> As part of a research project, I've created a test suite to test OAuth 2.0
> implementations and measure how well they implement the var
+1 from me too
From: OAuth On Behalf Of Torsten Lodderstedt
Sent: Sunday, June 21, 2020 2:42 PM
To: Falk Andreas
Cc: oauth
Subject: Re: [OAUTH-WG] A proposal for OAuth WG Interim Meetings in place of
IETF108
+1
Am 21.06.2020 um 22:39 schrieb Falk Andreas
mailto:andreas.f...@novatec-gmbh.de
+1
Phil
> On Jun 22, 2020, at 3:16 PM, Mike Jones
> wrote:
>
>
> +1 from me too
>
> From: OAuth On Behalf Of Torsten Lodderstedt
> Sent: Sunday, June 21, 2020 2:42 PM
> To: Falk Andreas
> Cc: oauth
> Subject: Re: [OAUTH-WG] A proposal for OAuth WG Interim Meetings in place of
> IETF108
