Minor testplan

stfbk · Jan 27, 2025 · ce5c310 · ce5c310
1 parent 2b3b72b
commit ce5c310
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/testplans/spid-cie-oidc/testplan.csv b/testplans/spid-cie-oidc/testplan.csv
@@ -815,7 +815,7 @@ o,OP-Token response-HEAD-http_message-value,Successful Token response,Token resp
 x,OP-Token response-HEAD-content_type-presence,Successful Token response,Token response,Trigger Token response,"Compliant if the token response has Content-Type present, not Compliant otherwise",HTTP parameter presence,Correct Input,Token response,Does the Content-Type in a token response set correctly?,This test verifies the head Content-Type set to application/json in the token response.,OP,,Token response | head | Content-Type,The Token response must have the Content-Type head set to application/json.,SPID_CIE_OIDC#Token-Endpoint-Response; https://docs.italia.it/italia/spid/spid-cie-oidc-docs/it/versione-corrente/token_endpoint.html#response,OIDC Core,,,Passive,M,Mismatch of content,,,,,,,,TRUE,x,,no,s1,E,,P,P,passed,
 x,OP-Token response-HEAD-content_type-value,Successful Token response,Token response,Trigger Token response,"Compliant if the token response has application/json set in Content-Type, not Compliant otherwise",HTTP parameter value,Correct Input,Token response,Does the Content-Type in a token response set correctly?,This test verifies the head Content-Type set to application/json in the token response.,OP,,Token response | head | Content-Type | application/json,The Token response must have the Content-Type head set to application/json.,SPID_CIE_OIDC#Token-Endpoint-Response; https://docs.italia.it/italia/spid/spid-cie-oidc-docs/it/versione-corrente/token_endpoint.html#response,OIDC Core,,,Passive,M,Mismatch of content,,,,,,,,TRUE,x,,no,s1,E,,P,P,passed,
 o,OP-Token response-HEAD-cache_control-presence,Successful Token response,Token response,Trigger Token response,"Compliant if the token response has Cache-Control present, not Compliant otherwise",HTTP parameter presence,Correct Input,Token response,Does the token response have Cache-Control set to 'no-store',This test verifies the presence of Cache-Control set to 'no-store' in the token response.,OP,,Token response | head | Cache-Control,The error Token response must have Cache-Control set to 'no-store',SPID_CIE_OIDC#Token-Endpoint-Response; https://docs.italia.it/italia/spid/spid-cie-oidc-docs/it/versione-corrente/token_endpoint.html#response,OIDC Core,,,Active,M,Presence of wrong parameter,,,,,,,,TRUE,x,,no,s1,E,Problema implementazione,F,F,failed,[SAME] Manca parametro Cache-Control
-o,OP-Token response-HEAD-cache_control-value,Successful Token response,Token response,Trigger Token response,"Compliant if the token response has Cache-Control set to 'no-store', not Compliant otherwise",HTTP parameter presence_1,Correct Input,Token response,Does the token response have Cache-Control set to 'no-store',This test verifies the presence of Cache-Control set to 'no-store' in the token response.,OP,,Token response | head | Cache-Control | no-store,The error Token response must have Cache-Control set to 'no-store',SPID_CIE_OIDC#Token-Endpoint-Response; https://docs.italia.it/italia/spid/spid-cie-oidc-docs/it/versione-corrente/token_endpoint.html#response,OIDC Core,,,Active,M,Presence of wrong parameter,,,,,,,,TRUE,x,,no,s1,E,Problema implementazione,F,F,failed,[SAME] Manca parametro Cache-Control
+o,OP-Token response-HEAD-cache_control-value,Successful Token response,Token response,Trigger Token response,"Compliant if the token response has Cache-Control set to 'no-store', not Compliant otherwise",HTTP parameter value,Correct Input,Token response,Does the token response have Cache-Control set to 'no-store',This test verifies the presence of Cache-Control set to 'no-store' in the token response.,OP,,Token response | head | Cache-Control | no-store,The error Token response must have Cache-Control set to 'no-store',SPID_CIE_OIDC#Token-Endpoint-Response; https://docs.italia.it/italia/spid/spid-cie-oidc-docs/it/versione-corrente/token_endpoint.html#response,OIDC Core,,,Active,M,Presence of wrong parameter,,,,,,,,TRUE,x,,no,s1,E,Problema implementazione,F,F,failed,[SAME] Manca parametro Cache-Control
 x,OP-Token response-BODY-access_token-presence,Successful Token response,Token response,Trigger Token response,"Compliant if the token response has the access_token parameter, not Compliant otherwise",HTTP parameter presence,Correct Input,Token response,Does the successful token response contain access token,The Token response is analyzed and the presence of the access token is checked,OP,,Token response | body | access_token,"If the Token request is correct, the succesful response sent by the OP must contain the access_token parameter, containing the issued access token",SPID_CIE_OIDC#Token-Endpoint-Response; https://docs.italia.it/italia/spid/spid-cie-oidc-docs/it/versione-corrente/token_endpoint.html#response,OIDC Core,,,Passive,M,Missing parameter,Are access token supported (HasAccessTokens) Are JWT access token used (HasJwtAccessTokens),,,P4_A,,"3.2.4, 3.2.5",,TRUE,x,,no,s1,E,,P,P,passed,
 x,OP-Token response-BODY-access_token-type,Successful Token response,Token response,Trigger Token response,"Compliant if the token response has a valid JWT access_token parameter, not Compliant otherwise",HTTP parameter type,Correct Input,Token response,Does the successful token response contain a valid access token,In this test a correct Token request is sent and the response is analyzed. It must contain the access token parameter and its value must be a JWT,OP,,"Token response | body | (?<=""access_token"":\s?)""([\w\-]+\.[\w\-]+\.[\w\-]+)""","If the Token request is correct, the succesful response sent by the OP must contain the access_token parameter, containing the issued access token",SPID_CIE_OIDC#Token-Endpoint-Response; https://docs.italia.it/italia/spid/spid-cie-oidc-docs/it/versione-corrente/token_endpoint.html#response,OIDC Core,,,Passive,L,Type mismatch,Are access token supported (HasAccessTokens) Are JWT access token used (HasJwtAccessTokens),,,P4_A,,"3.2.4, 3.2.5",,TRUE,x,,no,s1,E,,P,P,passed,
 x,OP-Token response-BODY-access_token-signature,Access Token,Token response,Trigger Token response,"Compliant if the signature of the Access Token is correctly verified using the OP's public key, not compliant otherwise",JWT signature check,Correct Input,Token response,Does the OP correctly sign the Access Token,"Tokens issued by an OP must have the structure of JWT Tokens. In particular, this structure is composed by three base64url encoded strings separated by dots, namely the header, payload and signature. The signature is made using the OP's private key, in such a way to be decrypted using its public key. In this test a normal flow is performed and the obtained Access Token is analyzed. In order to test if the OP correctly signed the signature part of the JWT, the access token is passed to a signature verifier correctly configured",OP,,"Token response | body | (?<=""access_token"": "")[^""]+ | X_key_core_OP",The Access Token must be formed according to the standard iGov,SPID_CIE_OIDC#Token-Endpoint-Response; https://docs.italia.it/italia/spid/spid-cie-oidc-docs/it/versione-corrente/token_endpoint.html#response,OIDC Core,,,Passive,H,An inaccurate signature poses challenges in maintaining confidentiality and integrity.,,,,,,"3.2.5, 3.2.6",,TRUE,x,,yes,s1,E,,P,P,passed,